Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3130392e3132332e3232352e302f32342d3234203d3e20313336373837.roa
File: 3130392e3132332e3232352e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: A27GOofJxOKniOoPD4Bzm+VUi3r+lbl6VX1jtK1svTQ=
Subject key identifier: 33:2B:0E:6A:10:D8:B6:55:AD:96:24:FE:D0:4F:EF:C7:67:25:55:E7
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 3EE835BA2005F6722C6DC65FF2E02C054DA3D8E2
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3130392e3132332e3232352e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 27 Jan 2025 09:45:15 +0000
ROA not before: Mon 27 Jan 2025 09:40:15 +0000
ROA not after: Mon 26 Jan 2026 09:45:15 +0000
asID: 136787
IP address blocks: 109.123.225.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 13:21:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:e8:35:ba:20:05:f6:72:2c:6d:c6:5f:f2:e0:2c:05:4d:a3:d8:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:40:15 2025 GMT
Not After : Jan 26 09:45:15 2026 GMT
Subject: CN=332B0E6A10D8B655AD9624FED04FEFC7672555E7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:8b:2c:f1:8d:a0:b5:b3:c9:f4:c8:54:c5:d3:
66:77:e0:e1:05:75:6c:a6:ae:27:77:58:1b:4e:1a:
7e:87:d5:ce:45:9f:47:d9:ed:4b:17:67:22:12:8e:
ad:99:c2:ad:51:75:cf:64:d4:1e:b6:a6:6f:43:ba:
cf:2d:ec:71:be:fd:a8:13:b6:ad:ef:11:9e:4a:a2:
4e:75:3e:4f:d0:33:19:4e:72:84:76:0d:04:a9:a4:
e2:dc:e8:8d:35:f0:2f:bf:10:d7:7f:b5:3a:bd:56:
0c:ac:2a:27:fb:5b:eb:03:bc:6e:72:85:cd:c8:4b:
7b:f6:00:7b:a6:d5:39:f2:58:19:6a:a0:c4:74:78:
38:dc:0e:4a:f7:3a:1c:b7:5c:32:48:d0:ba:b2:b0:
8a:59:45:69:42:23:aa:9c:dc:bf:87:a0:d1:2b:31:
42:e4:71:1e:67:b0:1f:79:ad:45:a8:a6:e1:75:3f:
18:d6:4d:03:8b:17:d7:44:d1:29:2e:9e:10:fb:a1:
8f:38:d1:c8:81:5e:9c:67:e4:31:4b:52:db:8f:29:
cf:12:29:8b:6b:ec:a8:7f:31:8c:7a:ca:3e:e7:34:
29:17:50:09:60:e6:45:00:f1:86:cf:b4:5a:1f:7d:
bd:88:58:a4:32:f3:fc:ef:17:a5:ad:b3:c0:cf:3d:
45:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:2B:0E:6A:10:D8:B6:55:AD:96:24:FE:D0:4F:EF:C7:67:25:55:E7
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3130392e3132332e3232352e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.123.225.0/24
Signature Algorithm: sha256WithRSAEncryption
34:5d:e7:f0:fd:35:7f:63:ae:cf:a4:2d:97:04:82:01:bb:1b:
c0:1d:9f:c8:4a:50:d5:d2:46:f0:ca:e1:e8:36:05:84:9d:4b:
56:ac:f1:3e:1c:45:6c:59:29:d5:27:11:6f:2c:14:bb:c7:1d:
cb:d6:4e:c3:0f:8e:42:1f:03:01:90:bd:8e:f9:cd:43:84:fe:
e6:69:51:9a:e3:7b:e4:bf:ba:91:4b:11:f7:18:53:be:35:bf:
c5:c3:d6:cd:e7:c2:83:d9:a4:d2:49:c4:62:a8:d8:55:9a:a9:
e5:9c:1e:87:b8:d2:db:a5:c4:bd:7c:db:14:a7:b9:17:3c:80:
55:b5:93:12:94:a6:0a:0c:0f:32:77:36:5e:4f:93:03:b6:86:
c2:9a:8d:36:43:92:47:5c:35:61:0a:ff:7d:6e:21:b9:eb:a2:
a8:6b:11:9f:da:29:9f:35:e4:ad:61:b9:67:cc:76:2f:81:71:
ad:17:3d:ca:2a:77:3b:9d:62:83:0e:ea:ae:05:7c:7f:85:4a:
4d:7b:7a:58:dd:c4:27:07:28:dc:e2:95:49:6d:80:1d:51:13:
22:bd:85:07:98:db:a9:73:4a:0c:c9:f6:8b:b3:16:d5:92:04:
5d:21:0c:b5:5c:65:55:79:bf:cb:d5:bf:25:10:b1:4d:b0:25:
4f:a3:cb:70
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUPug1uiAF9nIsbcZf8uAsBU2j2OIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTQwMTVaFw0yNjAxMjYwOTQ1MTVaMDMxMTAvBgNV
BAMTKDMzMkIwRTZBMTBEOEI2NTVBRDk2MjRGRUQwNEZFRkM3NjcyNTU1RTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCziyzxjaC1s8n0yFTF02Z34OEF
dWymrid3WBtOGn6H1c5Fn0fZ7UsXZyISjq2Zwq1Rdc9k1B62pm9Dus8t7HG+/agT
tq3vEZ5Kok51Pk/QMxlOcoR2DQSppOLc6I018C+/ENd/tTq9VgysKif7W+sDvG5y
hc3IS3v2AHum1TnyWBlqoMR0eDjcDkr3Ohy3XDJI0LqysIpZRWlCI6qc3L+HoNEr
MULkcR5nsB95rUWopuF1PxjWTQOLF9dE0SkunhD7oY840ciBXpxn5DFLUtuPKc8S
KYtr7Kh/MYx6yj7nNCkXUAlg5kUA8YbPtFoffb2IWKQy8/zvF6Wts8DPPUUDAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUMysOahDYtlWtliT+0E/vx2clVecwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzMDM5MmUzMTMyMzMyZTMy
MzIzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAG174TANBgkqhkiG9w0BAQsFAAOCAQEANF3n8P01f2Ouz6QtlwSCAbsbwB2f
yEpQ1dJG8Mrh6DYFhJ1LVqzxPhxFbFkp1ScRbywUu8cdy9ZOww+OQh8DAZC9jvnN
Q4T+5mlRmuN75L+6kUsR9xhTvjW/xcPWzefCg9mk0knEYqjYVZqp5Zweh7jS26XE
vXzbFKe5FzyAVbWTEpSmCgwPMnc2Xk+TA7aGwpqNNkOSR1w1YQr/fW4hueuiqGsR
n9opnzXkrWG5Z8x2L4FxrRc9yip3O51igw7qrgV8f4VKTXt6WN3EJwco3OKVSW2A
HVETIr2FB5jbqXNKDMn2i7MW1ZIEXSEMtVxlVXm/y9W/JRCxTbAlT6PLcA==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:27:05 2025 by rpki-client