Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3137372e302f32342d3234203d3e2032393134.roa
File: 3130392e3131302e3137372e302f32342d3234203d3e2032393134.roa (raw, json)
Hash identifier: ItqItyoz4FKfFcRk7cHdQ6Yp8jCK9PB/k6zWRpl4QmA=
Subject key identifier: C2:89:56:54:3A:EC:E1:F7:E1:D6:95:CC:C8:34:90:7D:8A:8A:C4:A5
Certificate issuer: /CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Certificate serial: 082BEA8E88CE83DCF9D4713A022908F48C310723
Authority key identifier: 7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3137372e302f32342d3234203d3e2032393134.roa
Signing time: Wed 12 Feb 2025 12:53:55 +0000
ROA not before: Wed 12 Feb 2025 12:48:55 +0000
ROA not after: Wed 11 Feb 2026 12:53:55 +0000
asID: 2914
IP address blocks: 109.110.177.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.mft
rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 19:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:2b:ea:8e:88:ce:83:dc:f9:d4:71:3a:02:29:08:f4:8c:31:07:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Validity
Not Before: Feb 12 12:48:55 2025 GMT
Not After : Feb 11 12:53:55 2026 GMT
Subject: CN=C28956543AECE1F7E1D695CCC834907D8A8AC4A5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:1d:cc:dd:0c:9b:60:25:a3:76:4e:c3:04:4d:
e8:af:05:1b:60:df:dc:eb:09:06:f3:34:1e:ad:c1:
0c:c0:f3:2a:1c:34:00:4b:92:d4:cf:6e:a9:26:4b:
0f:a9:0a:74:f3:70:9b:20:3c:93:b8:81:a1:a2:5e:
aa:62:67:0c:a4:a4:ef:5c:e9:97:13:8d:c8:26:3b:
2f:13:00:3b:ff:ba:cd:46:48:0f:01:bd:8b:e3:f4:
5e:50:f6:b8:5f:b9:a6:6c:51:7a:2a:fd:5e:e3:3b:
14:a7:c2:9c:8d:42:b4:f0:08:c3:0d:55:67:47:12:
90:a9:ec:fa:0a:93:ce:34:00:1d:de:cd:62:21:be:
3f:e2:82:07:c1:03:cd:19:10:e3:2a:b2:92:e6:e8:
f4:3f:bc:b7:e3:ff:f8:09:73:8b:b0:ae:4f:b3:65:
a3:07:83:9f:a0:40:73:38:b1:d4:68:d1:6c:75:0e:
b7:e9:bd:63:f9:44:bf:fa:99:fb:89:7a:1c:6a:2c:
63:ec:91:5e:57:40:ee:59:0a:90:42:44:10:02:46:
23:bf:2a:98:a2:be:dd:a7:58:75:99:46:10:5f:90:
2a:13:7f:cd:f1:55:75:dd:c6:83:1e:2d:95:12:90:
c5:21:11:32:f5:f7:50:e7:bf:5f:41:7a:63:c3:be:
5c:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:89:56:54:3A:EC:E1:F7:E1:D6:95:CC:C8:34:90:7D:8A:8A:C4:A5
X509v3 Authority Key Identifier:
keyid:7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3137372e302f32342d3234203d3e2032393134.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.110.177.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:d5:e1:7a:38:da:db:6d:cc:a7:ed:35:e9:dc:e1:83:78:67:
9c:28:1a:8e:46:ba:76:9f:02:34:4c:53:9d:c0:4f:61:94:19:
66:f1:05:ec:09:aa:a8:ca:fd:1c:54:a9:2e:a6:2a:77:ba:7f:
32:98:fb:81:06:95:96:5c:20:75:f9:d5:17:23:c4:88:4c:c3:
16:3a:20:e2:c1:95:eb:09:d1:ae:b9:5a:33:ac:82:03:40:f9:
45:a2:3f:ad:60:71:76:81:47:33:a8:1d:cb:10:b3:e9:2f:b7:
8c:a2:42:2e:99:1c:c1:6c:3b:4c:3b:fe:75:d2:c8:27:75:84:
cb:cb:3f:3c:0b:a5:c9:95:5e:a0:a5:c5:d3:9d:60:15:12:35:
de:cc:3b:10:20:22:aa:e7:c7:dc:e3:88:8b:7b:56:d7:f6:dd:
61:cf:45:64:bf:c3:4f:92:ce:37:35:0d:6e:c3:d2:53:85:c0:
50:df:76:9c:0e:6a:8e:9d:a6:1a:c9:9c:69:ba:57:16:79:77:
f9:de:a2:b1:68:1b:0b:9f:23:93:ea:9c:a8:b7:de:50:d2:42:
bf:af:f1:46:e2:44:8b:cc:da:59:e1:08:97:7a:31:3b:57:3e:
e3:13:a5:f2:cf:34:a2:da:42:43:6b:b4:fd:32:c3:1b:48:5e:
a7:b2:57:69
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUCCvqjojOg9z51HE6AikI9IwxByMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2FkZjYzZTM3NWIwYjc4NTA4MWI1OTQ1YjFkMThkOWRl
ODZlMGVmYzAeFw0yNTAyMTIxMjQ4NTVaFw0yNjAyMTExMjUzNTVaMDMxMTAvBgNV
BAMTKEMyODk1NjU0M0FFQ0UxRjdFMUQ2OTVDQ0M4MzQ5MDdEOEE4QUM0QTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmHczdDJtgJaN2TsMETeivBRtg
39zrCQbzNB6twQzA8yocNABLktTPbqkmSw+pCnTzcJsgPJO4gaGiXqpiZwykpO9c
6ZcTjcgmOy8TADv/us1GSA8BvYvj9F5Q9rhfuaZsUXoq/V7jOxSnwpyNQrTwCMMN
VWdHEpCp7PoKk840AB3ezWIhvj/iggfBA80ZEOMqspLm6PQ/vLfj//gJc4uwrk+z
ZaMHg5+gQHM4sdRo0Wx1DrfpvWP5RL/6mfuJehxqLGPskV5XQO5ZCpBCRBACRiO/
Kpiivt2nWHWZRhBfkCoTf83xVXXdxoMeLZUSkMUhETL191Dnv19BemPDvlypAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUwolWVDrs4ffh1pXMyDSQfYqKxKUwHwYDVR0j
BBgwFoAUet9j43Wwt4UIG1lFsdGNnehuDvwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQtOTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2Fi
MDAyLzAvN0FERjYzRTM3NUIwQjc4NTA4MUI1OTQ1QjFEMThEOURFODZFMEVGQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2V0OWo0M1d3dDRVSUcxbEZzZEdObmVo
dUR2dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQt
OTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2FiMDAyLzAvMzEzMDM5MmUzMTMxMzAyZTMx
MzczNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzkzMTM0LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
bW6xMA0GCSqGSIb3DQEBCwUAA4IBAQCk1eF6ONrbbcyn7TXp3OGDeGecKBqORrp2
nwI0TFOdwE9hlBlm8QXsCaqoyv0cVKkupip3un8ymPuBBpWWXCB1+dUXI8SITMMW
OiDiwZXrCdGuuVozrIIDQPlFoj+tYHF2gUczqB3LELPpL7eMokIumRzBbDtMO/51
0sgndYTLyz88C6XJlV6gpcXTnWAVEjXezDsQICKq58fc44iLe1bX9t1hz0Vkv8NP
ks43NQ1uw9JThcBQ33acDmqOnaYayZxpulcWeXf53qKxaBsLnyOT6pyot95Q0kK/
r/FG4kSLzNpZ4QiXejE7Vz7jE6XyzzSi2kJDa7T9MsMbSF6nsldp
-----END CERTIFICATE-----
Generated at Sat Apr 5 05:19:57 2025 by rpki-client