Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/34332e3233302e38362e302f32342d3234203d3e20323133383536.roa
File: 34332e3233302e38362e302f32342d3234203d3e20323133383536.roa (raw, json)
Hash identifier: +FBcWcyMzela5R1Q23uwZR/ucflGlzv329Sojb4n0MU=
Subject key identifier: 70:4B:61:C6:BE:11:92:32:AD:39:90:C7:DF:E1:85:FB:84:42:88:33
Certificate issuer: /CN=c770f43358b97ba0aa9bdc62bbd511e90aeab29d
Certificate serial: 50DBD21B3C2A1859D448C67D6C2A3C8CE02A14D9
Authority key identifier: C7:70:F4:33:58:B9:7B:A0:AA:9B:DC:62:BB:D5:11:E9:0A:EA:B2:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x3D0M1i5e6Cqm9xiu9UR6Qrqsp0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/34332e3233302e38362e302f32342d3234203d3e20323133383536.roa
Signing time: Sun 26 Jan 2025 05:11:39 +0000
ROA not before: Sun 26 Jan 2025 05:06:39 +0000
ROA not after: Sun 25 Jan 2026 05:11:39 +0000
asID: 213856
IP address blocks: 43.230.86.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/C770F43358B97BA0AA9BDC62BBD511E90AEAB29D.crl
rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/C770F43358B97BA0AA9BDC62BBD511E90AEAB29D.mft
rsync://rpki.ripe.net/repository/DEFAULT/x3D0M1i5e6Cqm9xiu9UR6Qrqsp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:db:d2:1b:3c:2a:18:59:d4:48:c6:7d:6c:2a:3c:8c:e0:2a:14:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c770f43358b97ba0aa9bdc62bbd511e90aeab29d
Validity
Not Before: Jan 26 05:06:39 2025 GMT
Not After : Jan 25 05:11:39 2026 GMT
Subject: CN=704B61C6BE119232AD3990C7DFE185FB84428833
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:be:8d:0f:80:a0:2a:c8:3d:76:97:68:bd:37:
c2:d4:1f:1e:77:d9:70:9e:5d:12:1a:bd:20:29:90:
f6:54:03:ff:40:c0:3e:cc:ae:e8:4a:78:aa:e7:34:
ea:a1:76:43:a7:1c:1b:41:5c:9f:14:d0:17:28:38:
b2:8a:04:e7:05:bb:26:15:20:0b:12:aa:89:84:90:
5d:50:06:8f:64:f7:98:f0:42:30:f8:04:ca:fa:95:
df:34:cd:06:d1:14:5a:1c:8a:65:b9:85:52:52:b2:
aa:0c:01:bb:7d:65:54:e1:f7:d8:e8:11:38:63:92:
88:e9:40:07:8f:ef:23:9c:2d:56:92:2c:1b:a9:d3:
aa:03:7b:4a:da:30:2b:5e:93:db:01:98:bc:09:7a:
5f:9d:b1:a1:f5:20:0f:70:99:ca:e2:a7:4b:5f:a4:
3e:3f:46:ca:a0:30:1e:8a:81:be:f8:62:89:4c:1a:
6b:60:e9:77:35:99:a5:f6:c7:c8:7d:0f:51:44:96:
ca:28:3b:30:e0:eb:2c:8e:67:78:c9:83:4f:7e:07:
0e:30:eb:a5:04:01:7c:f7:fc:ef:19:ce:b5:a3:77:
d5:b6:ea:61:90:5f:5a:e7:26:e2:2c:61:fb:e8:a2:
f9:1d:73:a3:89:ee:54:b8:a2:ae:d0:22:9d:58:7f:
10:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:4B:61:C6:BE:11:92:32:AD:39:90:C7:DF:E1:85:FB:84:42:88:33
X509v3 Authority Key Identifier:
keyid:C7:70:F4:33:58:B9:7B:A0:AA:9B:DC:62:BB:D5:11:E9:0A:EA:B2:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/C770F43358B97BA0AA9BDC62BBD511E90AEAB29D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x3D0M1i5e6Cqm9xiu9UR6Qrqsp0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/34332e3233302e38362e302f32342d3234203d3e20323133383536.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.230.86.0/24
Signature Algorithm: sha256WithRSAEncryption
52:8f:ea:0c:30:b6:59:90:aa:ad:ee:b7:d5:04:dd:e1:9d:13:
47:53:29:40:c5:b5:5b:66:6c:ea:a2:39:c4:14:40:e9:be:0b:
6a:ab:9d:d8:3e:02:1d:f1:2a:54:f0:6a:9b:97:13:69:c6:7d:
41:e5:d6:5e:ff:8e:a5:32:8d:cc:83:11:e6:3f:b4:f5:92:39:
a5:5d:45:3b:ec:3d:07:c3:76:61:cd:9d:d2:2d:cf:25:0c:be:
67:fd:dd:00:22:3e:cf:b9:d6:2b:71:c6:7e:38:cc:fa:d0:8f:
ce:4d:6f:33:8b:ad:0c:03:46:88:67:49:a3:53:b1:12:6e:84:
d8:a5:d5:49:d2:46:26:7b:e1:a6:a4:f9:34:bc:a5:d4:0e:93:
fa:36:f8:24:c2:d5:75:1b:0e:2a:f9:36:fa:11:b8:78:b8:e2:
4b:57:19:dd:d3:ee:a2:6b:3c:a1:9f:3e:4d:36:e4:d6:23:dc:
74:1a:ac:5d:22:d7:bd:bc:6d:f2:8d:9e:32:b6:58:54:79:c6:
c6:7e:2b:b4:06:3a:aa:1b:0e:c0:17:82:14:b2:6d:d0:84:e9:
84:0b:02:9a:ea:f8:fd:b0:74:67:d7:cb:9b:c4:47:1b:e6:a8:
5e:0e:df:f2:0c:83:45:36:de:a4:85:98:8e:2b:47:93:74:c9:
c6:f0:ed:8d
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUUNvSGzwqGFnUSMZ9bCo8jOAqFNkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzc3MGY0MzM1OGI5N2JhMGFhOWJkYzYyYmJkNTExZTkw
YWVhYjI5ZDAeFw0yNTAxMjYwNTA2MzlaFw0yNjAxMjUwNTExMzlaMDMxMTAvBgNV
BAMTKDcwNEI2MUM2QkUxMTkyMzJBRDM5OTBDN0RGRTE4NUZCODQ0Mjg4MzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSvo0PgKAqyD12l2i9N8LUHx53
2XCeXRIavSApkPZUA/9AwD7MruhKeKrnNOqhdkOnHBtBXJ8U0BcoOLKKBOcFuyYV
IAsSqomEkF1QBo9k95jwQjD4BMr6ld80zQbRFFocimW5hVJSsqoMAbt9ZVTh99jo
EThjkojpQAeP7yOcLVaSLBup06oDe0raMCtek9sBmLwJel+dsaH1IA9wmcrip0tf
pD4/RsqgMB6Kgb74YolMGmtg6Xc1maX2x8h9D1FElsooOzDg6yyOZ3jJg09+Bw4w
66UEAXz3/O8ZzrWjd9W26mGQX1rnJuIsYfvoovkdc6OJ7lS4oq7QIp1YfxDnAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUcEthxr4RkjKtOZDH3+GF+4RCiDMwHwYDVR0j
BBgwFoAUx3D0M1i5e6Cqm9xiu9UR6Qrqsp0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZWFmZWJkYjQtNmYwYi00MDRiLTk4ZTItYTI2YmU5NGE2
NjIwLzAvQzc3MEY0MzM1OEI5N0JBMEFBOUJEQzYyQkJENTExRTkwQUVBQjI5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3gzRDBNMWk1ZTZDcW05eGl1OVVSNlFy
cXNwMC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZWFmZWJkYjQt
NmYwYi00MDRiLTk4ZTItYTI2YmU5NGE2NjIwLzAvMzQzMzJlMzIzMzMwMmUzODM2
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTMzMzgzNTM2LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
K+ZWMA0GCSqGSIb3DQEBCwUAA4IBAQBSj+oMMLZZkKqt7rfVBN3hnRNHUylAxbVb
ZmzqojnEFEDpvgtqq53YPgId8SpU8GqblxNpxn1B5dZe/46lMo3MgxHmP7T1kjml
XUU77D0Hw3ZhzZ3SLc8lDL5n/d0AIj7PudYrccZ+OMz60I/OTW8zi60MA0aIZ0mj
U7ESboTYpdVJ0kYme+GmpPk0vKXUDpP6NvgkwtV1Gw4q+Tb6Ebh4uOJLVxnd0+6i
azyhnz5NNuTWI9x0GqxdIte9vG3yjZ4ytlhUecbGfiu0BjqqGw7AF4IUsm3QhOmE
CwKa6vj9sHRn18ubxEcb5qheDt/yDINFNt6khZiOK0eTdMnG8O2N
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:53:31 2025 by rpki-client