Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3137352e302f32342d3234203d3e20323134303833.roa
File: 3130392e3131302e3137352e302f32342d3234203d3e20323134303833.roa (raw, json)
Hash identifier: DSVE2t91a5Qi+03Y1P4aXBV6BNT/DMEWAcc0zxY1A3E=
Subject key identifier: 0C:D8:E8:2D:B5:22:0E:11:49:77:9B:BF:73:CD:CA:FE:29:38:28:0F
Certificate issuer: /CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Certificate serial: F1ED67D929005F5F597DF9DE66BB12BE988CC8
Authority key identifier: 7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3137352e302f32342d3234203d3e20323134303833.roa
Signing time: Sun 08 Dec 2024 10:44:05 +0000
ROA not before: Sun 08 Dec 2024 10:39:05 +0000
ROA not after: Sun 07 Dec 2025 10:44:05 +0000
asID: 214083
IP address blocks: 109.110.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.mft
rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 19:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
f1:ed:67:d9:29:00:5f:5f:59:7d:f9:de:66:bb:12:be:98:8c:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Validity
Not Before: Dec 8 10:39:05 2024 GMT
Not After : Dec 7 10:44:05 2025 GMT
Subject: CN=0CD8E82DB5220E1149779BBF73CDCAFE2938280F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:c5:16:0c:ad:7d:18:65:ee:be:c4:80:17:c2:
71:5b:d0:dd:6d:cd:61:9f:15:04:03:1b:2b:b3:bf:
93:d1:ba:86:8d:1e:1b:8a:49:10:5f:89:49:b9:cf:
49:c4:51:6d:2f:cc:12:f1:1b:37:47:83:e8:3e:a1:
2f:5d:7e:45:43:db:32:2c:12:d1:4b:fd:17:e4:67:
f9:ac:f9:28:13:7c:ac:38:49:e4:a2:66:d8:a7:92:
2d:0b:a2:54:b6:ab:53:0b:e7:3c:40:19:cc:dd:5d:
9f:39:35:c3:3e:88:96:60:5e:ce:98:ed:db:5d:fd:
18:16:0f:e7:a6:33:bf:3e:f1:4f:ac:3e:69:e4:d9:
ac:91:2f:58:13:38:06:9c:1e:27:fb:38:5f:db:44:
9c:9e:73:0b:6c:c7:9d:78:15:5e:50:7e:c0:fe:34:
4f:df:52:3f:05:0b:52:70:1d:94:ad:3f:60:83:ce:
ec:85:4f:4f:ba:04:34:1d:08:06:65:e1:cf:7b:4c:
4a:45:89:17:71:4b:1a:4a:d3:0f:c6:1f:28:c4:95:
9d:56:eb:29:47:14:7a:dd:72:32:48:1c:db:d9:ee:
a8:39:88:1d:57:b2:55:4e:36:cd:b5:f2:4f:f1:d6:
4a:c6:a5:6b:ae:02:36:47:e2:39:7d:42:a9:2c:7e:
19:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:D8:E8:2D:B5:22:0E:11:49:77:9B:BF:73:CD:CA:FE:29:38:28:0F
X509v3 Authority Key Identifier:
keyid:7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3137352e302f32342d3234203d3e20323134303833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.110.175.0/24
Signature Algorithm: sha256WithRSAEncryption
92:f5:b5:3a:1b:89:a3:8e:f7:59:df:ea:24:33:12:a0:5f:eb:
bb:d6:21:5b:3e:2d:f7:8c:e0:ec:6c:e8:e9:00:6d:5c:6b:94:
a6:4d:04:ba:5d:0b:c9:94:58:b3:a0:df:7d:34:e4:ca:d3:7d:
84:86:07:cd:a3:80:90:45:b4:d3:26:9c:38:77:5b:b8:fc:e9:
57:a7:f2:85:33:f7:da:c9:00:45:d8:bf:01:64:b2:58:52:cf:
07:5b:24:b4:7e:ad:a5:33:3c:44:e4:33:75:f1:f2:b9:a3:90:
2c:39:26:2e:81:4b:5d:6e:3d:65:a3:a6:d1:b2:cd:de:b9:75:
33:50:be:2a:98:e5:de:21:c4:ee:34:99:29:84:7e:3a:44:61:
06:75:4c:50:34:f9:14:0f:0d:19:8b:8f:ed:e5:bd:d2:f2:54:
13:ee:04:38:99:4b:4e:8f:42:42:9a:29:08:96:0f:aa:e4:99:
9c:55:e0:6d:23:2e:be:86:4b:3d:9d:b4:7a:f4:a2:59:6e:dd:
79:81:35:aa:af:b2:36:54:8c:4d:ce:46:9a:d3:35:cf:b4:15:
e9:26:70:70:43:e4:32:8c:37:4f:44:55:c1:b2:dd:bd:ae:50:
9a:41:6b:1a:0b:88:74:2b:32:20:12:3f:63:47:d6:9c:04:a2:
23:bd:f4:d2
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUAPHtZ9kpAF9fWX353ma7Er6YjMgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2FkZjYzZTM3NWIwYjc4NTA4MWI1OTQ1YjFkMThkOWRl
ODZlMGVmYzAeFw0yNDEyMDgxMDM5MDVaFw0yNTEyMDcxMDQ0MDVaMDMxMTAvBgNV
BAMTKDBDRDhFODJEQjUyMjBFMTE0OTc3OUJCRjczQ0RDQUZFMjkzODI4MEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCUxRYMrX0YZe6+xIAXwnFb0N1t
zWGfFQQDGyuzv5PRuoaNHhuKSRBfiUm5z0nEUW0vzBLxGzdHg+g+oS9dfkVD2zIs
EtFL/RfkZ/ms+SgTfKw4SeSiZtinki0LolS2q1ML5zxAGczdXZ85NcM+iJZgXs6Y
7dtd/RgWD+emM78+8U+sPmnk2ayRL1gTOAacHif7OF/bRJyecwtsx514FV5QfsD+
NE/fUj8FC1JwHZStP2CDzuyFT0+6BDQdCAZl4c97TEpFiRdxSxpK0w/GHyjElZ1W
6ylHFHrdcjJIHNvZ7qg5iB1XslVONs218k/x1krGpWuuAjZH4jl9Qqksfhl9AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUDNjoLbUiDhFJd5u/c83K/ik4KA8wHwYDVR0j
BBgwFoAUet9j43Wwt4UIG1lFsdGNnehuDvwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQtOTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2Fi
MDAyLzAvN0FERjYzRTM3NUIwQjc4NTA4MUI1OTQ1QjFEMThEOURFODZFMEVGQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2V0OWo0M1d3dDRVSUcxbEZzZEdObmVo
dUR2dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQt
OTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2FiMDAyLzAvMzEzMDM5MmUzMTMxMzAyZTMx
MzczNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzNDMwMzgzMy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAG1urzANBgkqhkiG9w0BAQsFAAOCAQEAkvW1OhuJo473Wd/qJDMSoF/ru9Yh
Wz4t94zg7Gzo6QBtXGuUpk0Eul0LyZRYs6DffTTkytN9hIYHzaOAkEW00yacOHdb
uPzpV6fyhTP32skARdi/AWSyWFLPB1sktH6tpTM8ROQzdfHyuaOQLDkmLoFLXW49
ZaOm0bLN3rl1M1C+Kpjl3iHE7jSZKYR+OkRhBnVMUDT5FA8NGYuP7eW90vJUE+4E
OJlLTo9CQpopCJYPquSZnFXgbSMuvoZLPZ20evSiWW7deYE1qq+yNlSMTc5GmtM1
z7QV6SZwcEPkMow3T0RVwbLdva5QmkFrGguIdCsyIBI/Y0fWnASiI7300g==
-----END CERTIFICATE-----
Generated at Sat Apr 5 05:29:55 2025 by rpki-client