Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/3130392e3130372e34382e302f32302d3230203d3e203531303539.roa
File: 3130392e3130372e34382e302f32302d3230203d3e203531303539.roa (raw, json)
Hash identifier: VFZuAq39Eq3+auAQ5gu6dgnspNNlfOP6SeCqq8W6XvE=
Subject key identifier: C3:CC:97:5E:AB:8B:A5:DA:4E:54:3E:60:F1:D8:BF:10:F6:DD:CC:E0
Certificate issuer: /CN=4502e63ce01cad239ac397bc2bb5e6c347dceeea
Certificate serial: 19F4B5E7EF623745698D05487937081AE273221D
Authority key identifier: 45:02:E6:3C:E0:1C:AD:23:9A:C3:97:BC:2B:B5:E6:C3:47:DC:EE:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RQLmPOAcrSOaw5e8K7Xmw0fc7uo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/3130392e3130372e34382e302f32302d3230203d3e203531303539.roa
Signing time: Thu 30 Jan 2025 12:27:30 +0000
ROA not before: Thu 30 Jan 2025 12:22:30 +0000
ROA not after: Thu 29 Jan 2026 12:27:30 +0000
asID: 51059
IP address blocks: 109.107.48.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/4502E63CE01CAD239AC397BC2BB5E6C347DCEEEA.crl
rsync://rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/4502E63CE01CAD239AC397BC2BB5E6C347DCEEEA.mft
rsync://rpki.ripe.net/repository/DEFAULT/RQLmPOAcrSOaw5e8K7Xmw0fc7uo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 18:40:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:f4:b5:e7:ef:62:37:45:69:8d:05:48:79:37:08:1a:e2:73:22:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4502e63ce01cad239ac397bc2bb5e6c347dceeea
Validity
Not Before: Jan 30 12:22:30 2025 GMT
Not After : Jan 29 12:27:30 2026 GMT
Subject: CN=C3CC975EAB8BA5DA4E543E60F1D8BF10F6DDCCE0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:13:c9:cd:2d:b4:b5:b3:97:d1:25:6c:b8:ae:
f3:6e:d3:91:5b:86:4c:4a:a3:ca:06:59:26:54:e2:
bc:6c:89:57:a7:38:29:6c:60:a0:72:6a:d0:1c:65:
bb:88:1e:a0:ed:36:e4:fb:b2:b9:f3:67:fb:73:e6:
bf:1e:6e:13:0e:2c:b8:a1:2b:a5:66:77:da:a8:9c:
a5:e0:c5:4b:ab:16:6b:26:b3:8e:17:23:8e:b8:c6:
fb:96:24:c7:59:90:c7:69:45:24:9b:9d:22:d7:70:
2c:d4:62:2c:0d:c5:49:7f:aa:26:d6:cf:ff:e9:67:
fb:b3:f1:33:bf:d7:4f:ca:c9:71:26:2e:59:48:a8:
97:1d:fd:b4:ba:e0:b5:48:0c:4d:09:a0:9c:cf:8d:
8e:88:08:b6:93:90:e8:9b:5d:7c:7d:2a:ea:0f:0e:
f3:25:86:25:23:8b:01:40:3b:ff:0d:f3:8f:66:ea:
17:e7:5f:2a:20:2e:8a:55:b3:e2:1f:7f:e8:c6:1d:
83:d6:a6:04:1a:f9:19:48:dc:52:ac:1b:d3:ba:ec:
55:b7:a9:cc:ab:ea:e3:7c:70:99:88:03:27:16:9d:
50:a2:a8:5d:62:9b:df:ce:e0:92:ad:ce:7c:84:95:
77:6c:ac:0c:5f:7d:58:9f:20:8c:25:73:73:d7:88:
5f:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:CC:97:5E:AB:8B:A5:DA:4E:54:3E:60:F1:D8:BF:10:F6:DD:CC:E0
X509v3 Authority Key Identifier:
keyid:45:02:E6:3C:E0:1C:AD:23:9A:C3:97:BC:2B:B5:E6:C3:47:DC:EE:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/4502E63CE01CAD239AC397BC2BB5E6C347DCEEEA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RQLmPOAcrSOaw5e8K7Xmw0fc7uo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/3130392e3130372e34382e302f32302d3230203d3e203531303539.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.107.48.0/20
Signature Algorithm: sha256WithRSAEncryption
02:92:8a:19:8a:2b:14:1f:57:ec:cf:a1:ab:48:cf:12:c2:7f:
f1:da:aa:d8:a5:70:6d:ad:a8:be:0b:e6:93:64:68:05:09:64:
37:38:c0:9b:3b:c3:3a:8e:30:e9:14:c6:61:0d:12:39:4d:b0:
85:f5:cd:78:85:57:1b:08:70:82:4e:f0:6a:0c:11:45:44:71:
1e:dd:e8:18:6c:5f:00:07:62:8d:fa:1d:ec:00:21:8c:88:53:
58:90:30:39:03:d4:9a:14:46:b1:c8:c0:0e:d9:d9:fa:d7:3c:
7c:c4:5d:3d:c9:fa:2d:3f:b6:0f:7d:19:23:e3:d2:aa:43:5c:
eb:48:3c:75:80:4a:94:38:37:e3:8c:bf:81:80:63:75:33:ec:
d0:fd:a3:9c:fe:22:14:a7:4e:9b:6f:c9:23:29:34:39:28:e2:
8c:af:a9:0e:ca:30:b1:c5:f0:eb:2b:bf:7d:5f:2f:ca:0d:9a:
e4:41:52:60:d3:e9:03:14:fb:2a:bd:53:82:26:97:d0:2e:fb:
ed:d3:96:e4:84:81:e8:72:07:ea:a8:7e:d5:fc:cb:8f:95:7e:
93:5f:9c:51:9d:10:2e:4a:f4:e7:22:e9:92:ff:c3:50:2a:77:
b8:21:f4:da:a5:4e:99:d3:93:b2:7d:5b:fc:62:8b:22:59:b4:
8b:2c:8e:b4
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUGfS15+9iN0VpjQVIeTcIGuJzIh0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUwMmU2M2NlMDFjYWQyMzlhYzM5N2JjMmJiNWU2YzM0
N2RjZWVlYTAeFw0yNTAxMzAxMjIyMzBaFw0yNjAxMjkxMjI3MzBaMDMxMTAvBgNV
BAMTKEMzQ0M5NzVFQUI4QkE1REE0RTU0M0U2MEYxRDhCRjEwRjZERENDRTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpE8nNLbS1s5fRJWy4rvNu05Fb
hkxKo8oGWSZU4rxsiVenOClsYKByatAcZbuIHqDtNuT7srnzZ/tz5r8ebhMOLLih
K6Vmd9qonKXgxUurFmsms44XI464xvuWJMdZkMdpRSSbnSLXcCzUYiwNxUl/qibW
z//pZ/uz8TO/10/KyXEmLllIqJcd/bS64LVIDE0JoJzPjY6ICLaTkOibXXx9KuoP
DvMlhiUjiwFAO/8N849m6hfnXyogLopVs+Iff+jGHYPWpgQa+RlI3FKsG9O67FW3
qcyr6uN8cJmIAycWnVCiqF1im9/O4JKtznyElXdsrAxffVifIIwlc3PXiF+HAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUw8yXXquLpdpOVD5g8di/EPbdzOAwHwYDVR0j
BBgwFoAURQLmPOAcrSOaw5e8K7Xmw0fc7uowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOWRmMzNhNTctN2U0Zi00ODQ0LTg0ZTItYjcxNTNiNTUx
MWI0LzAvNDUwMkU2M0NFMDFDQUQyMzlBQzM5N0JDMkJCNUU2QzM0N0RDRUVFQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JRTG1QT0FjclNPYXc1ZThLN1htdzBm
Yzd1by5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOWRmMzNhNTct
N2U0Zi00ODQ0LTg0ZTItYjcxNTNiNTUxMWI0LzAvMzEzMDM5MmUzMTMwMzcyZTM0
MzgyZTMwMmYzMjMwMmQzMjMwMjAzZDNlMjAzNTMxMzAzNTM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE
bWswMA0GCSqGSIb3DQEBCwUAA4IBAQACkooZiisUH1fsz6GrSM8Swn/x2qrYpXBt
rai+C+aTZGgFCWQ3OMCbO8M6jjDpFMZhDRI5TbCF9c14hVcbCHCCTvBqDBFFRHEe
3egYbF8AB2KN+h3sACGMiFNYkDA5A9SaFEaxyMAO2dn61zx8xF09yfotP7YPfRkj
49KqQ1zrSDx1gEqUODfjjL+BgGN1M+zQ/aOc/iIUp06bb8kjKTQ5KOKMr6kOyjCx
xfDrK799Xy/KDZrkQVJg0+kDFPsqvVOCJpfQLvvt05bkhIHocgfqqH7V/MuPlX6T
X5xRnRAuSvTnIumS/8NQKne4IfTapU6Z05OyfVv8YosiWbSLLI60
-----END CERTIFICATE-----
Generated at Fri Mar 14 12:16:09 2025 by rpki-client