Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3138302e302f32342d3234203d3e203232343237.roa
File: 3130392e3131302e3138302e302f32342d3234203d3e203232343237.roa (raw, json)
Hash identifier: TlC6dVVsEW+SM6iZfo4Rdh1ltZFjRbE6wOmSH1WcrQE=
Subject key identifier: 2A:7A:13:5A:F8:F8:E5:D4:67:95:0C:C7:03:63:D7:A5:1D:C7:12:12
Certificate issuer: /CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Certificate serial: 630779DE02C94EB877A2E16B156D8CD33D188618
Authority key identifier: 7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3138302e302f32342d3234203d3e203232343237.roa
Signing time: Fri 01 Aug 2025 07:56:58 +0000
ROA not before: Fri 01 Aug 2025 07:51:58 +0000
ROA not after: Fri 31 Jul 2026 07:56:58 +0000
asID: 22427
IP address blocks: 109.110.180.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.mft
rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 07 Aug 2025 06:47:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:07:79:de:02:c9:4e:b8:77:a2:e1:6b:15:6d:8c:d3:3d:18:86:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Validity
Not Before: Aug 1 07:51:58 2025 GMT
Not After : Jul 31 07:56:58 2026 GMT
Subject: CN=2A7A135AF8F8E5D467950CC70363D7A51DC71212
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:8e:a7:c3:69:91:44:c7:83:ea:25:c9:b2:13:
0c:e8:fc:c8:e4:da:f8:05:a1:7a:9f:88:39:b7:b6:
c7:53:51:15:30:cd:15:d5:3c:76:d7:00:42:67:17:
31:e1:ab:62:1f:23:b2:4e:8c:6a:41:e0:9f:22:25:
f7:71:69:b4:fc:35:ea:f0:38:bd:ff:41:b3:1d:ab:
a0:fd:c4:e6:8a:20:d6:5f:3f:0f:ee:0d:6c:6c:b9:
3a:ed:9c:2c:b6:87:ba:b5:83:01:18:95:95:7a:8f:
1e:8b:1d:8a:8e:b6:9b:c0:ce:92:d0:f6:d6:ef:05:
fa:c0:08:2f:de:48:84:2c:c9:2a:c5:1e:29:e7:a8:
3e:cb:5e:29:4a:f5:15:e5:87:29:de:ad:b2:7e:19:
e2:3d:88:63:a1:1d:ec:59:cb:d9:63:70:67:2e:16:
c3:3c:d2:6a:7e:6f:ca:7c:5f:bd:f6:5a:ca:0b:62:
a1:b9:b2:4e:19:77:52:63:8a:bd:00:f3:2f:e3:9a:
35:e9:3e:97:50:08:0e:22:3d:53:90:15:4c:fa:7b:
c7:56:7d:73:76:2e:9e:ea:7d:83:4a:6e:ea:f9:e7:
94:09:4d:5c:6a:d5:46:92:90:0b:b3:f3:34:7e:98:
21:71:ed:c5:24:53:d5:4f:4e:e4:85:eb:f7:7d:d8:
aa:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:7A:13:5A:F8:F8:E5:D4:67:95:0C:C7:03:63:D7:A5:1D:C7:12:12
X509v3 Authority Key Identifier:
keyid:7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3138302e302f32342d3234203d3e203232343237.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.110.180.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:29:14:15:41:fd:76:dd:af:88:29:1c:bc:6a:87:73:0d:11:
36:9e:10:bb:7b:b4:d9:93:5c:b9:c9:d7:02:a3:2b:f9:11:71:
49:06:6b:dc:21:07:12:4d:11:13:37:b5:81:7c:46:2b:57:70:
85:c8:06:34:94:84:e0:02:70:66:dc:8f:52:2a:95:e8:57:fe:
0d:fe:fd:99:e9:43:f0:db:c6:71:6a:eb:d3:2b:ad:f3:9b:6c:
5a:51:06:ce:d3:a5:5e:d2:ba:67:79:8e:42:27:ff:3d:93:1d:
31:ff:e6:aa:f3:ce:e8:3c:95:fc:d5:4a:94:44:ad:e5:16:2b:
f8:b5:5e:f0:28:be:22:3d:7e:c8:a2:7e:80:64:b7:3a:35:86:
7d:e8:0c:f8:a6:d1:b7:2d:ef:bc:04:9d:36:32:d6:5d:b6:1c:
a0:31:4e:51:3e:be:01:f5:da:84:f3:fa:56:23:b3:9e:b7:a1:
c7:64:dd:7c:66:8e:64:c6:59:c3:13:93:a7:b4:66:76:5c:3f:
bd:88:60:4c:0e:5b:56:da:79:80:ab:fa:72:47:da:17:27:e6:
e8:cc:ae:91:e4:9d:9e:56:63:8d:ba:f4:ac:f9:1a:49:ab:2f:
3f:9a:f9:f3:24:00:23:c4:25:f3:3e:35:96:68:e5:73:54:b2:
90:3b:3d:e2
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUYwd53gLJTrh3ouFrFW2M0z0YhhgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2FkZjYzZTM3NWIwYjc4NTA4MWI1OTQ1YjFkMThkOWRl
ODZlMGVmYzAeFw0yNTA4MDEwNzUxNThaFw0yNjA3MzEwNzU2NThaMDMxMTAvBgNV
BAMTKDJBN0ExMzVBRjhGOEU1RDQ2Nzk1MENDNzAzNjNEN0E1MURDNzEyMTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8jqfDaZFEx4PqJcmyEwzo/Mjk
2vgFoXqfiDm3tsdTURUwzRXVPHbXAEJnFzHhq2IfI7JOjGpB4J8iJfdxabT8Nerw
OL3/QbMdq6D9xOaKINZfPw/uDWxsuTrtnCy2h7q1gwEYlZV6jx6LHYqOtpvAzpLQ
9tbvBfrACC/eSIQsySrFHinnqD7LXilK9RXlhynerbJ+GeI9iGOhHexZy9ljcGcu
FsM80mp+b8p8X732WsoLYqG5sk4Zd1Jjir0A8y/jmjXpPpdQCA4iPVOQFUz6e8dW
fXN2Lp7qfYNKbur555QJTVxq1UaSkAuz8zR+mCFx7cUkU9VPTuSF6/d92KrVAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUKnoTWvj45dRnlQzHA2PXpR3HEhIwHwYDVR0j
BBgwFoAUet9j43Wwt4UIG1lFsdGNnehuDvwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQtOTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2Fi
MDAyLzAvN0FERjYzRTM3NUIwQjc4NTA4MUI1OTQ1QjFEMThEOURFODZFMEVGQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2V0OWo0M1d3dDRVSUcxbEZzZEdObmVo
dUR2dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQt
OTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2FiMDAyLzAvMzEzMDM5MmUzMTMxMzAyZTMx
MzgzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzIzNDMyMzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABtbrQwDQYJKoZIhvcNAQELBQADggEBAK4pFBVB/Xbdr4gpHLxqh3MNETaeELt7
tNmTXLnJ1wKjK/kRcUkGa9whBxJNERM3tYF8RitXcIXIBjSUhOACcGbcj1IqlehX
/g3+/ZnpQ/DbxnFq69MrrfObbFpRBs7TpV7Sumd5jkIn/z2THTH/5qrzzug8lfzV
SpREreUWK/i1XvAoviI9fsiifoBktzo1hn3oDPim0bct77wEnTYy1l22HKAxTlE+
vgH12oTz+lYjs563ocdk3XxmjmTGWcMTk6e0ZnZcP72IYEwOW1baeYCr+nJH2hcn
5ujMrpHknZ5WY4269Kz5GkmrLz+a+fMkACPEJfM+NZZo5XNUspA7PeI=
-----END CERTIFICATE-----
Generated at Wed Aug 6 10:10:17 2025 by rpki-client