Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3133392e3131362e302f32322d3234203d3e20323033303631.roa
File: 34352e3133392e3131362e302f32322d3234203d3e20323033303631.roa (raw, json)
Hash identifier: ThLQL4cX8uy7/JWg4Hy5rPOUtumNiO9dhJv1xrnUlnk=
Subject key identifier: AD:93:DA:8E:34:DB:F8:D2:80:C4:CA:0E:57:49:40:C5:D2:85:E8:0D
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 245E48F2E3BB23DC86270ADBBF363AD6E2EE27AF
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3133392e3131362e302f32322d3234203d3e20323033303631.roa
Signing time: Mon 27 Jan 2025 09:44:47 +0000
ROA not before: Mon 27 Jan 2025 09:39:47 +0000
ROA not after: Mon 26 Jan 2026 09:44:47 +0000
asID: 203061
IP address blocks: 45.139.116.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:5e:48:f2:e3:bb:23:dc:86:27:0a:db:bf:36:3a:d6:e2:ee:27:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Jan 27 09:39:47 2025 GMT
Not After : Jan 26 09:44:47 2026 GMT
Subject: CN=AD93DA8E34DBF8D280C4CA0E574940C5D285E80D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:6a:c3:d3:5f:40:e7:32:ae:fc:d9:e1:e4:e5:
7f:0d:4e:42:88:fd:c0:85:ec:49:d2:8e:95:1f:85:
9d:aa:81:ed:a5:d4:87:af:d4:1d:17:43:45:1c:dd:
de:37:a4:d4:15:88:d3:78:a1:46:15:c7:d0:c3:e6:
8e:9c:b0:7b:d2:3f:9c:f3:e2:79:f4:ef:7f:54:a5:
c5:b2:07:96:55:92:1d:85:c2:ec:4e:86:b8:67:4f:
b6:73:ed:43:76:9c:78:8f:be:5f:74:ba:3d:b2:c2:
d5:94:c8:78:76:2c:f2:28:2f:f1:61:5f:fa:8c:35:
6b:22:78:e4:94:ba:a9:19:86:97:13:89:78:6e:d3:
a5:86:9b:32:f7:94:2a:2c:d3:9e:e0:85:0b:1a:65:
67:88:b2:76:f1:9d:e7:35:ee:88:c1:36:c0:99:53:
fd:0c:3e:bc:e0:03:54:e8:0c:12:fe:08:66:e3:25:
64:d3:75:86:4e:29:04:8e:05:2a:f5:d1:f2:21:33:
1c:80:36:ec:7a:e1:ae:83:85:56:b7:48:14:f1:89:
a5:36:c1:9f:0e:6a:b5:ab:4e:05:89:c2:5d:5e:c0:
eb:5f:b4:f3:c7:c5:12:09:1f:02:de:ce:e2:09:99:
c9:9f:07:b1:54:52:53:11:f6:2b:9c:be:f7:a0:4f:
25:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:93:DA:8E:34:DB:F8:D2:80:C4:CA:0E:57:49:40:C5:D2:85:E8:0D
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3133392e3131362e302f32322d3234203d3e20323033303631.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.116.0/22
Signature Algorithm: sha256WithRSAEncryption
1f:bc:04:6e:7e:1e:77:93:4f:76:eb:dc:4f:e3:67:9d:33:ae:
ab:01:3b:ac:de:f4:a2:1b:91:71:53:0f:f0:3b:5d:24:85:09:
ea:f5:dc:b7:27:07:dc:d0:81:07:f9:2a:b2:a1:12:c5:d1:28:
46:f7:08:b2:74:81:1f:e6:5c:20:ae:e6:7b:b9:34:8c:00:3b:
49:f8:9d:35:67:fa:09:49:fb:dd:57:1e:7b:9e:fc:88:ba:d2:
1a:ae:95:b7:f4:93:ad:ad:62:8a:55:3f:d8:3b:9c:04:75:10:
c6:c1:16:41:d8:74:55:b7:f0:29:51:16:d6:69:c4:69:a4:65:
21:12:47:e0:dd:dd:d8:00:bd:73:3a:d2:d1:af:fd:51:e1:3d:
9a:ad:64:1c:99:ee:e1:87:40:50:a7:ff:7b:ae:23:c9:77:de:
ed:19:a2:24:f4:86:fc:f3:44:fa:2b:82:d6:36:26:21:fa:88:
c3:4a:97:83:5b:ba:5e:d5:fa:8a:ed:7d:89:61:5f:bc:37:ba:
57:16:8b:ac:43:fd:bc:f1:dc:de:b1:c5:0f:89:98:25:80:ab:
ec:6f:8c:33:b2:db:49:e5:c5:f1:d8:4b:a7:c0:d8:f7:fd:ac:
e4:41:f4:8b:04:00:35:3c:56:a6:23:1f:54:30:03:3b:e9:d7:
87:c3:64:8d
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUJF5I8uO7I9yGJwrbvzY61uLuJ68wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNTAxMjcwOTM5NDdaFw0yNjAxMjYwOTQ0NDdaMDMxMTAvBgNV
BAMTKEFEOTNEQThFMzREQkY4RDI4MEM0Q0EwRTU3NDk0MEM1RDI4NUU4MEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBasPTX0DnMq782eHk5X8NTkKI
/cCF7EnSjpUfhZ2qge2l1Iev1B0XQ0Uc3d43pNQViNN4oUYVx9DD5o6csHvSP5zz
4nn0739UpcWyB5ZVkh2FwuxOhrhnT7Zz7UN2nHiPvl90uj2ywtWUyHh2LPIoL/Fh
X/qMNWsieOSUuqkZhpcTiXhu06WGmzL3lCos057ghQsaZWeIsnbxnec17ojBNsCZ
U/0MPrzgA1ToDBL+CGbjJWTTdYZOKQSOBSr10fIhMxyANux64a6DhVa3SBTxiaU2
wZ8OarWrTgWJwl1ewOtftPPHxRIJHwLezuIJmcmfB7FUUlMR9iucvvegTyUjAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUrZPajjTb+NKAxMoOV0lAxdKF6A0wHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzQzNTJlMzEzMzM5MmUzMTMx
MzYyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMjMwMzMzMDM2MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAIti3QwDQYJKoZIhvcNAQELBQADggEBAB+8BG5+HneTT3br3E/jZ50zrqsBO6ze
9KIbkXFTD/A7XSSFCer13LcnB9zQgQf5KrKhEsXRKEb3CLJ0gR/mXCCu5nu5NIwA
O0n4nTVn+glJ+91XHnue/Ii60hqulbf0k62tYopVP9g7nAR1EMbBFkHYdFW38ClR
FtZpxGmkZSESR+Dd3dgAvXM60tGv/VHhPZqtZByZ7uGHQFCn/3uuI8l33u0ZoiT0
hvzzRPorgtY2JiH6iMNKl4Nbul7V+ortfYlhX7w3ulcWi6xD/bzx3N6xxQ+JmCWA
q+xvjDOy20nlxfHYS6fA2Pf9rORB9IsEADU8VqYjH1QwAzvp14fDZI0=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:47:09 2025 by rpki-client