Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3136382e302f32342d3234203d3e2035303635.roa
File: 3130392e3131302e3136382e302f32342d3234203d3e2035303635.roa (raw, json)
Hash identifier: AfMJQ6WsRZnnIvpR7ODaV1wb6XcpQvn1C8e6/TvkYIg=
Subject key identifier: 08:2C:E9:E0:09:25:46:36:65:91:30:03:33:E5:61:C8:D2:6F:34:77
Certificate issuer: /CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Certificate serial: 446830EF726594D29C559CBE08F03693BB4998B2
Authority key identifier: 7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3136382e302f32342d3234203d3e2035303635.roa
Signing time: Tue 11 Mar 2025 04:53:58 +0000
ROA not before: Tue 11 Mar 2025 04:48:58 +0000
ROA not after: Tue 10 Mar 2026 04:53:58 +0000
asID: 5065
IP address blocks: 109.110.168.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.mft
rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 19:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:68:30:ef:72:65:94:d2:9c:55:9c:be:08:f0:36:93:bb:49:98:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Validity
Not Before: Mar 11 04:48:58 2025 GMT
Not After : Mar 10 04:53:58 2026 GMT
Subject: CN=082CE9E0092546366591300333E561C8D26F3477
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:70:f8:9c:32:5a:4c:93:f0:79:7a:3b:06:17:
65:2c:74:50:f3:cc:36:db:56:79:2a:e6:74:4a:90:
83:27:ab:00:a5:9f:53:52:77:99:6a:c0:c7:22:68:
d1:d5:4b:8b:d3:ed:28:ac:ee:54:c4:18:31:2f:bd:
d3:91:54:a0:4a:51:58:3f:b6:c8:55:8b:33:17:7e:
ef:e9:b8:e5:95:11:d1:55:d5:2e:dd:e4:0e:93:f1:
cc:2b:a3:01:42:30:83:74:38:45:2e:e7:c4:0c:9c:
fc:e0:9a:52:c1:a3:ab:b9:3d:a7:3f:57:f3:05:68:
0e:1e:4a:9f:b7:65:1d:4c:9b:06:bc:e6:ac:b2:26:
7f:de:de:9f:e0:5c:1c:d9:10:7f:a5:53:9a:7f:b7:
14:8d:31:31:77:ab:84:73:e0:d6:ee:6d:f0:b4:73:
3e:d9:3f:5a:e2:04:d8:88:fb:04:fc:54:b1:c5:1a:
7e:f3:20:68:64:85:fd:8f:3d:cc:e6:26:30:76:d9:
ab:80:47:25:62:77:de:0c:be:14:92:89:ac:cd:5b:
92:a4:09:c9:e7:98:48:2b:4a:3d:20:62:14:92:b7:
27:a9:f5:16:94:f5:63:d5:f2:bb:b1:34:a6:4d:bc:
9d:5c:06:b1:cb:4d:b0:cd:a5:63:4f:07:1b:88:cb:
c9:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:2C:E9:E0:09:25:46:36:65:91:30:03:33:E5:61:C8:D2:6F:34:77
X509v3 Authority Key Identifier:
keyid:7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3136382e302f32342d3234203d3e2035303635.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.110.168.0/24
Signature Algorithm: sha256WithRSAEncryption
35:1a:0d:17:d0:a0:b5:96:64:69:db:a6:f4:c5:b6:ec:c9:21:
66:1d:50:73:90:34:c0:b4:4f:5f:6b:1a:ef:5a:98:1c:33:6f:
15:21:c9:b5:f8:bf:d0:28:30:66:20:44:0d:46:58:69:bc:bc:
9d:a3:22:04:b5:5c:d3:d7:ac:25:c0:92:8e:79:34:2c:55:2f:
fa:ce:73:d2:22:14:dd:bc:65:9c:a3:fc:08:33:a2:61:f0:ba:
c1:c0:5b:0d:1f:42:a0:2f:fe:6c:52:82:ad:5e:ac:ab:a0:12:
98:92:84:db:49:80:2e:8a:bb:03:dd:b0:16:d2:b3:b7:34:2b:
97:e2:56:ea:d6:2a:02:67:bb:21:f6:4c:8f:ca:f3:5c:49:2e:
00:74:0f:4f:86:20:f7:0c:11:5d:25:8d:ae:71:db:86:71:53:
33:fd:db:61:b7:46:ba:af:ef:fe:a5:1c:d4:16:d9:cc:3a:21:
77:99:81:68:e5:a9:0b:29:46:ce:54:20:29:a7:6a:29:d9:a9:
be:6b:4b:7e:b4:32:b4:75:17:25:c1:f1:fd:48:d8:f3:88:f5:
36:f8:87:16:d1:16:1e:57:3e:4e:74:74:3a:99:b1:72:d8:24:
55:d0:34:7b:2a:de:ff:f7:39:4f:6a:2e:51:36:ae:6e:86:8b:
35:70:aa:15
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIURGgw73JllNKcVZy+CPA2k7tJmLIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2FkZjYzZTM3NWIwYjc4NTA4MWI1OTQ1YjFkMThkOWRl
ODZlMGVmYzAeFw0yNTAzMTEwNDQ4NThaFw0yNjAzMTAwNDUzNThaMDMxMTAvBgNV
BAMTKDA4MkNFOUUwMDkyNTQ2MzY2NTkxMzAwMzMzRTU2MUM4RDI2RjM0NzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCVcPicMlpMk/B5ejsGF2UsdFDz
zDbbVnkq5nRKkIMnqwCln1NSd5lqwMciaNHVS4vT7Sis7lTEGDEvvdORVKBKUVg/
tshVizMXfu/puOWVEdFV1S7d5A6T8cwrowFCMIN0OEUu58QMnPzgmlLBo6u5Pac/
V/MFaA4eSp+3ZR1Mmwa85qyyJn/e3p/gXBzZEH+lU5p/txSNMTF3q4Rz4NbubfC0
cz7ZP1riBNiI+wT8VLHFGn7zIGhkhf2PPczmJjB22auARyVid94MvhSSiazNW5Kk
CcnnmEgrSj0gYhSStyep9RaU9WPV8ruxNKZNvJ1cBrHLTbDNpWNPBxuIy8k3AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUCCzp4AklRjZlkTADM+VhyNJvNHcwHwYDVR0j
BBgwFoAUet9j43Wwt4UIG1lFsdGNnehuDvwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQtOTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2Fi
MDAyLzAvN0FERjYzRTM3NUIwQjc4NTA4MUI1OTQ1QjFEMThEOURFODZFMEVGQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2V0OWo0M1d3dDRVSUcxbEZzZEdObmVo
dUR2dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQt
OTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2FiMDAyLzAvMzEzMDM5MmUzMTMxMzAyZTMx
MzYzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM1MzAzNjM1LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
bW6oMA0GCSqGSIb3DQEBCwUAA4IBAQA1Gg0X0KC1lmRp26b0xbbsySFmHVBzkDTA
tE9faxrvWpgcM28VIcm1+L/QKDBmIEQNRlhpvLydoyIEtVzT16wlwJKOeTQsVS/6
znPSIhTdvGWco/wIM6Jh8LrBwFsNH0KgL/5sUoKtXqyroBKYkoTbSYAuirsD3bAW
0rO3NCuX4lbq1ioCZ7sh9kyPyvNcSS4AdA9PhiD3DBFdJY2ucduGcVMz/dtht0a6
r+/+pRzUFtnMOiF3mYFo5akLKUbOVCApp2op2am+a0t+tDK0dRclwfH9SNjziPU2
+IcW0RYeVz5OdHQ6mbFy2CRV0DR7Kt7/9zlPai5RNq5uhos1cKoV
-----END CERTIFICATE-----
Generated at Sat Apr 5 05:15:03 2025 by rpki-client