Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3130392e3132332e3232382e302f32322d3332203d3e20313431393935.roa
File: 3130392e3132332e3232382e302f32322d3332203d3e20313431393935.roa (raw, json)
Hash identifier: 7y9Tsvu/PGNDik8Lo+VmIgJVhlQ7ZkSwX0r1TK2jC1I=
Subject key identifier: 21:6A:6F:C9:03:9C:3B:33:0C:8C:8E:EF:CD:C0:42:8F:71:77:63:A1
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 42DC6E69927F8DEF272C41FAFB821CA747B54B95
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3130392e3132332e3232382e302f32322d3332203d3e20313431393935.roa
Signing time: Mon 27 Jan 2025 09:45:06 +0000
ROA not before: Mon 27 Jan 2025 09:40:06 +0000
ROA not after: Mon 26 Jan 2026 09:45:06 +0000
asID: 141995
IP address blocks: 109.123.228.0/22 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Apr 2025 15:34:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:dc:6e:69:92:7f:8d:ef:27:2c:41:fa:fb:82:1c:a7:47:b5:4b:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:40:06 2025 GMT
Not After : Jan 26 09:45:06 2026 GMT
Subject: CN=216A6FC9039C3B330C8C8EEFCDC0428F717763A1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:cd:46:3b:b4:89:e0:c3:fa:28:80:1d:c5:5d:
57:80:6a:8a:9a:73:ee:20:93:33:61:2a:cb:7c:de:
36:1d:bc:11:ff:ac:28:57:20:97:f5:d8:4a:ec:9b:
c1:28:ae:08:42:53:88:96:94:1b:26:e9:26:f0:7f:
1b:d4:10:fa:d5:2c:b8:e7:91:fe:49:cd:9c:13:41:
9c:9f:92:71:d4:68:93:83:d5:82:58:86:96:92:5f:
83:17:0d:a4:ed:94:8a:74:4f:49:98:1c:d0:d2:25:
6d:27:15:3a:69:3b:f3:4f:c5:9c:2c:b2:b9:c6:5f:
fe:fe:37:3c:be:8e:87:49:fb:aa:8e:21:5f:f7:b5:
c4:45:51:d9:c5:2f:ea:5c:f9:c9:ba:6b:b7:f8:29:
1b:aa:78:78:36:39:9c:65:48:2f:71:cd:da:3b:9a:
76:5f:15:d6:52:21:8b:12:22:61:6d:d6:35:44:07:
78:9a:b9:4b:86:32:80:18:b0:ae:ef:13:4f:38:18:
a0:d2:96:99:a7:a8:d1:46:67:d6:7e:8f:f7:5b:53:
fb:60:95:6c:e5:45:39:f7:28:4a:a0:ca:47:6a:c9:
59:83:84:8b:f5:5e:7d:bc:d6:58:1a:83:12:ad:e7:
d9:c1:c6:eb:42:12:8e:04:53:79:26:e0:5a:7c:10:
c1:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:6A:6F:C9:03:9C:3B:33:0C:8C:8E:EF:CD:C0:42:8F:71:77:63:A1
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3130392e3132332e3232382e302f32322d3332203d3e20313431393935.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.123.228.0/22
Signature Algorithm: sha256WithRSAEncryption
7a:98:5d:0d:b2:93:9c:59:91:da:ad:95:13:cb:5d:75:fa:3c:
cc:04:66:11:24:a2:05:b4:d6:e7:b6:d9:8b:62:1f:ee:9f:29:
45:4a:8f:5d:14:92:2d:b1:d5:8e:9c:d0:98:72:cb:e9:84:40:
b2:8b:59:01:3b:c6:ab:ca:c5:6d:8a:04:7c:eb:2c:57:3a:9d:
c3:6c:76:74:f5:f0:e2:a4:4e:cd:25:e9:70:4b:7c:4f:0a:5b:
f7:17:52:16:c0:03:9f:29:11:b1:5b:00:f8:d5:54:02:65:d4:
37:72:26:3c:24:d4:13:78:1e:6b:de:1b:86:d3:ed:8b:1b:bb:
b9:59:ef:d5:ec:8e:5c:9b:6b:a8:08:46:ac:f1:06:de:dd:e2:
f5:45:c6:7e:df:c4:39:79:e8:bc:e2:0d:7a:fb:71:1e:21:18:
8e:45:7d:84:0d:66:ff:39:3d:db:6c:42:3e:1d:ab:c9:86:17:
df:50:9f:5c:7c:1e:e5:3c:f1:43:6c:57:d1:04:8d:c6:81:f8:
c6:04:99:97:15:34:81:a7:de:e8:a1:8d:4c:7f:c9:4e:b4:7c:
e7:55:44:20:6e:e8:32:66:1e:55:da:d7:43:80:58:2e:e2:82:
82:77:fe:ae:fa:b7:bd:69:ab:38:a9:cb:c8:d3:28:76:db:a2:
60:ef:ac:50
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUQtxuaZJ/je8nLEH6+4Icp0e1S5UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTQwMDZaFw0yNjAxMjYwOTQ1MDZaMDMxMTAvBgNV
BAMTKDIxNkE2RkM5MDM5QzNCMzMwQzhDOEVFRkNEQzA0MjhGNzE3NzYzQTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMzUY7tIngw/oogB3FXVeAaoqa
c+4gkzNhKst83jYdvBH/rChXIJf12Ersm8EorghCU4iWlBsm6SbwfxvUEPrVLLjn
kf5JzZwTQZyfknHUaJOD1YJYhpaSX4MXDaTtlIp0T0mYHNDSJW0nFTppO/NPxZws
srnGX/7+Nzy+jodJ+6qOIV/3tcRFUdnFL+pc+cm6a7f4KRuqeHg2OZxlSC9xzdo7
mnZfFdZSIYsSImFt1jVEB3iauUuGMoAYsK7vE084GKDSlpmnqNFGZ9Z+j/dbU/tg
lWzlRTn3KEqgykdqyVmDhIv1Xn281lgagxKt59nBxutCEo4EU3km4Fp8EMHpAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUIWpvyQOcOzMMjI7vzcBCj3F3Y6EwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzMDM5MmUzMTMyMzMyZTMy
MzIzODJlMzAyZjMyMzIyZDMzMzIyMDNkM2UyMDMxMzQzMTM5MzkzNS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAm175DANBgkqhkiG9w0BAQsFAAOCAQEAephdDbKTnFmR2q2VE8tddfo8zARm
ESSiBbTW57bZi2If7p8pRUqPXRSSLbHVjpzQmHLL6YRAsotZATvGq8rFbYoEfOss
Vzqdw2x2dPXw4qROzSXpcEt8Twpb9xdSFsADnykRsVsA+NVUAmXUN3ImPCTUE3ge
a94bhtPtixu7uVnv1eyOXJtrqAhGrPEG3t3i9UXGft/EOXnovOINevtxHiEYjkV9
hA1m/zk922xCPh2ryYYX31CfXHwe5TzxQ2xX0QSNxoH4xgSZlxU0gafe6KGNTH/J
TrR851VEIG7oMmYeVdrXQ4BYLuKCgnf+rvq3vWmrOKnLyNModtuiYO+sUA==
-----END CERTIFICATE-----
Generated at Thu Apr 3 03:40:44 2025 by rpki-client