Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3139302e302f32332d3234203d3e20323732393632.roa
File: 3130392e3131302e3139302e302f32332d3234203d3e20323732393632.roa (raw, json)
Hash identifier: kI/xgNoB5MHRNC1q4FQuHhRzEGwZIbO6HiQsDCtRz8U=
Subject key identifier: 6B:5A:E2:81:9B:E0:1D:4F:1C:40:33:1E:6B:2A:56:17:64:03:63:1B
Certificate issuer: /CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Certificate serial: 4992453EDF4FDF1920DCDA32EF1CC9D7CEB47B87
Authority key identifier: 7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3139302e302f32332d3234203d3e20323732393632.roa
Signing time: Sun 16 Mar 2025 10:53:58 +0000
ROA not before: Sun 16 Mar 2025 10:48:58 +0000
ROA not after: Sun 15 Mar 2026 10:53:58 +0000
asID: 272962
IP address blocks: 109.110.190.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.mft
rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 19:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:92:45:3e:df:4f:df:19:20:dc:da:32:ef:1c:c9:d7:ce:b4:7b:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Validity
Not Before: Mar 16 10:48:58 2025 GMT
Not After : Mar 15 10:53:58 2026 GMT
Subject: CN=6B5AE2819BE01D4F1C40331E6B2A56176403631B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:66:c8:02:ff:3e:f8:54:b9:5e:fe:fc:e0:b7:
af:10:98:36:3a:80:e4:e0:b7:cc:2f:5a:a6:59:85:
5f:d3:65:88:43:67:e2:a7:9a:24:dd:8d:02:38:e3:
25:5a:c5:23:70:a9:eb:8b:07:24:3e:7b:af:6b:26:
b0:ab:db:0d:53:c7:44:27:66:c6:6d:22:5b:ff:e6:
9a:77:74:9c:bd:81:19:f4:05:2b:53:7d:81:82:11:
cf:71:1f:bb:f7:1c:0c:f0:7a:c3:22:4b:69:a9:1d:
01:92:44:f6:46:1e:5b:e3:e2:02:7c:80:a5:42:d6:
f3:ff:8f:23:4d:a4:75:7d:de:e9:0a:4e:3d:3f:c5:
c9:88:c8:f4:a5:11:83:10:1e:cc:08:4a:b0:63:4b:
e4:a8:4a:2b:06:87:6a:0d:04:be:fc:b9:15:4c:43:
95:c8:1e:99:ec:c6:ae:01:7f:42:33:b0:d5:c1:4d:
32:52:4f:ab:a2:74:6c:a8:da:e4:19:bd:30:ba:99:
8d:94:5f:b0:ff:27:29:7b:4e:73:7a:07:ee:7b:98:
1c:ab:96:ab:ba:96:4d:cd:b8:15:06:9e:ad:04:c9:
aa:ce:37:d0:73:e4:a8:cf:69:c5:88:c0:9e:cc:65:
0b:75:0f:fd:c9:76:9a:41:86:3a:71:44:55:f5:25:
9d:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:5A:E2:81:9B:E0:1D:4F:1C:40:33:1E:6B:2A:56:17:64:03:63:1B
X509v3 Authority Key Identifier:
keyid:7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3139302e302f32332d3234203d3e20323732393632.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.110.190.0/23
Signature Algorithm: sha256WithRSAEncryption
ac:10:bb:2a:86:20:26:77:ad:3c:fa:bf:9f:3f:89:fc:ca:03:
ee:7d:ae:18:e7:b6:40:4c:5f:19:14:58:69:68:5c:e7:ff:10:
f2:a1:53:1d:52:f2:d4:bb:8e:fd:5e:10:f3:f0:a7:3f:42:c7:
95:5f:5e:fe:0d:cf:50:b5:cb:0c:3c:92:12:68:91:e3:38:b3:
a1:e4:d9:1d:9e:aa:b5:27:2f:6d:48:a2:c0:1d:00:67:56:f7:
71:87:84:a9:be:9e:29:b6:48:d0:e6:91:a8:aa:74:27:b7:b7:
44:de:a2:b4:9b:04:89:3f:84:22:bd:19:b9:44:a8:72:49:0d:
48:31:8d:3b:96:37:bc:30:61:44:82:3d:cc:36:2c:e2:5c:c5:
4b:f9:56:1a:bb:d4:0e:f8:99:57:92:74:31:37:14:dd:72:d9:
f2:67:25:ba:c6:c6:ea:e2:70:67:a7:0a:43:4b:fc:96:d5:ad:
f6:30:0c:87:1e:91:ed:6c:6e:5a:83:f9:3d:2c:fe:8b:ec:d2:
73:85:22:03:1f:6d:e3:6b:3d:f5:38:0d:4d:55:ac:24:f9:a1:
90:6b:64:d6:7f:1d:cf:0c:c7:f6:a7:e1:97:40:4c:df:7b:75:
09:64:21:4f:10:c0:09:0a:45:05:51:9f:7f:89:1a:cb:99:bc:
4e:be:51:0b
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUSZJFPt9P3xkg3Noy7xzJ1860e4cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2FkZjYzZTM3NWIwYjc4NTA4MWI1OTQ1YjFkMThkOWRl
ODZlMGVmYzAeFw0yNTAzMTYxMDQ4NThaFw0yNjAzMTUxMDUzNThaMDMxMTAvBgNV
BAMTKDZCNUFFMjgxOUJFMDFENEYxQzQwMzMxRTZCMkE1NjE3NjQwMzYzMUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTZsgC/z74VLle/vzgt68QmDY6
gOTgt8wvWqZZhV/TZYhDZ+KnmiTdjQI44yVaxSNwqeuLByQ+e69rJrCr2w1Tx0Qn
ZsZtIlv/5pp3dJy9gRn0BStTfYGCEc9xH7v3HAzwesMiS2mpHQGSRPZGHlvj4gJ8
gKVC1vP/jyNNpHV93ukKTj0/xcmIyPSlEYMQHswISrBjS+SoSisGh2oNBL78uRVM
Q5XIHpnsxq4Bf0IzsNXBTTJST6uidGyo2uQZvTC6mY2UX7D/Jyl7TnN6B+57mByr
lqu6lk3NuBUGnq0EyarON9Bz5KjPacWIwJ7MZQt1D/3JdppBhjpxRFX1JZ1RAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUa1rigZvgHU8cQDMeaypWF2QDYxswHwYDVR0j
BBgwFoAUet9j43Wwt4UIG1lFsdGNnehuDvwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQtOTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2Fi
MDAyLzAvN0FERjYzRTM3NUIwQjc4NTA4MUI1OTQ1QjFEMThEOURFODZFMEVGQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2V0OWo0M1d3dDRVSUcxbEZzZEdObmVo
dUR2dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQt
OTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2FiMDAyLzAvMzEzMDM5MmUzMTMxMzAyZTMx
MzkzMDJlMzAyZjMyMzMyZDMyMzQyMDNkM2UyMDMyMzczMjM5MzYzMi5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAW1uvjANBgkqhkiG9w0BAQsFAAOCAQEArBC7KoYgJnetPPq/nz+J/MoD7n2u
GOe2QExfGRRYaWhc5/8Q8qFTHVLy1LuO/V4Q8/CnP0LHlV9e/g3PULXLDDySEmiR
4zizoeTZHZ6qtScvbUiiwB0AZ1b3cYeEqb6eKbZI0OaRqKp0J7e3RN6itJsEiT+E
Ir0ZuUSockkNSDGNO5Y3vDBhRII9zDYs4lzFS/lWGrvUDviZV5J0MTcU3XLZ8mcl
usbG6uJwZ6cKQ0v8ltWt9jAMhx6R7WxuWoP5PSz+i+zSc4UiAx9t42s99TgNTVWs
JPmhkGtk1n8dzwzH9qfhl0BM33t1CWQhTxDACQpFBVGff4kay5m8Tr5RCw==
-----END CERTIFICATE-----
Generated at Sat Apr 5 05:30:03 2025 by rpki-client