Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3136372e302f32342d3234203d3e203239383032.roa
File: 3130392e3131302e3136372e302f32342d3234203d3e203239383032.roa (raw, json)
Hash identifier: lOTiTKypTRs5VpOqiX/3ghVzZv8Y/+LsktkeUU7i7xc=
Subject key identifier: 8D:26:D0:61:D4:36:4E:4D:FD:1B:22:84:17:85:51:12:FC:36:15:C1
Certificate issuer: /CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Certificate serial: 09A79840F35A49972B093FEA456B024D285DCFA0
Authority key identifier: 7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3136372e302f32342d3234203d3e203239383032.roa
Signing time: Mon 04 Nov 2024 16:41:56 +0000
ROA not before: Mon 04 Nov 2024 16:36:56 +0000
ROA not after: Mon 03 Nov 2025 16:41:56 +0000
asID: 29802
IP address blocks: 109.110.167.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.mft
rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 05:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:a7:98:40:f3:5a:49:97:2b:09:3f:ea:45:6b:02:4d:28:5d:cf:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Validity
Not Before: Nov 4 16:36:56 2024 GMT
Not After : Nov 3 16:41:56 2025 GMT
Subject: CN=8D26D061D4364E4DFD1B228417855112FC3615C1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:db:10:fd:33:33:0b:97:0b:2c:12:ca:bd:46:
99:81:ad:46:22:8c:8c:ff:75:11:e1:c0:e0:1b:8c:
58:f2:cd:f1:58:71:6d:42:98:1f:c9:6d:40:73:7e:
7f:9e:34:33:49:8f:77:ab:8b:6a:c7:f4:11:a4:f8:
8b:02:af:56:f4:e4:5e:9a:11:fc:b3:a1:6c:e6:28:
e6:29:c8:9b:0e:f4:30:aa:b7:f9:be:34:3a:8a:12:
ac:de:30:a6:d5:8e:17:f9:a4:72:a2:92:9b:ca:11:
71:b2:41:25:85:18:f2:99:35:06:0f:7a:0a:d8:b9:
bc:72:ec:f5:27:48:dc:68:d0:9d:7d:7f:8d:52:56:
94:51:4c:a4:04:60:97:9d:4d:f6:f7:48:61:db:bf:
44:d7:e7:d9:7e:da:01:c8:22:b5:1d:9f:fc:d3:ee:
c6:34:1a:9b:31:27:94:63:66:8e:45:01:6d:86:4c:
57:20:6b:8d:0f:23:d2:93:9f:15:64:6f:e7:7b:a0:
20:e0:f7:f0:90:6e:17:f5:58:69:16:12:85:f1:08:
16:52:fc:fa:79:90:1e:88:fc:ae:14:a9:11:d8:9a:
2c:0e:8f:66:bc:e4:ce:bd:dc:da:03:69:ea:80:6e:
9a:8d:8b:c5:3e:d0:3d:79:d3:f0:83:73:32:66:51:
5d:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:26:D0:61:D4:36:4E:4D:FD:1B:22:84:17:85:51:12:FC:36:15:C1
X509v3 Authority Key Identifier:
keyid:7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3136372e302f32342d3234203d3e203239383032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.110.167.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:61:67:44:8e:18:6f:71:0a:b4:6a:c6:9c:d7:19:f3:f3:ba:
79:f9:6f:bb:7c:d8:a8:9a:23:0d:ad:9e:82:84:75:da:81:f6:
51:e7:02:e0:3d:5d:6f:4e:95:12:c0:1d:87:7d:ec:3c:30:a9:
61:62:42:16:b7:0b:6f:07:64:d6:4f:c8:8c:67:e7:5f:7d:df:
86:06:72:6e:05:b1:64:5a:81:fc:5a:94:6b:9c:ca:80:02:0d:
01:9f:2a:1f:e1:84:4c:b8:8e:fa:b7:5b:86:e1:94:4d:cc:ef:
5e:74:02:a5:cc:24:ed:0f:f8:bc:a8:77:89:d5:3c:0a:74:a9:
20:b8:f0:c5:de:02:d0:c9:8c:60:77:67:39:d4:78:33:bb:8a:
24:0a:56:ce:79:e5:30:d6:55:72:6d:44:b8:8d:5f:55:58:98:
8e:23:e6:29:c3:a3:11:72:c3:73:e7:e0:d1:17:3b:6d:be:42:
9b:15:6d:d7:80:2b:20:f8:f3:c6:1e:dc:2b:fc:4f:61:25:4c:
c8:80:2c:2f:af:e0:e5:e0:8f:9f:3f:bd:e5:d4:27:42:1f:fe:
d1:83:e3:1f:e7:c1:5d:db:f5:16:58:23:a3:d3:38:c2:38:cf:
c5:e3:e7:b8:18:74:97:f4:89:ea:14:c0:4b:5c:d4:33:cf:29:
30:f3:45:cf
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUCaeYQPNaSZcrCT/qRWsCTShdz6AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2FkZjYzZTM3NWIwYjc4NTA4MWI1OTQ1YjFkMThkOWRl
ODZlMGVmYzAeFw0yNDExMDQxNjM2NTZaFw0yNTExMDMxNjQxNTZaMDMxMTAvBgNV
BAMTKDhEMjZEMDYxRDQzNjRFNERGRDFCMjI4NDE3ODU1MTEyRkMzNjE1QzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCT2xD9MzMLlwssEsq9RpmBrUYi
jIz/dRHhwOAbjFjyzfFYcW1CmB/JbUBzfn+eNDNJj3eri2rH9BGk+IsCr1b05F6a
EfyzoWzmKOYpyJsO9DCqt/m+NDqKEqzeMKbVjhf5pHKikpvKEXGyQSWFGPKZNQYP
egrYubxy7PUnSNxo0J19f41SVpRRTKQEYJedTfb3SGHbv0TX59l+2gHIIrUdn/zT
7sY0GpsxJ5RjZo5FAW2GTFcga40PI9KTnxVkb+d7oCDg9/CQbhf1WGkWEoXxCBZS
/Pp5kB6I/K4UqRHYmiwOj2a85M693NoDaeqAbpqNi8U+0D150/CDczJmUV0NAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUjSbQYdQ2Tk39GyKEF4VREvw2FcEwHwYDVR0j
BBgwFoAUet9j43Wwt4UIG1lFsdGNnehuDvwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQtOTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2Fi
MDAyLzAvN0FERjYzRTM3NUIwQjc4NTA4MUI1OTQ1QjFEMThEOURFODZFMEVGQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2V0OWo0M1d3dDRVSUcxbEZzZEdObmVo
dUR2dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQt
OTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2FiMDAyLzAvMzEzMDM5MmUzMTMxMzAyZTMx
MzYzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzkzODMwMzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABtbqcwDQYJKoZIhvcNAQELBQADggEBAC5hZ0SOGG9xCrRqxpzXGfPzunn5b7t8
2KiaIw2tnoKEddqB9lHnAuA9XW9OlRLAHYd97DwwqWFiQha3C28HZNZPyIxn5199
34YGcm4FsWRagfxalGucyoACDQGfKh/hhEy4jvq3W4bhlE3M7150AqXMJO0P+Lyo
d4nVPAp0qSC48MXeAtDJjGB3ZznUeDO7iiQKVs555TDWVXJtRLiNX1VYmI4j5inD
oxFyw3Pn4NEXO22+QpsVbdeAKyD488Ye3Cv8T2ElTMiALC+v4OXgj58/veXUJ0If
/tGD4x/nwV3b9RZYI6PTOMI4z8Xj57gYdJf0ieoUwEtc1DPPKTDzRc8=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:28:18 2025 by rpki-client