Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/3130392e3130372e35362e302f32312d3231203d3e20323134313433.roa
File: 3130392e3130372e35362e302f32312d3231203d3e20323134313433.roa (raw, json)
Hash identifier: 2AGDyckY2TAh6iYdYsLBU7KobWGBCZfgtMtkjHcm/eI=
Subject key identifier: B7:1C:ED:B6:1A:60:5C:14:3F:DE:7F:F0:E7:E9:AC:F3:66:74:C9:D4
Certificate issuer: /CN=4502e63ce01cad239ac397bc2bb5e6c347dceeea
Certificate serial: 0F9022FEC079400963B6FAFA26EF6A7594D937AC
Authority key identifier: 45:02:E6:3C:E0:1C:AD:23:9A:C3:97:BC:2B:B5:E6:C3:47:DC:EE:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RQLmPOAcrSOaw5e8K7Xmw0fc7uo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/3130392e3130372e35362e302f32312d3231203d3e20323134313433.roa
Signing time: Wed 11 Jun 2025 10:12:21 +0000
ROA not before: Wed 11 Jun 2025 10:07:21 +0000
ROA not after: Wed 10 Jun 2026 10:12:21 +0000
asID: 214143
IP address blocks: 109.107.56.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/4502E63CE01CAD239AC397BC2BB5E6C347DCEEEA.crl
rsync://rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/4502E63CE01CAD239AC397BC2BB5E6C347DCEEEA.mft
rsync://rpki.ripe.net/repository/DEFAULT/RQLmPOAcrSOaw5e8K7Xmw0fc7uo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 12:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:90:22:fe:c0:79:40:09:63:b6:fa:fa:26:ef:6a:75:94:d9:37:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4502e63ce01cad239ac397bc2bb5e6c347dceeea
Validity
Not Before: Jun 11 10:07:21 2025 GMT
Not After : Jun 10 10:12:21 2026 GMT
Subject: CN=B71CEDB61A605C143FDE7FF0E7E9ACF36674C9D4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:eb:da:07:71:47:7d:2f:e2:c5:49:48:fd:62:
6b:6a:a2:da:70:2f:60:65:a2:ad:45:8d:8a:52:01:
8f:97:cd:ad:ee:86:ec:2f:23:2a:5f:72:3f:9f:e1:
b4:1c:04:d8:03:ee:50:5f:37:d0:b4:ca:19:b7:17:
7d:93:29:35:07:00:76:ed:be:ba:f2:16:1c:ca:63:
99:d9:ce:2d:2b:02:2d:ac:7c:f0:e8:cb:9d:f4:dd:
9f:e8:ca:7f:bf:3b:81:9a:90:31:98:03:55:56:cb:
d5:19:7d:01:86:d3:ff:77:71:03:9a:fd:18:2e:c7:
80:79:88:01:3c:7d:bc:1a:01:c9:d0:b8:a3:f9:85:
4c:38:7d:5d:67:d9:a1:93:f2:94:70:52:1e:43:b2:
2b:34:25:45:b4:5a:0e:30:c9:7d:33:14:2c:57:b0:
aa:6b:ea:95:fa:79:05:11:8a:41:b6:0d:06:88:b4:
d1:38:0b:1d:47:ad:50:4b:7d:df:2d:f1:d3:94:af:
b9:a5:84:a9:d8:57:cf:0a:76:35:10:d2:89:8c:7e:
24:c2:08:7d:47:bf:4b:32:64:8a:53:11:57:11:1d:
42:fc:b2:6e:b2:0e:73:eb:b8:0e:c0:2d:15:78:f0:
f3:27:75:77:1c:83:89:b8:56:7a:8b:35:48:e0:94:
67:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:1C:ED:B6:1A:60:5C:14:3F:DE:7F:F0:E7:E9:AC:F3:66:74:C9:D4
X509v3 Authority Key Identifier:
keyid:45:02:E6:3C:E0:1C:AD:23:9A:C3:97:BC:2B:B5:E6:C3:47:DC:EE:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/4502E63CE01CAD239AC397BC2BB5E6C347DCEEEA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RQLmPOAcrSOaw5e8K7Xmw0fc7uo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/3130392e3130372e35362e302f32312d3231203d3e20323134313433.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.107.56.0/21
Signature Algorithm: sha256WithRSAEncryption
09:ea:b1:db:7d:fc:cc:33:e9:a3:7c:51:89:99:68:37:08:c3:
e2:77:d3:ae:b2:f0:e9:44:35:18:37:b1:82:bb:d8:df:80:e1:
32:f4:dd:11:06:86:cb:e3:c0:42:df:37:9b:cb:86:c6:bb:f4:
5a:7c:4d:9a:68:26:fc:bd:21:67:81:ed:f8:70:06:45:34:fa:
b0:21:30:46:e3:c9:ae:55:a7:19:be:47:10:5b:44:10:69:95:
06:09:8f:be:bc:80:d3:5c:ff:f5:6b:8c:a9:2a:a6:19:27:37:
86:33:77:b5:72:7e:9c:95:96:6d:c9:4a:58:13:cc:3d:21:70:
0f:a7:e0:74:62:bc:d5:3c:f8:b1:26:80:3a:9a:b8:bb:65:f3:
cf:c2:81:c2:20:1a:e2:cc:85:66:b4:99:e4:31:e1:e1:59:31:
b5:07:6e:a8:0d:aa:c2:4d:6b:2e:ff:88:d0:b0:bf:8a:2e:21:
52:b8:e2:96:37:4a:ba:48:2b:87:54:f9:a6:99:db:06:90:eb:
4c:de:b4:f6:8b:66:85:43:cf:68:a7:1e:49:36:99:6c:93:8b:
10:bf:e4:0a:63:09:92:28:3f:d3:02:5d:1b:9d:9c:60:c2:cc:
8d:f5:8f:fa:6a:7a:3e:cf:fe:0c:9c:e5:39:b7:47:08:97:ba:
05:12:2b:aa
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUD5Ai/sB5QAljtvr6Ju9qdZTZN6wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUwMmU2M2NlMDFjYWQyMzlhYzM5N2JjMmJiNWU2YzM0
N2RjZWVlYTAeFw0yNTA2MTExMDA3MjFaFw0yNjA2MTAxMDEyMjFaMDMxMTAvBgNV
BAMTKEI3MUNFREI2MUE2MDVDMTQzRkRFN0ZGMEU3RTlBQ0YzNjY3NEM5RDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCx69oHcUd9L+LFSUj9Ymtqotpw
L2Bloq1FjYpSAY+Xza3uhuwvIypfcj+f4bQcBNgD7lBfN9C0yhm3F32TKTUHAHbt
vrryFhzKY5nZzi0rAi2sfPDoy5303Z/oyn+/O4GakDGYA1VWy9UZfQGG0/93cQOa
/Rgux4B5iAE8fbwaAcnQuKP5hUw4fV1n2aGT8pRwUh5Dsis0JUW0Wg4wyX0zFCxX
sKpr6pX6eQURikG2DQaItNE4Cx1HrVBLfd8t8dOUr7mlhKnYV88KdjUQ0omMfiTC
CH1Hv0syZIpTEVcRHUL8sm6yDnPruA7ALRV48PMndXccg4m4VnqLNUjglGdVAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUtxztthpgXBQ/3n/w5+ms82Z0ydQwHwYDVR0j
BBgwFoAURQLmPOAcrSOaw5e8K7Xmw0fc7uowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOWRmMzNhNTctN2U0Zi00ODQ0LTg0ZTItYjcxNTNiNTUx
MWI0LzAvNDUwMkU2M0NFMDFDQUQyMzlBQzM5N0JDMkJCNUU2QzM0N0RDRUVFQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JRTG1QT0FjclNPYXc1ZThLN1htdzBm
Yzd1by5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOWRmMzNhNTct
N2U0Zi00ODQ0LTg0ZTItYjcxNTNiNTUxMWI0LzAvMzEzMDM5MmUzMTMwMzcyZTM1
MzYyZTMwMmYzMjMxMmQzMjMxMjAzZDNlMjAzMjMxMzQzMTM0MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BANtazgwDQYJKoZIhvcNAQELBQADggEBAAnqsdt9/Mwz6aN8UYmZaDcIw+J3066y
8OlENRg3sYK72N+A4TL03REGhsvjwELfN5vLhsa79Fp8TZpoJvy9IWeB7fhwBkU0
+rAhMEbjya5Vpxm+RxBbRBBplQYJj768gNNc//VrjKkqphknN4Yzd7VyfpyVlm3J
SlgTzD0hcA+n4HRivNU8+LEmgDqauLtl88/CgcIgGuLMhWa0meQx4eFZMbUHbqgN
qsJNay7/iNCwv4ouIVK44pY3SrpIK4dU+aaZ2waQ60zetPaLZoVDz2inHkk2mWyT
ixC/5ApjCZIoP9MCXRudnGDCzI31j/pqej7P/gyc5Tm3RwiXugUSK6o=
-----END CERTIFICATE-----
Generated at Sat Jun 14 22:21:08 2025 by rpki-client