Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/34332e3233302e38372e302f32342d3234203d3e20323133383536.roa
File: 34332e3233302e38372e302f32342d3234203d3e20323133383536.roa (raw, json)
Hash identifier: AvKvUoNctUm7Uzqhxmylt96xb0gGlgyMWffeaqO97RY=
Subject key identifier: AA:2A:7A:3A:DB:77:47:43:4B:89:1A:FA:17:35:F9:DD:1A:D9:EB:3C
Certificate issuer: /CN=c770f43358b97ba0aa9bdc62bbd511e90aeab29d
Certificate serial: 292369E1650859C404781D7149DEC370617C6DFB
Authority key identifier: C7:70:F4:33:58:B9:7B:A0:AA:9B:DC:62:BB:D5:11:E9:0A:EA:B2:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x3D0M1i5e6Cqm9xiu9UR6Qrqsp0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/34332e3233302e38372e302f32342d3234203d3e20323133383536.roa
Signing time: Sun 26 Jan 2025 05:10:09 +0000
ROA not before: Sun 26 Jan 2025 05:05:09 +0000
ROA not after: Sun 25 Jan 2026 05:10:09 +0000
asID: 213856
IP address blocks: 43.230.87.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/C770F43358B97BA0AA9BDC62BBD511E90AEAB29D.crl
rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/C770F43358B97BA0AA9BDC62BBD511E90AEAB29D.mft
rsync://rpki.ripe.net/repository/DEFAULT/x3D0M1i5e6Cqm9xiu9UR6Qrqsp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:23:69:e1:65:08:59:c4:04:78:1d:71:49:de:c3:70:61:7c:6d:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c770f43358b97ba0aa9bdc62bbd511e90aeab29d
Validity
Not Before: Jan 26 05:05:09 2025 GMT
Not After : Jan 25 05:10:09 2026 GMT
Subject: CN=AA2A7A3ADB7747434B891AFA1735F9DD1AD9EB3C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:ff:aa:e2:5f:07:d8:38:2d:4f:5f:41:ad:eb:
92:2c:6f:20:72:d0:50:e0:f9:eb:7f:c3:45:42:d1:
1c:66:b1:38:3a:a6:e7:fb:79:e6:17:8a:81:7b:c4:
46:dd:13:5e:c0:69:1c:01:ca:27:44:9e:31:ca:30:
d6:00:8a:71:b3:b7:15:51:b7:e0:2e:3c:58:6b:b7:
0c:04:74:50:e4:d0:07:c1:18:8a:e2:a7:ca:a5:4a:
40:96:5f:f7:c4:18:58:3b:22:9a:1c:60:ba:c4:d3:
31:e3:cf:36:be:0f:bb:bb:76:bf:05:ab:94:b5:f0:
83:fe:2b:4f:48:9b:97:9a:16:61:f1:ad:90:9f:05:
42:42:bb:3a:8b:47:7c:1e:0d:c1:70:c5:de:98:94:
87:7e:2d:45:ca:25:aa:4b:3e:de:27:91:22:76:89:
ef:38:77:0f:f5:63:64:88:b1:61:2b:3b:0f:ec:66:
a1:67:8b:e8:41:f4:a1:2a:34:83:51:3e:8f:7f:3b:
a1:35:c5:5d:cc:a3:8f:96:36:78:29:b6:5e:7d:2f:
a9:d0:28:15:5a:32:86:48:bb:49:92:ac:0c:8f:40:
c6:7b:72:d0:08:c4:88:54:4a:e7:7a:5d:e5:7a:45:
a5:37:53:e7:bc:6f:82:a4:4a:87:07:e4:4d:0e:b8:
18:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:2A:7A:3A:DB:77:47:43:4B:89:1A:FA:17:35:F9:DD:1A:D9:EB:3C
X509v3 Authority Key Identifier:
keyid:C7:70:F4:33:58:B9:7B:A0:AA:9B:DC:62:BB:D5:11:E9:0A:EA:B2:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/C770F43358B97BA0AA9BDC62BBD511E90AEAB29D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x3D0M1i5e6Cqm9xiu9UR6Qrqsp0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/34332e3233302e38372e302f32342d3234203d3e20323133383536.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.230.87.0/24
Signature Algorithm: sha256WithRSAEncryption
43:f2:b7:96:73:15:cd:ba:bb:08:ce:62:e9:9c:50:0c:fe:7b:
94:02:5f:ea:8a:3d:d5:e3:6f:23:91:36:b1:e3:6f:52:83:2a:
55:d9:ac:a1:9e:75:53:60:c4:ba:e4:a3:34:d5:e3:49:26:81:
55:8c:8f:7a:47:7d:3b:1e:db:07:e2:46:c0:92:e5:25:2c:37:
41:48:18:07:05:ee:17:6e:23:7f:05:03:7f:cf:a5:31:82:22:
a4:fc:18:c3:94:ac:37:56:7f:2a:b7:8f:2a:e5:02:c3:99:ec:
68:50:0a:a6:5e:d1:c2:01:da:88:d4:dc:6f:35:80:00:4a:60:
c7:79:98:45:6c:04:39:21:41:27:de:0b:9c:b3:1e:fb:e6:86:
37:28:2e:c3:68:41:51:30:6e:c9:4c:59:f7:77:d9:b7:44:27:
53:ad:aa:f2:63:84:ae:dc:23:e6:99:de:c7:3d:83:41:a6:5c:
1a:1d:e6:db:c1:d9:a1:87:96:de:ff:1c:b9:ea:fd:e9:18:74:
60:8c:9c:10:39:3d:8a:0d:8d:cd:e4:b6:35:b9:95:a0:08:6d:
71:7a:75:ea:76:3c:e1:17:41:8b:85:41:bf:64:62:03:ca:76:
40:b6:19:4e:58:b0:e2:45:62:43:33:e8:39:df:85:a5:65:c1:
f5:15:59:32
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUKSNp4WUIWcQEeB1xSd7DcGF8bfswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzc3MGY0MzM1OGI5N2JhMGFhOWJkYzYyYmJkNTExZTkw
YWVhYjI5ZDAeFw0yNTAxMjYwNTA1MDlaFw0yNjAxMjUwNTEwMDlaMDMxMTAvBgNV
BAMTKEFBMkE3QTNBREI3NzQ3NDM0Qjg5MUFGQTE3MzVGOUREMUFEOUVCM0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCk/6riXwfYOC1PX0Gt65IsbyBy
0FDg+et/w0VC0RxmsTg6puf7eeYXioF7xEbdE17AaRwByidEnjHKMNYAinGztxVR
t+AuPFhrtwwEdFDk0AfBGIrip8qlSkCWX/fEGFg7IpocYLrE0zHjzza+D7u7dr8F
q5S18IP+K09Im5eaFmHxrZCfBUJCuzqLR3weDcFwxd6YlId+LUXKJapLPt4nkSJ2
ie84dw/1Y2SIsWErOw/sZqFni+hB9KEqNINRPo9/O6E1xV3Mo4+WNngptl59L6nQ
KBVaMoZIu0mSrAyPQMZ7ctAIxIhUSud6XeV6RaU3U+e8b4KkSocH5E0OuBi3AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUqip6Ott3R0NLiRr6FzX53RrZ6zwwHwYDVR0j
BBgwFoAUx3D0M1i5e6Cqm9xiu9UR6Qrqsp0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZWFmZWJkYjQtNmYwYi00MDRiLTk4ZTItYTI2YmU5NGE2
NjIwLzAvQzc3MEY0MzM1OEI5N0JBMEFBOUJEQzYyQkJENTExRTkwQUVBQjI5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3gzRDBNMWk1ZTZDcW05eGl1OVVSNlFy
cXNwMC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZWFmZWJkYjQt
NmYwYi00MDRiLTk4ZTItYTI2YmU5NGE2NjIwLzAvMzQzMzJlMzIzMzMwMmUzODM3
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTMzMzgzNTM2LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
K+ZXMA0GCSqGSIb3DQEBCwUAA4IBAQBD8reWcxXNursIzmLpnFAM/nuUAl/qij3V
428jkTax429SgypV2ayhnnVTYMS65KM01eNJJoFVjI96R307HtsH4kbAkuUlLDdB
SBgHBe4XbiN/BQN/z6UxgiKk/BjDlKw3Vn8qt48q5QLDmexoUAqmXtHCAdqI1Nxv
NYAASmDHeZhFbAQ5IUEn3gucsx775oY3KC7DaEFRMG7JTFn3d9m3RCdTraryY4Su
3CPmmd7HPYNBplwaHebbwdmhh5be/xy56v3pGHRgjJwQOT2KDY3N5LY1uZWgCG1x
enXqdjzhF0GLhUG/ZGIDynZAthlOWLDiRWJDM+g534WlZcH1FVky
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:52:51 2025 by rpki-client