Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3139302e302f32332d3233203d3e20323732303733.roa
File: 3130392e3131302e3139302e302f32332d3233203d3e20323732303733.roa (raw, json)
Hash identifier: ZsfrQyZiLQVU7gqryh9YYPtyEAK1zRY/o0pbLAIbm6U=
Subject key identifier: 52:52:7D:49:38:2C:23:75:C6:87:B2:AD:E7:E8:40:FA:6F:B9:AF:EE
Certificate issuer: /CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Certificate serial: 2D79D45835925B3381BB86E181AEA580E35D7CCB
Authority key identifier: 7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3139302e302f32332d3233203d3e20323732303733.roa
Signing time: Sat 22 Mar 2025 22:53:58 +0000
ROA not before: Sat 22 Mar 2025 22:48:58 +0000
ROA not after: Sat 21 Mar 2026 22:53:58 +0000
asID: 272073
IP address blocks: 109.110.190.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.mft
rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 19:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:79:d4:58:35:92:5b:33:81:bb:86:e1:81:ae:a5:80:e3:5d:7c:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Validity
Not Before: Mar 22 22:48:58 2025 GMT
Not After : Mar 21 22:53:58 2026 GMT
Subject: CN=52527D49382C2375C687B2ADE7E840FA6FB9AFEE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:27:32:54:f0:eb:4a:92:f4:0f:0b:c3:9e:02:
f8:80:dc:76:00:fc:c9:07:db:16:cf:88:1e:aa:6f:
7d:aa:4a:22:f1:e5:08:d5:b6:aa:bb:f2:85:01:31:
d8:a2:d9:80:59:62:c9:9c:a4:ec:a7:f0:1b:7e:b4:
b7:35:1b:93:0c:c5:f1:56:c0:4b:7b:a9:28:2a:c3:
8d:91:4b:6b:5c:01:c0:d6:bf:2b:8c:99:74:a6:f4:
60:d3:8e:22:f8:5f:8f:8b:ef:c4:da:62:fd:ba:65:
0d:f1:8d:23:ca:ea:2e:98:e6:82:c8:35:05:60:7f:
3a:fc:cc:d8:a0:af:87:ee:d7:d1:87:b6:c2:ef:ab:
46:60:a9:dd:8f:dd:f2:8c:6e:b7:20:30:8e:06:4c:
93:be:80:91:41:79:6b:1c:12:3c:f1:a4:ed:48:d9:
0a:d2:cb:6d:2e:7e:7c:f3:7b:58:a1:59:23:95:35:
75:33:4f:0b:fd:f4:be:d2:9b:2d:70:d2:d0:b5:a5:
4e:93:e5:65:b5:b9:82:59:ec:55:28:e5:6e:7f:7e:
ac:ea:ec:fd:76:6e:0a:65:6b:91:7b:48:a0:bc:b1:
01:4f:1f:6f:f8:10:14:3d:02:ee:54:f3:de:d3:11:
c8:f5:7a:fa:4e:45:43:29:ce:c7:aa:e8:b6:03:bb:
84:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:52:7D:49:38:2C:23:75:C6:87:B2:AD:E7:E8:40:FA:6F:B9:AF:EE
X509v3 Authority Key Identifier:
keyid:7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3139302e302f32332d3233203d3e20323732303733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.110.190.0/23
Signature Algorithm: sha256WithRSAEncryption
2e:43:8b:d2:84:2d:07:db:1c:2c:b7:72:66:64:46:25:1d:db:
c2:37:1c:2c:15:60:ba:0d:92:97:d0:f6:0e:88:8e:f4:3f:f5:
43:05:78:9a:67:24:fa:09:7e:cf:c6:64:b1:62:7b:88:ad:c7:
6e:9a:e6:5f:69:db:15:e3:fc:61:eb:97:f9:1a:3b:6d:e8:fc:
a9:0e:39:81:b8:19:52:7b:3d:9a:f2:84:99:57:b4:f7:a8:f2:
2e:de:14:67:40:eb:5e:f4:12:e7:92:2e:d9:48:ba:8f:d9:c7:
16:95:03:0c:dc:0d:61:86:4f:87:66:c2:5e:84:5e:59:4f:1c:
3f:7b:95:9e:d9:de:fb:5e:e1:ca:9a:a3:fb:5c:a9:e1:10:c4:
02:83:7a:bc:be:67:68:40:5d:46:dd:33:b3:8d:bd:2d:b2:ba:
f9:3c:4d:d7:8c:6e:65:c7:67:65:35:8a:c8:29:4c:ec:d7:ab:
a5:9c:c5:ab:c9:5e:ad:8b:e5:e5:53:26:65:40:f3:f2:36:4b:
a6:57:a4:f1:23:0b:40:d2:ca:51:45:24:0a:5a:71:6e:eb:56:
67:45:b0:87:a5:8f:2c:c4:59:13:2c:c0:4b:fd:be:db:dd:3d:
ca:3b:cf:a7:8c:70:9e:99:58:58:51:88:5d:b6:55:4a:c0:74:
a4:5b:92:29
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIULXnUWDWSWzOBu4bhga6lgONdfMswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2FkZjYzZTM3NWIwYjc4NTA4MWI1OTQ1YjFkMThkOWRl
ODZlMGVmYzAeFw0yNTAzMjIyMjQ4NThaFw0yNjAzMjEyMjUzNThaMDMxMTAvBgNV
BAMTKDUyNTI3RDQ5MzgyQzIzNzVDNjg3QjJBREU3RTg0MEZBNkZCOUFGRUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6JzJU8OtKkvQPC8OeAviA3HYA
/MkH2xbPiB6qb32qSiLx5QjVtqq78oUBMdii2YBZYsmcpOyn8Bt+tLc1G5MMxfFW
wEt7qSgqw42RS2tcAcDWvyuMmXSm9GDTjiL4X4+L78TaYv26ZQ3xjSPK6i6Y5oLI
NQVgfzr8zNigr4fu19GHtsLvq0Zgqd2P3fKMbrcgMI4GTJO+gJFBeWscEjzxpO1I
2QrSy20ufnzze1ihWSOVNXUzTwv99L7Smy1w0tC1pU6T5WW1uYJZ7FUo5W5/fqzq
7P12bgpla5F7SKC8sQFPH2/4EBQ9Au5U897TEcj1evpORUMpzseq6LYDu4TRAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUUlJ9STgsI3XGh7Kt5+hA+m+5r+4wHwYDVR0j
BBgwFoAUet9j43Wwt4UIG1lFsdGNnehuDvwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQtOTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2Fi
MDAyLzAvN0FERjYzRTM3NUIwQjc4NTA4MUI1OTQ1QjFEMThEOURFODZFMEVGQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2V0OWo0M1d3dDRVSUcxbEZzZEdObmVo
dUR2dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQt
OTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2FiMDAyLzAvMzEzMDM5MmUzMTMxMzAyZTMx
MzkzMDJlMzAyZjMyMzMyZDMyMzMyMDNkM2UyMDMyMzczMjMwMzczMy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAW1uvjANBgkqhkiG9w0BAQsFAAOCAQEALkOL0oQtB9scLLdyZmRGJR3bwjcc
LBVgug2Sl9D2DoiO9D/1QwV4mmck+gl+z8ZksWJ7iK3HbprmX2nbFeP8YeuX+Ro7
bej8qQ45gbgZUns9mvKEmVe096jyLt4UZ0DrXvQS55Iu2Ui6j9nHFpUDDNwNYYZP
h2bCXoReWU8cP3uVntne+17hypqj+1yp4RDEAoN6vL5naEBdRt0zs429LbK6+TxN
14xuZcdnZTWKyClM7NerpZzFq8lerYvl5VMmZUDz8jZLplek8SMLQNLKUUUkClpx
butWZ0Wwh6WPLMRZEyzAS/2+2909yjvPp4xwnplYWFGIXbZVSsB0pFuSKQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 05:22:17 2025 by rpki-client