Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3136312e302f32342d3234203d3e203634323637.roa
File: 3130392e3131302e3136312e302f32342d3234203d3e203634323637.roa (raw, json)
Hash identifier: nnjQDGGJj7OZ4hIG2NjEPz5g0ZMim5awwNILjeSGI08=
Subject key identifier: 0F:B5:AE:4A:35:0E:5B:04:7C:CF:91:46:07:8D:2B:80:E1:6C:F7:32
Certificate issuer: /CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Certificate serial: 584016A2D4D5C4241952057960D53623A996848C
Authority key identifier: 7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3136312e302f32342d3234203d3e203634323637.roa
Signing time: Mon 10 Feb 2025 18:53:55 +0000
ROA not before: Mon 10 Feb 2025 18:48:55 +0000
ROA not after: Mon 09 Feb 2026 18:53:55 +0000
asID: 64267
IP address blocks: 109.110.161.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.mft
rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 19:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:40:16:a2:d4:d5:c4:24:19:52:05:79:60:d5:36:23:a9:96:84:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Validity
Not Before: Feb 10 18:48:55 2025 GMT
Not After : Feb 9 18:53:55 2026 GMT
Subject: CN=0FB5AE4A350E5B047CCF9146078D2B80E16CF732
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:18:5f:f3:25:9b:76:90:e4:09:f8:bc:81:1a:
18:e8:23:4c:72:06:33:f1:9f:52:79:07:0d:6b:35:
26:a1:25:7e:66:2c:e9:28:b9:2a:80:a8:49:b3:1d:
a3:14:01:72:76:4c:14:c1:9a:97:12:66:8e:00:76:
c1:20:be:e2:c6:92:69:2b:11:27:80:0d:63:70:08:
63:63:28:b9:a2:81:ef:88:de:7b:47:8b:88:0b:0c:
f3:31:11:da:90:26:2f:9d:d1:a6:c8:e7:70:47:bb:
a1:97:d0:3c:71:f5:38:72:1a:ad:f9:b5:37:b3:26:
26:cc:d7:9c:c6:25:40:db:43:73:4f:69:16:88:8b:
44:24:67:88:76:dd:0e:ad:aa:78:39:fd:03:81:b7:
d0:95:e6:d3:ad:fe:82:0c:b5:48:9f:c3:9b:d0:a0:
07:4b:ec:b9:e2:ff:4b:f8:ad:3e:6c:00:59:29:23:
0d:ed:17:5c:96:75:74:60:2a:cd:93:a0:2c:44:6a:
04:c6:47:b6:7a:81:41:41:38:9e:97:23:83:52:db:
78:75:ea:d9:a9:23:cd:da:3b:28:b0:25:16:05:a1:
40:6e:d1:6f:32:b9:9e:58:b7:90:f4:ff:13:94:f7:
40:41:4b:29:9d:82:fc:5c:01:25:cd:64:55:af:8e:
de:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:B5:AE:4A:35:0E:5B:04:7C:CF:91:46:07:8D:2B:80:E1:6C:F7:32
X509v3 Authority Key Identifier:
keyid:7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3136312e302f32342d3234203d3e203634323637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.110.161.0/24
Signature Algorithm: sha256WithRSAEncryption
95:33:a1:06:69:86:a7:78:7d:70:b8:8b:c3:e1:3d:10:d4:71:
2d:29:06:62:71:f7:6d:a5:5f:fa:ba:1b:71:e6:31:3e:12:ac:
46:eb:1d:7f:27:76:33:21:16:dc:cb:30:d5:db:01:a6:e3:8c:
19:08:46:97:39:81:0a:30:ce:31:b4:a5:1c:e3:23:5d:0e:c7:
39:85:0f:20:84:18:88:b4:61:0e:16:4c:b6:0d:9f:b6:44:e9:
4a:57:4a:ed:98:a3:a2:c3:3c:36:4d:f3:67:dc:1a:f5:77:98:
fe:e2:ca:de:5e:8a:d8:14:65:fe:c8:ce:22:1f:52:d5:86:9d:
44:1e:55:98:66:32:1e:3c:d4:8a:e3:b6:96:66:b6:0a:1f:c5:
c9:77:20:5f:58:a5:d4:7d:6e:f1:82:36:93:c1:a9:e7:8a:46:
5d:f2:7c:74:d3:30:d5:c5:88:ad:af:2f:43:b7:eb:24:2f:4d:
2c:ba:f7:63:2b:f1:ad:3f:39:4c:a3:27:68:b3:10:4d:07:9d:
94:a9:d8:70:15:ec:e0:0e:a2:08:0f:66:06:c9:44:83:93:0e:
c6:4c:56:ee:a9:a7:a2:b4:04:1d:ef:f1:c7:0b:70:68:78:2c:
c5:55:13:9b:9a:94:43:b2:08:f7:74:b7:c3:d9:45:04:f3:d1:
58:29:03:89
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUWEAWotTVxCQZUgV5YNU2I6mWhIwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2FkZjYzZTM3NWIwYjc4NTA4MWI1OTQ1YjFkMThkOWRl
ODZlMGVmYzAeFw0yNTAyMTAxODQ4NTVaFw0yNjAyMDkxODUzNTVaMDMxMTAvBgNV
BAMTKDBGQjVBRTRBMzUwRTVCMDQ3Q0NGOTE0NjA3OEQyQjgwRTE2Q0Y3MzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCWGF/zJZt2kOQJ+LyBGhjoI0xy
BjPxn1J5Bw1rNSahJX5mLOkouSqAqEmzHaMUAXJ2TBTBmpcSZo4AdsEgvuLGkmkr
ESeADWNwCGNjKLmige+I3ntHi4gLDPMxEdqQJi+d0abI53BHu6GX0Dxx9ThyGq35
tTezJibM15zGJUDbQ3NPaRaIi0QkZ4h23Q6tqng5/QOBt9CV5tOt/oIMtUifw5vQ
oAdL7Lni/0v4rT5sAFkpIw3tF1yWdXRgKs2ToCxEagTGR7Z6gUFBOJ6XI4NS23h1
6tmpI83aOyiwJRYFoUBu0W8yuZ5Yt5D0/xOU90BBSymdgvxcASXNZFWvjt7JAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUD7WuSjUOWwR8z5FGB40rgOFs9zIwHwYDVR0j
BBgwFoAUet9j43Wwt4UIG1lFsdGNnehuDvwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQtOTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2Fi
MDAyLzAvN0FERjYzRTM3NUIwQjc4NTA4MUI1OTQ1QjFEMThEOURFODZFMEVGQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2V0OWo0M1d3dDRVSUcxbEZzZEdObmVo
dUR2dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQt
OTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2FiMDAyLzAvMzEzMDM5MmUzMTMxMzAyZTMx
MzYzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzQzMjM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABtbqEwDQYJKoZIhvcNAQELBQADggEBAJUzoQZphqd4fXC4i8PhPRDUcS0pBmJx
922lX/q6G3HmMT4SrEbrHX8ndjMhFtzLMNXbAabjjBkIRpc5gQowzjG0pRzjI10O
xzmFDyCEGIi0YQ4WTLYNn7ZE6UpXSu2Yo6LDPDZN82fcGvV3mP7iyt5eitgUZf7I
ziIfUtWGnUQeVZhmMh481IrjtpZmtgofxcl3IF9YpdR9bvGCNpPBqeeKRl3yfHTT
MNXFiK2vL0O36yQvTSy692Mr8a0/OUyjJ2izEE0HnZSp2HAV7OAOoggPZgbJRIOT
DsZMVu6pp6K0BB3v8ccLcGh4LMVVE5ualEOyCPd0t8PZRQTz0VgpA4k=
-----END CERTIFICATE-----
Generated at Sat Apr 5 05:20:00 2025 by rpki-client