Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/34352e3134392e3135342e302f32342d3234203d3e20323135373237.roa
File: 34352e3134392e3135342e302f32342d3234203d3e20323135373237.roa (raw, json)
Hash identifier: 3YMqsF2qChJzors0dtjmx2U4xGxgGj3DyyPa+NGOfX4=
Subject key identifier: 5B:61:F6:5F:FD:CA:F2:7E:35:96:42:7D:0A:70:32:C4:DA:60:49:FD
Certificate issuer: /CN=e1f3512f51dc42bb9eb12abc0bb529668b2edee4
Certificate serial: 20982D237485036168620274F291BE11BD5BB5CF
Authority key identifier: E1:F3:51:2F:51:DC:42:BB:9E:B1:2A:BC:0B:B5:29:66:8B:2E:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4fNRL1HcQruesSq8C7UpZosu3uQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/34352e3134392e3135342e302f32342d3234203d3e20323135373237.roa
Signing time: Fri 23 May 2025 12:37:22 +0000
ROA not before: Fri 23 May 2025 12:32:22 +0000
ROA not after: Fri 22 May 2026 12:37:22 +0000
asID: 215727
IP address blocks: 45.149.154.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/E1F3512F51DC42BB9EB12ABC0BB529668B2EDEE4.crl
rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/E1F3512F51DC42BB9EB12ABC0BB529668B2EDEE4.mft
rsync://rpki.ripe.net/repository/DEFAULT/4fNRL1HcQruesSq8C7UpZosu3uQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 06:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:98:2d:23:74:85:03:61:68:62:02:74:f2:91:be:11:bd:5b:b5:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e1f3512f51dc42bb9eb12abc0bb529668b2edee4
Validity
Not Before: May 23 12:32:22 2025 GMT
Not After : May 22 12:37:22 2026 GMT
Subject: CN=5B61F65FFDCAF27E3596427D0A7032C4DA6049FD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:c4:91:e4:8a:ac:cd:a7:f7:1d:19:9a:48:da:
57:3c:54:ac:e7:1f:07:99:a8:51:94:9c:3e:b2:4f:
9b:85:20:bc:53:3d:17:49:43:74:da:a8:f5:88:21:
b8:70:6f:59:2d:28:c8:96:af:7f:98:60:6e:2a:dd:
0c:15:15:60:c7:0b:09:72:f6:b8:2e:fa:8a:4f:10:
e4:d7:42:0c:3c:08:18:e7:71:6d:e4:ca:ba:7c:52:
c9:0a:41:2a:3b:13:87:b4:d9:62:87:f0:a4:6e:33:
23:47:54:8c:29:8f:d9:39:20:70:d2:28:05:95:31:
1e:91:d5:f0:f8:c7:85:3e:a2:f7:2f:cd:36:d8:10:
ff:95:a1:5a:d5:92:10:17:80:48:9e:6f:81:9f:1d:
6a:a6:c0:43:f2:ae:76:8b:58:ed:42:17:0b:b5:54:
27:c2:2a:44:e4:38:bb:d4:f9:03:9f:63:91:87:16:
fa:85:dc:13:b0:e2:f8:4e:b8:6f:9e:87:48:c9:bb:
75:b6:d9:f1:7d:e9:ce:15:8d:55:aa:7b:ac:f9:20:
23:3f:80:a0:04:35:12:11:9f:aa:42:eb:ec:49:7e:
b3:e3:f2:c1:c6:28:09:a2:33:e1:43:fe:db:86:ef:
c3:bd:6f:c3:f8:81:7f:ff:9a:aa:c5:c0:8c:9a:98:
8e:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:61:F6:5F:FD:CA:F2:7E:35:96:42:7D:0A:70:32:C4:DA:60:49:FD
X509v3 Authority Key Identifier:
keyid:E1:F3:51:2F:51:DC:42:BB:9E:B1:2A:BC:0B:B5:29:66:8B:2E:DE:E4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/E1F3512F51DC42BB9EB12ABC0BB529668B2EDEE4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4fNRL1HcQruesSq8C7UpZosu3uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/34352e3134392e3135342e302f32342d3234203d3e20323135373237.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.154.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:1b:bd:d4:1e:29:49:8d:ae:68:34:95:44:86:cb:1c:d9:f5:
c5:b4:82:b9:a3:05:8b:70:55:18:66:f3:d3:3b:9c:36:17:2c:
84:19:c2:4f:a8:eb:c9:a0:78:c8:ba:c3:b7:cb:bc:2e:40:e0:
b7:58:8e:92:07:96:a1:7d:18:bc:e4:1d:05:16:87:b4:97:b2:
89:37:e6:4a:01:04:7b:d6:ec:74:66:61:61:06:34:fe:01:cc:
a7:13:bf:40:81:45:ad:f1:ae:e7:81:e8:91:59:5b:2c:13:e3:
8b:56:b2:00:1e:b2:a2:1a:b8:dc:ab:33:7d:4e:45:e1:ec:04:
d0:93:c0:36:0c:6c:d9:91:9b:a1:60:9c:6e:ab:9e:ac:92:3e:
4e:47:c4:76:67:de:0a:04:1d:89:75:85:c4:41:5f:2a:cd:2e:
27:0c:1d:24:f4:0f:8b:a6:a4:0d:02:0e:2d:b7:31:39:c9:d1:
90:bb:16:7d:33:3b:26:b0:de:32:ea:cb:81:3e:a6:ee:c3:18:
da:b0:be:2c:95:e4:22:f1:fc:08:d1:36:d7:9c:f7:70:8b:6c:
0c:49:1d:1f:f2:e0:5f:f0:b7:14:68:de:bf:c5:3b:bf:bd:e7:
c7:9d:81:b4:8f:d8:a9:9d:c8:a8:8b:c2:d6:21:46:81:a5:4b:
7b:ce:51:73
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUIJgtI3SFA2FoYgJ08pG+Eb1btc8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTFmMzUxMmY1MWRjNDJiYjllYjEyYWJjMGJiNTI5NjY4
YjJlZGVlNDAeFw0yNTA1MjMxMjMyMjJaFw0yNjA1MjIxMjM3MjJaMDMxMTAvBgNV
BAMTKDVCNjFGNjVGRkRDQUYyN0UzNTk2NDI3RDBBNzAzMkM0REE2MDQ5RkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDxJHkiqzNp/cdGZpI2lc8VKzn
HweZqFGUnD6yT5uFILxTPRdJQ3TaqPWIIbhwb1ktKMiWr3+YYG4q3QwVFWDHCwly
9rgu+opPEOTXQgw8CBjncW3kyrp8UskKQSo7E4e02WKH8KRuMyNHVIwpj9k5IHDS
KAWVMR6R1fD4x4U+ovcvzTbYEP+VoVrVkhAXgEieb4GfHWqmwEPyrnaLWO1CFwu1
VCfCKkTkOLvU+QOfY5GHFvqF3BOw4vhOuG+eh0jJu3W22fF96c4VjVWqe6z5ICM/
gKAENRIRn6pC6+xJfrPj8sHGKAmiM+FD/tuG78O9b8P4gX//mqrFwIyamI7/AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUW2H2X/3K8n41lkJ9CnAyxNpgSf0wHwYDVR0j
BBgwFoAU4fNRL1HcQruesSq8C7UpZosu3uQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTNjZGM2NDgtZDIwMy00NjJhLWJkMGYtZWMxYjYwZDg3
OWE3LzAvRTFGMzUxMkY1MURDNDJCQjlFQjEyQUJDMEJCNTI5NjY4QjJFREVFNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzRmTlJMMUhjUXJ1ZXNTcThDN1VwWm9z
dTN1US5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTNjZGM2NDgt
ZDIwMy00NjJhLWJkMGYtZWMxYjYwZDg3OWE3LzAvMzQzNTJlMzEzNDM5MmUzMTM1
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzUzNzMyMzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAtlZowDQYJKoZIhvcNAQELBQADggEBAB4bvdQeKUmNrmg0lUSGyxzZ9cW0grmj
BYtwVRhm89M7nDYXLIQZwk+o68mgeMi6w7fLvC5A4LdYjpIHlqF9GLzkHQUWh7SX
sok35koBBHvW7HRmYWEGNP4BzKcTv0CBRa3xrueB6JFZWywT44tWsgAesqIauNyr
M31OReHsBNCTwDYMbNmRm6FgnG6rnqySPk5HxHZn3goEHYl1hcRBXyrNLicMHST0
D4umpA0CDi23MTnJ0ZC7Fn0zOyaw3jLqy4E+pu7DGNqwviyV5CLx/AjRNtec93CL
bAxJHR/y4F/wtxRo3r/FO7+958edgbSP2KmdyKiLwtYhRoGlS3vOUXM=
-----END CERTIFICATE-----
Generated at Fri Jun 6 16:55:49 2025 by rpki-client