Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/3130392e3233342e3231312e302f32342d3234203d3e203133333335.roa
File: 3130392e3233342e3231312e302f32342d3234203d3e203133333335.roa (raw, json)
Hash identifier: Ej1HuQzuhYe60A2HNErPZLUdfpH5EaYPpZ+PpBEwVxY=
Subject key identifier: 8F:D5:0F:AC:2E:65:69:70:61:D3:93:70:3F:18:A9:DD:EE:08:9B:FD
Certificate issuer: /CN=f768ff6e681858c0ec19f3a93fa1792cd16ceed3
Certificate serial: 713F0E4315D7D6E8E02913DCD31D1C7320C1AD49
Authority key identifier: F7:68:FF:6E:68:18:58:C0:EC:19:F3:A9:3F:A1:79:2C:D1:6C:EE:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/3130392e3233342e3231312e302f32342d3234203d3e203133333335.roa
Signing time: Tue 11 Feb 2025 10:51:14 +0000
ROA not before: Tue 11 Feb 2025 10:46:14 +0000
ROA not after: Tue 10 Feb 2026 10:51:14 +0000
asID: 13335
IP address blocks: 109.234.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/F768FF6E681858C0EC19F3A93FA1792CD16CEED3.crl
rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/F768FF6E681858C0EC19F3A93FA1792CD16CEED3.mft
rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 01:54:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:3f:0e:43:15:d7:d6:e8:e0:29:13:dc:d3:1d:1c:73:20:c1:ad:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f768ff6e681858c0ec19f3a93fa1792cd16ceed3
Validity
Not Before: Feb 11 10:46:14 2025 GMT
Not After : Feb 10 10:51:14 2026 GMT
Subject: CN=8FD50FAC2E65697061D393703F18A9DDEE089BFD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:b5:07:a4:76:6e:e7:08:5a:41:67:c3:99:28:
a0:b7:a1:52:f6:84:82:69:ef:f3:61:87:21:b1:5a:
57:cf:54:a6:03:d9:b6:1d:60:96:ee:8f:e7:a7:a8:
39:7e:a3:e6:0e:60:38:23:bd:7f:9f:e7:3d:03:a1:
28:45:16:a7:19:d8:43:81:9b:1e:03:52:e7:1f:fd:
4d:ce:b2:44:c9:cb:c5:a9:4c:35:9f:9f:76:b8:62:
e4:bc:3f:cb:1f:54:40:0f:99:f1:8c:1c:86:0d:34:
29:28:fc:f1:8d:0b:72:a5:c5:ab:4e:61:5a:7d:a7:
9a:69:41:a0:f6:79:77:0f:59:64:ce:78:03:f0:a3:
83:89:80:ec:91:49:84:45:a4:08:c1:12:6c:57:70:
af:b2:45:cc:22:b0:a9:9f:22:88:22:72:44:d1:63:
21:41:7f:4f:94:d2:87:ae:b9:21:87:e8:5f:d2:bc:
c1:b5:ec:75:c3:60:9d:09:c9:f2:44:c4:a7:30:be:
ca:9e:2c:49:70:34:14:53:4b:3e:f5:23:c4:49:49:
af:f3:ef:c8:66:bd:f5:31:b3:42:a4:4b:7c:e7:96:
b7:99:40:2f:15:03:36:fd:63:54:d6:99:c3:14:d8:
19:22:dd:06:88:10:80:37:6a:87:fe:bb:d3:42:18:
00:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:D5:0F:AC:2E:65:69:70:61:D3:93:70:3F:18:A9:DD:EE:08:9B:FD
X509v3 Authority Key Identifier:
keyid:F7:68:FF:6E:68:18:58:C0:EC:19:F3:A9:3F:A1:79:2C:D1:6C:EE:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/F768FF6E681858C0EC19F3A93FA1792CD16CEED3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/3130392e3233342e3231312e302f32342d3234203d3e203133333335.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.234.211.0/24
Signature Algorithm: sha256WithRSAEncryption
03:12:9b:20:88:33:dd:8d:f5:c5:31:a4:24:9f:e0:09:6a:6d:
93:c4:0d:37:91:fb:fc:4d:77:b7:c7:d5:06:7b:76:21:ba:13:
0f:3c:fa:7e:8d:b5:62:72:85:50:4c:e2:92:a3:17:bb:69:c5:
6d:fd:11:ca:2a:1f:b0:5c:ed:d8:43:20:49:45:c1:f9:3a:1a:
b5:01:aa:34:bd:e5:fb:e2:1c:a4:80:3c:f0:bd:d6:7b:4b:b4:
66:74:d9:3a:ee:cf:14:f0:4b:bf:38:08:3f:94:af:88:11:85:
48:28:47:5b:a0:45:23:7a:e6:31:fc:31:48:65:07:c7:82:cf:
31:6d:8c:33:84:d5:13:a6:02:45:92:0b:0f:f6:60:c2:c0:2b:
23:f6:3a:ab:9f:a3:a1:0f:e3:0b:ce:20:af:42:33:3e:ae:66:
79:77:9f:33:1e:07:47:e2:f4:0e:82:1f:44:e9:d1:cc:64:a7:
9a:2e:ca:50:b4:7b:bf:7d:3f:a6:cf:d6:e1:bd:2b:73:ce:0d:
24:0e:9f:6c:99:ed:a8:b7:e4:d0:09:0a:d0:b0:ec:70:e5:1d:
5a:e1:06:e4:17:2e:1a:93:10:4a:be:89:09:ac:e3:6a:eb:e8:
0b:cd:29:2a:ee:c4:2b:1d:e3:94:9f:b0:4e:90:dc:47:32:59:
ef:0a:f3:bb
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUcT8OQxXX1ujgKRPc0x0ccyDBrUkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZjc2OGZmNmU2ODE4NThjMGVjMTlmM2E5M2ZhMTc5MmNk
MTZjZWVkMzAeFw0yNTAyMTExMDQ2MTRaFw0yNjAyMTAxMDUxMTRaMDMxMTAvBgNV
BAMTKDhGRDUwRkFDMkU2NTY5NzA2MUQzOTM3MDNGMThBOURERUUwODlCRkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCutQekdm7nCFpBZ8OZKKC3oVL2
hIJp7/NhhyGxWlfPVKYD2bYdYJbuj+enqDl+o+YOYDgjvX+f5z0DoShFFqcZ2EOB
mx4DUucf/U3OskTJy8WpTDWfn3a4YuS8P8sfVEAPmfGMHIYNNCko/PGNC3KlxatO
YVp9p5ppQaD2eXcPWWTOeAPwo4OJgOyRSYRFpAjBEmxXcK+yRcwisKmfIogickTR
YyFBf0+U0oeuuSGH6F/SvMG17HXDYJ0JyfJExKcwvsqeLElwNBRTSz71I8RJSa/z
78hmvfUxs0KkS3znlreZQC8VAzb9Y1TWmcMU2Bki3QaIEIA3aof+u9NCGAAPAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUj9UPrC5laXBh05NwPxip3e4Im/0wHwYDVR0j
BBgwFoAU92j/bmgYWMDsGfOpP6F5LNFs7tMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMGNjMDg3MzctOTI2Ny00MDJhLTk5ZDQtN2FhYWZlYTQ0
NGVkLzAvRjc2OEZGNkU2ODE4NThDMEVDMTlGM0E5M0ZBMTc5MkNEMTZDRUVEMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzkyal9ibWdZV01Ec0dmT3BQNkY1TE5G
czd0TS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMGNjMDg3Mzct
OTI2Ny00MDJhLTk5ZDQtN2FhYWZlYTQ0NGVkLzAvMzEzMDM5MmUzMjMzMzQyZTMy
MzEzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzMzMzMzUucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABt6tMwDQYJKoZIhvcNAQELBQADggEBAAMSmyCIM92N9cUxpCSf4AlqbZPEDTeR
+/xNd7fH1QZ7diG6Ew88+n6NtWJyhVBM4pKjF7tpxW39EcoqH7Bc7dhDIElFwfk6
GrUBqjS95fviHKSAPPC91ntLtGZ02TruzxTwS784CD+Ur4gRhUgoR1ugRSN65jH8
MUhlB8eCzzFtjDOE1ROmAkWSCw/2YMLAKyP2Oqufo6EP4wvOIK9CMz6uZnl3nzMe
B0fi9A6CH0Tp0cxkp5ouylC0e799P6bP1uG9K3PODSQOn2yZ7ai35NAJCtCw7HDl
HVrhBuQXLhqTEEq+iQms42rr6AvNKSruxCsd45SfsE6Q3EcyWe8K87s=
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:34:58 2025 by rpki-client