Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/3130332e34392e3133302e302f32342d3234203d3e20313531313036.roa
File: 3130332e34392e3133302e302f32342d3234203d3e20313531313036.roa (raw, json)
Hash identifier: QsVAhyWBBJB99iFgJf1GLSpnrLc3ar0zm6+DEGdyF9U=
Subject key identifier: ED:61:BF:A2:0A:0B:D9:7A:CD:40:61:A4:1A:85:2E:76:CD:8E:5D:DB
Certificate issuer: /CN=c770f43358b97ba0aa9bdc62bbd511e90aeab29d
Certificate serial: 5CD77ECC079566886852B2835D4C711F270167DB
Authority key identifier: C7:70:F4:33:58:B9:7B:A0:AA:9B:DC:62:BB:D5:11:E9:0A:EA:B2:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x3D0M1i5e6Cqm9xiu9UR6Qrqsp0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/3130332e34392e3133302e302f32342d3234203d3e20313531313036.roa
Signing time: Thu 10 Apr 2025 14:26:47 +0000
ROA not before: Thu 10 Apr 2025 14:21:47 +0000
ROA not after: Thu 09 Apr 2026 14:26:47 +0000
asID: 151106
IP address blocks: 103.49.130.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/C770F43358B97BA0AA9BDC62BBD511E90AEAB29D.crl
rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/C770F43358B97BA0AA9BDC62BBD511E90AEAB29D.mft
rsync://rpki.ripe.net/repository/DEFAULT/x3D0M1i5e6Cqm9xiu9UR6Qrqsp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 19 Apr 2025 14:20:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:d7:7e:cc:07:95:66:88:68:52:b2:83:5d:4c:71:1f:27:01:67:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c770f43358b97ba0aa9bdc62bbd511e90aeab29d
Validity
Not Before: Apr 10 14:21:47 2025 GMT
Not After : Apr 9 14:26:47 2026 GMT
Subject: CN=ED61BFA20A0BD97ACD4061A41A852E76CD8E5DDB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:b6:3f:56:10:32:2c:c4:7c:be:ce:a0:57:92:
53:39:38:57:67:7d:4a:13:df:be:27:3d:9b:3b:61:
82:ee:50:e0:ab:f6:54:fb:c6:b8:52:14:b9:11:a8:
1a:43:08:00:ce:13:ea:29:fb:e4:24:df:ba:d2:d7:
5c:20:39:36:bb:41:d8:64:46:b8:46:0e:c8:30:ea:
1e:d3:f7:7a:1c:6a:44:73:83:4b:fe:6b:61:19:ff:
01:f6:ac:96:37:d7:a9:a2:16:d5:68:a8:98:80:16:
a7:af:e0:75:ec:b7:d1:e1:fb:47:64:04:fe:79:a6:
a4:c9:8a:a6:0c:39:ed:54:d9:a0:01:fb:81:ef:44:
0b:c0:f3:e6:ca:3c:05:93:3b:7c:a0:87:47:96:4a:
62:e2:8c:5a:95:7a:89:71:5b:dd:2d:6a:03:8e:b4:
78:b4:05:a5:10:85:25:56:8a:87:83:45:0f:34:46:
1b:9b:f3:0e:ff:89:9f:02:ea:e5:18:35:c5:5e:8b:
23:75:09:26:b3:16:d8:22:83:fd:bc:c9:d3:b8:e2:
70:7b:50:6f:be:15:f4:1c:f3:de:c0:fe:9f:52:53:
8c:eb:28:fc:06:88:84:6b:58:c8:ed:ec:7a:86:87:
ed:dc:ca:97:b2:e1:ba:cf:53:5e:ed:da:72:18:e1:
85:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:61:BF:A2:0A:0B:D9:7A:CD:40:61:A4:1A:85:2E:76:CD:8E:5D:DB
X509v3 Authority Key Identifier:
keyid:C7:70:F4:33:58:B9:7B:A0:AA:9B:DC:62:BB:D5:11:E9:0A:EA:B2:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/C770F43358B97BA0AA9BDC62BBD511E90AEAB29D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x3D0M1i5e6Cqm9xiu9UR6Qrqsp0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/3130332e34392e3133302e302f32342d3234203d3e20313531313036.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.49.130.0/24
Signature Algorithm: sha256WithRSAEncryption
17:64:80:c6:83:ba:49:8f:00:33:95:46:aa:ab:13:1e:b7:7d:
91:6c:f8:7f:f6:de:bb:3e:b1:23:12:6b:d9:64:e9:f6:09:10:
c1:43:37:0c:1e:51:34:7c:78:c8:8d:e9:b3:f5:80:6d:2f:ff:
b5:59:e5:4a:83:83:34:48:c1:6c:02:ad:bc:10:47:75:0f:93:
c9:6a:49:8a:6c:9e:8e:e3:28:5c:db:36:0e:7a:d5:c9:26:98:
20:b8:0a:02:34:66:d8:45:88:23:71:6e:a3:a7:cf:9e:15:f8:
75:bc:8b:b4:d3:11:79:07:a5:cc:53:8e:e4:76:c4:fe:2c:0c:
63:71:4a:04:c6:10:2e:27:46:64:e1:88:68:8e:a7:56:c2:35:
11:25:84:35:d8:1b:e0:c3:da:ec:dc:ae:de:50:1b:cb:82:3d:
8e:90:ae:c6:d2:b0:fa:0e:29:22:48:9e:97:64:bf:05:0e:b7:
82:e1:46:47:2f:ce:8a:3e:74:25:ba:72:39:96:6d:4f:e6:59:
b6:ed:35:4b:e1:6f:d7:61:6f:39:eb:0d:a2:30:40:8d:50:41:
f9:87:e8:50:80:68:00:70:34:60:96:ca:bb:56:ab:97:5b:a7:
c9:13:14:5a:5d:99:79:cb:96:41:76:10:bf:25:74:a8:79:f8:
b1:57:11:76
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUXNd+zAeVZohoUrKDXUxxHycBZ9swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzc3MGY0MzM1OGI5N2JhMGFhOWJkYzYyYmJkNTExZTkw
YWVhYjI5ZDAeFw0yNTA0MTAxNDIxNDdaFw0yNjA0MDkxNDI2NDdaMDMxMTAvBgNV
BAMTKEVENjFCRkEyMEEwQkQ5N0FDRDQwNjFBNDFBODUyRTc2Q0Q4RTVEREIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrtj9WEDIsxHy+zqBXklM5OFdn
fUoT374nPZs7YYLuUOCr9lT7xrhSFLkRqBpDCADOE+op++Qk37rS11wgOTa7Qdhk
RrhGDsgw6h7T93ocakRzg0v+a2EZ/wH2rJY316miFtVoqJiAFqev4HXst9Hh+0dk
BP55pqTJiqYMOe1U2aAB+4HvRAvA8+bKPAWTO3ygh0eWSmLijFqVeolxW90tagOO
tHi0BaUQhSVWioeDRQ80Rhub8w7/iZ8C6uUYNcVeiyN1CSazFtgig/28ydO44nB7
UG++FfQc897A/p9SU4zrKPwGiIRrWMjt7HqGh+3cypey4brPU17t2nIY4YWpAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU7WG/ogoL2XrNQGGkGoUuds2OXdswHwYDVR0j
BBgwFoAUx3D0M1i5e6Cqm9xiu9UR6Qrqsp0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZWFmZWJkYjQtNmYwYi00MDRiLTk4ZTItYTI2YmU5NGE2
NjIwLzAvQzc3MEY0MzM1OEI5N0JBMEFBOUJEQzYyQkJENTExRTkwQUVBQjI5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3gzRDBNMWk1ZTZDcW05eGl1OVVSNlFy
cXNwMC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZWFmZWJkYjQt
NmYwYi00MDRiLTk4ZTItYTI2YmU5NGE2NjIwLzAvMzEzMDMzMmUzNDM5MmUzMTMz
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM1MzEzMTMwMzYucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABnMYIwDQYJKoZIhvcNAQELBQADggEBABdkgMaDukmPADOVRqqrEx63fZFs+H/2
3rs+sSMSa9lk6fYJEMFDNwweUTR8eMiN6bP1gG0v/7VZ5UqDgzRIwWwCrbwQR3UP
k8lqSYpsno7jKFzbNg561ckmmCC4CgI0ZthFiCNxbqOnz54V+HW8i7TTEXkHpcxT
juR2xP4sDGNxSgTGEC4nRmThiGiOp1bCNRElhDXYG+DD2uzcrt5QG8uCPY6QrsbS
sPoOKSJInpdkvwUOt4LhRkcvzoo+dCW6cjmWbU/mWbbtNUvhb9dhbznrDaIwQI1Q
QfmH6FCAaABwNGCWyrtWq5dbp8kTFFpdmXnLlkF2EL8ldKh5+LFXEXY=
-----END CERTIFICATE-----
Generated at Sat Apr 19 00:46:53 2025 by rpki-client