Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/3130392e3233342e3231352e302f32342d3234203d3e20323135323837.roa
File: 3130392e3233342e3231352e302f32342d3234203d3e20323135323837.roa (raw, json)
Hash identifier: 4bOlWuE5C3bj5h/eyw66znCAAqRjkPH8b2NNlo/N1lk=
Subject key identifier: F1:AD:DC:84:FC:00:0C:6A:A5:5B:A9:39:B1:B5:10:F7:C5:C6:72:4F
Certificate issuer: /CN=f768ff6e681858c0ec19f3a93fa1792cd16ceed3
Certificate serial: 1E02EC35E4F2C6A425FC6FE8A775ACBF207A7100
Authority key identifier: F7:68:FF:6E:68:18:58:C0:EC:19:F3:A9:3F:A1:79:2C:D1:6C:EE:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/3130392e3233342e3231352e302f32342d3234203d3e20323135323837.roa
Signing time: Sat 25 Jan 2025 21:58:23 +0000
ROA not before: Sat 25 Jan 2025 21:53:23 +0000
ROA not after: Sat 24 Jan 2026 21:58:23 +0000
asID: 215287
IP address blocks: 109.234.215.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/F768FF6E681858C0EC19F3A93FA1792CD16CEED3.crl
rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/F768FF6E681858C0EC19F3A93FA1792CD16CEED3.mft
rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:02:ec:35:e4:f2:c6:a4:25:fc:6f:e8:a7:75:ac:bf:20:7a:71:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f768ff6e681858c0ec19f3a93fa1792cd16ceed3
Validity
Not Before: Jan 25 21:53:23 2025 GMT
Not After : Jan 24 21:58:23 2026 GMT
Subject: CN=F1ADDC84FC000C6AA55BA939B1B510F7C5C6724F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:1f:d0:65:3d:d5:95:24:e4:b9:90:af:69:4b:
d5:c5:dd:a7:31:3e:7c:4d:cd:78:11:0d:59:dd:3d:
f9:04:f5:33:84:6f:a5:7c:56:a5:4c:d9:99:d3:4c:
27:74:d1:0b:9f:11:61:22:98:d5:50:70:5b:0c:f6:
91:88:b6:d9:d6:2d:d4:1a:c5:99:83:96:ff:16:5d:
f4:5e:71:9a:2c:bc:4d:9c:99:e3:d3:84:4b:c2:40:
a1:8b:00:5e:1a:49:46:24:f8:1b:27:76:14:a5:bd:
07:e9:c7:63:85:bb:86:2a:5b:b5:41:97:27:12:2d:
9c:80:2b:db:4c:7f:41:a8:45:9e:be:7c:b7:8f:b0:
b2:a8:5d:e0:fc:75:79:cd:5c:9e:e7:96:7f:d7:11:
01:01:d6:93:c9:33:ba:a5:4f:8c:e0:9a:69:5f:b2:
77:44:1a:d9:e8:90:fa:40:9e:21:d0:4f:d8:b2:5f:
67:60:27:68:6c:10:5c:e7:72:3a:b2:17:c0:f1:2e:
ac:61:eb:78:b7:24:b3:ab:b7:4c:17:ca:2c:24:14:
59:5c:ec:77:02:fe:6f:cd:c7:7d:e4:e9:6a:03:7d:
fc:dd:24:6f:68:34:e5:aa:2a:73:4a:29:dc:68:61:
01:d3:a6:c6:b8:ab:be:93:39:e7:b1:52:b4:fe:9a:
4c:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:AD:DC:84:FC:00:0C:6A:A5:5B:A9:39:B1:B5:10:F7:C5:C6:72:4F
X509v3 Authority Key Identifier:
keyid:F7:68:FF:6E:68:18:58:C0:EC:19:F3:A9:3F:A1:79:2C:D1:6C:EE:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/F768FF6E681858C0EC19F3A93FA1792CD16CEED3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/3130392e3233342e3231352e302f32342d3234203d3e20323135323837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.234.215.0/24
Signature Algorithm: sha256WithRSAEncryption
20:99:04:19:d0:a8:a1:ec:55:2f:d0:ec:a8:92:32:fb:5a:b8:
e3:9b:12:88:ca:98:29:ce:45:17:f3:8b:29:81:c1:dc:6b:d8:
52:ec:31:e7:be:70:2e:8a:38:44:a9:f0:f4:6d:51:64:72:6c:
7c:be:4f:10:00:cb:02:d7:db:da:f0:1f:40:6c:39:5c:7b:ca:
2c:bb:0a:b7:7e:31:86:80:5f:3b:9c:69:46:57:ca:76:81:3c:
7a:f6:e0:08:96:d5:dc:04:48:d2:30:83:19:af:e3:ee:d9:89:
59:03:9a:dc:a5:e7:32:dc:28:16:29:7d:ed:63:3e:cf:fb:0a:
30:fa:63:ed:0c:17:7f:02:ab:63:4b:47:92:18:64:59:4e:df:
ca:d0:d4:73:3b:fa:6c:19:fe:b7:c8:a0:c5:df:98:b4:77:63:
c7:3e:78:79:01:fb:45:8f:b9:f9:20:36:9a:0d:9f:cd:af:b2:
09:4b:5e:bf:6e:f6:d2:a0:14:d6:b5:fe:dc:b0:fc:d2:c7:51:
58:93:e1:34:df:cd:bc:fd:db:75:ae:d7:42:24:fc:f8:66:f7:
b3:6a:5e:1a:15:71:44:01:12:42:bc:3d:d7:4e:4d:84:9c:77:
59:44:19:75:7e:af:01:0b:3a:57:9f:f0:fa:af:f6:5d:19:6e:
67:65:f1:d6
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUHgLsNeTyxqQl/G/op3WsvyB6cQAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZjc2OGZmNmU2ODE4NThjMGVjMTlmM2E5M2ZhMTc5MmNk
MTZjZWVkMzAeFw0yNTAxMjUyMTUzMjNaFw0yNjAxMjQyMTU4MjNaMDMxMTAvBgNV
BAMTKEYxQUREQzg0RkMwMDBDNkFBNTVCQTkzOUIxQjUxMEY3QzVDNjcyNEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZH9BlPdWVJOS5kK9pS9XF3acx
PnxNzXgRDVndPfkE9TOEb6V8VqVM2ZnTTCd00QufEWEimNVQcFsM9pGIttnWLdQa
xZmDlv8WXfRecZosvE2cmePThEvCQKGLAF4aSUYk+BsndhSlvQfpx2OFu4YqW7VB
lycSLZyAK9tMf0GoRZ6+fLePsLKoXeD8dXnNXJ7nln/XEQEB1pPJM7qlT4zgmmlf
sndEGtnokPpAniHQT9iyX2dgJ2hsEFzncjqyF8DxLqxh63i3JLOrt0wXyiwkFFlc
7HcC/m/Nx33k6WoDffzdJG9oNOWqKnNKKdxoYQHTpsa4q76TOeexUrT+mkwTAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU8a3chPwADGqlW6k5sbUQ98XGck8wHwYDVR0j
BBgwFoAU92j/bmgYWMDsGfOpP6F5LNFs7tMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMGNjMDg3MzctOTI2Ny00MDJhLTk5ZDQtN2FhYWZlYTQ0
NGVkLzAvRjc2OEZGNkU2ODE4NThDMEVDMTlGM0E5M0ZBMTc5MkNEMTZDRUVEMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzkyal9ibWdZV01Ec0dmT3BQNkY1TE5G
czd0TS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMGNjMDg3Mzct
OTI2Ny00MDJhLTk5ZDQtN2FhYWZlYTQ0NGVkLzAvMzEzMDM5MmUzMjMzMzQyZTMy
MzEzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzNTMyMzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAG3q1zANBgkqhkiG9w0BAQsFAAOCAQEAIJkEGdCooexVL9DsqJIy+1q445sS
iMqYKc5FF/OLKYHB3GvYUuwx575wLoo4RKnw9G1RZHJsfL5PEADLAtfb2vAfQGw5
XHvKLLsKt34xhoBfO5xpRlfKdoE8evbgCJbV3ARI0jCDGa/j7tmJWQOa3KXnMtwo
Fil97WM+z/sKMPpj7QwXfwKrY0tHkhhkWU7fytDUczv6bBn+t8igxd+YtHdjxz54
eQH7RY+5+SA2mg2fza+yCUtev2720qAU1rX+3LD80sdRWJPhNN/NvP3bda7XQiT8
+Gb3s2peGhVxRAESQrw9105NhJx3WUQZdX6vAQs6V5/w+q/2XRluZ2Xx1g==
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:01:27 2025 by rpki-client