Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e39352e3138302e302f32322d3234203d3e203437353833.roa
File: 34352e39352e3138302e302f32322d3234203d3e203437353833.roa (raw, json)
Hash identifier: +0dnao94l0CtL9Njn5nCV5PNHC6kwmoHVhnpNmuhb8w=
Subject key identifier: 59:3B:DB:94:ED:50:B9:99:A7:A6:9B:E8:B1:2C:86:6D:5E:B2:5A:0C
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 54588CA36C6794CDE85B9339BB65079E74F8E2AD
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e39352e3138302e302f32322d3234203d3e203437353833.roa
Signing time: Mon 27 Jan 2025 09:45:27 +0000
ROA not before: Mon 27 Jan 2025 09:40:27 +0000
ROA not after: Mon 26 Jan 2026 09:45:27 +0000
asID: 47583
IP address blocks: 45.95.180.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:58:8c:a3:6c:67:94:cd:e8:5b:93:39:bb:65:07:9e:74:f8:e2:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:40:27 2025 GMT
Not After : Jan 26 09:45:27 2026 GMT
Subject: CN=593BDB94ED50B999A7A69BE8B12C866D5EB25A0C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:9a:de:d2:64:ad:4e:a1:52:db:5a:09:b1:b6:
a2:d5:73:58:06:2e:79:d5:4e:00:4d:e5:59:5a:d5:
9f:ad:c0:0b:d4:65:7f:2d:48:76:1c:72:f5:a8:08:
5b:95:98:10:a3:ed:36:19:9f:14:cf:22:8f:a4:4e:
1e:b6:77:9b:22:52:7b:bd:8c:b6:09:0f:4a:c4:f3:
c0:b6:08:3a:9e:e4:12:d5:82:8c:e7:8d:24:1e:c6:
69:f5:69:ce:c4:d3:10:72:ca:9e:54:7e:ce:af:3a:
ae:55:96:33:30:91:ef:bf:09:56:69:71:5b:c6:a7:
cc:47:e3:e6:2c:a5:fe:b5:bc:f6:12:86:ef:97:06:
a9:2d:b5:b6:74:9d:63:93:5b:43:18:a1:98:ff:f4:
74:75:06:c4:2d:f6:29:bf:7a:f5:76:3f:e5:e2:bc:
79:f4:14:60:52:6c:6c:1d:f4:cc:68:d5:57:e4:2f:
44:c1:8b:bd:81:c1:f0:11:ba:50:25:f3:10:7c:90:
3f:b5:88:22:b8:21:ec:d4:43:fa:11:b7:7b:6b:58:
dd:6d:0e:35:60:40:93:85:c4:a5:5d:85:0d:00:06:
57:fa:ed:08:7b:bb:c2:c1:19:97:13:4e:02:78:11:
06:e3:31:4a:57:fb:9e:2d:d9:f1:9b:5f:98:f1:5b:
0a:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:3B:DB:94:ED:50:B9:99:A7:A6:9B:E8:B1:2C:86:6D:5E:B2:5A:0C
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e39352e3138302e302f32322d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.180.0/22
Signature Algorithm: sha256WithRSAEncryption
55:be:cb:33:9b:ab:39:01:41:97:14:59:90:cf:ac:19:c5:c6:
0b:61:cd:ff:5e:6f:46:b2:8a:1c:4f:6b:01:c5:38:32:58:94:
e9:67:82:81:52:26:0a:70:da:74:d1:6c:2c:3c:a2:4c:42:17:
82:0e:35:e2:b1:6f:ce:e0:d5:3f:11:fc:b2:a1:63:bc:73:01:
e4:09:fc:27:a4:39:30:d0:87:78:04:13:a8:f4:29:6e:89:7f:
a7:95:1f:61:7f:80:d8:60:aa:96:85:31:56:de:71:9f:38:40:
29:f8:7a:91:d8:d0:d4:f5:fb:0b:ea:ff:e3:5c:17:70:f8:ed:
19:01:66:ba:d8:4a:97:84:8d:0d:89:d0:8f:61:ee:bf:9e:15:
c3:41:ec:f6:14:72:2c:d2:78:66:c6:99:2e:a6:6a:6e:57:62:
ba:8e:1d:54:95:3a:c5:61:50:91:cc:87:71:5b:61:ca:a1:f3:
9b:38:f0:40:44:57:f7:f7:70:ea:f5:91:2c:5e:de:ab:d1:45:
3e:e7:e2:ae:db:bb:f1:1b:71:ef:2c:f7:59:b0:4c:33:ed:13:
9d:f5:7a:09:c8:d0:cb:09:20:66:c3:1b:7e:75:a1:28:6f:92:
62:21:a2:4c:cf:82:e3:bc:66:06:b5:22:7a:14:d4:18:ac:88:
8e:99:66:52
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUVFiMo2xnlM3oW5M5u2UHnnT44q0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTQwMjdaFw0yNjAxMjYwOTQ1MjdaMDMxMTAvBgNV
BAMTKDU5M0JEQjk0RUQ1MEI5OTlBN0E2OUJFOEIxMkM4NjZENUVCMjVBMEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBmt7SZK1OoVLbWgmxtqLVc1gG
LnnVTgBN5Vla1Z+twAvUZX8tSHYccvWoCFuVmBCj7TYZnxTPIo+kTh62d5siUnu9
jLYJD0rE88C2CDqe5BLVgoznjSQexmn1ac7E0xByyp5Ufs6vOq5VljMwke+/CVZp
cVvGp8xH4+Yspf61vPYShu+XBqkttbZ0nWOTW0MYoZj/9HR1BsQt9im/evV2P+Xi
vHn0FGBSbGwd9Mxo1VfkL0TBi72BwfARulAl8xB8kD+1iCK4IezUQ/oRt3trWN1t
DjVgQJOFxKVdhQ0ABlf67Qh7u8LBGZcTTgJ4EQbjMUpX+54t2fGbX5jxWwp/AgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUWTvblO1QuZmnppvosSyGbV6yWgwwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzQzNTJlMzkzNTJlMzEzODMw
MmUzMDJmMzIzMjJkMzIzNDIwM2QzZTIwMzQzNzM1MzgzMy5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi1f
tDANBgkqhkiG9w0BAQsFAAOCAQEAVb7LM5urOQFBlxRZkM+sGcXGC2HN/15vRrKK
HE9rAcU4MliU6WeCgVImCnDadNFsLDyiTEIXgg414rFvzuDVPxH8sqFjvHMB5An8
J6Q5MNCHeAQTqPQpbol/p5UfYX+A2GCqloUxVt5xnzhAKfh6kdjQ1PX7C+r/41wX
cPjtGQFmuthKl4SNDYnQj2Huv54Vw0Hs9hRyLNJ4ZsaZLqZqbldiuo4dVJU6xWFQ
kcyHcVthyqHzmzjwQERX9/dw6vWRLF7eq9FFPufirtu78Rtx7yz3WbBMM+0TnfV6
CcjQywkgZsMbfnWhKG+SYiGiTM+C47xmBrUiehTUGKyIjplmUg==
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:02:02 2025 by rpki-client