Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/34352e3134362e3130362e302f32342d3234203d3e203231383539.roa
File: 34352e3134362e3130362e302f32342d3234203d3e203231383539.roa (raw, json)
Hash identifier: ssT8TkI6dp08D3a+su+ouP+yae9+UWYv/bHJx2mZbAA=
Subject key identifier: EE:16:84:F2:4A:BF:E1:24:C0:C9:AA:FB:7A:16:23:4E:EF:54:1B:6D
Certificate issuer: /CN=0d059f10d18d00052c808eb8069f90d47e30564a
Certificate serial: 755BF3628096A043463214E2C56A558B2365B7FA
Authority key identifier: 0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/34352e3134362e3130362e302f32342d3234203d3e203231383539.roa
Signing time: Fri 15 Aug 2025 11:06:48 +0000
ROA not before: Fri 15 Aug 2025 11:01:48 +0000
ROA not after: Fri 14 Aug 2026 11:06:48 +0000
asID: 21859
IP address blocks: 45.146.106.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.mft
rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 22:48:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:5b:f3:62:80:96:a0:43:46:32:14:e2:c5:6a:55:8b:23:65:b7:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d059f10d18d00052c808eb8069f90d47e30564a
Validity
Not Before: Aug 15 11:01:48 2025 GMT
Not After : Aug 14 11:06:48 2026 GMT
Subject: CN=EE1684F24ABFE124C0C9AAFB7A16234EEF541B6D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:65:32:4c:99:a1:f0:45:90:cc:49:35:72:2a:
dc:fd:f2:e1:5e:27:a0:aa:02:a6:5a:aa:a5:34:7c:
39:c6:4e:36:9d:73:c9:47:8b:13:0f:14:73:75:b1:
a2:79:f4:1a:12:e6:00:7e:91:c9:57:e8:86:bb:d5:
9b:68:9a:52:2d:68:04:fa:82:ed:92:ca:b4:5e:43:
fc:5c:04:1a:c1:39:ed:b8:c1:81:b2:d1:7e:72:3e:
de:4b:25:76:4d:51:ff:f6:8d:a2:59:29:39:9e:ff:
a3:d0:a8:ae:be:bf:32:29:00:de:0b:a5:46:90:cb:
90:14:b0:e1:ce:06:e0:f2:cd:26:6e:5f:cf:eb:f7:
cd:8a:2c:e2:80:e3:84:d1:c1:09:5a:1a:75:40:49:
97:11:38:09:3a:b2:35:48:2b:71:ff:30:df:fd:43:
38:a1:ac:b4:a3:6e:28:61:be:7e:63:52:dd:b6:d8:
2d:47:86:cf:b5:13:34:a1:17:1b:a1:45:95:49:da:
a9:e2:d2:d3:27:33:fb:67:79:0a:43:2c:19:58:d2:
36:ca:74:a2:87:6f:ae:4a:61:84:bc:21:58:f4:17:
c1:b2:b6:16:bc:6d:ea:d3:89:45:de:96:f9:80:ee:
01:85:b6:f3:76:a9:bb:66:4a:f5:ea:bf:ac:99:28:
eb:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:16:84:F2:4A:BF:E1:24:C0:C9:AA:FB:7A:16:23:4E:EF:54:1B:6D
X509v3 Authority Key Identifier:
keyid:0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/34352e3134362e3130362e302f32342d3234203d3e203231383539.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.106.0/24
Signature Algorithm: sha256WithRSAEncryption
89:7c:86:57:2e:25:c7:d4:d2:3e:a1:0c:a5:dd:84:80:9f:03:
85:58:33:36:fb:fe:d0:2e:e0:05:40:3b:a3:88:7f:e5:88:a5:
96:43:40:92:b8:e2:ea:a9:b1:83:d9:f2:2d:7c:04:e2:ec:c8:
f3:e7:4b:87:19:cf:66:6f:8a:c3:c1:9f:0c:e0:33:d7:76:8c:
7d:e6:63:6d:08:b8:ca:a7:54:70:0e:57:bc:f4:e2:22:ca:d5:
21:fc:1e:4d:5b:2b:17:9f:ab:b7:11:52:bb:9c:ec:6d:6b:20:
02:1c:88:d1:bc:7f:f0:50:b4:4a:9c:22:28:9c:dd:23:05:30:
a5:b1:97:c4:b7:a7:95:6e:06:be:14:70:a6:7c:49:48:1d:b1:
72:a1:3f:0f:56:5b:dd:e6:6d:41:aa:d2:c1:57:62:95:e4:2a:
3f:12:b3:4e:c4:23:d6:d8:6c:36:a1:fd:da:df:8f:6f:5e:a3:
86:3a:ba:99:ce:87:52:fe:88:36:e4:e0:f9:97:98:9a:04:6c:
28:65:d2:60:75:28:43:80:1d:81:dd:50:88:b2:6f:69:ef:d5:
c9:68:15:fd:5e:64:f2:69:ee:4d:ed:8f:6d:b0:f2:e4:9a:f6:
32:0c:02:f7:92:5b:5d:2c:18:f5:4f:f4:7d:ea:a9:2b:2b:c9:
0a:8f:5a:00
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUdVvzYoCWoENGMhTixWpViyNlt/owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQwNTlmMTBkMThkMDAwNTJjODA4ZWI4MDY5ZjkwZDQ3
ZTMwNTY0YTAeFw0yNTA4MTUxMTAxNDhaFw0yNjA4MTQxMTA2NDhaMDMxMTAvBgNV
BAMTKEVFMTY4NEYyNEFCRkUxMjRDMEM5QUFGQjdBMTYyMzRFRUY1NDFCNkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvZTJMmaHwRZDMSTVyKtz98uFe
J6CqAqZaqqU0fDnGTjadc8lHixMPFHN1saJ59BoS5gB+kclX6Ia71ZtomlItaAT6
gu2SyrReQ/xcBBrBOe24wYGy0X5yPt5LJXZNUf/2jaJZKTme/6PQqK6+vzIpAN4L
pUaQy5AUsOHOBuDyzSZuX8/r982KLOKA44TRwQlaGnVASZcROAk6sjVIK3H/MN/9
QzihrLSjbihhvn5jUt222C1Hhs+1EzShFxuhRZVJ2qni0tMnM/tneQpDLBlY0jbK
dKKHb65KYYS8IVj0F8Gytha8berTiUXelvmA7gGFtvN2qbtmSvXqv6yZKOtfAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU7haE8kq/4STAyar7ehYjTu9UG20wHwYDVR0j
BBgwFoAUDQWfENGNAAUsgI64Bp+Q1H4wVkowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQtMjg1NC00MDgwLTlhMDktNzI2MjMyNmM5
ZTIyLzEvMEQwNTlGMTBEMThEMDAwNTJDODA4RUI4MDY5RjkwRDQ3RTMwNTY0QS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RRV2ZFTkdOQUFVc2dJNjRCcC1RMUg0
d1Zrby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQt
Mjg1NC00MDgwLTlhMDktNzI2MjMyNmM5ZTIyLzEvMzQzNTJlMzEzNDM2MmUzMTMw
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzgzNTM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LZJqMA0GCSqGSIb3DQEBCwUAA4IBAQCJfIZXLiXH1NI+oQyl3YSAnwOFWDM2+/7Q
LuAFQDujiH/liKWWQ0CSuOLqqbGD2fItfATi7Mjz50uHGc9mb4rDwZ8M4DPXdox9
5mNtCLjKp1RwDle89OIiytUh/B5NWysXn6u3EVK7nOxtayACHIjRvH/wULRKnCIo
nN0jBTClsZfEt6eVbga+FHCmfElIHbFyoT8PVlvd5m1BqtLBV2KV5Co/ErNOxCPW
2Gw2of3a349vXqOGOrqZzodS/og25OD5l5iaBGwoZdJgdShDgB2B3VCIsm9p79XJ
aBX9XmTyae5N7Y9tsPLkmvYyDAL3kltdLBj1T/R96qkrK8kKj1oA
-----END CERTIFICATE-----
Generated at Thu Aug 21 07:00:08 2025 by rpki-client