Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/33312e32322e3130372e302f32342d3234203d3e20323135323837.roa
File: 33312e32322e3130372e302f32342d3234203d3e20323135323837.roa (raw, json)
Hash identifier: cWltszs6TW43SvZ9pUz1CLIWj1+hOKG8cpnkLvtIBus=
Subject key identifier: A9:60:F3:58:78:49:53:4C:BE:3F:F1:58:1C:38:73:42:DD:D6:9D:C8
Certificate issuer: /CN=c770f43358b97ba0aa9bdc62bbd511e90aeab29d
Certificate serial: 5EA11F3A983228650F297D572AB692BD7D138FEB
Authority key identifier: C7:70:F4:33:58:B9:7B:A0:AA:9B:DC:62:BB:D5:11:E9:0A:EA:B2:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x3D0M1i5e6Cqm9xiu9UR6Qrqsp0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/33312e32322e3130372e302f32342d3234203d3e20323135323837.roa
Signing time: Sat 25 Jan 2025 21:58:41 +0000
ROA not before: Sat 25 Jan 2025 21:53:41 +0000
ROA not after: Sat 24 Jan 2026 21:58:41 +0000
asID: 215287
IP address blocks: 31.22.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/C770F43358B97BA0AA9BDC62BBD511E90AEAB29D.crl
rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/C770F43358B97BA0AA9BDC62BBD511E90AEAB29D.mft
rsync://rpki.ripe.net/repository/DEFAULT/x3D0M1i5e6Cqm9xiu9UR6Qrqsp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:a1:1f:3a:98:32:28:65:0f:29:7d:57:2a:b6:92:bd:7d:13:8f:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c770f43358b97ba0aa9bdc62bbd511e90aeab29d
Validity
Not Before: Jan 25 21:53:41 2025 GMT
Not After : Jan 24 21:58:41 2026 GMT
Subject: CN=A960F3587849534CBE3FF1581C387342DDD69DC8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:56:a3:88:78:c9:40:c2:81:d6:ca:dc:7e:75:
ea:70:c2:b2:0f:44:05:ae:a0:0c:06:2e:ac:4d:b4:
4e:be:1a:84:e5:ee:05:1b:56:84:f1:c0:54:c9:44:
29:3a:65:b6:9c:7a:ed:a4:3f:8b:c2:5f:d7:7f:25:
dd:a7:ac:02:7b:f3:59:fc:5b:37:e3:a1:54:da:09:
b6:92:ae:77:e7:a8:f9:4a:4d:5c:b2:a4:04:6e:e3:
75:0c:6b:51:35:0a:8c:bb:13:25:a9:cf:28:90:0f:
a6:15:f0:ab:47:1d:75:bc:f9:43:07:a0:22:1f:e4:
ca:9d:ca:49:06:90:11:5f:09:73:66:90:4c:50:ab:
dc:c7:5b:c8:ee:e1:74:7b:34:36:d0:0c:2d:59:c6:
44:58:8e:1e:14:d5:8c:26:fd:cc:38:29:49:fe:c4:
0d:34:07:d9:a1:bd:75:0c:14:95:9f:3f:04:27:c1:
01:50:69:a3:03:2c:ec:c3:2e:f9:ab:10:5c:e0:06:
d4:3e:72:1e:c3:b5:4c:65:09:aa:d4:5a:ad:49:e3:
19:0f:08:c4:c6:a7:b6:5d:13:3b:de:23:37:5c:0e:
a5:9a:87:6e:81:d8:1a:3e:24:be:1a:a2:c4:96:ad:
09:65:c3:ab:8c:e3:2c:d6:53:25:c0:b9:25:09:e4:
47:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:60:F3:58:78:49:53:4C:BE:3F:F1:58:1C:38:73:42:DD:D6:9D:C8
X509v3 Authority Key Identifier:
keyid:C7:70:F4:33:58:B9:7B:A0:AA:9B:DC:62:BB:D5:11:E9:0A:EA:B2:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/C770F43358B97BA0AA9BDC62BBD511E90AEAB29D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x3D0M1i5e6Cqm9xiu9UR6Qrqsp0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/33312e32322e3130372e302f32342d3234203d3e20323135323837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.22.107.0/24
Signature Algorithm: sha256WithRSAEncryption
43:35:b8:a7:b0:e2:25:d2:72:5f:4c:42:2e:24:e3:71:78:6e:
2c:ea:1b:69:25:7f:0f:fa:37:ba:af:ae:c7:32:4a:d8:58:87:
60:43:b6:b6:f3:07:11:33:cc:9b:3c:2f:f8:a3:92:9c:0c:32:
61:57:11:d4:70:c4:c4:4c:22:41:db:20:0f:ce:20:61:c9:ae:
4d:93:21:03:bf:d3:4b:8c:65:6c:37:f3:a4:9d:ad:13:25:74:
59:9b:e1:ab:e0:41:b7:5e:0d:ee:4d:a3:f8:e2:d6:db:b3:24:
ed:8b:5a:9b:9d:0c:92:3e:b2:74:3e:1c:36:8d:3b:46:f1:4d:
f5:de:1a:af:d6:03:8a:31:ae:3f:0b:88:f6:b9:1c:2a:d6:42:
6c:8d:a5:4b:a0:00:4d:f6:0d:12:79:b0:61:ee:1a:38:22:cb:
79:e9:ba:dd:47:d0:f6:34:b4:21:de:97:6f:5a:bb:cf:96:97:
c1:f7:e5:e0:2e:80:04:8e:46:5e:c9:b7:e4:ee:f1:e0:11:68:
d6:ad:d0:e0:28:62:96:65:72:6d:62:2c:23:ee:2f:6e:7b:61:
68:ad:fd:c1:93:5f:fe:1c:f8:1d:cd:8b:c2:11:75:9d:52:4a:
70:09:35:a5:7c:7c:44:d4:73:b4:00:ce:c3:51:07:b1:83:6b:
87:a6:b5:33
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUXqEfOpgyKGUPKX1XKraSvX0Tj+swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzc3MGY0MzM1OGI5N2JhMGFhOWJkYzYyYmJkNTExZTkw
YWVhYjI5ZDAeFw0yNTAxMjUyMTUzNDFaFw0yNjAxMjQyMTU4NDFaMDMxMTAvBgNV
BAMTKEE5NjBGMzU4Nzg0OTUzNENCRTNGRjE1ODFDMzg3MzQyRERENjlEQzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaVqOIeMlAwoHWytx+depwwrIP
RAWuoAwGLqxNtE6+GoTl7gUbVoTxwFTJRCk6Zbaceu2kP4vCX9d/Jd2nrAJ781n8
WzfjoVTaCbaSrnfnqPlKTVyypARu43UMa1E1Coy7EyWpzyiQD6YV8KtHHXW8+UMH
oCIf5MqdykkGkBFfCXNmkExQq9zHW8ju4XR7NDbQDC1ZxkRYjh4U1Ywm/cw4KUn+
xA00B9mhvXUMFJWfPwQnwQFQaaMDLOzDLvmrEFzgBtQ+ch7DtUxlCarUWq1J4xkP
CMTGp7ZdEzveIzdcDqWah26B2Bo+JL4aosSWrQllw6uM4yzWUyXAuSUJ5Ee9AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUqWDzWHhJU0y+P/FYHDhzQt3WncgwHwYDVR0j
BBgwFoAUx3D0M1i5e6Cqm9xiu9UR6Qrqsp0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZWFmZWJkYjQtNmYwYi00MDRiLTk4ZTItYTI2YmU5NGE2
NjIwLzAvQzc3MEY0MzM1OEI5N0JBMEFBOUJEQzYyQkJENTExRTkwQUVBQjI5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3gzRDBNMWk1ZTZDcW05eGl1OVVSNlFy
cXNwMC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZWFmZWJkYjQt
NmYwYi00MDRiLTk4ZTItYTI2YmU5NGE2NjIwLzAvMzMzMTJlMzIzMjJlMzEzMDM3
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTM1MzIzODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
HxZrMA0GCSqGSIb3DQEBCwUAA4IBAQBDNbinsOIl0nJfTEIuJONxeG4s6htpJX8P
+je6r67HMkrYWIdgQ7a28wcRM8ybPC/4o5KcDDJhVxHUcMTETCJB2yAPziBhya5N
kyEDv9NLjGVsN/Okna0TJXRZm+Gr4EG3Xg3uTaP44tbbsyTti1qbnQySPrJ0Phw2
jTtG8U313hqv1gOKMa4/C4j2uRwq1kJsjaVLoABN9g0SebBh7ho4Ist56brdR9D2
NLQh3pdvWrvPlpfB9+XgLoAEjkZeybfk7vHgEWjWrdDgKGKWZXJtYiwj7i9ue2Fo
rf3Bk1/+HPgdzYvCEXWdUkpwCTWlfHxE1HO0AM7DUQexg2uHprUz
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:51:42 2025 by rpki-client