Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/34352e3133322e39382e302f32342d3234203d3e20323036353035.roa
File: 34352e3133322e39382e302f32342d3234203d3e20323036353035.roa (raw, json)
Hash identifier: VcsmT3OZYFjllF+ZnmgjjohYySHvI6W996nabZuRsbM=
Subject key identifier: 47:7F:CE:B0:8F:3C:2F:27:3D:C8:21:F2:34:22:FB:74:87:88:92:1B
Certificate issuer: /CN=0d059f10d18d00052c808eb8069f90d47e30564a
Certificate serial: 30ABD3656CF6EE53DBC5DA8BC05806D71B327311
Authority key identifier: 0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/34352e3133322e39382e302f32342d3234203d3e20323036353035.roa
Signing time: Wed 12 Mar 2025 22:53:58 +0000
ROA not before: Wed 12 Mar 2025 22:48:58 +0000
ROA not after: Wed 11 Mar 2026 22:53:58 +0000
asID: 206505
IP address blocks: 45.132.98.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.mft
rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 14:42:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:ab:d3:65:6c:f6:ee:53:db:c5:da:8b:c0:58:06:d7:1b:32:73:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d059f10d18d00052c808eb8069f90d47e30564a
Validity
Not Before: Mar 12 22:48:58 2025 GMT
Not After : Mar 11 22:53:58 2026 GMT
Subject: CN=477FCEB08F3C2F273DC821F23422FB748788921B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:a6:86:3e:59:45:85:2b:dc:e3:ad:05:a0:34:
b4:dc:b9:53:b8:e2:04:6a:cd:fc:4c:d0:ca:4e:88:
21:44:df:3f:0c:b5:ca:bd:ca:b2:2e:8f:67:87:68:
1e:15:cf:e0:4c:8a:c6:3a:f6:a4:f5:e9:31:bd:99:
6b:b5:5e:a7:db:96:f0:51:4a:ae:7b:8a:3f:a4:95:
3b:e7:3a:c1:67:2b:fa:69:7e:ab:b5:5c:06:5a:60:
df:c1:8e:7a:ec:ac:03:12:2e:97:68:13:df:15:02:
2d:75:0d:38:20:f7:a6:b5:02:4a:53:f5:bf:fa:2d:
1f:b2:de:5d:e8:5d:2f:47:9f:35:13:28:ee:29:7c:
76:fb:08:8a:c1:ad:f7:53:b0:c8:b5:32:67:41:b0:
c7:9f:e0:bc:14:dd:f3:68:9e:bc:2f:93:1e:16:0b:
40:dd:b1:86:0c:5e:55:6f:b6:b4:c1:3a:8d:cb:46:
09:47:fc:65:5d:1d:4a:61:25:1e:21:b9:96:f3:fe:
16:a5:2f:3b:e0:2c:30:21:4d:ec:d6:b3:25:ec:d9:
72:a4:88:d9:e0:0f:fc:4b:73:06:ea:59:0d:cd:8c:
b7:78:fa:2b:5e:c1:47:5c:e0:63:a1:a8:60:ed:d1:
fe:b4:e8:e3:d0:fb:1c:89:f3:a1:ab:a7:cf:7f:cd:
7f:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:7F:CE:B0:8F:3C:2F:27:3D:C8:21:F2:34:22:FB:74:87:88:92:1B
X509v3 Authority Key Identifier:
keyid:0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/34352e3133322e39382e302f32342d3234203d3e20323036353035.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.98.0/24
Signature Algorithm: sha256WithRSAEncryption
10:12:a1:e1:7d:3a:67:89:09:25:0a:b9:e6:a2:35:30:61:50:
e2:72:66:33:0a:65:f6:b6:72:4d:b2:d5:80:84:f1:d9:35:f2:
d8:d5:f3:12:4b:be:4d:70:63:2e:92:73:b2:bf:f2:fb:a9:69:
67:17:84:4b:89:ef:6c:eb:67:98:14:3e:68:6e:4b:2b:df:cc:
74:3a:3a:82:20:e5:fa:ad:de:fb:9f:25:f0:14:52:65:f8:01:
1c:39:e5:0d:e7:bf:96:a8:f8:66:22:01:b8:53:54:66:6a:d2:
59:01:e8:c2:fa:39:d3:73:dd:a2:77:5f:eb:68:89:b2:91:60:
76:fa:69:94:a7:f7:47:22:ad:ed:4b:07:3a:ee:8c:e3:6b:23:
24:23:69:8f:b6:70:7b:d1:04:8e:e8:72:f2:77:b2:87:f0:2e:
4b:d1:a8:52:f4:fa:17:0c:e0:cb:1e:9d:fa:00:51:45:0a:30:
41:8c:78:09:a8:d6:18:cb:0b:8f:b8:39:08:be:ef:f8:ba:7d:
0b:12:97:da:a3:c1:49:be:24:cb:07:c3:ce:e2:f6:5b:fb:60:
55:6f:ba:c3:54:a6:c2:b4:4d:aa:12:9a:bc:6d:1b:b5:03:6c:
f5:2f:c1:c2:1e:6a:3f:85:d6:8d:ae:ed:87:b4:2b:ac:16:3a:
15:0b:61:c6
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUMKvTZWz27lPbxdqLwFgG1xsycxEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQwNTlmMTBkMThkMDAwNTJjODA4ZWI4MDY5ZjkwZDQ3
ZTMwNTY0YTAeFw0yNTAzMTIyMjQ4NThaFw0yNjAzMTEyMjUzNThaMDMxMTAvBgNV
BAMTKDQ3N0ZDRUIwOEYzQzJGMjczREM4MjFGMjM0MjJGQjc0ODc4ODkyMUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9poY+WUWFK9zjrQWgNLTcuVO4
4gRqzfxM0MpOiCFE3z8Mtcq9yrIuj2eHaB4Vz+BMisY69qT16TG9mWu1XqfblvBR
Sq57ij+klTvnOsFnK/ppfqu1XAZaYN/BjnrsrAMSLpdoE98VAi11DTgg96a1AkpT
9b/6LR+y3l3oXS9HnzUTKO4pfHb7CIrBrfdTsMi1MmdBsMef4LwU3fNonrwvkx4W
C0DdsYYMXlVvtrTBOo3LRglH/GVdHUphJR4huZbz/halLzvgLDAhTezWsyXs2XKk
iNngD/xLcwbqWQ3NjLd4+itewUdc4GOhqGDt0f606OPQ+xyJ86Grp89/zX9JAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUR3/OsI88Lyc9yCHyNCL7dIeIkhswHwYDVR0j
BBgwFoAUDQWfENGNAAUsgI64Bp+Q1H4wVkowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQtMjg1NC00MDgwLTlhMDktNzI2MjMyNmM5
ZTIyLzEvMEQwNTlGMTBEMThEMDAwNTJDODA4RUI4MDY5RjkwRDQ3RTMwNTY0QS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RRV2ZFTkdOQUFVc2dJNjRCcC1RMUg0
d1Zrby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQt
Mjg1NC00MDgwLTlhMDktNzI2MjMyNmM5ZTIyLzEvMzQzNTJlMzEzMzMyMmUzOTM4
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDM2MzUzMDM1LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LYRiMA0GCSqGSIb3DQEBCwUAA4IBAQAQEqHhfTpniQklCrnmojUwYVDicmYzCmX2
tnJNstWAhPHZNfLY1fMSS75NcGMuknOyv/L7qWlnF4RLie9s62eYFD5obksr38x0
OjqCIOX6rd77nyXwFFJl+AEcOeUN57+WqPhmIgG4U1RmatJZAejC+jnTc92id1/r
aImykWB2+mmUp/dHIq3tSwc67ozjayMkI2mPtnB70QSO6HLyd7KH8C5L0ahS9PoX
DODLHp36AFFFCjBBjHgJqNYYywuPuDkIvu/4un0LEpfao8FJviTLB8PO4vZb+2BV
b7rDVKbCtE2qEpq8bRu1A2z1L8HCHmo/hdaNru2HtCusFjoVC2HG
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:59:41 2025 by rpki-client