Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3134312e3132312e302f32342d3234203d3e20313336373837.roa
File: 34352e3134312e3132312e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: 19G4A1nFHYdfFFs+w5L4gY+448gJBkGEtH8QO1DOubo=
Subject key identifier: E7:2B:0F:73:15:55:4C:53:2A:61:C6:AC:40:96:A0:40:61:E3:59:F8
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 68BB7D6CAC87AC6CF4430E897C6BC6148BA5A4E6
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3134312e3132312e302f32342d3234203d3e20313336373837.roa
Signing time: Sat 01 Feb 2025 22:45:35 +0000
ROA not before: Sat 01 Feb 2025 22:40:35 +0000
ROA not after: Sat 31 Jan 2026 22:45:35 +0000
asID: 136787
IP address blocks: 45.141.121.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 14:13:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:bb:7d:6c:ac:87:ac:6c:f4:43:0e:89:7c:6b:c6:14:8b:a5:a4:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Feb 1 22:40:35 2025 GMT
Not After : Jan 31 22:45:35 2026 GMT
Subject: CN=E72B0F7315554C532A61C6AC4096A04061E359F8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:40:b1:79:97:6d:81:7f:13:72:24:a0:34:f6:
b3:c4:63:29:cc:d1:a6:83:d9:00:9c:a0:ee:b5:4a:
f3:60:11:8e:6e:c2:05:d3:04:6a:fd:48:d3:45:9d:
4b:04:ef:66:ec:4b:38:57:a2:43:1a:19:88:4b:89:
84:ce:ae:05:44:71:ea:6b:c1:60:ec:aa:5b:09:d1:
90:e6:50:dd:77:ab:c7:7e:35:5d:9c:bc:2c:1d:2e:
b7:42:55:c9:10:6b:e5:18:6c:60:49:10:22:64:ec:
04:0a:64:e5:07:8c:e7:7e:cd:9a:9a:79:ec:ca:0e:
21:44:a1:e8:c1:91:de:d6:60:eb:97:ac:81:0e:54:
76:f7:10:f6:0a:1d:06:86:ea:80:8e:9c:3c:8b:9b:
a2:78:87:ac:6a:6b:df:58:89:7e:94:ce:08:55:9c:
7e:21:8f:5d:a2:c9:be:ff:45:6f:02:3f:e3:3c:89:
3a:02:5d:82:aa:2d:d2:3e:67:00:db:0f:74:a8:2d:
7c:6c:41:93:c1:44:19:14:19:b3:71:d2:1b:c0:36:
95:7e:95:8b:e5:29:6b:4d:de:5a:01:c7:6c:4f:1a:
5b:b1:25:30:3a:78:be:7d:3a:43:3d:69:5c:ee:6e:
b0:ea:97:58:1a:02:9a:31:38:b8:ce:a8:ae:a7:e6:
1f:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:2B:0F:73:15:55:4C:53:2A:61:C6:AC:40:96:A0:40:61:E3:59:F8
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3134312e3132312e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.121.0/24
Signature Algorithm: sha256WithRSAEncryption
70:9c:07:3d:96:d6:86:fd:8c:33:7c:6e:81:67:4e:d2:52:1c:
af:54:11:0c:15:1c:14:3f:a0:06:8f:36:c4:1a:a1:ce:a7:0b:
a5:d9:51:0b:a1:61:ba:dd:60:87:2f:3b:63:a8:37:63:cb:cf:
69:71:cf:1e:bf:87:b9:80:96:23:9f:eb:89:99:b8:1f:ab:18:
42:ac:55:4b:f5:fd:55:e8:64:e7:fe:57:86:b8:9a:99:bd:65:
ff:64:6b:22:4e:c7:26:b3:07:e4:10:ec:16:5d:b0:01:4e:b2:
eb:0a:76:2f:6b:0f:0e:28:85:c4:6f:36:22:54:4e:5b:b4:ca:
69:ea:fe:4c:43:00:85:40:16:65:5a:c7:42:69:f2:fd:32:0c:
08:fb:e5:82:e3:7f:58:30:a0:a8:6c:ae:12:43:da:ce:0d:19:
4a:67:fe:d5:32:63:f5:00:9d:1c:ac:2a:cf:c8:47:da:0e:d1:
31:10:e9:a0:36:eb:75:e1:d7:b1:f5:92:05:30:53:8d:02:b9:
75:65:57:fc:3b:8e:75:6b:28:52:0d:6f:f0:73:25:60:ec:40:
e8:20:cb:36:72:17:b8:d8:f9:8d:98:c0:73:8e:3a:9e:f0:6e:
15:48:a1:b3:b6:da:dd:a6:78:99:3c:62:17:06:4e:1f:07:fb:
52:82:be:30
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUaLt9bKyHrGz0Qw6JfGvGFIulpOYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNTAyMDEyMjQwMzVaFw0yNjAxMzEyMjQ1MzVaMDMxMTAvBgNV
BAMTKEU3MkIwRjczMTU1NTRDNTMyQTYxQzZBQzQwOTZBMDQwNjFFMzU5RjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCXQLF5l22BfxNyJKA09rPEYynM
0aaD2QCcoO61SvNgEY5uwgXTBGr9SNNFnUsE72bsSzhXokMaGYhLiYTOrgVEcepr
wWDsqlsJ0ZDmUN13q8d+NV2cvCwdLrdCVckQa+UYbGBJECJk7AQKZOUHjOd+zZqa
eezKDiFEoejBkd7WYOuXrIEOVHb3EPYKHQaG6oCOnDyLm6J4h6xqa99YiX6UzghV
nH4hj12iyb7/RW8CP+M8iToCXYKqLdI+ZwDbD3SoLXxsQZPBRBkUGbNx0hvANpV+
lYvlKWtN3loBx2xPGluxJTA6eL59OkM9aVzubrDql1gaApoxOLjOqK6n5h+PAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU5ysPcxVVTFMqYcasQJagQGHjWfgwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzQzNTJlMzEzNDMxMmUzMTMy
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAtjXkwDQYJKoZIhvcNAQELBQADggEBAHCcBz2W1ob9jDN8boFnTtJSHK9UEQwV
HBQ/oAaPNsQaoc6nC6XZUQuhYbrdYIcvO2OoN2PLz2lxzx6/h7mAliOf64mZuB+r
GEKsVUv1/VXoZOf+V4a4mpm9Zf9kayJOxyazB+QQ7BZdsAFOsusKdi9rDw4ohcRv
NiJUTlu0ymnq/kxDAIVAFmVax0Jp8v0yDAj75YLjf1gwoKhsrhJD2s4NGUpn/tUy
Y/UAnRysKs/IR9oO0TEQ6aA263Xh17H1kgUwU40CuXVlV/w7jnVrKFINb/BzJWDs
QOggyzZyF7jY+Y2YwHOOOp7wbhVIobO22t2meJk8YhcGTh8H+1KCvjA=
-----END CERTIFICATE-----
Generated at Wed Apr 9 17:05:18 2025 by rpki-client