Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/34332e3233302e38352e302f32342d3234203d3e20323131343430.roa
File: 34332e3233302e38352e302f32342d3234203d3e20323131343430.roa (raw, json)
Hash identifier: hoZQSGqkvoyh+Fwe28UicpO6RAJD80P7rklT/Di/mQU=
Subject key identifier: 2B:4E:6D:B2:86:A8:EA:71:BB:AA:4A:5A:98:E6:07:97:13:29:1F:12
Certificate issuer: /CN=c770f43358b97ba0aa9bdc62bbd511e90aeab29d
Certificate serial: 1D86C06E54E073FDD303038C8E27169D72FB2F0A
Authority key identifier: C7:70:F4:33:58:B9:7B:A0:AA:9B:DC:62:BB:D5:11:E9:0A:EA:B2:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x3D0M1i5e6Cqm9xiu9UR6Qrqsp0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/34332e3233302e38352e302f32342d3234203d3e20323131343430.roa
Signing time: Fri 28 Mar 2025 08:38:53 +0000
ROA not before: Fri 28 Mar 2025 08:33:53 +0000
ROA not after: Fri 27 Mar 2026 08:38:53 +0000
asID: 211440
IP address blocks: 43.230.85.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/C770F43358B97BA0AA9BDC62BBD511E90AEAB29D.crl
rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/C770F43358B97BA0AA9BDC62BBD511E90AEAB29D.mft
rsync://rpki.ripe.net/repository/DEFAULT/x3D0M1i5e6Cqm9xiu9UR6Qrqsp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 22:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:86:c0:6e:54:e0:73:fd:d3:03:03:8c:8e:27:16:9d:72:fb:2f:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c770f43358b97ba0aa9bdc62bbd511e90aeab29d
Validity
Not Before: Mar 28 08:33:53 2025 GMT
Not After : Mar 27 08:38:53 2026 GMT
Subject: CN=2B4E6DB286A8EA71BBAA4A5A98E6079713291F12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:ae:b3:7f:e1:b7:54:1f:30:6d:0c:c8:44:3b:
7a:2d:e0:9e:ce:0b:9a:cb:8a:43:4c:03:8b:0f:da:
ae:d3:41:0e:ac:cd:3f:3e:38:e5:b4:2e:ea:bf:ba:
84:df:1c:66:3a:9a:8f:b2:b0:39:21:12:83:8c:9d:
7f:1a:f0:22:b9:7a:b4:14:85:f5:7b:8b:f6:ad:b6:
ef:5d:49:4a:af:1b:d8:58:13:92:09:b0:39:60:e5:
5e:e0:bf:2c:89:5f:63:30:a8:f0:e1:e5:b5:4e:2d:
ce:69:af:e6:48:13:85:8b:23:7c:3e:bb:1d:b6:2e:
9f:84:9f:0d:01:02:e7:56:7e:f9:8a:69:d3:f9:32:
35:6a:81:54:18:d2:7e:a5:04:05:97:a8:07:1a:c0:
0d:9c:5e:ab:16:18:6b:ac:87:9e:56:ea:e5:ce:ff:
db:fe:56:d8:cc:e4:10:38:4e:dd:8c:4a:b1:e9:84:
03:05:7c:ab:83:e7:7c:e4:6c:a7:45:57:6c:63:e0:
8a:a7:15:f2:62:7b:42:4b:87:5e:03:b3:21:19:6b:
05:1f:be:35:3a:e8:d2:cd:14:12:1c:b3:f1:62:53:
77:25:00:5b:b0:2a:cf:cb:01:ab:1b:ef:be:09:c6:
04:6f:5c:03:bb:6b:70:f9:56:e0:fc:15:2f:f4:e6:
1c:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:4E:6D:B2:86:A8:EA:71:BB:AA:4A:5A:98:E6:07:97:13:29:1F:12
X509v3 Authority Key Identifier:
keyid:C7:70:F4:33:58:B9:7B:A0:AA:9B:DC:62:BB:D5:11:E9:0A:EA:B2:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/C770F43358B97BA0AA9BDC62BBD511E90AEAB29D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x3D0M1i5e6Cqm9xiu9UR6Qrqsp0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/34332e3233302e38352e302f32342d3234203d3e20323131343430.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.230.85.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:57:33:dc:5d:c5:bf:4e:31:48:ac:d3:61:6e:a1:4c:78:63:
87:d5:88:87:06:51:75:11:92:c1:d4:9f:0a:9c:61:90:47:6e:
b4:08:44:b3:af:b9:65:5f:41:ce:2c:4e:e6:aa:c4:23:de:a2:
b5:4b:e9:32:c6:95:16:e1:41:55:ea:09:b8:53:c5:b3:93:14:
c5:41:a0:cc:55:0c:b8:37:82:d5:ad:ac:9a:f4:ec:12:96:93:
16:b6:99:d9:1e:65:99:42:da:f1:b7:c6:90:8c:60:3d:c6:cc:
50:2b:29:32:b6:41:aa:16:86:bd:9d:26:cd:55:5a:a3:78:f7:
b0:05:9c:6d:30:b3:c6:12:ca:e6:10:c2:93:04:ec:74:f6:b7:
31:0d:e8:ab:91:67:5e:6e:81:25:2b:40:64:d3:d4:e9:22:70:
c7:f1:c8:ff:f9:8f:4c:04:ee:38:25:43:1f:8e:15:91:3b:2a:
ed:b7:74:07:42:cb:20:cd:61:89:0d:c4:fe:b8:86:b1:5c:bd:
5d:b8:9a:fd:82:17:4e:8e:c3:26:f0:37:76:aa:fd:b1:81:8f:
16:95:23:e9:da:ed:85:c2:de:92:57:65:ae:70:5b:88:6c:bb:
4b:5b:55:72:da:3e:bf:ba:b0:47:5e:cd:cb:08:aa:3f:1e:39:
e4:f3:08:18
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUHYbAblTgc/3TAwOMjicWnXL7LwowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzc3MGY0MzM1OGI5N2JhMGFhOWJkYzYyYmJkNTExZTkw
YWVhYjI5ZDAeFw0yNTAzMjgwODMzNTNaFw0yNjAzMjcwODM4NTNaMDMxMTAvBgNV
BAMTKDJCNEU2REIyODZBOEVBNzFCQkFBNEE1QTk4RTYwNzk3MTMyOTFGMTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCarrN/4bdUHzBtDMhEO3ot4J7O
C5rLikNMA4sP2q7TQQ6szT8+OOW0Luq/uoTfHGY6mo+ysDkhEoOMnX8a8CK5erQU
hfV7i/attu9dSUqvG9hYE5IJsDlg5V7gvyyJX2MwqPDh5bVOLc5pr+ZIE4WLI3w+
ux22Lp+Enw0BAudWfvmKadP5MjVqgVQY0n6lBAWXqAcawA2cXqsWGGush55W6uXO
/9v+VtjM5BA4Tt2MSrHphAMFfKuD53zkbKdFV2xj4IqnFfJie0JLh14DsyEZawUf
vjU66NLNFBIcs/FiU3clAFuwKs/LAasb774JxgRvXAO7a3D5VuD8FS/05hzDAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUK05tsoao6nG7qkpamOYHlxMpHxIwHwYDVR0j
BBgwFoAUx3D0M1i5e6Cqm9xiu9UR6Qrqsp0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZWFmZWJkYjQtNmYwYi00MDRiLTk4ZTItYTI2YmU5NGE2
NjIwLzAvQzc3MEY0MzM1OEI5N0JBMEFBOUJEQzYyQkJENTExRTkwQUVBQjI5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3gzRDBNMWk1ZTZDcW05eGl1OVVSNlFy
cXNwMC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZWFmZWJkYjQt
NmYwYi00MDRiLTk4ZTItYTI2YmU5NGE2NjIwLzAvMzQzMzJlMzIzMzMwMmUzODM1
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTMxMzQzNDMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
K+ZVMA0GCSqGSIb3DQEBCwUAA4IBAQA/VzPcXcW/TjFIrNNhbqFMeGOH1YiHBlF1
EZLB1J8KnGGQR260CESzr7llX0HOLE7mqsQj3qK1S+kyxpUW4UFV6gm4U8WzkxTF
QaDMVQy4N4LVraya9OwSlpMWtpnZHmWZQtrxt8aQjGA9xsxQKykytkGqFoa9nSbN
VVqjePewBZxtMLPGEsrmEMKTBOx09rcxDeirkWdeboElK0Bk09TpInDH8cj/+Y9M
BO44JUMfjhWROyrtt3QHQssgzWGJDcT+uIaxXL1duJr9ghdOjsMm8Dd2qv2xgY8W
lSPp2u2Fwt6SV2WucFuIbLtLW1Vy2j6/urBHXs3LCKo/Hjnk8wgY
-----END CERTIFICATE-----
Generated at Wed Apr 9 05:13:12 2025 by rpki-client