Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3134342e38302e302f32342d3332203d3e20313336373837.roa
File: 34352e3134342e38302e302f32342d3332203d3e20313336373837.roa (raw, json)
Hash identifier: rmALBOEf64ao8Uit4CNfGZJzuFJjupdSKjHsdKmX9c4=
Subject key identifier: 85:D5:6F:33:B9:1A:E4:90:8C:CA:06:00:75:9F:17:41:9C:28:35:BC
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 799E887EEC3882A2A7632E0B71CEA3DBC7747E12
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3134342e38302e302f32342d3332203d3e20313336373837.roa
Signing time: Mon 27 Jan 2025 09:44:47 +0000
ROA not before: Mon 27 Jan 2025 09:39:47 +0000
ROA not after: Mon 26 Jan 2026 09:44:47 +0000
asID: 136787
IP address blocks: 45.144.80.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 15:28:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:9e:88:7e:ec:38:82:a2:a7:63:2e:0b:71:ce:a3:db:c7:74:7e:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Jan 27 09:39:47 2025 GMT
Not After : Jan 26 09:44:47 2026 GMT
Subject: CN=85D56F33B91AE4908CCA0600759F17419C2835BC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:34:e1:5a:4d:d8:e7:e1:d7:32:1f:12:84:21:
7a:0c:eb:2a:6f:62:10:c0:20:dc:0f:5c:73:c9:12:
fc:57:29:6b:06:c0:ab:1e:b4:ab:d0:32:00:69:77:
0f:a1:10:63:ee:a3:a6:84:ec:ee:f2:29:98:53:ba:
8e:3e:72:14:a8:bb:08:63:85:b2:e9:e9:1b:9d:0e:
8b:69:f1:bd:86:a1:12:33:12:e8:8e:e0:c6:a4:2f:
46:cd:05:67:3a:ee:4c:45:9e:ec:c0:f1:69:15:08:
67:b2:b9:77:a9:1f:c2:2b:4f:e4:93:a1:d2:ff:ca:
1e:0d:6b:58:b6:bc:3a:11:04:81:51:fd:0e:a2:b6:
df:be:14:e5:1e:06:98:2b:20:89:04:d3:86:31:97:
e8:0f:7c:b5:95:43:d5:74:cd:25:25:70:44:a5:a2:
e2:f3:92:9f:11:67:96:ce:4c:3e:d9:f8:ab:c3:6b:
7c:40:55:37:ca:ff:ad:a7:fc:3e:bc:ea:17:2b:23:
e1:10:74:12:21:dd:a9:cb:c2:0c:19:73:de:45:0e:
19:1f:35:96:18:6c:72:98:7c:d3:04:1b:4a:ff:6c:
d4:b3:a2:dc:6e:95:d5:50:eb:fb:1f:b4:33:34:12:
16:9c:d1:b6:30:d4:7a:f1:92:7f:1d:bf:90:33:c0:
01:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:D5:6F:33:B9:1A:E4:90:8C:CA:06:00:75:9F:17:41:9C:28:35:BC
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3134342e38302e302f32342d3332203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.80.0/24
Signature Algorithm: sha256WithRSAEncryption
05:25:da:c4:dc:5d:34:e4:44:b6:5f:3c:c9:cf:bf:e8:0a:c6:
fc:1b:9a:6f:12:c8:e8:d4:13:97:2c:da:32:e8:ef:ce:e2:83:
54:c0:46:bc:25:be:d0:78:f3:7d:6c:1b:8b:e8:03:8f:c6:fc:
0a:2d:5d:47:3a:9d:28:66:13:7d:46:b1:e6:b8:b3:4d:d8:2e:
ab:94:68:ad:ae:de:a6:4b:bc:24:f1:a4:94:b4:82:4a:5d:ad:
56:12:4b:09:74:fa:f8:66:70:9c:45:c0:49:59:c2:cb:f0:c0:
46:a8:37:22:2c:c4:56:23:3d:9f:c9:83:14:90:e5:9f:3f:fa:
e7:7e:33:a2:71:d6:0d:01:83:8b:78:39:26:30:21:5b:e0:64:
93:74:ac:ed:8c:a0:65:c6:14:23:e4:18:7f:db:1d:a0:ef:bb:
2a:8d:77:5b:7b:43:2f:e5:fe:4b:8d:76:1d:37:58:bc:c6:fa:
b2:e8:7b:8f:91:1e:db:cc:fb:5d:72:6f:9d:99:f2:9b:d9:70:
c6:47:23:cf:57:ba:64:a9:43:33:c4:d2:08:1c:40:2b:df:6d:
75:2a:c7:d7:71:77:cb:7a:7d:d1:80:e2:83:d7:ce:98:83:42:
23:3a:20:39:88:e6:47:5d:f4:d0:be:9d:97:7f:11:22:0e:0f:
1b:41:51:e8
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUeZ6Ifuw4gqKnYy4Lcc6j28d0fhIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNTAxMjcwOTM5NDdaFw0yNjAxMjYwOTQ0NDdaMDMxMTAvBgNV
BAMTKDg1RDU2RjMzQjkxQUU0OTA4Q0NBMDYwMDc1OUYxNzQxOUMyODM1QkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBNOFaTdjn4dcyHxKEIXoM6ypv
YhDAINwPXHPJEvxXKWsGwKsetKvQMgBpdw+hEGPuo6aE7O7yKZhTuo4+chSouwhj
hbLp6RudDotp8b2GoRIzEuiO4MakL0bNBWc67kxFnuzA8WkVCGeyuXepH8IrT+ST
odL/yh4Na1i2vDoRBIFR/Q6itt++FOUeBpgrIIkE04Yxl+gPfLWVQ9V0zSUlcESl
ouLzkp8RZ5bOTD7Z+KvDa3xAVTfK/62n/D686hcrI+EQdBIh3anLwgwZc95FDhkf
NZYYbHKYfNMEG0r/bNSzotxuldVQ6/sftDM0Ehac0bYw1Hrxkn8dv5AzwAHZAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUhdVvM7ka5JCMygYAdZ8XQZwoNbwwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzQzNTJlMzEzNDM0MmUzODMw
MmUzMDJmMzIzNDJkMzMzMjIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LZBQMA0GCSqGSIb3DQEBCwUAA4IBAQAFJdrE3F005ES2XzzJz7/oCsb8G5pvEsjo
1BOXLNoy6O/O4oNUwEa8Jb7QePN9bBuL6AOPxvwKLV1HOp0oZhN9RrHmuLNN2C6r
lGitrt6mS7wk8aSUtIJKXa1WEksJdPr4ZnCcRcBJWcLL8MBGqDciLMRWIz2fyYMU
kOWfP/rnfjOicdYNAYOLeDkmMCFb4GSTdKztjKBlxhQj5Bh/2x2g77sqjXdbe0Mv
5f5LjXYdN1i8xvqy6HuPkR7bzPtdcm+dmfKb2XDGRyPPV7pkqUMzxNIIHEAr3211
KsfXcXfLen3RgOKD186Yg0IjOiA5iOZHXfTQvp2XfxEiDg8bQVHo
-----END CERTIFICATE-----
Generated at Sat Apr 5 00:12:35 2025 by rpki-client