Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/3130332e3134392e3136382e302f32342d3234203d3e20323135323438.roa
File: 3130332e3134392e3136382e302f32342d3234203d3e20323135323438.roa (raw, json)
Hash identifier: RPFyh+9f4VeLKwhSKFsibkww2V1WrimAJUdSq1OTL10=
Subject key identifier: 2B:42:7D:BB:EB:69:89:3C:9F:0C:9F:72:1C:25:D1:19:0C:BB:84:D9
Certificate issuer: /CN=5cdc04bb23eaa4cecc791dfe04bb028b7e797b68
Certificate serial: 739A8A8F4A3D06FCCD5B21763F8C3B28B9F3BEF9
Authority key identifier: 5C:DC:04:BB:23:EA:A4:CE:CC:79:1D:FE:04:BB:02:8B:7E:79:7B:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XNwEuyPqpM7MeR3-BLsCi355e2g.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/3130332e3134392e3136382e302f32342d3234203d3e20323135323438.roa
Signing time: Sun 08 Jun 2025 18:14:08 +0000
ROA not before: Sun 08 Jun 2025 18:09:08 +0000
ROA not after: Sun 07 Jun 2026 18:14:08 +0000
asID: 215248
IP address blocks: 103.149.168.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/5CDC04BB23EAA4CECC791DFE04BB028B7E797B68.crl
rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/5CDC04BB23EAA4CECC791DFE04BB028B7E797B68.mft
rsync://rpki.ripe.net/repository/DEFAULT/XNwEuyPqpM7MeR3-BLsCi355e2g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 11:24:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:9a:8a:8f:4a:3d:06:fc:cd:5b:21:76:3f:8c:3b:28:b9:f3:be:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cdc04bb23eaa4cecc791dfe04bb028b7e797b68
Validity
Not Before: Jun 8 18:09:08 2025 GMT
Not After : Jun 7 18:14:08 2026 GMT
Subject: CN=2B427DBBEB69893C9F0C9F721C25D1190CBB84D9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:5e:86:6b:5b:fa:68:d1:ba:40:09:54:f8:92:
d2:ae:36:8c:dc:21:1b:54:7c:70:fd:05:6a:58:73:
5e:4c:97:4b:ea:dc:af:f6:a8:ed:bd:01:a2:84:bf:
a6:70:c6:72:f5:48:8f:67:26:3a:4a:b2:c2:eb:e2:
27:ac:c1:98:72:07:2b:b5:11:90:4b:e0:c8:37:ae:
c1:ed:1d:d5:2f:35:ca:c2:24:21:c8:30:c9:e7:b2:
50:34:da:fe:6d:1b:56:80:ef:4f:50:cc:68:1d:62:
e7:bb:d1:4d:f0:8c:c4:c5:e4:bb:9f:8a:26:7d:86:
20:b4:d3:6e:9e:80:e3:94:9b:ae:4c:92:00:80:57:
f2:ba:cc:1d:ce:56:77:0e:9c:6b:8b:81:0c:d9:27:
32:78:12:04:f0:2c:11:79:c0:9a:fb:d1:4d:89:c0:
96:7d:b4:01:2e:81:23:49:72:f0:a1:c1:cc:aa:aa:
0b:8a:7b:59:25:99:17:b3:a7:46:42:74:d9:6f:f4:
fb:fa:a7:9b:2a:62:cb:a6:a0:99:04:f2:ff:6b:40:
e9:47:be:bd:79:b4:67:03:7d:ad:99:4c:ab:15:4d:
7f:56:35:5a:ea:a6:0a:8b:74:3b:1e:e1:ea:f3:ec:
64:8e:3b:b8:f3:11:76:79:62:20:44:3f:46:b9:22:
db:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:42:7D:BB:EB:69:89:3C:9F:0C:9F:72:1C:25:D1:19:0C:BB:84:D9
X509v3 Authority Key Identifier:
keyid:5C:DC:04:BB:23:EA:A4:CE:CC:79:1D:FE:04:BB:02:8B:7E:79:7B:68
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/5CDC04BB23EAA4CECC791DFE04BB028B7E797B68.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XNwEuyPqpM7MeR3-BLsCi355e2g.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/3130332e3134392e3136382e302f32342d3234203d3e20323135323438.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.149.168.0/24
Signature Algorithm: sha256WithRSAEncryption
ce:f0:8b:4a:4e:21:50:77:d9:0f:87:3a:83:ef:6e:55:e2:9d:
85:7a:f0:98:c3:16:9f:6d:66:82:98:a2:8e:4d:b1:37:1d:2a:
82:00:c0:b4:8d:c1:d4:7f:9b:c1:02:dd:e0:35:74:82:cd:7b:
a8:0d:69:57:f3:eb:4f:3f:f6:e8:3b:e5:6b:f5:f9:01:4c:7d:
24:5f:4a:a3:3c:ac:d4:36:56:df:b0:ec:73:a0:73:9b:44:fa:
87:53:2a:cb:26:94:a0:56:d6:5e:e1:ca:b6:e6:9d:7c:bc:71:
6f:20:87:50:d5:11:8f:90:0f:16:f2:be:b4:5b:9e:33:5a:0f:
5e:0a:42:38:a4:d6:7a:d1:e8:fe:b4:27:8d:b5:bc:4d:e2:5c:
39:89:60:ed:d9:45:84:47:9b:38:6f:92:e6:1d:b7:57:7b:c0:
df:b2:7e:64:50:87:56:89:8a:32:b8:41:58:5b:33:2f:11:96:
58:14:45:fc:d0:a3:03:86:64:df:8a:dc:44:94:39:ca:9c:ae:
17:df:c1:67:d8:d6:81:c3:aa:a1:85:bf:3a:24:de:51:8d:a8:
fa:ce:f1:3a:88:e9:3a:ba:c7:5c:07:01:55:0d:bd:5b:ac:e3:
19:81:32:0e:a4:6c:84:44:f5:83:3a:da:65:18:76:b1:43:71:
64:9c:4f:ac
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUc5qKj0o9BvzNWyF2P4w7KLnzvvkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWNkYzA0YmIyM2VhYTRjZWNjNzkxZGZlMDRiYjAyOGI3
ZTc5N2I2ODAeFw0yNTA2MDgxODA5MDhaFw0yNjA2MDcxODE0MDhaMDMxMTAvBgNV
BAMTKDJCNDI3REJCRUI2OTg5M0M5RjBDOUY3MjFDMjVEMTE5MENCQjg0RDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCVXoZrW/po0bpACVT4ktKuNozc
IRtUfHD9BWpYc15Ml0vq3K/2qO29AaKEv6ZwxnL1SI9nJjpKssLr4ieswZhyByu1
EZBL4Mg3rsHtHdUvNcrCJCHIMMnnslA02v5tG1aA709QzGgdYue70U3wjMTF5Luf
iiZ9hiC0026egOOUm65MkgCAV/K6zB3OVncOnGuLgQzZJzJ4EgTwLBF5wJr70U2J
wJZ9tAEugSNJcvChwcyqqguKe1klmRezp0ZCdNlv9Pv6p5sqYsumoJkE8v9rQOlH
vr15tGcDfa2ZTKsVTX9WNVrqpgqLdDse4erz7GSOO7jzEXZ5YiBEP0a5ItunAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUK0J9u+tpiTyfDJ9yHCXRGQy7hNkwHwYDVR0j
BBgwFoAUXNwEuyPqpM7MeR3+BLsCi355e2gwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2QxOWRiMjAtNDY1My00OGQ0LThmYzQtNTgwZDEzNjli
N2M0LzAvNUNEQzA0QkIyM0VBQTRDRUNDNzkxREZFMDRCQjAyOEI3RTc5N0I2OC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hOd0V1eVBxcE03TWVSMy1CTHNDaTM1
NWUyZy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2QxOWRiMjAt
NDY1My00OGQ0LThmYzQtNTgwZDEzNjliN2M0LzAvMzEzMDMzMmUzMTM0MzkyZTMx
MzYzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzNTMyMzQzOC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAGeVqDANBgkqhkiG9w0BAQsFAAOCAQEAzvCLSk4hUHfZD4c6g+9uVeKdhXrw
mMMWn21mgpiijk2xNx0qggDAtI3B1H+bwQLd4DV0gs17qA1pV/PrTz/26Dvla/X5
AUx9JF9Kozys1DZW37Dsc6Bzm0T6h1MqyyaUoFbWXuHKtuadfLxxbyCHUNURj5AP
FvK+tFueM1oPXgpCOKTWetHo/rQnjbW8TeJcOYlg7dlFhEebOG+S5h23V3vA37J+
ZFCHVomKMrhBWFszLxGWWBRF/NCjA4Zk34rcRJQ5ypyuF9/BZ9jWgcOqoYW/OiTe
UY2o+s7xOojpOrrHXAcBVQ29W6zjGYEyDqRshET1gzraZRh2sUNxZJxPrA==
-----END CERTIFICATE-----
Generated at Sun Jun 15 00:30:23 2025 by rpki-client