Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3134312e3132322e302f32342d3332203d3e203531313637.roa
File: 34352e3134312e3132322e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: zks9ZI9ftHGrjScp8O+JhO7lO6kY02CwjisUo0R4X0I=
Subject key identifier: B3:AA:58:42:A5:1D:A6:82:7E:72:F2:2B:FF:39:BC:29:AC:2B:8E:3D
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 3DB7194278DC5A2BF6CF582F46FE5C5DCC3A854E
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3134312e3132322e302f32342d3332203d3e203531313637.roa
Signing time: Mon 27 Jan 2025 09:44:52 +0000
ROA not before: Mon 27 Jan 2025 09:39:52 +0000
ROA not after: Mon 26 Jan 2026 09:44:52 +0000
asID: 51167
IP address blocks: 45.141.122.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Apr 2025 16:15:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:b7:19:42:78:dc:5a:2b:f6:cf:58:2f:46:fe:5c:5d:cc:3a:85:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Jan 27 09:39:52 2025 GMT
Not After : Jan 26 09:44:52 2026 GMT
Subject: CN=B3AA5842A51DA6827E72F22BFF39BC29AC2B8E3D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:48:1f:2a:54:bf:5b:85:0c:15:57:0b:da:0a:
28:a4:35:14:1c:eb:72:10:ea:47:41:fc:ae:60:f5:
c2:33:96:4a:ff:05:0b:ff:5c:55:cb:65:9e:58:ac:
6d:9c:e1:9b:7c:a2:3d:e8:fd:8a:e5:7f:1b:c4:2b:
a5:af:ca:0d:86:3c:f8:3f:fa:73:0f:5f:69:62:10:
26:4e:54:0b:98:fd:a3:44:ab:c0:64:2c:c8:91:37:
aa:9d:a5:01:cc:df:94:23:13:b0:4a:21:96:5e:f6:
fd:ab:07:1a:61:b3:1b:42:92:77:fd:09:72:30:6e:
cc:8d:3f:d6:73:1f:bd:94:32:fc:53:f3:fe:a5:a4:
ca:cb:c9:5b:09:58:cb:79:55:88:7b:84:8b:93:9f:
18:5c:b9:1b:40:8a:01:d7:09:83:1d:fe:a2:60:2a:
ff:81:cb:ef:7d:ec:77:55:cf:78:a4:f6:d9:71:2a:
d1:eb:28:19:83:9e:80:50:12:c3:66:15:f4:0e:b6:
e8:d9:71:2b:44:47:9f:81:0d:2e:78:09:30:a4:8d:
dc:db:0d:5f:d5:e4:f0:e0:0e:a9:e7:2d:e8:16:a1:
c3:b7:59:15:62:55:df:a1:e6:a4:a0:cb:43:3b:ea:
9f:4e:e0:85:2a:b0:77:43:94:1e:06:92:bb:d7:9c:
c8:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:AA:58:42:A5:1D:A6:82:7E:72:F2:2B:FF:39:BC:29:AC:2B:8E:3D
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3134312e3132322e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.122.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:bf:18:6b:3d:88:cb:e8:c6:2d:51:e8:21:ec:85:dd:4d:a2:
b7:6f:56:27:6a:47:5d:35:cb:0c:9c:53:45:f1:eb:d0:7c:23:
3c:f0:7d:04:b0:ae:29:46:ec:44:7f:34:50:9a:fd:dd:ab:ae:
a4:9d:81:cf:5b:4d:68:04:e3:0e:4d:9a:f1:82:2d:41:f0:24:
c4:d4:38:8e:fe:de:b6:00:a4:74:b3:27:d1:67:94:e8:27:0b:
e8:a3:0f:38:0e:e8:11:b1:5d:12:8c:1f:84:f2:1c:c1:17:ea:
05:db:c9:73:05:43:60:5f:fe:49:82:79:ef:9a:a8:0b:22:96:
fa:89:5f:66:7d:46:70:11:ea:fd:f0:16:b4:3e:fd:50:83:76:
5d:04:61:a2:8c:4e:c8:cf:62:3d:0d:2a:e9:81:f2:36:f0:cc:
80:42:6a:26:32:67:38:0d:89:de:3f:3b:c3:54:f2:82:46:1d:
aa:71:06:b2:d9:dc:f5:a2:38:cd:a7:42:f2:b2:c7:72:5d:cb:
e3:6a:02:51:26:bd:81:b8:21:a9:b6:c2:26:a2:a5:69:94:5c:
e5:05:64:77:50:29:95:94:ab:c2:1f:0e:35:a9:7f:f0:33:66:
a2:4d:de:f2:80:02:4e:b8:0d:48:63:a0:6f:78:b6:47:a4:06:
29:74:3d:06
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUPbcZQnjcWiv2z1gvRv5cXcw6hU4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNTAxMjcwOTM5NTJaFw0yNjAxMjYwOTQ0NTJaMDMxMTAvBgNV
BAMTKEIzQUE1ODQyQTUxREE2ODI3RTcyRjIyQkZGMzlCQzI5QUMyQjhFM0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD2SB8qVL9bhQwVVwvaCiikNRQc
63IQ6kdB/K5g9cIzlkr/BQv/XFXLZZ5YrG2c4Zt8oj3o/YrlfxvEK6Wvyg2GPPg/
+nMPX2liECZOVAuY/aNEq8BkLMiRN6qdpQHM35QjE7BKIZZe9v2rBxphsxtCknf9
CXIwbsyNP9ZzH72UMvxT8/6lpMrLyVsJWMt5VYh7hIuTnxhcuRtAigHXCYMd/qJg
Kv+By+997HdVz3ik9tlxKtHrKBmDnoBQEsNmFfQOtujZcStER5+BDS54CTCkjdzb
DV/V5PDgDqnnLegWocO3WRViVd+h5qSgy0M76p9O4IUqsHdDlB4GkrvXnMj7AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUs6pYQqUdpoJ+cvIr/zm8Kawrjj0wHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzQzNTJlMzEzNDMxMmUzMTMy
MzIyZTMwMmYzMjM0MmQzMzMyMjAzZDNlMjAzNTMxMzEzNjM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LY16MA0GCSqGSIb3DQEBCwUAA4IBAQBOvxhrPYjL6MYtUegh7IXdTaK3b1Ynakdd
NcsMnFNF8evQfCM88H0EsK4pRuxEfzRQmv3dq66knYHPW01oBOMOTZrxgi1B8CTE
1DiO/t62AKR0syfRZ5ToJwvoow84DugRsV0SjB+E8hzBF+oF28lzBUNgX/5Jgnnv
mqgLIpb6iV9mfUZwEer98Ba0Pv1Qg3ZdBGGijE7Iz2I9DSrpgfI28MyAQmomMmc4
DYnePzvDVPKCRh2qcQay2dz1ojjNp0LyssdyXcvjagJRJr2BuCGptsImoqVplFzl
BWR3UCmVlKvCHw41qX/wM2aiTd7ygAJOuA1IY6BveLZHpAYpdD0G
-----END CERTIFICATE-----
Generated at Thu Apr 3 05:04:12 2025 by rpki-client