Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3133302e34332e3132382e302f31382d3138203d3e203432363839.roa
File: 3133302e34332e3132382e302f31382d3138203d3e203432363839.roa (raw, json)
Hash identifier: kioMp9TytZWkA4w7Bb+vK6zLlcAw9k96QF63L2PH1Yc=
Subject key identifier: E7:54:5B:28:B7:19:9A:D1:67:1A:FC:1B:D0:BC:C0:7B:F9:73:CD:20
Certificate issuer: /CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Certificate serial: 392EA95E9DED0C6E08075774C83462D8EF87EDC0
Authority key identifier: 73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3133302e34332e3132382e302f31382d3138203d3e203432363839.roa
Signing time: Tue 18 Feb 2025 11:21:32 +0000
ROA not before: Tue 18 Feb 2025 11:16:32 +0000
ROA not after: Tue 17 Feb 2026 11:21:32 +0000
asID: 42689
IP address blocks: 130.43.128.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.mft
rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 11:25:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:2e:a9:5e:9d:ed:0c:6e:08:07:57:74:c8:34:62:d8:ef:87:ed:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Validity
Not Before: Feb 18 11:16:32 2025 GMT
Not After : Feb 17 11:21:32 2026 GMT
Subject: CN=E7545B28B7199AD1671AFC1BD0BCC07BF973CD20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:7f:c1:a7:de:ad:4e:ef:9a:59:77:de:97:6e:
af:c1:27:2d:2f:f6:54:10:46:13:0e:67:08:ab:d4:
95:5a:6d:57:bc:f4:76:d5:b4:52:1e:ee:6c:c4:03:
d3:a6:2b:cb:6f:8e:08:fb:36:cd:cf:fe:d3:32:26:
ab:78:91:44:56:b0:ca:41:b7:c2:c1:26:25:1f:7f:
43:cc:93:df:f9:de:f8:7d:d0:f1:fe:f6:10:82:26:
dc:b2:86:7b:60:09:10:d3:07:a3:18:3d:75:4a:2d:
3a:52:c3:98:a5:12:36:90:6e:ad:29:5f:c1:3c:a0:
d6:ee:ed:bb:8a:d1:ad:76:2b:fb:db:c3:59:50:c1:
3a:83:81:81:68:34:9f:0c:33:b0:5b:14:cb:50:d2:
40:68:65:10:6c:9e:bf:5d:dd:48:9c:fa:3b:c6:36:
1e:28:0f:26:30:d5:f9:c6:5a:54:e3:23:c4:21:bf:
9b:e8:24:33:03:39:bc:18:af:88:32:de:8e:14:cf:
a1:5a:92:c0:d4:6f:e3:8d:f1:e8:01:ff:51:24:54:
59:9e:b3:21:ff:cc:93:d6:b9:78:1d:88:32:50:ce:
8f:70:5d:fd:46:87:b2:ff:d8:d2:8e:49:84:2b:ff:
42:98:8f:b1:f4:5b:e9:ec:8b:a5:30:64:0c:55:ed:
82:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:54:5B:28:B7:19:9A:D1:67:1A:FC:1B:D0:BC:C0:7B:F9:73:CD:20
X509v3 Authority Key Identifier:
keyid:73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3133302e34332e3132382e302f31382d3138203d3e203432363839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.43.128.0/18
Signature Algorithm: sha256WithRSAEncryption
8a:d8:ff:0d:b0:60:ae:25:02:92:e5:6d:4a:f2:7d:bb:1c:fc:
8e:04:33:2c:7d:9a:d5:d0:bf:69:04:e9:6b:2f:a5:06:f7:a4:
de:aa:2f:8f:3c:a7:37:9a:db:80:0e:70:a4:22:7f:1b:75:73:
20:8c:7c:85:ee:42:db:49:c1:04:6e:bc:84:21:3d:4f:ab:bc:
78:43:38:f4:43:96:e9:55:fb:03:b2:1e:70:41:57:b9:c0:5f:
b7:13:4a:76:fb:2b:e8:71:89:78:4f:f0:40:f9:0d:88:e5:45:
e2:40:51:e0:34:4b:3a:61:ce:6f:13:69:80:1a:3c:06:68:1b:
dd:3f:40:5f:ba:c6:16:1f:e2:78:0d:52:0e:5b:3b:6a:34:6f:
5e:28:90:9d:0c:c7:93:e2:80:3c:7a:7e:03:07:a2:a9:0b:11:
12:fd:29:65:90:ba:f4:2a:6a:cf:23:df:0d:c7:14:d2:46:30:
21:a8:98:3b:aa:84:16:0d:ff:de:1b:48:12:37:08:d4:3a:53:
22:69:fd:24:9d:3f:68:4f:1f:63:24:ca:e5:4b:7d:d2:3f:46:
63:81:ae:0f:5a:25:4d:bf:1e:ca:17:d4:5c:1e:26:8c:5b:8b:
86:45:16:a7:65:8b:7a:42:63:8b:ac:48:ed:24:90:fd:04:fe:
4c:ae:32:db
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUOS6pXp3tDG4IB1d0yDRi2O+H7cAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM1ZDkzNzA2Y2JmNDY4OGNlN2Q2MGZjMGVkNjkzZDRj
YzRhOTMyNjAeFw0yNTAyMTgxMTE2MzJaFw0yNjAyMTcxMTIxMzJaMDMxMTAvBgNV
BAMTKEU3NTQ1QjI4QjcxOTlBRDE2NzFBRkMxQkQwQkNDMDdCRjk3M0NEMjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQf8Gn3q1O75pZd96Xbq/BJy0v
9lQQRhMOZwir1JVabVe89HbVtFIe7mzEA9OmK8tvjgj7Ns3P/tMyJqt4kURWsMpB
t8LBJiUff0PMk9/53vh90PH+9hCCJtyyhntgCRDTB6MYPXVKLTpSw5ilEjaQbq0p
X8E8oNbu7buK0a12K/vbw1lQwTqDgYFoNJ8MM7BbFMtQ0kBoZRBsnr9d3Uic+jvG
Nh4oDyYw1fnGWlTjI8Qhv5voJDMDObwYr4gy3o4Uz6FaksDUb+ON8egB/1EkVFme
syH/zJPWuXgdiDJQzo9wXf1Gh7L/2NKOSYQr/0KYj7H0W+nsi6UwZAxV7YJNAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU51RbKLcZmtFnGvwb0LzAe/lzzSAwHwYDVR0j
BBgwFoAUc12TcGy/RojOfWD8DtaT1MxKkyYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmU2ZGE1YzctNjcwYS00MWIxLTk2ZWItMzg5OTM4OGIy
OTJjLzAvNzM1RDkzNzA2Q0JGNDY4OENFN0Q2MEZDMEVENjkzRDRDQzRBOTMyNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxMlRjR3lfUm9qT2ZXRDhEdGFUMU14
S2t5WS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmU2ZGE1Yzct
NjcwYS00MWIxLTk2ZWItMzg5OTM4OGIyOTJjLzAvMzEzMzMwMmUzNDMzMmUzMTMy
MzgyZTMwMmYzMTM4MmQzMTM4MjAzZDNlMjAzNDMyMzYzODM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQG
giuAMA0GCSqGSIb3DQEBCwUAA4IBAQCK2P8NsGCuJQKS5W1K8n27HPyOBDMsfZrV
0L9pBOlrL6UG96Teqi+PPKc3mtuADnCkIn8bdXMgjHyF7kLbScEEbryEIT1Pq7x4
Qzj0Q5bpVfsDsh5wQVe5wF+3E0p2+yvocYl4T/BA+Q2I5UXiQFHgNEs6Yc5vE2mA
GjwGaBvdP0BfusYWH+J4DVIOWztqNG9eKJCdDMeT4oA8en4DB6KpCxES/SllkLr0
KmrPI98NxxTSRjAhqJg7qoQWDf/eG0gSNwjUOlMiaf0knT9oTx9jJMrlS33SP0Zj
ga4PWiVNvx7KF9RcHiaMW4uGRRanZYt6QmOLrEjtJJD9BP5MrjLb
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:32:10 2025 by rpki-client