Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3133302e3131322e302f32322d3234203d3e20323033303631.roa
File: 34352e3133302e3131322e302f32322d3234203d3e20323033303631.roa (raw, json)
Hash identifier: rRRKTmLwDes1D5lD1JbHG/LejM3m4wL5R2Ov7GMSOrU=
Subject key identifier: 2E:EA:E9:3D:A6:11:0E:C8:46:0F:1A:0F:65:DB:F2:AE:CE:C1:83:EA
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 74268447815601903BFD4F6F368820B520895673
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3133302e3131322e302f32322d3234203d3e20323033303631.roa
Signing time: Mon 27 Jan 2025 09:44:51 +0000
ROA not before: Mon 27 Jan 2025 09:39:51 +0000
ROA not after: Mon 26 Jan 2026 09:44:51 +0000
asID: 203061
IP address blocks: 45.130.112.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 15:28:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:26:84:47:81:56:01:90:3b:fd:4f:6f:36:88:20:b5:20:89:56:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Jan 27 09:39:51 2025 GMT
Not After : Jan 26 09:44:51 2026 GMT
Subject: CN=2EEAE93DA6110EC8460F1A0F65DBF2AECEC183EA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:84:df:db:33:54:80:ce:9b:94:97:27:a5:78:
68:46:9a:7e:70:70:fa:60:a8:0d:73:1b:c8:7a:99:
8e:4a:ee:5a:aa:9d:60:39:9b:d4:85:98:cb:e3:f4:
07:11:fb:bd:66:ac:46:4e:4d:f9:f5:29:45:b7:5f:
10:77:57:ad:a2:3b:d5:66:9a:0b:1a:98:56:4e:85:
30:3b:62:14:83:b3:7b:7c:b4:9d:47:45:3a:dd:72:
2a:d3:6b:b0:a8:84:97:ae:77:1f:cf:f6:f4:36:83:
85:62:ce:76:ec:ff:39:03:7e:a0:a5:e4:ff:a2:f7:
1b:ba:c3:6a:26:26:67:a6:56:1e:10:d1:de:cf:b4:
60:85:af:72:5e:15:e6:95:44:5f:71:a8:34:7f:66:
1e:25:24:8d:0e:17:bd:28:4a:65:e9:94:34:bf:cc:
c2:2f:5e:50:33:48:fa:ec:56:1b:40:22:87:69:c1:
f5:8c:2e:30:6b:95:7f:21:1c:59:c1:a5:5a:64:8f:
b9:b5:36:d1:10:29:9f:fc:0e:9b:75:79:38:08:74:
a0:e3:c7:d2:8e:04:d8:81:d2:2f:85:48:2d:70:c1:
cb:c7:fb:82:7e:73:05:4e:6e:df:99:5a:e1:74:de:
c1:d8:df:04:b5:68:e0:88:fe:87:b1:e0:38:31:80:
3d:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:EA:E9:3D:A6:11:0E:C8:46:0F:1A:0F:65:DB:F2:AE:CE:C1:83:EA
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3133302e3131322e302f32322d3234203d3e20323033303631.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.112.0/22
Signature Algorithm: sha256WithRSAEncryption
33:ef:01:02:eb:64:e9:e4:96:ce:83:f4:e3:52:59:3c:90:33:
ce:43:c9:54:d2:6d:14:67:8d:ff:ab:da:93:a4:91:33:7a:6b:
2a:7b:56:3a:37:e1:31:01:d9:46:20:c0:63:40:e8:d5:2a:12:
98:a0:bf:ac:3d:de:25:f7:99:f5:66:c1:8e:f4:15:c1:86:30:
7b:d3:f5:40:02:79:07:e9:c4:9f:7a:5b:7d:a6:68:5c:46:0a:
27:0f:8a:68:7f:86:6b:b1:e2:88:9e:0a:06:40:f7:a3:55:a8:
1c:0f:04:ca:20:e6:36:84:51:46:21:e4:45:d3:50:7c:e4:f9:
81:7f:47:a0:cb:e0:99:71:62:b8:7f:7d:a7:4c:cc:4a:17:7f:
c5:10:43:17:bf:09:ee:7b:24:3d:67:dd:de:a7:f8:9f:00:06:
bd:d1:f3:d1:77:e9:8c:04:af:31:3c:37:ff:af:11:7d:46:96:
78:8b:05:19:3a:f8:4e:2a:a5:78:f6:9c:17:01:c6:3a:0d:75:
84:b4:9b:10:e6:c4:f7:fd:ef:d0:10:54:3b:27:d1:a5:30:3e:
ea:bf:4e:5e:00:b6:97:eb:bc:81:65:15:e6:54:9b:25:d4:da:
20:98:a4:71:50:e7:a7:18:5c:e4:9f:21:bb:b5:b0:ea:bd:15:
fc:18:8b:c6
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUdCaER4FWAZA7/U9vNoggtSCJVnMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNTAxMjcwOTM5NTFaFw0yNjAxMjYwOTQ0NTFaMDMxMTAvBgNV
BAMTKDJFRUFFOTNEQTYxMTBFQzg0NjBGMUEwRjY1REJGMkFFQ0VDMTgzRUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+hN/bM1SAzpuUlyeleGhGmn5w
cPpgqA1zG8h6mY5K7lqqnWA5m9SFmMvj9AcR+71mrEZOTfn1KUW3XxB3V62iO9Vm
mgsamFZOhTA7YhSDs3t8tJ1HRTrdcirTa7CohJeudx/P9vQ2g4Viznbs/zkDfqCl
5P+i9xu6w2omJmemVh4Q0d7PtGCFr3JeFeaVRF9xqDR/Zh4lJI0OF70oSmXplDS/
zMIvXlAzSPrsVhtAIodpwfWMLjBrlX8hHFnBpVpkj7m1NtEQKZ/8Dpt1eTgIdKDj
x9KOBNiB0i+FSC1wwcvH+4J+cwVObt+ZWuF03sHY3wS1aOCI/oex4DgxgD1lAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQULurpPaYRDshGDxoPZdvyrs7Bg+owHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzQzNTJlMzEzMzMwMmUzMTMx
MzIyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMjMwMzMzMDM2MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAItgnAwDQYJKoZIhvcNAQELBQADggEBADPvAQLrZOnkls6D9ONSWTyQM85DyVTS
bRRnjf+r2pOkkTN6ayp7Vjo34TEB2UYgwGNA6NUqEpigv6w93iX3mfVmwY70FcGG
MHvT9UACeQfpxJ96W32maFxGCicPimh/hmux4oieCgZA96NVqBwPBMog5jaEUUYh
5EXTUHzk+YF/R6DL4JlxYrh/fadMzEoXf8UQQxe/Ce57JD1n3d6n+J8ABr3R89F3
6YwErzE8N/+vEX1GlniLBRk6+E4qpXj2nBcBxjoNdYS0mxDmxPf979AQVDsn0aUw
Puq/Tl4AtpfrvIFlFeZUmyXU2iCYpHFQ56cYXOSfIbu1sOq9FfwYi8Y=
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:43:39 2025 by rpki-client