Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/34332e3233302e38352e302f32342d3234203d3e203437373431.roa
File: 34332e3233302e38352e302f32342d3234203d3e203437373431.roa (raw, json)
Hash identifier: EXdKw15sLb9g7z05LxL1+sMIqOyevHaLtMqVr5NXEPA=
Subject key identifier: 55:CD:56:11:E3:DF:26:00:43:78:07:6D:B9:FC:24:A0:BE:71:4B:C4
Certificate issuer: /CN=c770f43358b97ba0aa9bdc62bbd511e90aeab29d
Certificate serial: 42B11D095626F4172C57628E6E9730D300E986E3
Authority key identifier: C7:70:F4:33:58:B9:7B:A0:AA:9B:DC:62:BB:D5:11:E9:0A:EA:B2:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x3D0M1i5e6Cqm9xiu9UR6Qrqsp0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/34332e3233302e38352e302f32342d3234203d3e203437373431.roa
Signing time: Sat 18 Jan 2025 14:50:53 +0000
ROA not before: Sat 18 Jan 2025 14:45:53 +0000
ROA not after: Sat 17 Jan 2026 14:50:53 +0000
asID: 47741
IP address blocks: 43.230.85.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/C770F43358B97BA0AA9BDC62BBD511E90AEAB29D.crl
rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/C770F43358B97BA0AA9BDC62BBD511E90AEAB29D.mft
rsync://rpki.ripe.net/repository/DEFAULT/x3D0M1i5e6Cqm9xiu9UR6Qrqsp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:b1:1d:09:56:26:f4:17:2c:57:62:8e:6e:97:30:d3:00:e9:86:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c770f43358b97ba0aa9bdc62bbd511e90aeab29d
Validity
Not Before: Jan 18 14:45:53 2025 GMT
Not After : Jan 17 14:50:53 2026 GMT
Subject: CN=55CD5611E3DF26004378076DB9FC24A0BE714BC4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:95:1d:67:7f:73:cd:47:68:2c:cd:ed:16:67:
4d:97:26:6d:71:b2:ce:47:80:74:5d:59:09:62:22:
51:0e:7f:25:30:41:31:de:ab:db:35:f1:41:b4:07:
c2:f8:02:19:32:40:fa:e9:a3:1a:14:85:1f:47:62:
fd:36:35:3f:3b:3e:1d:0e:37:94:ba:7b:eb:23:fd:
fb:c0:6a:55:91:07:65:81:da:d7:a1:2d:61:67:db:
df:55:9c:6d:76:7b:29:9b:bf:9f:e7:a8:dc:f7:ee:
3d:6e:c7:b6:64:57:08:80:99:44:b3:1f:26:7a:e5:
7f:3f:70:92:2a:92:86:95:17:4b:83:01:3c:de:ed:
a6:96:74:40:98:d6:43:17:7a:6c:a6:9c:ea:43:df:
70:ee:6e:ac:d8:9d:77:f6:bb:42:9f:18:23:93:e9:
1c:1e:a8:7e:df:a2:2a:22:5d:eb:09:0d:dd:72:21:
37:d0:2b:f8:75:fe:58:ae:6c:36:52:f2:39:1c:db:
66:16:7e:34:76:41:71:4a:21:95:42:ca:7e:e0:d4:
0b:4e:17:92:f4:9a:96:44:6f:52:28:d7:78:83:a7:
7e:35:b3:f7:90:f7:fc:7f:19:04:4f:16:bd:84:4e:
02:d6:73:18:04:a3:93:83:3d:98:dd:c7:7b:b6:4f:
fa:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:CD:56:11:E3:DF:26:00:43:78:07:6D:B9:FC:24:A0:BE:71:4B:C4
X509v3 Authority Key Identifier:
keyid:C7:70:F4:33:58:B9:7B:A0:AA:9B:DC:62:BB:D5:11:E9:0A:EA:B2:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/C770F43358B97BA0AA9BDC62BBD511E90AEAB29D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x3D0M1i5e6Cqm9xiu9UR6Qrqsp0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/34332e3233302e38352e302f32342d3234203d3e203437373431.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.230.85.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:f4:d3:c5:2b:34:e4:36:08:83:e3:b0:59:a7:9d:db:dc:f5:
17:e0:19:bd:73:cc:83:96:48:4d:d9:f0:3e:5a:d4:cb:3e:bd:
a7:58:0b:30:bf:e8:66:56:da:3f:75:33:95:7f:26:5d:04:c6:
b2:2e:cc:af:c2:03:1d:94:3e:ac:bf:a8:cb:8c:cc:1f:6a:3e:
68:bc:bd:3a:50:dc:50:b4:4e:e3:89:36:7f:12:7b:af:7c:bc:
30:74:ca:f4:4f:b9:1b:75:b1:3f:6a:76:20:e7:b2:2b:e3:32:
73:56:ad:50:8b:d7:80:8e:89:db:82:6f:ec:86:65:0c:12:7b:
d9:e1:63:3d:45:58:fa:74:df:ee:5d:0c:e7:a8:85:70:40:bf:
be:92:41:13:62:a1:25:c3:86:38:71:38:79:38:e9:5c:8b:28:
b9:09:11:09:2c:f2:49:3a:87:e9:0f:c1:10:3f:75:e2:d6:f7:
1b:0a:a7:16:5f:52:8f:8d:15:9a:5a:bb:45:fd:8b:73:80:b3:
d8:db:2c:45:21:7f:7c:58:d7:6c:0c:52:07:2c:1d:9b:a4:51:
91:4a:01:a8:f1:22:05:de:64:14:c4:1e:0e:f9:2a:b5:43:21:
3b:95:cb:e8:75:0d:8b:f6:01:a7:ea:91:00:16:d4:d0:56:5f:
81:f6:cd:80
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUQrEdCVYm9BcsV2KObpcw0wDphuMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzc3MGY0MzM1OGI5N2JhMGFhOWJkYzYyYmJkNTExZTkw
YWVhYjI5ZDAeFw0yNTAxMTgxNDQ1NTNaFw0yNjAxMTcxNDUwNTNaMDMxMTAvBgNV
BAMTKDU1Q0Q1NjExRTNERjI2MDA0Mzc4MDc2REI5RkMyNEEwQkU3MTRCQzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+lR1nf3PNR2gsze0WZ02XJm1x
ss5HgHRdWQliIlEOfyUwQTHeq9s18UG0B8L4AhkyQPrpoxoUhR9HYv02NT87Ph0O
N5S6e+sj/fvAalWRB2WB2tehLWFn299VnG12eymbv5/nqNz37j1ux7ZkVwiAmUSz
HyZ65X8/cJIqkoaVF0uDATze7aaWdECY1kMXemymnOpD33DubqzYnXf2u0KfGCOT
6RweqH7foioiXesJDd1yITfQK/h1/liubDZS8jkc22YWfjR2QXFKIZVCyn7g1AtO
F5L0mpZEb1Io13iDp341s/eQ9/x/GQRPFr2ETgLWcxgEo5ODPZjdx3u2T/r1AgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUVc1WEePfJgBDeAdtufwkoL5xS8QwHwYDVR0j
BBgwFoAUx3D0M1i5e6Cqm9xiu9UR6Qrqsp0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZWFmZWJkYjQtNmYwYi00MDRiLTk4ZTItYTI2YmU5NGE2
NjIwLzAvQzc3MEY0MzM1OEI5N0JBMEFBOUJEQzYyQkJENTExRTkwQUVBQjI5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3gzRDBNMWk1ZTZDcW05eGl1OVVSNlFy
cXNwMC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZWFmZWJkYjQt
NmYwYi00MDRiLTk4ZTItYTI2YmU5NGE2NjIwLzAvMzQzMzJlMzIzMzMwMmUzODM1
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzQzNzM3MzQzMS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEACvm
VTANBgkqhkiG9w0BAQsFAAOCAQEALfTTxSs05DYIg+OwWaed29z1F+AZvXPMg5ZI
TdnwPlrUyz69p1gLML/oZlbaP3UzlX8mXQTGsi7Mr8IDHZQ+rL+oy4zMH2o+aLy9
OlDcULRO44k2fxJ7r3y8MHTK9E+5G3WxP2p2IOeyK+Myc1atUIvXgI6J24Jv7IZl
DBJ72eFjPUVY+nTf7l0M56iFcEC/vpJBE2KhJcOGOHE4eTjpXIsouQkRCSzySTqH
6Q/BED914tb3GwqnFl9Sj40Vmlq7Rf2Lc4Cz2NssRSF/fFjXbAxSBywdm6RRkUoB
qPEiBd5kFMQeDvkqtUMhO5XL6HUNi/YBp+qRABbU0FZfgfbNgA==
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:58:39 2025 by rpki-client