Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/34352e3133322e39392e302f32342d3234203d3e20323135333034.roa
File: 34352e3133322e39392e302f32342d3234203d3e20323135333034.roa (raw, json)
Hash identifier: Ndf9OFnDxNqD2zXKOsCa6FNv++EyXy6ubwNEoMJVJfI=
Subject key identifier: 94:7B:53:82:36:0E:73:47:7B:1D:AE:DB:EA:B5:9B:5B:C2:43:46:CD
Certificate issuer: /CN=0d059f10d18d00052c808eb8069f90d47e30564a
Certificate serial: 75E8EC277A84F91FC8E376D94170AC87BA206AE6
Authority key identifier: 0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/34352e3133322e39392e302f32342d3234203d3e20323135333034.roa
Signing time: Thu 06 Feb 2025 17:02:58 +0000
ROA not before: Thu 06 Feb 2025 16:57:58 +0000
ROA not after: Thu 05 Feb 2026 17:02:58 +0000
asID: 215304
IP address blocks: 45.132.99.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.mft
rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 14:42:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:e8:ec:27:7a:84:f9:1f:c8:e3:76:d9:41:70:ac:87:ba:20:6a:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d059f10d18d00052c808eb8069f90d47e30564a
Validity
Not Before: Feb 6 16:57:58 2025 GMT
Not After : Feb 5 17:02:58 2026 GMT
Subject: CN=947B5382360E73477B1DAEDBEAB59B5BC24346CD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:9d:a2:72:7e:70:69:29:d7:45:38:93:a4:da:
7b:85:92:fc:10:b7:dd:cb:99:2d:c5:5a:b0:61:53:
7d:18:16:e2:23:5e:fc:5d:1b:fa:2f:1a:1d:7d:4c:
83:c3:99:46:ae:23:56:76:c4:4a:26:fe:ba:df:be:
c9:fa:be:bd:7e:07:af:6a:fb:1d:da:e7:eb:06:81:
14:ae:f3:37:ad:66:66:46:bd:a4:e8:75:be:5d:82:
52:b3:37:d7:95:d4:1c:eb:6b:88:01:02:79:04:de:
78:73:7b:08:96:68:8f:c8:38:4e:74:31:fb:e7:06:
a0:e9:d9:68:79:3e:74:5b:67:f4:0b:b6:e1:fa:78:
f4:77:80:4b:8b:2d:3a:09:7b:78:e6:da:7c:fd:ce:
ae:c5:cc:aa:e7:a3:4d:b6:e3:58:c0:f3:e2:5f:32:
93:b3:4d:ed:e1:33:03:9c:13:17:06:73:42:b6:1a:
5c:69:4b:90:26:dc:0d:a7:86:22:a3:e7:05:00:64:
53:ad:59:67:52:55:aa:1b:bc:9a:24:d8:78:56:37:
e9:fa:17:77:3d:b5:04:27:5b:b9:da:87:c0:a8:39:
7f:6c:99:ab:63:a1:59:a2:12:f7:d5:7d:80:51:52:
11:7c:da:71:5d:5d:42:b2:2a:81:2e:89:a1:95:63:
a5:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:7B:53:82:36:0E:73:47:7B:1D:AE:DB:EA:B5:9B:5B:C2:43:46:CD
X509v3 Authority Key Identifier:
keyid:0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/34352e3133322e39392e302f32342d3234203d3e20323135333034.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.99.0/24
Signature Algorithm: sha256WithRSAEncryption
94:bc:31:e2:71:db:16:fc:25:1e:2a:89:2c:0f:0c:bf:e6:45:
66:99:77:d1:16:09:92:a6:fc:93:f6:6d:09:6d:a6:b2:c9:e4:
0b:2c:9b:fd:a9:0f:ca:fb:ef:38:04:fb:12:e3:57:a1:43:97:
f7:a2:37:90:28:3f:17:68:6d:4c:6b:01:39:f0:ef:c6:fb:55:
b6:51:be:d1:fe:7f:8f:83:03:5e:5b:dd:6a:2e:23:e7:5a:2d:
80:be:20:95:7e:ea:91:ef:df:d5:0e:f7:72:dd:de:12:f0:5f:
b0:ce:ff:77:1a:f7:29:7f:52:4b:b6:09:89:9e:28:54:33:20:
ca:2c:47:f4:16:18:2e:9f:a4:84:0e:1d:bb:f8:6f:ac:ba:69:
48:46:55:7b:82:0a:75:a1:ae:5a:56:e1:bb:f4:a9:d1:5b:6c:
b2:0a:bb:88:1d:b3:d7:ee:a3:d6:9a:e5:4e:8e:2a:e3:6d:4e:
7e:48:74:4b:dd:92:da:61:62:14:97:d4:2d:fd:c1:e5:c1:74:
de:67:6d:1b:12:38:d6:08:b0:d0:37:5d:8b:89:be:21:52:81:
cf:6d:26:78:3d:c3:4a:45:42:61:40:17:f5:e6:61:e2:58:c7:
8a:a8:d4:ea:40:93:d6:f2:61:eb:3b:f9:0f:f2:60:4a:86:11:
7f:b0:e7:59
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUdejsJ3qE+R/I43bZQXCsh7ogauYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQwNTlmMTBkMThkMDAwNTJjODA4ZWI4MDY5ZjkwZDQ3
ZTMwNTY0YTAeFw0yNTAyMDYxNjU3NThaFw0yNjAyMDUxNzAyNThaMDMxMTAvBgNV
BAMTKDk0N0I1MzgyMzYwRTczNDc3QjFEQUVEQkVBQjU5QjVCQzI0MzQ2Q0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYnaJyfnBpKddFOJOk2nuFkvwQ
t93LmS3FWrBhU30YFuIjXvxdG/ovGh19TIPDmUauI1Z2xEom/rrfvsn6vr1+B69q
+x3a5+sGgRSu8zetZmZGvaTodb5dglKzN9eV1Bzra4gBAnkE3nhzewiWaI/IOE50
MfvnBqDp2Wh5PnRbZ/QLtuH6ePR3gEuLLToJe3jm2nz9zq7FzKrno02241jA8+Jf
MpOzTe3hMwOcExcGc0K2GlxpS5Am3A2nhiKj5wUAZFOtWWdSVaobvJok2HhWN+n6
F3c9tQQnW7nah8CoOX9smatjoVmiEvfVfYBRUhF82nFdXUKyKoEuiaGVY6XXAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUlHtTgjYOc0d7Ha7b6rWbW8JDRs0wHwYDVR0j
BBgwFoAUDQWfENGNAAUsgI64Bp+Q1H4wVkowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQtMjg1NC00MDgwLTlhMDktNzI2MjMyNmM5
ZTIyLzEvMEQwNTlGMTBEMThEMDAwNTJDODA4RUI4MDY5RjkwRDQ3RTMwNTY0QS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RRV2ZFTkdOQUFVc2dJNjRCcC1RMUg0
d1Zrby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQt
Mjg1NC00MDgwLTlhMDktNzI2MjMyNmM5ZTIyLzEvMzQzNTJlMzEzMzMyMmUzOTM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTM1MzMzMDM0LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LYRjMA0GCSqGSIb3DQEBCwUAA4IBAQCUvDHicdsW/CUeKoksDwy/5kVmmXfRFgmS
pvyT9m0JbaayyeQLLJv9qQ/K++84BPsS41ehQ5f3ojeQKD8XaG1MawE58O/G+1W2
Ub7R/n+PgwNeW91qLiPnWi2AviCVfuqR79/VDvdy3d4S8F+wzv93Gvcpf1JLtgmJ
nihUMyDKLEf0Fhgun6SEDh27+G+sumlIRlV7ggp1oa5aVuG79KnRW2yyCruIHbPX
7qPWmuVOjirjbU5+SHRL3ZLaYWIUl9Qt/cHlwXTeZ20bEjjWCLDQN12Lib4hUoHP
bSZ4PcNKRUJhQBf15mHiWMeKqNTqQJPW8mHrO/kP8mBKhhF/sOdZ
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:59:36 2025 by rpki-client