Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3138312e302f32342d3234203d3e203136353039.roa
File: 3130392e3131302e3138312e302f32342d3234203d3e203136353039.roa (raw, json)
Hash identifier: KuUaLRxfKK02P5yDPnpEoXli5oiEW8K8wbEkGXh5bYQ=
Subject key identifier: 2A:FC:76:4D:17:24:A5:61:96:75:23:5D:08:F5:A5:18:0A:A1:04:FB
Certificate issuer: /CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Certificate serial: 79CC584487005BFC2ABC0578A4398D634F69662B
Authority key identifier: 7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3138312e302f32342d3234203d3e203136353039.roa
Signing time: Wed 26 Feb 2025 10:53:55 +0000
ROA not before: Wed 26 Feb 2025 10:48:55 +0000
ROA not after: Wed 25 Feb 2026 10:53:55 +0000
asID: 16509
IP address blocks: 109.110.181.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.mft
rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 16:29:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:cc:58:44:87:00:5b:fc:2a:bc:05:78:a4:39:8d:63:4f:69:66:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Validity
Not Before: Feb 26 10:48:55 2025 GMT
Not After : Feb 25 10:53:55 2026 GMT
Subject: CN=2AFC764D1724A5619675235D08F5A5180AA104FB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:e9:74:e4:b6:c8:ad:27:8d:dd:7d:5e:92:2c:
16:6a:7d:f8:ce:64:22:4a:28:5c:35:ad:7b:ca:2d:
48:7d:6c:95:40:63:5a:23:30:8c:df:1e:24:9c:55:
5c:cb:36:98:3a:96:fa:00:c3:23:32:ff:bf:1d:27:
f0:74:b1:a6:32:a2:17:1e:3f:87:fa:c0:19:d0:32:
8e:c5:31:e6:66:0a:c6:76:c7:59:a9:aa:ba:49:5d:
0d:02:96:fd:5c:d1:f5:c8:20:1c:5f:c9:5d:6f:db:
10:33:9d:7d:d9:59:ae:84:af:70:39:3a:26:3b:bc:
c4:70:98:d5:75:00:a9:ad:c9:6f:27:90:a2:0b:28:
34:31:f3:17:bd:54:e2:77:99:03:19:32:22:37:5a:
91:b2:05:14:52:15:75:12:2c:c9:12:32:6a:12:56:
4f:48:a2:90:ac:76:be:6a:49:e8:33:01:c0:1a:50:
64:ed:a0:ed:5a:c8:d8:b4:c2:05:b8:58:ae:fd:b6:
92:1e:a8:ac:81:13:dd:da:12:0f:ce:4e:51:77:b1:
32:0e:04:ea:b2:1c:b8:a6:39:0e:65:0c:3e:70:9d:
28:fa:04:c0:0a:00:71:f8:e3:5c:43:78:dc:e0:19:
9b:71:25:bf:05:00:1c:17:1c:06:ab:88:3e:b5:7d:
0e:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:FC:76:4D:17:24:A5:61:96:75:23:5D:08:F5:A5:18:0A:A1:04:FB
X509v3 Authority Key Identifier:
keyid:7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3138312e302f32342d3234203d3e203136353039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.110.181.0/24
Signature Algorithm: sha256WithRSAEncryption
35:e9:0b:44:b6:96:cb:fc:5f:7d:45:fa:76:ad:57:ba:1e:ee:
28:10:15:44:1b:95:0c:d3:41:59:10:17:dd:d2:34:56:89:bb:
8e:d5:16:a2:50:c6:15:23:b6:41:4c:7e:da:c8:3d:4d:ee:af:
ae:de:7b:c8:43:8c:3d:d6:ef:69:8a:b1:81:f6:1e:9c:7a:d1:
e6:1e:70:9f:22:c8:80:38:f6:da:28:8e:0d:d4:8c:f3:a9:d7:
64:75:86:c2:94:03:6f:1c:ed:42:6a:5d:b2:8c:60:41:f3:ce:
a1:b6:3f:51:89:57:9d:68:10:70:ba:a4:f8:c8:8f:ef:08:5f:
bc:71:d7:5c:ca:fe:44:c0:5c:f3:8b:64:8f:8a:68:b3:84:86:
b8:04:c6:f9:1b:94:6d:80:2b:29:82:ab:89:b7:51:62:e0:57:
a6:5d:ff:b2:de:49:f2:e8:b4:56:01:9b:41:01:b4:03:60:31:
c4:f0:3e:90:de:50:3c:27:8f:ac:42:32:ed:64:60:40:f6:ac:
82:70:bd:7a:bd:33:1b:14:8c:5a:1a:aa:8c:a0:2d:bb:e1:af:
5b:fa:77:fe:ee:fa:29:f5:58:76:e4:c6:77:86:84:d5:e1:3f:
5a:12:cd:9a:82:f7:37:e3:28:a1:1b:ed:64:93:5c:63:be:68:
ca:8f:0a:c5
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUecxYRIcAW/wqvAV4pDmNY09pZiswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2FkZjYzZTM3NWIwYjc4NTA4MWI1OTQ1YjFkMThkOWRl
ODZlMGVmYzAeFw0yNTAyMjYxMDQ4NTVaFw0yNjAyMjUxMDUzNTVaMDMxMTAvBgNV
BAMTKDJBRkM3NjREMTcyNEE1NjE5Njc1MjM1RDA4RjVBNTE4MEFBMTA0RkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDO6XTktsitJ43dfV6SLBZqffjO
ZCJKKFw1rXvKLUh9bJVAY1ojMIzfHiScVVzLNpg6lvoAwyMy/78dJ/B0saYyohce
P4f6wBnQMo7FMeZmCsZ2x1mpqrpJXQ0Clv1c0fXIIBxfyV1v2xAznX3ZWa6Er3A5
OiY7vMRwmNV1AKmtyW8nkKILKDQx8xe9VOJ3mQMZMiI3WpGyBRRSFXUSLMkSMmoS
Vk9IopCsdr5qSegzAcAaUGTtoO1ayNi0wgW4WK79tpIeqKyBE93aEg/OTlF3sTIO
BOqyHLimOQ5lDD5wnSj6BMAKAHH441xDeNzgGZtxJb8FABwXHAariD61fQ4HAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUKvx2TRckpWGWdSNdCPWlGAqhBPswHwYDVR0j
BBgwFoAUet9j43Wwt4UIG1lFsdGNnehuDvwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQtOTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2Fi
MDAyLzAvN0FERjYzRTM3NUIwQjc4NTA4MUI1OTQ1QjFEMThEOURFODZFMEVGQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2V0OWo0M1d3dDRVSUcxbEZzZEdObmVo
dUR2dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQt
OTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2FiMDAyLzAvMzEzMDM5MmUzMTMxMzAyZTMx
MzgzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzYzNTMwMzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABtbrUwDQYJKoZIhvcNAQELBQADggEBADXpC0S2lsv8X31F+natV7oe7igQFUQb
lQzTQVkQF93SNFaJu47VFqJQxhUjtkFMftrIPU3ur67ee8hDjD3W72mKsYH2Hpx6
0eYecJ8iyIA49toojg3UjPOp12R1hsKUA28c7UJqXbKMYEHzzqG2P1GJV51oEHC6
pPjIj+8IX7xx11zK/kTAXPOLZI+KaLOEhrgExvkblG2AKymCq4m3UWLgV6Zd/7Le
SfLotFYBm0EBtANgMcTwPpDeUDwnj6xCMu1kYED2rIJwvXq9MxsUjFoaqoygLbvh
r1v6d/7u+in1WHbkxneGhNXhP1oSzZqC9zfjKKEb7WSTXGO+aMqPCsU=
-----END CERTIFICATE-----
Generated at Fri Mar 14 05:35:25 2025 by rpki-client