Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e39302e3232322e302f32342d3234203d3e20313437303439.roa
File: 34352e39302e3232322e302f32342d3234203d3e20313437303439.roa (raw, json)
Hash identifier: ndegK/ip2M9Qe++rGT53pxYy7inMSFC48VUTG0oKrys=
Subject key identifier: 5D:D2:CD:2B:B6:C7:E3:2B:3C:C5:52:21:DD:97:F1:B3:3C:CA:AC:23
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 0769BA4BF71FB4C6F93606792FD6080AFBFE16F4
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e39302e3232322e302f32342d3234203d3e20313437303439.roa
Signing time: Fri 27 Dec 2024 11:47:22 +0000
ROA not before: Fri 27 Dec 2024 11:42:22 +0000
ROA not after: Fri 26 Dec 2025 11:47:22 +0000
asID: 147049
IP address blocks: 45.90.222.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 07:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:69:ba:4b:f7:1f:b4:c6:f9:36:06:79:2f:d6:08:0a:fb:fe:16:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:22 2024 GMT
Not After : Dec 26 11:47:22 2025 GMT
Subject: CN=5DD2CD2BB6C7E32B3CC55221DD97F1B33CCAAC23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:0e:b0:7d:5c:e0:e4:c2:0a:66:71:61:dd:cb:
54:88:41:0b:fd:b1:93:7b:92:ba:b4:6e:7c:c1:6c:
84:72:6c:64:55:4e:f3:ca:b6:2a:45:41:c3:8a:7f:
cc:c7:8b:69:4c:fe:64:f2:4d:cd:ea:bf:04:db:9b:
f8:f7:fa:59:64:22:29:c7:d7:4f:1f:8e:aa:1d:83:
fa:6f:c0:3d:95:39:fd:fa:95:23:33:18:0e:d9:ef:
a1:ac:ca:24:5f:2c:b3:d9:dc:04:f3:31:85:e2:c1:
85:e7:d2:31:a9:bf:85:50:d7:4e:ad:62:fc:00:bc:
3b:2b:97:ea:4d:fe:b7:cb:ef:9b:57:1c:5f:d6:0d:
ef:32:78:31:02:8c:18:13:78:38:b9:14:9d:58:76:
a6:09:e4:48:3b:4c:e4:a3:07:1d:aa:ed:bf:c9:b9:
9c:10:bf:50:36:2b:d5:ea:49:6c:51:97:ac:a2:e5:
24:8b:5d:cb:e4:80:05:67:b4:11:1f:8c:d9:f5:75:
c1:5e:a6:cc:c7:ba:1a:bf:c4:a7:63:e5:20:79:a1:
95:3f:83:7b:55:4a:ac:d6:53:b0:2e:9f:3d:79:4e:
7e:29:14:bf:56:60:68:49:4e:25:55:44:ac:41:11:
62:90:3b:d9:98:27:d2:c8:89:d5:0d:a5:8b:67:1a:
d1:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:D2:CD:2B:B6:C7:E3:2B:3C:C5:52:21:DD:97:F1:B3:3C:CA:AC:23
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e39302e3232322e302f32342d3234203d3e20313437303439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.222.0/24
Signature Algorithm: sha256WithRSAEncryption
86:95:03:da:bf:9b:06:3f:76:d3:41:67:9a:b8:6c:73:23:0e:
9c:de:3b:cb:98:83:a9:c5:a0:ef:18:93:97:e3:a4:70:5f:de:
99:bc:7f:68:e0:8c:f2:5a:cd:56:64:91:17:94:14:70:41:72:
15:bf:80:91:8b:35:9f:bd:5f:b5:21:42:9e:01:62:d0:97:50:
34:a7:76:9c:f1:7f:78:2c:09:96:87:8f:2b:5b:47:7f:6d:e2:
e5:98:8c:56:18:3b:7e:87:84:66:30:4f:1d:36:46:a7:3c:ae:
55:f3:eb:62:c4:16:45:71:0e:e8:42:d0:b6:37:9e:1e:42:a8:
ac:5d:47:75:cb:02:82:23:1a:38:e7:fb:5f:e3:22:58:d2:c7:
a8:ed:e5:d2:5e:e7:2f:00:57:82:e8:91:f9:bb:f6:3a:25:a7:
50:2d:13:12:5b:ef:b6:96:a3:19:e9:d6:9d:6e:4b:ee:c9:da:
c3:bc:7d:83:f8:34:b9:0a:91:19:d8:43:2c:90:ba:f3:6f:f9:
f4:66:3e:ce:30:30:38:51:17:f7:8d:8c:5e:eb:22:3f:ea:e9:
1b:a9:ae:46:64:a8:52:36:93:69:b4:90:ad:33:af:58:2e:b9:
af:b8:33:d5:64:c0:9f:55:d2:e1:58:ef:5d:be:38:dc:30:94:
31:c9:b2:c6
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUB2m6S/cftMb5NgZ5L9YICvv+FvQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyMjJaFw0yNTEyMjYxMTQ3MjJaMDMxMTAvBgNV
BAMTKDVERDJDRDJCQjZDN0UzMkIzQ0M1NTIyMUREOTdGMUIzM0NDQUFDMjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzDrB9XODkwgpmcWHdy1SIQQv9
sZN7krq0bnzBbIRybGRVTvPKtipFQcOKf8zHi2lM/mTyTc3qvwTbm/j3+llkIinH
108fjqodg/pvwD2VOf36lSMzGA7Z76GsyiRfLLPZ3ATzMYXiwYXn0jGpv4VQ106t
YvwAvDsrl+pN/rfL75tXHF/WDe8yeDECjBgTeDi5FJ1YdqYJ5Eg7TOSjBx2q7b/J
uZwQv1A2K9XqSWxRl6yi5SSLXcvkgAVntBEfjNn1dcFepszHuhq/xKdj5SB5oZU/
g3tVSqzWU7Aunz15Tn4pFL9WYGhJTiVVRKxBEWKQO9mYJ9LIidUNpYtnGtEHAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUXdLNK7bH4ys8xVIh3ZfxszzKrCMwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zNDM1MmUzOTMwMmUz
MjMyMzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM0MzczMDM0Mzkucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAtWt4wDQYJKoZIhvcNAQELBQADggEBAIaVA9q/mwY/dtNBZ5q4bHMjDpze
O8uYg6nFoO8Yk5fjpHBf3pm8f2jgjPJazVZkkReUFHBBchW/gJGLNZ+9X7UhQp4B
YtCXUDSndpzxf3gsCZaHjytbR39t4uWYjFYYO36HhGYwTx02Rqc8rlXz62LEFkVx
DuhC0LY3nh5CqKxdR3XLAoIjGjjn+1/jIljSx6jt5dJe5y8AV4Lokfm79jolp1At
ExJb77aWoxnp1p1uS+7J2sO8fYP4NLkKkRnYQyyQuvNv+fRmPs4wMDhRF/eNjF7r
Ij/q6RuprkZkqFI2k2m0kK0zr1guua+4M9VkwJ9V0uFY712+ONwwlDHJssY=
-----END CERTIFICATE-----
Generated at Wed Apr 9 14:10:09 2025 by rpki-client