Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/eca25350-9e3f-46e1-ae2b-1c61b6ea5ae2/0/3130332e3134372e3135332e302f32342d3234203d3e20323135323936.roa
File: 3130332e3134372e3135332e302f32342d3234203d3e20323135323936.roa (raw, json)
Hash identifier: 54w2F3M9c9ZMYqej/uVTYoc9lVaBw0QpLSZEW7mlB7o=
Subject key identifier: 80:19:DD:4A:CC:C9:57:13:E2:87:9F:B1:A1:6C:37:C9:2A:93:99:95
Certificate issuer: /CN=578d7dc9779b27815ebb5c3f5fcf07cc583708b3
Certificate serial: 1328AB7B1C32A3C1958E35D3CFF013EFB9ED9147
Authority key identifier: 57:8D:7D:C9:77:9B:27:81:5E:BB:5C:3F:5F:CF:07:CC:58:37:08:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V419yXebJ4Feu1w_X88HzFg3CLM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/eca25350-9e3f-46e1-ae2b-1c61b6ea5ae2/0/3130332e3134372e3135332e302f32342d3234203d3e20323135323936.roa
Signing time: Wed 12 Feb 2025 14:20:14 +0000
ROA not before: Wed 12 Feb 2025 14:15:14 +0000
ROA not after: Wed 11 Feb 2026 14:20:14 +0000
asID: 215296
IP address blocks: 103.147.153.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/eca25350-9e3f-46e1-ae2b-1c61b6ea5ae2/0/578D7DC9779B27815EBB5C3F5FCF07CC583708B3.crl
rsync://rsync.paas.rpki.ripe.net/repository/eca25350-9e3f-46e1-ae2b-1c61b6ea5ae2/0/578D7DC9779B27815EBB5C3F5FCF07CC583708B3.mft
rsync://rpki.ripe.net/repository/DEFAULT/V419yXebJ4Feu1w_X88HzFg3CLM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 08:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:28:ab:7b:1c:32:a3:c1:95:8e:35:d3:cf:f0:13:ef:b9:ed:91:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=578d7dc9779b27815ebb5c3f5fcf07cc583708b3
Validity
Not Before: Feb 12 14:15:14 2025 GMT
Not After : Feb 11 14:20:14 2026 GMT
Subject: CN=8019DD4ACCC95713E2879FB1A16C37C92A939995
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fb:fd:d7:53:1b:c4:e4:45:6c:67:bf:b2:17:d4:
1d:34:51:73:82:46:4c:b9:88:dc:b2:31:36:80:8f:
ac:20:48:64:2e:9f:37:4b:a5:94:87:4f:40:52:46:
f9:d3:8b:2e:93:f2:e8:49:54:ab:b4:d6:07:05:8a:
df:dc:82:29:6a:29:02:be:4c:a0:33:67:38:ff:0f:
0b:d7:e5:d3:4e:03:dc:09:c3:46:a3:1b:04:38:cc:
d6:5f:88:dd:f9:19:1b:b4:ef:b2:6d:4c:4d:0f:79:
9e:7f:e5:f4:10:2b:96:40:54:4a:f0:08:43:89:91:
c1:47:a8:8f:c2:0c:46:92:36:80:d8:c4:2b:df:a7:
0f:d7:3b:99:da:79:83:60:f9:08:14:44:e1:e4:c3:
a7:53:db:6e:fb:01:04:12:0a:2a:bd:0f:04:b6:f7:
0e:77:0c:97:e4:8e:ee:71:d3:89:f4:42:c9:67:78:
92:67:9d:dd:b2:21:10:38:49:ad:9f:ff:09:17:76:
7d:dd:59:a0:73:7e:93:37:7f:8f:f7:7b:84:a9:54:
f8:7b:44:74:1d:7d:9e:90:35:ca:61:81:7b:d0:9a:
f7:ce:df:c3:21:e4:9d:86:bb:1b:75:70:7f:bb:0c:
cf:d6:9e:f7:d3:39:dc:53:ea:d9:fc:cb:c6:4e:a6:
4c:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:19:DD:4A:CC:C9:57:13:E2:87:9F:B1:A1:6C:37:C9:2A:93:99:95
X509v3 Authority Key Identifier:
keyid:57:8D:7D:C9:77:9B:27:81:5E:BB:5C:3F:5F:CF:07:CC:58:37:08:B3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/eca25350-9e3f-46e1-ae2b-1c61b6ea5ae2/0/578D7DC9779B27815EBB5C3F5FCF07CC583708B3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V419yXebJ4Feu1w_X88HzFg3CLM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/eca25350-9e3f-46e1-ae2b-1c61b6ea5ae2/0/3130332e3134372e3135332e302f32342d3234203d3e20323135323936.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.147.153.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:55:d3:3f:a9:8f:d2:12:a8:46:22:c5:62:56:41:a3:fb:72:
71:f8:c5:3f:a9:d8:c6:53:39:3c:ec:fb:9d:d3:83:92:d4:8d:
4f:d3:e5:77:28:57:53:4e:7d:d9:4f:b2:64:68:b9:25:8d:52:
9f:3a:18:73:59:be:27:9a:94:66:4e:b9:f3:23:6a:f6:43:7c:
37:eb:fc:9b:38:1f:c5:ae:81:66:42:7b:15:29:b2:24:e4:53:
c1:ca:49:3b:0f:e5:f1:57:d4:c4:06:8e:d8:9b:5c:3d:8c:2d:
66:6f:88:5d:91:23:4a:c5:cc:d9:15:31:5b:07:88:db:e3:85:
36:8c:33:49:f9:82:38:94:31:d7:d1:97:f7:63:96:0e:36:a4:
2d:d0:b8:bf:fa:fa:8f:4a:5a:a3:db:94:47:28:f1:48:8b:8e:
d1:9c:83:5c:82:c3:dc:b9:b0:a1:6a:de:62:e4:a3:27:3d:3b:
16:da:9d:51:fd:dd:8d:87:18:72:c5:b5:8d:6f:c1:77:03:44:
e3:5d:21:3e:6e:c0:c2:b9:53:3e:99:1c:25:68:79:a8:f7:a7:
d7:a0:e0:6f:b0:e2:2f:9c:dd:1a:a5:74:ba:31:56:df:db:a8:
8e:fd:52:d9:e2:db:b1:3e:a7:e3:c8:84:8e:b9:fd:11:54:05:
d7:04:98:20
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUEyirexwyo8GVjjXTz/AT77ntkUcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTc4ZDdkYzk3NzliMjc4MTVlYmI1YzNmNWZjZjA3Y2M1
ODM3MDhiMzAeFw0yNTAyMTIxNDE1MTRaFw0yNjAyMTExNDIwMTRaMDMxMTAvBgNV
BAMTKDgwMTlERDRBQ0NDOTU3MTNFMjg3OUZCMUExNkMzN0M5MkE5Mzk5OTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD7/ddTG8TkRWxnv7IX1B00UXOC
Rky5iNyyMTaAj6wgSGQunzdLpZSHT0BSRvnTiy6T8uhJVKu01gcFit/cgilqKQK+
TKAzZzj/DwvX5dNOA9wJw0ajGwQ4zNZfiN35GRu077JtTE0PeZ5/5fQQK5ZAVErw
CEOJkcFHqI/CDEaSNoDYxCvfpw/XO5naeYNg+QgUROHkw6dT2277AQQSCiq9DwS2
9w53DJfkju5x04n0QslneJJnnd2yIRA4Sa2f/wkXdn3dWaBzfpM3f4/3e4SpVPh7
RHQdfZ6QNcphgXvQmvfO38Mh5J2Guxt1cH+7DM/WnvfTOdxT6tn8y8ZOpkxLAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUgBndSszJVxPih5+xoWw3ySqTmZUwHwYDVR0j
BBgwFoAUV419yXebJ4Feu1w/X88HzFg3CLMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZWNhMjUzNTAtOWUzZi00NmUxLWFlMmItMWM2MWI2ZWE1
YWUyLzAvNTc4RDdEQzk3NzlCMjc4MTVFQkI1QzNGNUZDRjA3Q0M1ODM3MDhCMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Y0MTl5WGViSjRGZXUxd19YODhIekZn
M0NMTS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZWNhMjUzNTAt
OWUzZi00NmUxLWFlMmItMWM2MWI2ZWE1YWUyLzAvMzEzMDMzMmUzMTM0MzcyZTMx
MzUzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzNTMyMzkzNi5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAGeTmTANBgkqhkiG9w0BAQsFAAOCAQEAbFXTP6mP0hKoRiLFYlZBo/tycfjF
P6nYxlM5POz7ndODktSNT9PldyhXU0592U+yZGi5JY1SnzoYc1m+J5qUZk658yNq
9kN8N+v8mzgfxa6BZkJ7FSmyJORTwcpJOw/l8VfUxAaO2JtcPYwtZm+IXZEjSsXM
2RUxWweI2+OFNowzSfmCOJQx19GX92OWDjakLdC4v/r6j0pao9uURyjxSIuO0ZyD
XILD3LmwoWreYuSjJz07FtqdUf3djYcYcsW1jW/BdwNE410hPm7AwrlTPpkcJWh5
qPen16Dgb7DiL5zdGqV0ujFW39uojv1S2eLbsT6n48iEjrn9EVQF1wSYIA==
-----END CERTIFICATE-----
Generated at Tue Apr 8 13:18:19 2025 by rpki-client