Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3138392e302f32342d3234203d3e203432393630.roa
File: 3130392e3131302e3138392e302f32342d3234203d3e203432393630.roa (raw, json)
Hash identifier: JcPeWdViDXAvwWNaUvQvauH7+vDVqaqz4r+IPDrafOs=
Subject key identifier: EE:4C:0C:FA:0C:40:6A:8A:9C:01:DD:09:59:2A:2F:F0:97:54:7B:F5
Certificate issuer: /CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Certificate serial: 7AAA3FE703E4C5436816C30A1E04CEBDC8AF4715
Authority key identifier: 7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3138392e302f32342d3234203d3e203432393630.roa
Signing time: Sun 13 Apr 2025 10:08:45 +0000
ROA not before: Sun 13 Apr 2025 10:03:45 +0000
ROA not after: Sun 12 Apr 2026 10:08:45 +0000
asID: 42960
IP address blocks: 109.110.189.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.mft
rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:aa:3f:e7:03:e4:c5:43:68:16:c3:0a:1e:04:ce:bd:c8:af:47:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Validity
Not Before: Apr 13 10:03:45 2025 GMT
Not After : Apr 12 10:08:45 2026 GMT
Subject: CN=EE4C0CFA0C406A8A9C01DD09592A2FF097547BF5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:4e:28:92:b6:56:3f:cc:9a:f9:d2:d2:18:f2:
61:55:f4:53:09:0d:95:74:1b:91:18:03:db:08:56:
db:a6:93:76:e2:b7:5a:0f:51:8e:c2:98:cc:1b:8d:
03:b3:01:27:d2:ce:d0:bc:07:72:d4:07:34:2c:ef:
88:a7:6d:79:fd:87:35:20:bb:38:92:01:9e:f8:fd:
f2:9d:f9:7f:56:a6:16:d6:e1:d0:6d:a1:c5:a7:85:
0b:99:28:fa:dd:03:f9:81:3f:6b:d8:15:49:92:45:
03:80:40:db:61:c9:52:5e:aa:9e:15:f3:fb:65:00:
41:85:41:a4:76:c0:44:35:7f:19:f7:af:6d:89:43:
f7:b3:82:d7:2c:25:ec:c1:9e:c2:8c:14:fc:a5:e3:
c6:c5:44:58:68:6d:60:27:92:c4:5a:6b:69:c5:0b:
75:77:9c:f0:55:8d:9f:e3:ec:8b:fb:a9:88:74:0e:
c2:f0:26:aa:30:23:30:8c:75:4a:81:6b:31:2f:b2:
4e:9d:f8:82:00:50:56:b2:05:56:77:da:8c:55:8e:
22:07:6f:b2:30:89:4a:93:92:be:f4:a5:e2:9e:d3:
bf:55:8c:b9:8e:5a:a0:8f:e3:35:99:94:33:cf:89:
a1:19:e6:93:7e:c6:f9:79:6e:94:97:c7:2a:d8:06:
66:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:4C:0C:FA:0C:40:6A:8A:9C:01:DD:09:59:2A:2F:F0:97:54:7B:F5
X509v3 Authority Key Identifier:
keyid:7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3138392e302f32342d3234203d3e203432393630.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.110.189.0/24
Signature Algorithm: sha256WithRSAEncryption
10:3d:b3:95:81:05:59:da:18:f3:9d:4a:90:37:f6:5d:bc:4a:
92:e0:2d:df:e1:1a:92:1b:1f:53:39:9e:52:f6:30:f4:97:dd:
25:e4:a8:bb:c7:3b:a3:c9:13:f4:e9:e3:df:cd:fd:74:88:cc:
0f:48:b4:c4:01:ec:24:f9:4a:2c:ae:45:66:3e:46:02:6f:51:
de:26:b9:5b:bf:47:de:95:cc:9e:e8:62:19:eb:92:77:2d:09:
38:42:88:b9:e9:79:d2:a1:ae:d9:2c:f9:b5:a3:f8:87:61:ab:
db:4d:8a:3a:f1:03:47:75:6f:d2:08:2c:9b:44:b5:68:c2:13:
fc:18:f1:64:58:4b:b4:00:e8:0c:59:50:56:1c:c3:5e:85:0e:
42:13:e4:06:98:24:43:a0:6e:85:c1:d5:69:7c:31:47:d9:f2:
16:f0:2b:ff:30:a6:44:0e:02:44:e5:10:13:9e:97:9c:ff:36:
21:bf:3f:20:37:08:aa:91:f9:4d:b8:49:17:c4:87:75:ef:f3:
c9:92:54:42:9c:a2:ba:a1:50:0c:e7:49:2d:47:e9:41:bc:b0:
44:4f:9f:a9:44:da:45:ed:82:dd:22:41:d5:74:01:f7:f7:ee:
97:6e:0e:26:e7:a3:34:7e:5f:69:bb:6d:51:82:ea:26:ea:55:
e7:1b:6e:80
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUeqo/5wPkxUNoFsMKHgTOvcivRxUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2FkZjYzZTM3NWIwYjc4NTA4MWI1OTQ1YjFkMThkOWRl
ODZlMGVmYzAeFw0yNTA0MTMxMDAzNDVaFw0yNjA0MTIxMDA4NDVaMDMxMTAvBgNV
BAMTKEVFNEMwQ0ZBMEM0MDZBOEE5QzAxREQwOTU5MkEyRkYwOTc1NDdCRjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCUTiiStlY/zJr50tIY8mFV9FMJ
DZV0G5EYA9sIVtumk3bit1oPUY7CmMwbjQOzASfSztC8B3LUBzQs74inbXn9hzUg
uziSAZ74/fKd+X9WphbW4dBtocWnhQuZKPrdA/mBP2vYFUmSRQOAQNthyVJeqp4V
8/tlAEGFQaR2wEQ1fxn3r22JQ/ezgtcsJezBnsKMFPyl48bFRFhobWAnksRaa2nF
C3V3nPBVjZ/j7Iv7qYh0DsLwJqowIzCMdUqBazEvsk6d+IIAUFayBVZ32oxVjiIH
b7IwiUqTkr70peKe079VjLmOWqCP4zWZlDPPiaEZ5pN+xvl5bpSXxyrYBma5AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU7kwM+gxAaoqcAd0JWSov8JdUe/UwHwYDVR0j
BBgwFoAUet9j43Wwt4UIG1lFsdGNnehuDvwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQtOTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2Fi
MDAyLzAvN0FERjYzRTM3NUIwQjc4NTA4MUI1OTQ1QjFEMThEOURFODZFMEVGQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2V0OWo0M1d3dDRVSUcxbEZzZEdObmVo
dUR2dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQt
OTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2FiMDAyLzAvMzEzMDM5MmUzMTMxMzAyZTMx
MzgzOTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzIzOTM2MzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABtbr0wDQYJKoZIhvcNAQELBQADggEBABA9s5WBBVnaGPOdSpA39l28SpLgLd/h
GpIbH1M5nlL2MPSX3SXkqLvHO6PJE/Tp49/N/XSIzA9ItMQB7CT5SiyuRWY+RgJv
Ud4muVu/R96VzJ7oYhnrknctCThCiLnpedKhrtks+bWj+Idhq9tNijrxA0d1b9II
LJtEtWjCE/wY8WRYS7QA6AxZUFYcw16FDkIT5AaYJEOgboXB1Wl8MUfZ8hbwK/8w
pkQOAkTlEBOel5z/NiG/PyA3CKqR+U24SRfEh3Xv88mSVEKcorqhUAznSS1H6UG8
sERPn6lE2kXtgt0iQdV0Aff37pduDibnozR+X2m7bVGC6ibqVecbboA=
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:15:46 2025 by rpki-client