Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3134342e38332e302f32342d3332203d3e20313336373837.roa
File: 34352e3134342e38332e302f32342d3332203d3e20313336373837.roa (raw, json)
Hash identifier: tc9XvV4C1swt9ppPoMVZIxIdhzO0qr3SxTdxXtRHlUM=
Subject key identifier: 78:B0:14:A0:97:89:33:0D:2D:BE:81:84:18:12:70:E7:C2:04:6E:99
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 4BB8346C14307462C794030AC4E61309113360D4
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3134342e38332e302f32342d3332203d3e20313336373837.roa
Signing time: Mon 27 Jan 2025 09:44:50 +0000
ROA not before: Mon 27 Jan 2025 09:39:50 +0000
ROA not after: Mon 26 Jan 2026 09:44:50 +0000
asID: 136787
IP address blocks: 45.144.83.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 14:33:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:b8:34:6c:14:30:74:62:c7:94:03:0a:c4:e6:13:09:11:33:60:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Jan 27 09:39:50 2025 GMT
Not After : Jan 26 09:44:50 2026 GMT
Subject: CN=78B014A09789330D2DBE8184181270E7C2046E99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:c9:81:5e:39:9c:63:46:3f:62:fc:75:87:24:
a6:1a:24:00:18:ec:5a:85:05:be:03:ef:d5:0a:a6:
e5:d5:06:ba:52:b0:24:8b:f4:bb:f0:dd:00:92:58:
26:0e:da:f3:0b:e8:95:7d:0c:8d:52:6f:fd:77:ab:
d1:21:a6:07:1c:da:40:31:2c:fd:ab:05:1d:1d:42:
e7:6d:16:af:b2:35:f2:c8:22:a4:dd:62:ee:df:03:
80:1c:70:c3:7f:df:49:80:0f:48:b4:ec:cc:b9:8d:
2c:9a:5f:81:ff:75:bc:e9:30:d5:39:ab:58:a9:22:
68:b7:d8:10:f3:8d:fd:28:8d:88:b7:fc:ff:ca:26:
98:48:bc:c7:a0:bb:3d:3c:70:5e:b5:24:0e:15:d4:
9c:b7:c2:f3:2b:b2:a1:97:fd:55:fe:2a:de:00:cd:
ef:67:58:30:d3:e7:f3:5a:27:e4:5d:85:c2:6e:06:
c7:ea:3d:72:ab:8c:14:25:f5:09:b9:7f:fc:54:ce:
3e:34:e6:98:5d:fb:9f:0e:bd:e6:20:c6:43:67:7b:
48:6b:01:6a:ce:4a:89:a7:9f:72:1a:b7:37:56:bd:
92:7f:c6:cb:27:19:e8:03:19:8f:75:26:92:a8:f7:
b0:95:e6:cb:ee:83:3c:63:af:95:97:2a:9b:16:8e:
63:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:B0:14:A0:97:89:33:0D:2D:BE:81:84:18:12:70:E7:C2:04:6E:99
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3134342e38332e302f32342d3332203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.83.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:95:ae:89:0f:11:0b:26:b7:ad:b1:3b:6f:48:22:3f:00:6c:
9d:7d:2b:ca:23:03:81:c1:9b:c8:db:b4:59:d6:d1:57:59:13:
fc:1f:45:03:e1:31:9b:ca:d2:77:e1:bb:05:7d:3b:84:26:b4:
dc:ef:20:76:98:b1:c6:cd:bd:b6:9d:ae:be:27:9e:7d:8d:9b:
b4:0c:46:e2:71:74:0a:97:14:44:f8:97:a7:24:3d:94:d9:e0:
a0:f6:50:d3:d5:e3:64:12:3a:90:3e:7c:02:5f:3e:63:24:cc:
aa:33:58:9d:1b:7d:de:e9:50:cb:b4:21:44:ca:3b:8e:81:5e:
4f:34:09:d1:58:6b:31:5e:7e:d7:b4:61:a7:ce:16:8d:bf:8e:
48:4b:86:27:42:8b:11:e4:5c:64:1b:9e:bc:e8:bf:83:4a:65:
0d:4c:42:26:2e:42:fe:a6:b5:b8:d5:34:c2:d2:0f:cc:83:ef:
b7:d2:6a:81:ab:60:fd:26:77:74:8b:56:7f:cb:0d:8e:68:ef:
89:ef:c4:03:8f:28:f9:f4:35:87:f6:52:85:bd:68:47:c1:eb:
3b:3e:ea:c8:10:87:fb:2b:3f:c5:82:94:6a:30:9b:dc:a6:0e:
11:ac:a8:81:1f:e2:a1:44:a1:6e:f6:48:86:e3:90:0b:40:cf:
4a:01:26:f0
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUS7g0bBQwdGLHlAMKxOYTCREzYNQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNTAxMjcwOTM5NTBaFw0yNjAxMjYwOTQ0NTBaMDMxMTAvBgNV
BAMTKDc4QjAxNEEwOTc4OTMzMEQyREJFODE4NDE4MTI3MEU3QzIwNDZFOTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEyYFeOZxjRj9i/HWHJKYaJAAY
7FqFBb4D79UKpuXVBrpSsCSL9Lvw3QCSWCYO2vML6JV9DI1Sb/13q9Ehpgcc2kAx
LP2rBR0dQudtFq+yNfLIIqTdYu7fA4AccMN/30mAD0i07My5jSyaX4H/dbzpMNU5
q1ipImi32BDzjf0ojYi3/P/KJphIvMeguz08cF61JA4V1Jy3wvMrsqGX/VX+Kt4A
ze9nWDDT5/NaJ+RdhcJuBsfqPXKrjBQl9Qm5f/xUzj405phd+58OveYgxkNne0hr
AWrOSomnn3IatzdWvZJ/xssnGegDGY91JpKo97CV5svugzxjr5WXKpsWjmP7AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUeLAUoJeJMw0tvoGEGBJw58IEbpkwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzQzNTJlMzEzNDM0MmUzODMz
MmUzMDJmMzIzNDJkMzMzMjIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LZBTMA0GCSqGSIb3DQEBCwUAA4IBAQBsla6JDxELJretsTtvSCI/AGydfSvKIwOB
wZvI27RZ1tFXWRP8H0UD4TGbytJ34bsFfTuEJrTc7yB2mLHGzb22na6+J559jZu0
DEbicXQKlxRE+JenJD2U2eCg9lDT1eNkEjqQPnwCXz5jJMyqM1idG33e6VDLtCFE
yjuOgV5PNAnRWGsxXn7XtGGnzhaNv45IS4YnQosR5FxkG5686L+DSmUNTEImLkL+
prW41TTC0g/Mg++30mqBq2D9Jnd0i1Z/yw2OaO+J78QDjyj59DWH9lKFvWhHwes7
PurIEIf7Kz/FgpRqMJvcpg4RrKiBH+KhRKFu9kiG45ALQM9KASbw
-----END CERTIFICATE-----
Generated at Wed Apr 9 06:28:15 2025 by rpki-client