Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/34332e3233302e38342e302f32342d3234203d3e20323035383936.roa
File: 34332e3233302e38342e302f32342d3234203d3e20323035383936.roa (raw, json)
Hash identifier: frMOpiWFQijgfK3Vh/YGrziyxx0AVwDnOznjYIy+mD0=
Subject key identifier: 1C:55:00:B0:5E:02:6E:B3:62:35:AB:B1:1C:E0:0C:7E:00:9B:3A:31
Certificate issuer: /CN=c770f43358b97ba0aa9bdc62bbd511e90aeab29d
Certificate serial: 62DE5B4598DF0BB5F032BDCCD0CC370B301ACA62
Authority key identifier: C7:70:F4:33:58:B9:7B:A0:AA:9B:DC:62:BB:D5:11:E9:0A:EA:B2:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x3D0M1i5e6Cqm9xiu9UR6Qrqsp0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/34332e3233302e38342e302f32342d3234203d3e20323035383936.roa
Signing time: Fri 05 Sep 2025 12:17:51 +0000
ROA not before: Fri 05 Sep 2025 12:12:51 +0000
ROA not after: Fri 04 Sep 2026 12:17:51 +0000
asID: 205896
IP address blocks: 43.230.84.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/C770F43358B97BA0AA9BDC62BBD511E90AEAB29D.crl
rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/C770F43358B97BA0AA9BDC62BBD511E90AEAB29D.mft
rsync://rpki.ripe.net/repository/DEFAULT/x3D0M1i5e6Cqm9xiu9UR6Qrqsp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 06 Sep 2025 15:44:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:de:5b:45:98:df:0b:b5:f0:32:bd:cc:d0:cc:37:0b:30:1a:ca:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c770f43358b97ba0aa9bdc62bbd511e90aeab29d
Validity
Not Before: Sep 5 12:12:51 2025 GMT
Not After : Sep 4 12:17:51 2026 GMT
Subject: CN=1C5500B05E026EB36235ABB11CE00C7E009B3A31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:fe:aa:63:17:cf:91:a8:2c:fa:34:55:00:96:
31:7b:3e:82:bb:ce:c9:d1:9b:d5:9e:e4:11:27:50:
fb:a2:af:d3:15:2b:d1:5e:f9:45:0b:e9:d3:76:a7:
4a:99:85:4d:e2:ce:ee:6d:16:60:0f:ac:23:cd:69:
f3:b1:cc:be:73:0f:2c:4b:74:20:d5:d3:1b:1e:78:
a4:99:a1:cf:45:e9:59:1f:57:da:72:2b:38:98:67:
1b:ed:c2:99:8e:51:08:82:73:65:c4:a1:de:f2:12:
6f:bc:59:34:77:d5:20:06:a2:3f:76:c8:73:80:9e:
3c:f5:99:5f:6c:88:a2:e5:0d:55:13:78:40:ce:d5:
d8:1c:08:b8:e5:52:b0:9e:74:a5:2d:d7:4f:87:ec:
84:84:ee:1a:48:78:0d:12:79:24:6c:8c:f9:51:c9:
41:2b:19:28:b5:0c:20:e0:ad:79:f6:36:04:11:e0:
1b:2d:ea:1d:22:ce:04:00:a3:dd:49:bf:3f:b7:79:
8d:78:cf:5b:e2:b2:2a:ea:fe:07:cf:a0:4d:f1:5f:
96:19:bd:7f:89:e0:a3:86:87:e5:3d:e4:89:00:33:
5e:32:96:e6:5f:3f:82:3e:8f:0a:5d:f3:d6:91:25:
4f:67:de:99:c8:7a:21:32:42:a2:49:f2:60:1e:07:
35:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:55:00:B0:5E:02:6E:B3:62:35:AB:B1:1C:E0:0C:7E:00:9B:3A:31
X509v3 Authority Key Identifier:
keyid:C7:70:F4:33:58:B9:7B:A0:AA:9B:DC:62:BB:D5:11:E9:0A:EA:B2:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/C770F43358B97BA0AA9BDC62BBD511E90AEAB29D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x3D0M1i5e6Cqm9xiu9UR6Qrqsp0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/34332e3233302e38342e302f32342d3234203d3e20323035383936.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.230.84.0/24
Signature Algorithm: sha256WithRSAEncryption
08:dd:cc:ad:5a:ef:0b:e8:77:b5:ba:19:42:16:1a:04:84:4d:
bc:42:11:fc:80:e8:38:94:97:f6:f0:d6:58:c0:5f:f0:d4:f6:
33:44:c1:99:8d:37:ee:65:1d:ad:d6:4b:b0:95:de:b4:f3:9e:
52:d8:cc:a3:cd:ee:ff:73:06:e2:a0:c7:c0:bd:7b:c3:1a:a0:
31:50:ab:0f:e5:38:4c:4c:68:e8:50:9a:8a:a7:29:ef:e0:b6:
d0:e2:a5:fb:05:70:f4:af:dd:59:58:b2:5a:56:18:36:3c:e2:
2f:8c:52:a2:63:8b:53:cb:45:a2:cc:c3:d9:34:f8:f4:fa:3f:
5b:a8:7e:7c:ce:3b:0c:e2:ba:16:1b:f6:1f:64:06:40:9a:d9:
ff:57:fe:6b:49:2b:e2:c0:21:5d:5c:fa:04:16:91:49:d5:16:
e1:47:fe:13:0c:da:3c:5b:a2:c1:be:70:89:5c:21:c3:ab:fc:
f6:f6:28:d1:2b:63:9b:54:9c:74:2b:74:4a:21:7c:0c:1f:c3:
d9:75:7c:97:34:f9:c1:d1:63:83:9f:5f:bb:37:04:27:c2:89:
df:2b:fa:b9:fb:a0:60:46:9b:1d:41:af:fb:e0:ea:8d:0c:11:
40:20:e7:1f:b5:35:be:5c:c5:2d:a5:0a:dd:c0:a3:2b:73:41:
f1:44:fa:24
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUYt5bRZjfC7XwMr3M0Mw3CzAaymIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzc3MGY0MzM1OGI5N2JhMGFhOWJkYzYyYmJkNTExZTkw
YWVhYjI5ZDAeFw0yNTA5MDUxMjEyNTFaFw0yNjA5MDQxMjE3NTFaMDMxMTAvBgNV
BAMTKDFDNTUwMEIwNUUwMjZFQjM2MjM1QUJCMTFDRTAwQzdFMDA5QjNBMzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCu/qpjF8+RqCz6NFUAljF7PoK7
zsnRm9We5BEnUPuir9MVK9Fe+UUL6dN2p0qZhU3izu5tFmAPrCPNafOxzL5zDyxL
dCDV0xseeKSZoc9F6VkfV9pyKziYZxvtwpmOUQiCc2XEod7yEm+8WTR31SAGoj92
yHOAnjz1mV9siKLlDVUTeEDO1dgcCLjlUrCedKUt10+H7ISE7hpIeA0SeSRsjPlR
yUErGSi1DCDgrXn2NgQR4Bst6h0izgQAo91Jvz+3eY14z1visirq/gfPoE3xX5YZ
vX+J4KOGh+U95IkAM14yluZfP4I+jwpd89aRJU9n3pnIeiEyQqJJ8mAeBzVFAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUHFUAsF4CbrNiNauxHOAMfgCbOjEwHwYDVR0j
BBgwFoAUx3D0M1i5e6Cqm9xiu9UR6Qrqsp0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZWFmZWJkYjQtNmYwYi00MDRiLTk4ZTItYTI2YmU5NGE2
NjIwLzAvQzc3MEY0MzM1OEI5N0JBMEFBOUJEQzYyQkJENTExRTkwQUVBQjI5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3gzRDBNMWk1ZTZDcW05eGl1OVVSNlFy
cXNwMC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZWFmZWJkYjQt
NmYwYi00MDRiLTk4ZTItYTI2YmU5NGE2NjIwLzAvMzQzMzJlMzIzMzMwMmUzODM0
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDM1MzgzOTM2LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
K+ZUMA0GCSqGSIb3DQEBCwUAA4IBAQAI3cytWu8L6He1uhlCFhoEhE28QhH8gOg4
lJf28NZYwF/w1PYzRMGZjTfuZR2t1kuwld60855S2Myjze7/cwbioMfAvXvDGqAx
UKsP5ThMTGjoUJqKpynv4LbQ4qX7BXD0r91ZWLJaVhg2POIvjFKiY4tTy0WizMPZ
NPj0+j9bqH58zjsM4roWG/YfZAZAmtn/V/5rSSviwCFdXPoEFpFJ1RbhR/4TDNo8
W6LBvnCJXCHDq/z29ijRK2ObVJx0K3RKIXwMH8PZdXyXNPnB0WODn1+7NwQnwonf
K/q5+6BgRpsdQa/74OqNDBFAIOcftTW+XMUtpQrdwKMrc0HxRPok
-----END CERTIFICATE-----
Generated at Fri Sep 5 22:17:03 2025 by rpki-client