Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/34352e3134362e3130352e302f32342d3234203d3e20323132323338.roa
File: 34352e3134362e3130352e302f32342d3234203d3e20323132323338.roa (raw, json)
Hash identifier: U5dSGqoMezTdbG0zMWXZ+R+R6nHgvRF4TKwez3UT6Is=
Subject key identifier: 90:59:AC:A5:5C:25:2E:28:BA:2E:76:37:60:32:36:53:49:7F:42:C0
Certificate issuer: /CN=0d059f10d18d00052c808eb8069f90d47e30564a
Certificate serial: 60D145A87937134CC21BD9E9F3A67E747E0C7451
Authority key identifier: 0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/34352e3134362e3130352e302f32342d3234203d3e20323132323338.roa
Signing time: Thu 06 Mar 2025 11:53:56 +0000
ROA not before: Thu 06 Mar 2025 11:48:56 +0000
ROA not after: Thu 05 Mar 2026 11:53:56 +0000
asID: 212238
IP address blocks: 45.146.105.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.mft
rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:d1:45:a8:79:37:13:4c:c2:1b:d9:e9:f3:a6:7e:74:7e:0c:74:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d059f10d18d00052c808eb8069f90d47e30564a
Validity
Not Before: Mar 6 11:48:56 2025 GMT
Not After : Mar 5 11:53:56 2026 GMT
Subject: CN=9059ACA55C252E28BA2E763760323653497F42C0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:07:f8:62:22:0d:cb:b0:ff:6d:f2:11:7b:38:
3e:cb:8d:aa:d3:57:a6:a2:a5:77:1c:d8:d8:18:8c:
1b:79:f3:a1:1e:c6:17:ec:00:e2:bd:48:7b:c6:0c:
c4:4e:5a:c2:25:be:09:60:27:24:67:85:d8:30:d0:
b8:f3:96:33:74:eb:ba:a7:0f:70:14:4b:1e:e7:57:
b7:da:47:cc:f2:a5:e4:c0:5a:59:7e:95:33:d2:00:
3f:bd:ea:9b:53:98:b2:1f:fe:91:b3:22:2f:70:f4:
1f:c6:62:36:8b:bc:7f:89:f9:8f:41:05:58:0a:f6:
3e:b8:9f:76:a2:05:63:8d:93:f7:21:9d:a2:cb:b3:
84:91:a7:03:ab:e3:a2:9f:b3:39:c4:81:9b:b3:97:
19:f2:a6:6b:95:d9:0f:f0:18:59:ed:0f:f9:28:31:
f4:59:6e:78:6e:ae:7d:93:fb:6a:ad:ac:1c:55:1f:
c9:72:a3:28:9f:b6:fe:55:ad:29:c9:e0:f3:bf:d5:
88:c4:50:89:62:47:34:48:c4:dc:9e:41:fe:fa:25:
2a:a4:a6:3e:46:cc:b7:46:82:06:c5:1f:d4:5b:2a:
a1:c6:59:54:2a:71:f7:da:17:fd:0d:2c:9e:e5:47:
ce:14:46:61:a8:92:0d:d2:b3:50:59:f4:79:45:11:
a9:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:59:AC:A5:5C:25:2E:28:BA:2E:76:37:60:32:36:53:49:7F:42:C0
X509v3 Authority Key Identifier:
keyid:0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/34352e3134362e3130352e302f32342d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.105.0/24
Signature Algorithm: sha256WithRSAEncryption
96:ae:70:23:83:1d:9f:bc:13:73:05:58:3a:98:32:89:05:62:
91:53:a4:76:49:c9:8c:62:2d:81:f5:2b:bb:37:c1:8c:81:86:
17:41:9c:a8:8a:ec:e7:94:14:c0:79:a0:12:a3:63:04:cd:7c:
29:59:d6:45:31:31:52:2d:fe:61:48:69:aa:29:9a:7c:6d:00:
5e:c7:93:b2:f4:8b:53:8f:0a:58:d5:48:db:6f:bb:35:69:5f:
69:4b:da:78:04:bf:81:48:ea:07:a6:24:dc:60:ec:5b:6d:d5:
7b:3c:c0:a5:e6:95:ae:68:54:a6:d6:17:27:2d:25:06:b2:a4:
f3:2d:58:73:a3:25:58:e7:ad:19:01:81:fb:10:a3:98:a0:12:
be:7a:b2:f4:32:4a:c6:9e:32:47:96:d7:a4:3f:65:82:b6:c3:
12:2c:d5:dd:f3:2e:54:3e:9e:0c:5c:95:0b:01:0b:c7:99:a9:
63:2a:b7:e9:9a:bf:ab:82:bf:d2:7a:34:fc:e6:af:b9:f2:ba:
af:bf:62:0a:ea:43:11:34:bd:26:3c:5f:a6:eb:05:83:27:a7:
40:a7:c5:89:36:ea:dd:ae:6e:1f:ac:f4:8a:c2:9e:0d:09:09:
51:6e:fe:ba:2d:d1:a6:3b:b8:3e:64:d9:64:5f:f8:85:de:02:
81:d4:d7:b4
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUYNFFqHk3E0zCG9np86Z+dH4MdFEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQwNTlmMTBkMThkMDAwNTJjODA4ZWI4MDY5ZjkwZDQ3
ZTMwNTY0YTAeFw0yNTAzMDYxMTQ4NTZaFw0yNjAzMDUxMTUzNTZaMDMxMTAvBgNV
BAMTKDkwNTlBQ0E1NUMyNTJFMjhCQTJFNzYzNzYwMzIzNjUzNDk3RjQyQzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1B/hiIg3LsP9t8hF7OD7LjarT
V6aipXcc2NgYjBt586EexhfsAOK9SHvGDMROWsIlvglgJyRnhdgw0LjzljN067qn
D3AUSx7nV7faR8zypeTAWll+lTPSAD+96ptTmLIf/pGzIi9w9B/GYjaLvH+J+Y9B
BVgK9j64n3aiBWONk/chnaLLs4SRpwOr46KfsznEgZuzlxnypmuV2Q/wGFntD/ko
MfRZbnhurn2T+2qtrBxVH8lyoyiftv5VrSnJ4PO/1YjEUIliRzRIxNyeQf76JSqk
pj5GzLdGggbFH9RbKqHGWVQqcffaF/0NLJ7lR84URmGokg3Ss1BZ9HlFEaldAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUkFmspVwlLii6LnY3YDI2U0l/QsAwHwYDVR0j
BBgwFoAUDQWfENGNAAUsgI64Bp+Q1H4wVkowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQtMjg1NC00MDgwLTlhMDktNzI2MjMyNmM5
ZTIyLzEvMEQwNTlGMTBEMThEMDAwNTJDODA4RUI4MDY5RjkwRDQ3RTMwNTY0QS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RRV2ZFTkdOQUFVc2dJNjRCcC1RMUg0
d1Zrby5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQt
Mjg1NC00MDgwLTlhMDktNzI2MjMyNmM5ZTIyLzEvMzQzNTJlMzEzNDM2MmUzMTMw
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzIzMjMzMzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAtkmkwDQYJKoZIhvcNAQELBQADggEBAJaucCODHZ+8E3MFWDqYMokFYpFTpHZJ
yYxiLYH1K7s3wYyBhhdBnKiK7OeUFMB5oBKjYwTNfClZ1kUxMVIt/mFIaaopmnxt
AF7Hk7L0i1OPCljVSNtvuzVpX2lL2ngEv4FI6gemJNxg7Ftt1Xs8wKXmla5oVKbW
FyctJQaypPMtWHOjJVjnrRkBgfsQo5igEr56svQySsaeMkeW16Q/ZYK2wxIs1d3z
LlQ+ngxclQsBC8eZqWMqt+mav6uCv9J6NPzmr7nyuq+/YgrqQxE0vSY8X6brBYMn
p0CnxYk26t2ubh+s9IrCng0JCVFu/rot0aY7uD5k2WRf+IXeAoHU17Q=
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:20:30 2025 by rpki-client