Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e31302e3231322e302f32322d3234203d3e20323031333431.roa
File: 34352e31302e3231322e302f32322d3234203d3e20323031333431.roa (raw, json)
Hash identifier: RDr8tQN4Ik4buC/PQTj7vmaynA/DxI7E5faqK+dJSSw=
Subject key identifier: 03:5A:9D:AC:D1:80:FC:A4:20:79:A5:F5:68:A6:6A:23:85:45:EB:2E
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 440C96593378FA33484C2F98F5DD07F0B3405167
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e31302e3231322e302f32322d3234203d3e20323031333431.roa
Signing time: Wed 02 Apr 2025 12:45:57 +0000
ROA not before: Wed 02 Apr 2025 12:40:57 +0000
ROA not after: Wed 01 Apr 2026 12:45:57 +0000
asID: 201341
IP address blocks: 45.10.212.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:0c:96:59:33:78:fa:33:48:4c:2f:98:f5:dd:07:f0:b3:40:51:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Apr 2 12:40:57 2025 GMT
Not After : Apr 1 12:45:57 2026 GMT
Subject: CN=035A9DACD180FCA42079A5F568A66A238545EB2E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:6d:95:70:91:1b:5a:76:80:54:3a:c2:cb:b7:
d4:9d:49:2a:53:1d:0d:59:4a:e3:dc:82:37:96:e7:
10:58:1a:eb:75:39:6e:de:f3:2f:9d:bf:c9:f6:4d:
60:af:a8:06:36:2e:e1:af:34:0d:3c:a9:26:5f:57:
e8:21:e5:56:ef:b9:98:9f:a3:5e:ed:e4:23:7e:f9:
1a:fc:50:27:45:35:ee:f5:28:e1:b1:fb:e5:a0:8d:
9c:1c:e9:f7:55:5c:e4:f8:a2:62:75:38:b6:bc:0e:
36:70:4c:cd:50:32:d1:57:4f:31:98:da:2e:9e:16:
17:25:a7:8e:db:c6:7a:3c:a1:45:cd:6d:eb:cb:d2:
59:70:6b:72:66:83:0e:98:af:26:b3:35:76:a4:e9:
58:95:6e:a7:97:13:9f:96:99:58:47:0b:a6:61:97:
df:c4:b2:88:89:b0:12:18:49:ac:7b:71:bf:ef:1a:
8a:73:b4:ff:2f:10:cf:20:2a:98:04:08:f7:d4:53:
4b:54:fe:71:0e:c8:52:48:0a:df:12:f7:40:33:c7:
31:ec:f2:b7:a0:6d:b1:0f:f3:ba:b4:8b:41:b7:a7:
42:f0:47:e7:77:76:e8:d2:ef:4d:bd:86:90:58:dc:
6d:1f:f2:c9:1b:dd:4d:09:5f:fa:e0:f0:1e:cf:ec:
e5:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:5A:9D:AC:D1:80:FC:A4:20:79:A5:F5:68:A6:6A:23:85:45:EB:2E
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e31302e3231322e302f32322d3234203d3e20323031333431.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.212.0/22
Signature Algorithm: sha256WithRSAEncryption
3a:88:22:89:95:a5:ff:37:70:5c:34:9a:26:55:22:42:9d:66:
b7:be:fe:31:7d:73:51:8c:9a:57:af:c0:47:d6:05:35:75:21:
33:ca:d5:5e:d0:2c:67:b6:c9:5e:43:a5:45:2d:5c:93:8c:20:
39:26:e8:c9:38:aa:6b:99:e7:8d:e7:d6:a5:68:2a:94:0e:51:
be:9d:02:d7:15:62:9b:c2:2b:0e:ed:40:75:0e:68:df:25:c0:
56:ef:29:63:58:33:eb:a2:f2:ec:3d:d0:bd:5e:ce:70:09:71:
06:38:1a:60:b5:7e:d7:c0:7d:fb:c5:2c:01:17:20:9f:0a:e0:
3a:67:e3:92:1c:21:1f:3b:45:f6:ad:50:52:18:e6:8f:0f:ef:
8d:a1:4c:6b:23:20:54:f1:14:eb:61:dd:28:a0:16:3a:49:40:
c3:fe:e8:90:51:9f:c0:86:03:f3:9b:d2:51:00:5d:3c:39:73:
ea:1c:aa:c0:f0:b9:25:1d:77:61:2c:36:12:55:d0:de:14:c4:
5f:87:c1:ad:d5:89:eb:73:6a:bf:d2:6c:4c:32:64:5b:6a:b6:
a0:53:71:d5:a9:b8:01:d9:37:54:be:60:8c:15:be:78:06:fa:
96:0b:2e:4c:83:2d:8d:aa:ad:b1:47:e4:bc:45:28:44:a2:98:
f6:2c:e4:5f
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIURAyWWTN4+jNITC+Y9d0H8LNAUWcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA0MDIxMjQwNTdaFw0yNjA0MDExMjQ1NTdaMDMxMTAvBgNV
BAMTKDAzNUE5REFDRDE4MEZDQTQyMDc5QTVGNTY4QTY2QTIzODU0NUVCMkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSbZVwkRtadoBUOsLLt9SdSSpT
HQ1ZSuPcgjeW5xBYGut1OW7e8y+dv8n2TWCvqAY2LuGvNA08qSZfV+gh5VbvuZif
o17t5CN++Rr8UCdFNe71KOGx++WgjZwc6fdVXOT4omJ1OLa8DjZwTM1QMtFXTzGY
2i6eFhclp47bxno8oUXNbevL0llwa3Jmgw6YryazNXak6ViVbqeXE5+WmVhHC6Zh
l9/EsoiJsBIYSax7cb/vGopztP8vEM8gKpgECPfUU0tU/nEOyFJICt8S90AzxzHs
8regbbEP87q0i0G3p0LwR+d3dujS7029hpBY3G0f8skb3U0JX/rg8B7P7OWtAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUA1qdrNGA/KQgeaX1aKZqI4VF6y4wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzQzNTJlMzEzMDJlMzIzMTMy
MmUzMDJmMzIzMjJkMzIzNDIwM2QzZTIwMzIzMDMxMzMzNDMxLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
LQrUMA0GCSqGSIb3DQEBCwUAA4IBAQA6iCKJlaX/N3BcNJomVSJCnWa3vv4xfXNR
jJpXr8BH1gU1dSEzytVe0CxntsleQ6VFLVyTjCA5JujJOKprmeeN59alaCqUDlG+
nQLXFWKbwisO7UB1DmjfJcBW7yljWDProvLsPdC9Xs5wCXEGOBpgtX7XwH37xSwB
FyCfCuA6Z+OSHCEfO0X2rVBSGOaPD++NoUxrIyBU8RTrYd0ooBY6SUDD/uiQUZ/A
hgPzm9JRAF08OXPqHKrA8LklHXdhLDYSVdDeFMRfh8Gt1Ynrc2q/0mxMMmRbarag
U3HVqbgB2TdUvmCMFb54BvqWCy5Mgy2Nqq2xR+S8RShEopj2LORf
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:56:23 2025 by rpki-client