Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3139302e302f32332d3234203d3e20323731373939.roa
File: 3130392e3131302e3139302e302f32332d3234203d3e20323731373939.roa (raw, json)
Hash identifier: ooWQ43nIQykyOTXnP1kRPCpOjVHO+i70G6uABXGZroU=
Subject key identifier: 3C:9D:DC:6B:22:3A:F1:3E:47:37:B1:03:EA:F7:0C:48:98:D7:CC:40
Certificate issuer: /CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Certificate serial: 6BEA426BF5F7EF81A4671ABC4FD96B16BE28C32A
Authority key identifier: 7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3139302e302f32332d3234203d3e20323731373939.roa
Signing time: Thu 27 Feb 2025 21:53:55 +0000
ROA not before: Thu 27 Feb 2025 21:48:55 +0000
ROA not after: Thu 26 Feb 2026 21:53:55 +0000
asID: 271799
IP address blocks: 109.110.190.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.mft
rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 19:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:ea:42:6b:f5:f7:ef:81:a4:67:1a:bc:4f:d9:6b:16:be:28:c3:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Validity
Not Before: Feb 27 21:48:55 2025 GMT
Not After : Feb 26 21:53:55 2026 GMT
Subject: CN=3C9DDC6B223AF13E4737B103EAF70C4898D7CC40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:de:aa:82:fc:ba:f4:53:03:c6:e7:39:f0:36:
ed:6f:43:18:ab:57:d1:28:35:6d:d8:ef:09:c3:72:
21:3f:24:9b:08:33:8f:4b:87:a9:03:b0:4a:b3:55:
45:2c:b2:18:e6:0b:47:17:0a:f9:07:1f:be:15:dc:
ed:86:f3:c6:87:23:61:04:1c:0b:98:84:c6:f0:a7:
8e:53:98:eb:a9:77:0b:89:43:85:46:7c:37:6c:b0:
75:9a:26:17:75:af:4b:a6:67:ff:25:32:05:dc:52:
2b:7f:dc:19:45:3f:5b:fe:47:96:fe:89:6f:52:af:
b7:59:cf:96:f3:57:00:bb:c4:38:de:89:42:2a:59:
4e:99:d4:6c:2d:2e:b7:4f:fc:97:98:32:f6:c0:72:
4c:c9:fa:a9:1a:07:49:ea:07:3c:7a:1a:2c:49:9b:
b5:f3:b1:81:78:e9:21:ac:d7:3e:b9:0e:55:8e:25:
a7:dc:af:50:24:37:cd:2f:33:72:2a:fc:3f:2a:fd:
cd:24:d8:31:1a:19:7f:99:27:76:6a:3b:0d:b3:40:
5c:c8:87:0f:45:72:19:96:13:0e:cf:67:cb:13:42:
e2:3d:50:6d:0e:92:a6:11:5a:62:ec:ea:c9:a4:bc:
04:3e:8a:bc:b0:55:01:84:f8:25:ea:ba:c5:72:d0:
17:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:9D:DC:6B:22:3A:F1:3E:47:37:B1:03:EA:F7:0C:48:98:D7:CC:40
X509v3 Authority Key Identifier:
keyid:7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3139302e302f32332d3234203d3e20323731373939.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.110.190.0/23
Signature Algorithm: sha256WithRSAEncryption
7a:1c:68:8b:4a:b3:56:17:3c:6e:b9:a4:2b:ec:12:a8:1c:5a:
cb:1f:b6:0a:9f:9e:cb:66:03:45:1c:06:bc:ff:54:7a:93:37:
c8:5b:c6:12:5f:2f:e9:e4:1f:d0:5d:1d:19:ca:0c:8a:93:b3:
60:9c:ea:04:ed:00:8f:d4:34:dc:97:e6:20:0f:54:94:1c:55:
ef:d9:3a:55:be:6a:4c:c3:57:ca:87:f5:0d:c3:ea:d4:c0:8d:
6d:14:6d:6c:66:b4:ac:a9:e4:e6:52:bb:a9:06:30:88:48:62:
63:24:c1:37:33:67:dd:6a:6b:c9:ef:d9:fc:f6:a0:3e:98:75:
05:39:74:0f:89:0e:2b:ac:29:20:80:b4:35:b7:b9:7b:ce:e6:
b0:d6:b9:cd:f5:c3:7a:0b:17:50:13:f1:be:73:97:04:03:40:
b5:88:9c:0b:15:ba:a1:da:e7:9b:e4:53:4b:50:32:b4:60:6e:
d0:42:c2:81:07:a8:b4:25:9e:18:87:84:c3:97:2d:b2:a4:b0:
82:95:ca:e1:83:69:53:28:d2:34:70:c4:02:13:9d:37:b4:d0:
1a:09:b9:d1:25:79:e8:51:8b:90:93:0d:9e:e0:36:58:41:78:
6f:60:87:99:31:58:f4:49:00:5a:a8:b3:0c:9e:00:b4:ce:2c:
70:1a:8a:11
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUa+pCa/X374GkZxq8T9lrFr4owyowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2FkZjYzZTM3NWIwYjc4NTA4MWI1OTQ1YjFkMThkOWRl
ODZlMGVmYzAeFw0yNTAyMjcyMTQ4NTVaFw0yNjAyMjYyMTUzNTVaMDMxMTAvBgNV
BAMTKDNDOUREQzZCMjIzQUYxM0U0NzM3QjEwM0VBRjcwQzQ4OThEN0NDNDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDF3qqC/Lr0UwPG5znwNu1vQxir
V9EoNW3Y7wnDciE/JJsIM49Lh6kDsEqzVUUsshjmC0cXCvkHH74V3O2G88aHI2EE
HAuYhMbwp45TmOupdwuJQ4VGfDdssHWaJhd1r0umZ/8lMgXcUit/3BlFP1v+R5b+
iW9Sr7dZz5bzVwC7xDjeiUIqWU6Z1GwtLrdP/JeYMvbAckzJ+qkaB0nqBzx6GixJ
m7XzsYF46SGs1z65DlWOJafcr1AkN80vM3Iq/D8q/c0k2DEaGX+ZJ3ZqOw2zQFzI
hw9FchmWEw7PZ8sTQuI9UG0OkqYRWmLs6smkvAQ+irywVQGE+CXqusVy0BflAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUPJ3cayI68T5HN7ED6vcMSJjXzEAwHwYDVR0j
BBgwFoAUet9j43Wwt4UIG1lFsdGNnehuDvwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQtOTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2Fi
MDAyLzAvN0FERjYzRTM3NUIwQjc4NTA4MUI1OTQ1QjFEMThEOURFODZFMEVGQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2V0OWo0M1d3dDRVSUcxbEZzZEdObmVo
dUR2dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQt
OTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2FiMDAyLzAvMzEzMDM5MmUzMTMxMzAyZTMx
MzkzMDJlMzAyZjMyMzMyZDMyMzQyMDNkM2UyMDMyMzczMTM3MzkzOS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAW1uvjANBgkqhkiG9w0BAQsFAAOCAQEAehxoi0qzVhc8brmkK+wSqBxayx+2
Cp+ey2YDRRwGvP9UepM3yFvGEl8v6eQf0F0dGcoMipOzYJzqBO0Aj9Q03JfmIA9U
lBxV79k6Vb5qTMNXyof1DcPq1MCNbRRtbGa0rKnk5lK7qQYwiEhiYyTBNzNn3Wpr
ye/Z/PagPph1BTl0D4kOK6wpIIC0Nbe5e87msNa5zfXDegsXUBPxvnOXBANAtYic
CxW6odrnm+RTS1AytGBu0ELCgQeotCWeGIeEw5ctsqSwgpXK4YNpUyjSNHDEAhOd
N7TQGgm50SV56FGLkJMNnuA2WEF4b2CHmTFY9EkAWqizDJ4AtM4scBqKEQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 05:30:03 2025 by rpki-client