Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/3130392e3130372e33322e302f32302d3230203d3e203531303539.roa
File: 3130392e3130372e33322e302f32302d3230203d3e203531303539.roa (raw, json)
Hash identifier: FMr6NQn2E9Bb20nuhrn072KXh7yXRuoKR2xlN3ELfZI=
Subject key identifier: A9:EC:E4:F6:60:98:8B:82:99:30:FD:B6:E4:11:2C:B5:75:38:67:B5
Certificate issuer: /CN=4502e63ce01cad239ac397bc2bb5e6c347dceeea
Certificate serial: 093E24444CDDF90BF51E4CC577BB5CA782E52DBC
Authority key identifier: 45:02:E6:3C:E0:1C:AD:23:9A:C3:97:BC:2B:B5:E6:C3:47:DC:EE:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RQLmPOAcrSOaw5e8K7Xmw0fc7uo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/3130392e3130372e33322e302f32302d3230203d3e203531303539.roa
Signing time: Thu 30 Jan 2025 12:26:44 +0000
ROA not before: Thu 30 Jan 2025 12:21:44 +0000
ROA not after: Thu 29 Jan 2026 12:26:44 +0000
asID: 51059
IP address blocks: 109.107.32.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/4502E63CE01CAD239AC397BC2BB5E6C347DCEEEA.crl
rsync://rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/4502E63CE01CAD239AC397BC2BB5E6C347DCEEEA.mft
rsync://rpki.ripe.net/repository/DEFAULT/RQLmPOAcrSOaw5e8K7Xmw0fc7uo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 18:40:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:3e:24:44:4c:dd:f9:0b:f5:1e:4c:c5:77:bb:5c:a7:82:e5:2d:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4502e63ce01cad239ac397bc2bb5e6c347dceeea
Validity
Not Before: Jan 30 12:21:44 2025 GMT
Not After : Jan 29 12:26:44 2026 GMT
Subject: CN=A9ECE4F660988B829930FDB6E4112CB5753867B5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:6c:82:1e:75:50:be:44:5e:12:6d:a0:8a:3f:
bc:4b:c2:3e:9f:15:56:1e:ed:e1:78:5d:e9:3f:5c:
c4:e1:2e:31:0d:ac:a5:14:fa:7d:92:15:92:1e:d7:
83:30:e2:1d:11:bd:0c:4a:75:30:29:c3:5c:3d:60:
be:df:90:ff:13:fd:51:39:5f:66:1b:d4:7e:fa:b7:
3a:e3:80:1a:bd:66:c1:62:67:d1:8d:61:20:c2:93:
9f:2b:f8:1b:a9:e6:e3:fe:0d:9b:94:17:d8:18:1b:
2f:38:45:cf:66:16:75:1e:33:1f:23:ae:dc:4b:00:
8c:99:5f:67:ac:c3:12:e1:0d:0b:9c:94:28:c4:77:
9a:1f:d8:e8:f7:1f:11:d2:53:fd:c9:94:b5:84:5a:
06:7e:bb:14:ff:73:d4:63:4e:37:4f:16:6c:2a:52:
d7:f4:11:a3:92:ae:03:b8:6a:45:a5:db:cf:c6:41:
e1:78:2a:6a:77:8a:49:34:4f:26:9d:2d:89:8a:4b:
38:3d:52:07:85:0b:92:6b:5e:62:72:00:ee:6f:62:
56:e7:bd:d7:da:22:31:be:8b:2c:0c:0c:32:3a:f4:
f2:2f:2c:73:09:50:c6:0a:ce:29:38:ac:dc:7d:6d:
37:5e:3d:f7:0f:a2:86:0a:71:f9:ea:5e:25:b0:b1:
e3:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:EC:E4:F6:60:98:8B:82:99:30:FD:B6:E4:11:2C:B5:75:38:67:B5
X509v3 Authority Key Identifier:
keyid:45:02:E6:3C:E0:1C:AD:23:9A:C3:97:BC:2B:B5:E6:C3:47:DC:EE:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/4502E63CE01CAD239AC397BC2BB5E6C347DCEEEA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RQLmPOAcrSOaw5e8K7Xmw0fc7uo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/3130392e3130372e33322e302f32302d3230203d3e203531303539.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.107.32.0/20
Signature Algorithm: sha256WithRSAEncryption
51:0c:6c:ee:be:aa:e6:73:1e:ff:ac:2e:8c:45:eb:98:34:a5:
28:1d:49:5a:16:65:0a:23:41:a5:8a:ec:ac:da:ad:d7:0e:d3:
bc:b5:22:45:9b:d7:40:f1:51:4b:78:d8:08:5f:45:04:3c:85:
9d:d1:58:79:ba:41:30:09:05:c9:d2:19:e2:5d:e6:e7:a5:b4:
15:91:4f:17:87:32:33:d5:06:55:cc:37:93:f7:03:eb:be:2e:
7e:93:cb:69:be:29:ca:ea:0a:e7:da:dc:d2:b2:53:b6:8f:01:
45:cb:de:b2:fb:11:36:ce:33:72:30:41:68:46:92:ad:52:83:
5c:76:d5:91:e8:09:bc:3b:0a:d9:f8:89:ad:9e:ff:45:d3:fd:
d9:aa:ad:d2:79:e7:3f:dd:6d:96:b9:54:c7:8a:20:c7:76:35:
04:74:e1:50:4e:91:28:72:b0:d4:f3:00:75:a8:c8:f7:37:d5:
c4:93:92:89:ff:73:65:a2:57:46:83:03:55:f8:81:03:b6:8a:
a7:9f:d7:33:29:3b:f9:04:aa:02:bb:58:1f:9f:2a:7f:88:0a:
e6:15:2d:91:c8:94:5c:0d:44:61:48:a3:ab:91:0e:5c:52:2a:
d9:d0:cc:05:53:ff:0a:56:02:be:e1:6a:e5:3d:6c:97:91:e5:
77:ed:66:b0
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUCT4kREzd+Qv1HkzFd7tcp4LlLbwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUwMmU2M2NlMDFjYWQyMzlhYzM5N2JjMmJiNWU2YzM0
N2RjZWVlYTAeFw0yNTAxMzAxMjIxNDRaFw0yNjAxMjkxMjI2NDRaMDMxMTAvBgNV
BAMTKEE5RUNFNEY2NjA5ODhCODI5OTMwRkRCNkU0MTEyQ0I1NzUzODY3QjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+bIIedVC+RF4SbaCKP7xLwj6f
FVYe7eF4Xek/XMThLjENrKUU+n2SFZIe14Mw4h0RvQxKdTApw1w9YL7fkP8T/VE5
X2Yb1H76tzrjgBq9ZsFiZ9GNYSDCk58r+Bup5uP+DZuUF9gYGy84Rc9mFnUeMx8j
rtxLAIyZX2eswxLhDQuclCjEd5of2Oj3HxHSU/3JlLWEWgZ+uxT/c9RjTjdPFmwq
Utf0EaOSrgO4akWl28/GQeF4Kmp3ikk0TyadLYmKSzg9UgeFC5JrXmJyAO5vYlbn
vdfaIjG+iywMDDI69PIvLHMJUMYKzik4rNx9bTdePfcPooYKcfnqXiWwseMdAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUqezk9mCYi4KZMP225BEstXU4Z7UwHwYDVR0j
BBgwFoAURQLmPOAcrSOaw5e8K7Xmw0fc7uowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOWRmMzNhNTctN2U0Zi00ODQ0LTg0ZTItYjcxNTNiNTUx
MWI0LzAvNDUwMkU2M0NFMDFDQUQyMzlBQzM5N0JDMkJCNUU2QzM0N0RDRUVFQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JRTG1QT0FjclNPYXc1ZThLN1htdzBm
Yzd1by5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOWRmMzNhNTct
N2U0Zi00ODQ0LTg0ZTItYjcxNTNiNTUxMWI0LzAvMzEzMDM5MmUzMTMwMzcyZTMz
MzIyZTMwMmYzMjMwMmQzMjMwMjAzZDNlMjAzNTMxMzAzNTM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE
bWsgMA0GCSqGSIb3DQEBCwUAA4IBAQBRDGzuvqrmcx7/rC6MReuYNKUoHUlaFmUK
I0Gliuys2q3XDtO8tSJFm9dA8VFLeNgIX0UEPIWd0Vh5ukEwCQXJ0hniXebnpbQV
kU8XhzIz1QZVzDeT9wPrvi5+k8tpvinK6grn2tzSslO2jwFFy96y+xE2zjNyMEFo
RpKtUoNcdtWR6Am8OwrZ+Imtnv9F0/3Zqq3Seec/3W2WuVTHiiDHdjUEdOFQTpEo
crDU8wB1qMj3N9XEk5KJ/3NloldGgwNV+IEDtoqnn9czKTv5BKoCu1gfnyp/iArm
FS2RyJRcDURhSKOrkQ5cUirZ0MwFU/8KVgK+4WrlPWyXkeV37Waw
-----END CERTIFICATE-----
Generated at Fri Mar 14 12:16:08 2025 by rpki-client