Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3136362e302f32342d3234203d3e20323131343339.roa
File: 3130392e3131302e3136362e302f32342d3234203d3e20323131343339.roa (raw, json)
Hash identifier: 136kkhcnJMzMuohE+eIgopNDZLDBcD89yH2Ai4DaGOE=
Subject key identifier: 7E:3D:36:5A:F4:5A:1C:98:BB:2D:31:57:38:AB:2A:83:D3:5D:34:71
Certificate issuer: /CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Certificate serial: 5691C7FCCB79EF3D6D079ECBA0C12FF61199D857
Authority key identifier: 7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3136362e302f32342d3234203d3e20323131343339.roa
Signing time: Wed 23 Apr 2025 08:54:04 +0000
ROA not before: Wed 23 Apr 2025 08:49:04 +0000
ROA not after: Wed 22 Apr 2026 08:54:04 +0000
asID: 211439
IP address blocks: 109.110.166.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.mft
rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 07:41:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:91:c7:fc:cb:79:ef:3d:6d:07:9e:cb:a0:c1:2f:f6:11:99:d8:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Validity
Not Before: Apr 23 08:49:04 2025 GMT
Not After : Apr 22 08:54:04 2026 GMT
Subject: CN=7E3D365AF45A1C98BB2D315738AB2A83D35D3471
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:41:98:bb:fd:ca:b9:f3:18:19:af:c2:58:21:
a7:ae:14:5a:69:c9:a3:35:f6:ce:b5:45:b7:ab:ab:
3f:95:71:89:9b:83:e1:61:9e:fc:74:d9:5f:e5:8c:
8e:7b:84:ff:91:42:5d:73:36:80:21:07:c0:d1:04:
90:8c:22:0b:d4:ca:2b:ed:65:4e:bb:80:d6:fb:d3:
45:3e:0c:6d:9f:e7:82:5c:f4:a6:44:f2:23:f3:4a:
9d:26:ba:02:93:7e:ea:ea:b2:72:89:cb:7e:1a:37:
0d:f3:5d:36:7a:58:af:af:4a:0c:27:0b:83:63:ce:
90:5c:f5:5b:3c:e4:85:45:76:ad:85:04:89:37:ff:
00:66:d3:18:c4:50:91:e2:ab:ea:0c:24:db:7d:d7:
07:93:bc:67:b9:cb:d5:0b:53:f6:c6:b0:70:bf:ff:
6b:89:f0:f5:e2:68:b5:7c:e2:2d:fc:ac:73:03:2f:
ba:49:4e:35:d6:a5:ff:ab:58:a6:5c:85:7c:27:39:
e0:9f:18:ab:bc:2f:26:5f:07:4b:7e:4e:a7:eb:7d:
f1:fb:40:53:9a:7e:a2:0d:c9:50:b7:fb:49:ad:1f:
68:6e:f6:a3:3d:44:68:70:6b:63:52:9c:e7:db:16:
4f:78:21:c3:ad:3c:4b:83:bc:21:d9:36:ae:63:d4:
d4:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:3D:36:5A:F4:5A:1C:98:BB:2D:31:57:38:AB:2A:83:D3:5D:34:71
X509v3 Authority Key Identifier:
keyid:7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3136362e302f32342d3234203d3e20323131343339.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.110.166.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:66:ff:37:56:06:05:7f:11:86:d8:03:10:98:29:cb:74:9f:
12:93:9e:14:1b:f4:9f:97:5e:0c:cf:aa:b6:81:e6:15:17:6b:
84:1c:29:15:65:7d:2a:ff:1d:34:39:cd:a5:10:af:41:15:4c:
00:9f:b0:80:ee:46:4e:ac:48:1f:8b:97:8a:f7:a1:07:a0:c1:
c7:08:f5:41:24:2d:f4:90:69:00:5c:e9:4b:86:f1:00:ec:61:
86:79:b9:b1:0c:a7:80:d2:be:cc:48:c8:b6:ce:ec:f3:31:14:
57:8d:d2:c1:2c:fb:10:c5:a2:ee:1d:f0:a3:28:6b:eb:65:a0:
8d:97:2a:45:be:e5:91:85:38:b5:e1:3c:b6:a4:86:ff:62:a7:
dc:19:c2:3f:aa:48:87:95:e9:bc:c3:e0:5e:be:15:10:73:b0:
34:2b:28:39:c5:07:ff:6c:f5:71:58:25:c4:de:14:e2:e4:96:
d8:9e:af:83:40:59:a7:24:b8:20:dc:1e:79:84:37:48:65:86:
04:d2:85:d4:c3:55:14:40:4b:6b:22:10:c0:86:2f:82:87:cf:
d7:f8:8f:57:00:68:52:d9:76:37:d8:a7:87:0b:20:29:a3:e1:
21:23:a8:c6:52:f7:bf:a3:0f:cd:de:95:c3:35:a4:c4:a6:76:
97:90:23:00
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUVpHH/Mt57z1tB57LoMEv9hGZ2FcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2FkZjYzZTM3NWIwYjc4NTA4MWI1OTQ1YjFkMThkOWRl
ODZlMGVmYzAeFw0yNTA0MjMwODQ5MDRaFw0yNjA0MjIwODU0MDRaMDMxMTAvBgNV
BAMTKDdFM0QzNjVBRjQ1QTFDOThCQjJEMzE1NzM4QUIyQTgzRDM1RDM0NzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDsQZi7/cq58xgZr8JYIaeuFFpp
yaM19s61Rberqz+VcYmbg+Fhnvx02V/ljI57hP+RQl1zNoAhB8DRBJCMIgvUyivt
ZU67gNb700U+DG2f54Jc9KZE8iPzSp0mugKTfurqsnKJy34aNw3zXTZ6WK+vSgwn
C4NjzpBc9Vs85IVFdq2FBIk3/wBm0xjEUJHiq+oMJNt91weTvGe5y9ULU/bGsHC/
/2uJ8PXiaLV84i38rHMDL7pJTjXWpf+rWKZchXwnOeCfGKu8LyZfB0t+TqfrffH7
QFOafqINyVC3+0mtH2hu9qM9RGhwa2NSnOfbFk94IcOtPEuDvCHZNq5j1NSLAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUfj02WvRaHJi7LTFXOKsqg9NdNHEwHwYDVR0j
BBgwFoAUet9j43Wwt4UIG1lFsdGNnehuDvwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQtOTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2Fi
MDAyLzAvN0FERjYzRTM3NUIwQjc4NTA4MUI1OTQ1QjFEMThEOURFODZFMEVGQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2V0OWo0M1d3dDRVSUcxbEZzZEdObmVo
dUR2dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQt
OTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2FiMDAyLzAvMzEzMDM5MmUzMTMxMzAyZTMx
MzYzNjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMTM0MzMzOS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAG1upjANBgkqhkiG9w0BAQsFAAOCAQEAb2b/N1YGBX8RhtgDEJgpy3SfEpOe
FBv0n5deDM+qtoHmFRdrhBwpFWV9Kv8dNDnNpRCvQRVMAJ+wgO5GTqxIH4uXiveh
B6DBxwj1QSQt9JBpAFzpS4bxAOxhhnm5sQyngNK+zEjIts7s8zEUV43SwSz7EMWi
7h3woyhr62WgjZcqRb7lkYU4teE8tqSG/2Kn3BnCP6pIh5XpvMPgXr4VEHOwNCso
OcUH/2z1cVglxN4U4uSW2J6vg0BZpyS4INweeYQ3SGWGBNKF1MNVFEBLayIQwIYv
gofP1/iPVwBoUtl2N9inhwsgKaPhISOoxlL3v6MPzd6VwzWkxKZ2l5AjAA==
-----END CERTIFICATE-----
Generated at Sun Apr 27 23:06:26 2025 by rpki-client