Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/3130332e34392e3133302e302f32342d3234203d3e20313531313036.roa
File: 3130332e34392e3133302e302f32342d3234203d3e20313531313036.roa (raw, json)
Hash identifier: fyyqyyghDi0idHRuMOtlEEoaVRAFwWrx/VwsQpLKbQc=
Subject key identifier: 73:45:64:89:AD:DC:64:1F:74:D4:87:5B:85:34:BC:B0:18:41:87:C7
Certificate issuer: /CN=c770f43358b97ba0aa9bdc62bbd511e90aeab29d
Certificate serial: 40BA7E93FB1270D86E2ED4B2F252DE4C645D756D
Authority key identifier: C7:70:F4:33:58:B9:7B:A0:AA:9B:DC:62:BB:D5:11:E9:0A:EA:B2:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x3D0M1i5e6Cqm9xiu9UR6Qrqsp0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/3130332e34392e3133302e302f32342d3234203d3e20313531313036.roa
Signing time: Thu 09 Jan 2025 08:18:59 +0000
ROA not before: Thu 09 Jan 2025 08:13:59 +0000
ROA not after: Thu 08 Jan 2026 08:18:59 +0000
asID: 151106
IP address blocks: 103.49.130.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/C770F43358B97BA0AA9BDC62BBD511E90AEAB29D.crl
rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/C770F43358B97BA0AA9BDC62BBD511E90AEAB29D.mft
rsync://rpki.ripe.net/repository/DEFAULT/x3D0M1i5e6Cqm9xiu9UR6Qrqsp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:ba:7e:93:fb:12:70:d8:6e:2e:d4:b2:f2:52:de:4c:64:5d:75:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c770f43358b97ba0aa9bdc62bbd511e90aeab29d
Validity
Not Before: Jan 9 08:13:59 2025 GMT
Not After : Jan 8 08:18:59 2026 GMT
Subject: CN=73456489ADDC641F74D4875B8534BCB0184187C7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:a9:fe:48:b2:5e:0e:e0:39:68:44:df:4e:ab:
30:43:8c:07:07:70:d6:eb:54:8d:c0:16:b8:3d:20:
ad:5d:93:60:a3:6b:b0:c3:45:77:bd:90:98:8a:ff:
60:6c:08:55:7d:a1:50:7d:19:84:96:5b:3e:89:fe:
13:c3:d3:10:67:2f:50:d6:c4:85:cb:ea:f1:cb:7b:
a0:60:80:3a:49:7f:cf:f0:fa:5e:a5:61:a9:16:f0:
38:6c:b8:3a:72:1a:75:7f:7a:12:4d:c7:02:cc:ab:
4e:35:10:08:84:4f:0b:bd:2c:3f:dd:10:08:15:c0:
89:3e:9e:15:eb:43:f1:21:85:a3:a4:d5:7c:02:6b:
9d:70:76:8d:8b:cf:8f:01:e3:41:43:24:4d:c4:c0:
32:02:70:48:a6:7e:6d:ab:59:65:ec:ef:60:91:ee:
7e:87:9d:2b:56:93:bf:03:80:3b:99:db:f0:f8:2f:
b6:be:8f:08:62:60:68:be:94:52:ed:bf:0b:b8:3b:
d0:c4:4e:c4:9c:c3:d8:31:cb:96:3a:d1:90:cb:e4:
a3:53:6f:40:6a:38:47:b9:c3:8a:a9:bc:ca:0d:6d:
71:ef:6d:56:93:f0:6c:99:8a:c5:a6:e2:eb:4f:5f:
d9:7c:5d:36:96:8d:a8:52:c3:ec:b5:57:eb:a6:31:
0b:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:45:64:89:AD:DC:64:1F:74:D4:87:5B:85:34:BC:B0:18:41:87:C7
X509v3 Authority Key Identifier:
keyid:C7:70:F4:33:58:B9:7B:A0:AA:9B:DC:62:BB:D5:11:E9:0A:EA:B2:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/C770F43358B97BA0AA9BDC62BBD511E90AEAB29D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x3D0M1i5e6Cqm9xiu9UR6Qrqsp0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/3130332e34392e3133302e302f32342d3234203d3e20313531313036.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.49.130.0/24
Signature Algorithm: sha256WithRSAEncryption
62:05:5a:81:e0:60:75:d0:69:16:4c:63:04:0a:d0:b6:f9:51:
5e:87:77:b9:a0:41:79:c4:6e:8f:7d:41:fd:0e:e3:25:48:8e:
aa:3f:82:bf:b1:6f:80:9b:2a:c1:59:ce:e1:2a:ad:0e:53:7c:
80:e6:85:16:a5:b9:90:f0:d1:21:de:75:00:3c:7c:f8:90:05:
f1:b2:ef:2e:ca:37:0a:44:a3:68:bf:73:8e:f3:a0:4a:5b:69:
82:96:0e:da:a0:36:09:7a:63:a6:91:00:e8:92:5c:88:4c:54:
10:7a:fc:de:13:c6:22:20:e2:83:3a:1a:95:5c:34:f2:41:59:
60:fb:ae:f4:28:8c:90:2d:de:dc:c6:12:5a:de:2c:0a:02:95:
07:4b:45:02:66:e4:20:f3:9d:e8:6a:ee:9f:25:4a:29:02:e8:
4c:c0:06:04:57:f2:d7:08:52:6a:5f:4f:b9:dc:da:d7:b0:6c:
93:b6:22:4a:22:a9:95:2a:c5:77:b0:dc:32:63:74:6f:47:96:
89:07:07:d4:76:23:d2:d6:21:67:42:c2:9b:67:aa:ca:7a:6c:
c8:ad:dc:01:c6:9d:ff:2b:8b:1d:94:cf:7c:ca:9c:a2:3e:77:
5b:10:5d:58:c5:f3:19:59:a5:5f:f7:5c:df:39:56:79:22:77:
32:54:87:58
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUQLp+k/sScNhuLtSy8lLeTGRddW0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzc3MGY0MzM1OGI5N2JhMGFhOWJkYzYyYmJkNTExZTkw
YWVhYjI5ZDAeFw0yNTAxMDkwODEzNTlaFw0yNjAxMDgwODE4NTlaMDMxMTAvBgNV
BAMTKDczNDU2NDg5QUREQzY0MUY3NEQ0ODc1Qjg1MzRCQ0IwMTg0MTg3QzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZqf5Isl4O4DloRN9OqzBDjAcH
cNbrVI3AFrg9IK1dk2Cja7DDRXe9kJiK/2BsCFV9oVB9GYSWWz6J/hPD0xBnL1DW
xIXL6vHLe6BggDpJf8/w+l6lYakW8DhsuDpyGnV/ehJNxwLMq041EAiETwu9LD/d
EAgVwIk+nhXrQ/EhhaOk1XwCa51wdo2Lz48B40FDJE3EwDICcEimfm2rWWXs72CR
7n6HnStWk78DgDuZ2/D4L7a+jwhiYGi+lFLtvwu4O9DETsScw9gxy5Y60ZDL5KNT
b0BqOEe5w4qpvMoNbXHvbVaT8GyZisWm4utPX9l8XTaWjahSw+y1V+umMQuPAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUc0Vkia3cZB901IdbhTS8sBhBh8cwHwYDVR0j
BBgwFoAUx3D0M1i5e6Cqm9xiu9UR6Qrqsp0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZWFmZWJkYjQtNmYwYi00MDRiLTk4ZTItYTI2YmU5NGE2
NjIwLzAvQzc3MEY0MzM1OEI5N0JBMEFBOUJEQzYyQkJENTExRTkwQUVBQjI5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3gzRDBNMWk1ZTZDcW05eGl1OVVSNlFy
cXNwMC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZWFmZWJkYjQt
NmYwYi00MDRiLTk4ZTItYTI2YmU5NGE2NjIwLzAvMzEzMDMzMmUzNDM5MmUzMTMz
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM1MzEzMTMwMzYucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABnMYIwDQYJKoZIhvcNAQELBQADggEBAGIFWoHgYHXQaRZMYwQK0Lb5UV6Hd7mg
QXnEbo99Qf0O4yVIjqo/gr+xb4CbKsFZzuEqrQ5TfIDmhRaluZDw0SHedQA8fPiQ
BfGy7y7KNwpEo2i/c47zoEpbaYKWDtqgNgl6Y6aRAOiSXIhMVBB6/N4TxiIg4oM6
GpVcNPJBWWD7rvQojJAt3tzGElreLAoClQdLRQJm5CDznehq7p8lSikC6EzABgRX
8tcIUmpfT7nc2tewbJO2IkoiqZUqxXew3DJjdG9HlokHB9R2I9LWIWdCwptnqsp6
bMit3AHGnf8rix2Uz3zKnKI+d1sQXVjF8xlZpV/3XN85VnkidzJUh1g=
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:47:40 2025 by rpki-client