Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3138322e302f32342d3234203d3e203634323637.roa
File: 3130392e3131302e3138322e302f32342d3234203d3e203634323637.roa (raw, json)
Hash identifier: NQ7f3UTwRAPykvACcOY/bKS3YRMxprnfJoEpneaImL4=
Subject key identifier: 34:C9:DF:A9:04:1A:19:6E:57:67:8A:67:A4:F3:43:A1:2E:F8:5E:3D
Certificate issuer: /CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Certificate serial: 724094EA4820441D7C3B27C10005702E0439165E
Authority key identifier: 7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3138322e302f32342d3234203d3e203634323637.roa
Signing time: Mon 10 Feb 2025 18:53:55 +0000
ROA not before: Mon 10 Feb 2025 18:48:55 +0000
ROA not after: Mon 09 Feb 2026 18:53:55 +0000
asID: 64267
IP address blocks: 109.110.182.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.mft
rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 19:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:40:94:ea:48:20:44:1d:7c:3b:27:c1:00:05:70:2e:04:39:16:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Validity
Not Before: Feb 10 18:48:55 2025 GMT
Not After : Feb 9 18:53:55 2026 GMT
Subject: CN=34C9DFA9041A196E57678A67A4F343A12EF85E3D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:4b:2c:fd:b7:51:d8:77:1e:e0:c6:a8:14:a0:
1e:98:45:b5:ff:92:a4:33:c9:b7:ae:48:a3:96:58:
27:bc:9e:e0:41:ee:2d:b5:7c:bd:bc:ba:bd:24:e2:
f4:31:91:73:ae:f5:67:92:77:44:2f:34:3b:fe:e7:
d6:37:12:03:35:93:f8:a8:2e:c4:bb:5d:20:66:e0:
33:da:23:80:ed:1a:0c:da:09:ff:e1:be:1b:95:01:
66:2c:84:de:87:e8:3f:f0:5a:9e:d6:7f:10:d1:1c:
f7:2a:c1:6c:80:00:b6:67:b8:1b:84:7d:e1:01:7d:
68:7c:0b:16:3b:89:c4:7f:e5:fd:56:5e:7d:0a:34:
ef:99:76:66:bf:79:6b:75:6c:6d:ee:7e:b5:1a:a0:
15:52:98:48:f1:b7:55:3a:a2:ce:e5:15:13:79:c8:
0d:8d:e1:71:b7:62:a2:ad:7a:48:65:db:76:93:46:
bc:bf:80:b7:be:0e:cd:99:ef:b4:6b:80:f9:b8:31:
2c:da:0d:3f:63:67:4f:98:5d:5a:04:51:16:6f:86:
97:b1:d1:52:6c:41:b0:a1:19:8c:36:75:ac:f9:fa:
f0:dd:b6:03:c6:84:7f:1c:6f:6c:8f:c2:f2:da:32:
ba:92:e9:a6:68:e2:8d:ea:90:7c:b9:fe:49:75:d7:
84:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:C9:DF:A9:04:1A:19:6E:57:67:8A:67:A4:F3:43:A1:2E:F8:5E:3D
X509v3 Authority Key Identifier:
keyid:7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3138322e302f32342d3234203d3e203634323637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.110.182.0/24
Signature Algorithm: sha256WithRSAEncryption
42:3b:74:8c:60:c9:23:13:1f:a7:a9:d9:00:cf:e8:a4:d6:aa:
a1:18:ab:5d:4a:24:e8:b7:86:9f:c0:6a:c5:ed:55:4b:1f:14:
7d:fd:b2:a6:7d:44:ab:93:c7:51:76:b8:d0:93:16:23:d7:cd:
63:24:ba:c9:57:54:05:63:68:7e:62:e3:3c:c4:a7:1f:f5:ea:
69:32:12:25:41:31:c8:0f:9e:0f:12:22:54:93:a4:8a:12:18:
ed:47:e1:f6:9f:1d:5c:1c:6e:e4:53:69:26:22:ee:7a:51:a8:
7c:1d:84:11:0c:eb:af:6e:23:33:37:13:56:74:b9:fa:7c:ee:
7f:28:c2:d6:fe:13:e6:63:fd:42:63:45:a6:97:56:dd:a7:8a:
d1:83:20:7f:6b:98:0d:78:1e:8f:db:02:a4:3e:99:80:66:64:
3f:b4:f9:75:cf:fe:be:56:db:47:d5:d2:a8:de:b4:e2:bf:a2:
21:84:f7:03:ac:1d:d0:46:1c:44:c3:46:24:f4:2d:f5:74:09:
42:bf:14:03:fc:50:04:b5:8f:ad:81:76:2d:17:85:e4:db:aa:
7e:14:41:36:2e:8d:8f:86:10:84:c4:77:98:1f:53:df:15:76:
27:4d:10:20:60:d3:2d:53:4a:21:12:29:ff:f4:05:d6:e7:5e:
57:3a:1a:d3
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUckCU6kggRB18OyfBAAVwLgQ5Fl4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2FkZjYzZTM3NWIwYjc4NTA4MWI1OTQ1YjFkMThkOWRl
ODZlMGVmYzAeFw0yNTAyMTAxODQ4NTVaFw0yNjAyMDkxODUzNTVaMDMxMTAvBgNV
BAMTKDM0QzlERkE5MDQxQTE5NkU1NzY3OEE2N0E0RjM0M0ExMkVGODVFM0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpSyz9t1HYdx7gxqgUoB6YRbX/
kqQzybeuSKOWWCe8nuBB7i21fL28ur0k4vQxkXOu9WeSd0QvNDv+59Y3EgM1k/io
LsS7XSBm4DPaI4DtGgzaCf/hvhuVAWYshN6H6D/wWp7WfxDRHPcqwWyAALZnuBuE
feEBfWh8CxY7icR/5f1WXn0KNO+Zdma/eWt1bG3ufrUaoBVSmEjxt1U6os7lFRN5
yA2N4XG3YqKtekhl23aTRry/gLe+Ds2Z77RrgPm4MSzaDT9jZ0+YXVoEURZvhpex
0VJsQbChGYw2daz5+vDdtgPGhH8cb2yPwvLaMrqS6aZo4o3qkHy5/kl114TNAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUNMnfqQQaGW5XZ4pnpPNDoS74Xj0wHwYDVR0j
BBgwFoAUet9j43Wwt4UIG1lFsdGNnehuDvwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQtOTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2Fi
MDAyLzAvN0FERjYzRTM3NUIwQjc4NTA4MUI1OTQ1QjFEMThEOURFODZFMEVGQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2V0OWo0M1d3dDRVSUcxbEZzZEdObmVo
dUR2dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQt
OTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2FiMDAyLzAvMzEzMDM5MmUzMTMxMzAyZTMx
MzgzMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzQzMjM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABtbrYwDQYJKoZIhvcNAQELBQADggEBAEI7dIxgySMTH6ep2QDP6KTWqqEYq11K
JOi3hp/AasXtVUsfFH39sqZ9RKuTx1F2uNCTFiPXzWMkuslXVAVjaH5i4zzEpx/1
6mkyEiVBMcgPng8SIlSTpIoSGO1H4fafHVwcbuRTaSYi7npRqHwdhBEM669uIzM3
E1Z0ufp87n8owtb+E+Zj/UJjRaaXVt2nitGDIH9rmA14Ho/bAqQ+mYBmZD+0+XXP
/r5W20fV0qjetOK/oiGE9wOsHdBGHETDRiT0LfV0CUK/FAP8UAS1j62Bdi0XheTb
qn4UQTYujY+GEITEd5gfU98VdidNECBg0y1TSiESKf/0BdbnXlc6GtM=
-----END CERTIFICATE-----
Generated at Sat Apr 5 05:19:50 2025 by rpki-client