Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/3130332e34392e3133312e302f32342d3234203d3e20313531313036.roa
File: 3130332e34392e3133312e302f32342d3234203d3e20313531313036.roa (raw, json)
Hash identifier: v23gevgA9GDiYpdq88OOontr+HX3atmsWqXNxiZytOU=
Subject key identifier: 40:31:4C:6A:77:06:8D:9B:D8:C4:18:D3:F2:36:1B:DC:7E:B2:0E:C0
Certificate issuer: /CN=c770f43358b97ba0aa9bdc62bbd511e90aeab29d
Certificate serial: 78F504EB2FDFEC19B3B5B0DF1ECF73B6FD3412FA
Authority key identifier: C7:70:F4:33:58:B9:7B:A0:AA:9B:DC:62:BB:D5:11:E9:0A:EA:B2:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x3D0M1i5e6Cqm9xiu9UR6Qrqsp0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/3130332e34392e3133312e302f32342d3234203d3e20313531313036.roa
Signing time: Thu 09 Jan 2025 08:18:59 +0000
ROA not before: Thu 09 Jan 2025 08:13:59 +0000
ROA not after: Thu 08 Jan 2026 08:18:59 +0000
asID: 151106
IP address blocks: 103.49.131.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/C770F43358B97BA0AA9BDC62BBD511E90AEAB29D.crl
rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/C770F43358B97BA0AA9BDC62BBD511E90AEAB29D.mft
rsync://rpki.ripe.net/repository/DEFAULT/x3D0M1i5e6Cqm9xiu9UR6Qrqsp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:f5:04:eb:2f:df:ec:19:b3:b5:b0:df:1e:cf:73:b6:fd:34:12:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c770f43358b97ba0aa9bdc62bbd511e90aeab29d
Validity
Not Before: Jan 9 08:13:59 2025 GMT
Not After : Jan 8 08:18:59 2026 GMT
Subject: CN=40314C6A77068D9BD8C418D3F2361BDC7EB20EC0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:c8:dd:d7:c1:77:ff:2f:74:d8:c5:33:2d:37:
0a:f9:f8:89:c3:f2:16:31:fa:79:d8:7e:e9:c0:26:
66:d8:51:73:fa:3c:14:01:63:f0:01:9a:dc:6e:f2:
74:b2:e3:2d:79:ed:8d:6b:81:b6:51:b5:f8:1b:49:
d7:b6:07:44:d3:62:a7:2c:ae:82:35:8b:d3:c7:d2:
bf:1f:30:af:c8:bb:9f:2e:42:03:c9:7b:3c:ed:4f:
5d:ef:3c:41:f5:48:96:39:18:25:c8:a7:f8:63:40:
8b:14:7f:c7:3a:7d:9e:4f:b5:bc:13:18:d3:5d:f3:
7a:5e:53:3b:f0:72:04:ce:61:be:d5:d4:c3:e5:6c:
70:91:ea:39:d8:13:6b:3f:72:8c:48:e6:86:46:89:
64:40:05:68:ed:6d:fe:54:d6:58:03:db:a8:78:d7:
67:d6:b2:fe:a8:a0:64:7f:e3:6b:52:c0:05:03:09:
89:9a:09:78:83:25:93:c2:35:32:46:20:c2:75:d3:
4e:c9:c9:70:4a:94:6d:1e:03:4b:d8:4e:5e:12:24:
dc:b6:fd:4a:ee:ce:96:ed:3c:d3:2f:c0:7a:30:7e:
ff:fd:d1:a1:cc:95:12:56:c0:04:7b:e5:fb:1d:4c:
f6:9e:44:34:b3:38:db:63:7f:0a:55:1d:33:1f:d9:
8b:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:31:4C:6A:77:06:8D:9B:D8:C4:18:D3:F2:36:1B:DC:7E:B2:0E:C0
X509v3 Authority Key Identifier:
keyid:C7:70:F4:33:58:B9:7B:A0:AA:9B:DC:62:BB:D5:11:E9:0A:EA:B2:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/C770F43358B97BA0AA9BDC62BBD511E90AEAB29D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x3D0M1i5e6Cqm9xiu9UR6Qrqsp0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/3130332e34392e3133312e302f32342d3234203d3e20313531313036.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.49.131.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:7f:67:1a:ad:64:cd:1c:cc:f6:a0:8e:a9:de:40:7c:c2:cd:
d0:1f:b8:8d:fd:45:3c:f1:24:98:7d:a5:d6:df:08:b0:a0:86:
e6:30:aa:bd:60:06:c8:12:2a:2e:5c:d8:a7:04:93:48:75:9b:
d8:69:f0:d9:c4:c2:36:eb:e0:13:38:1d:58:28:9f:cb:49:ca:
2b:28:3f:c4:a2:60:32:eb:3a:17:7c:1e:24:ac:57:1a:b2:b1:
58:9c:7c:84:f0:f4:22:3e:a3:61:c5:59:72:15:00:35:d8:ae:
65:b5:0b:2b:b6:2d:ac:d2:7c:89:34:7f:7f:4f:40:3b:50:52:
07:a7:a8:29:98:76:a4:e2:2c:6c:6f:2c:cb:9e:d3:0b:e5:ad:
48:77:af:00:6a:d8:b7:1c:93:8a:4b:a9:fb:49:01:e5:a1:07:
74:03:ed:1c:9d:cc:ca:13:d3:d8:2d:44:37:b9:6b:25:bf:18:
82:e2:5f:bf:30:99:6e:84:5a:ff:7b:ba:95:51:af:27:e5:3c:
bf:71:e3:b5:97:e8:e9:df:f5:c6:3b:91:fd:0c:c0:f8:70:ad:
76:4d:5d:f3:f3:fe:4d:bb:31:2f:c2:2f:08:af:d9:bb:5f:c4:
36:de:63:f2:20:cf:ed:6f:a2:12:ac:08:a7:fa:4f:0c:d0:a8:
87:31:86:3f
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUePUE6y/f7BmztbDfHs9ztv00EvowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzc3MGY0MzM1OGI5N2JhMGFhOWJkYzYyYmJkNTExZTkw
YWVhYjI5ZDAeFw0yNTAxMDkwODEzNTlaFw0yNjAxMDgwODE4NTlaMDMxMTAvBgNV
BAMTKDQwMzE0QzZBNzcwNjhEOUJEOEM0MThEM0YyMzYxQkRDN0VCMjBFQzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGyN3XwXf/L3TYxTMtNwr5+InD
8hYx+nnYfunAJmbYUXP6PBQBY/ABmtxu8nSy4y157Y1rgbZRtfgbSde2B0TTYqcs
roI1i9PH0r8fMK/Iu58uQgPJezztT13vPEH1SJY5GCXIp/hjQIsUf8c6fZ5PtbwT
GNNd83peUzvwcgTOYb7V1MPlbHCR6jnYE2s/coxI5oZGiWRABWjtbf5U1lgD26h4
12fWsv6ooGR/42tSwAUDCYmaCXiDJZPCNTJGIMJ1007JyXBKlG0eA0vYTl4SJNy2
/UruzpbtPNMvwHowfv/90aHMlRJWwAR75fsdTPaeRDSzONtjfwpVHTMf2YsJAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUQDFMancGjZvYxBjT8jYb3H6yDsAwHwYDVR0j
BBgwFoAUx3D0M1i5e6Cqm9xiu9UR6Qrqsp0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZWFmZWJkYjQtNmYwYi00MDRiLTk4ZTItYTI2YmU5NGE2
NjIwLzAvQzc3MEY0MzM1OEI5N0JBMEFBOUJEQzYyQkJENTExRTkwQUVBQjI5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3gzRDBNMWk1ZTZDcW05eGl1OVVSNlFy
cXNwMC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZWFmZWJkYjQt
NmYwYi00MDRiLTk4ZTItYTI2YmU5NGE2NjIwLzAvMzEzMDMzMmUzNDM5MmUzMTMz
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM1MzEzMTMwMzYucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABnMYMwDQYJKoZIhvcNAQELBQADggEBAB9/ZxqtZM0czPagjqneQHzCzdAfuI39
RTzxJJh9pdbfCLCghuYwqr1gBsgSKi5c2KcEk0h1m9hp8NnEwjbr4BM4HVgon8tJ
yisoP8SiYDLrOhd8HiSsVxqysVicfITw9CI+o2HFWXIVADXYrmW1Cyu2LazSfIk0
f39PQDtQUgenqCmYdqTiLGxvLMue0wvlrUh3rwBq2Lcck4pLqftJAeWhB3QD7Ryd
zMoT09gtRDe5ayW/GILiX78wmW6EWv97upVRryflPL9x47WX6Onf9cY7kf0MwPhw
rXZNXfPz/k27MS/CLwiv2btfxDbeY/Igz+1vohKsCKf6TwzQqIcxhj8=
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:00:33 2025 by rpki-client