Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/3130332e3134392e3136392e302f32342d3234203d3e203239303636.roa
File: 3130332e3134392e3136392e302f32342d3234203d3e203239303636.roa (raw, json)
Hash identifier: maEEcKFpE2t04MDS7J/KRiM4ruTlWUrzhdkOt++OWAY=
Subject key identifier: D1:DF:C7:57:EF:68:95:3F:49:43:DD:24:B4:A5:66:BA:BB:3E:2B:B6
Certificate issuer: /CN=5cdc04bb23eaa4cecc791dfe04bb028b7e797b68
Certificate serial: 64B1FA33E711311AA53F51A7901B5F1305A9F41A
Authority key identifier: 5C:DC:04:BB:23:EA:A4:CE:CC:79:1D:FE:04:BB:02:8B:7E:79:7B:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XNwEuyPqpM7MeR3-BLsCi355e2g.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/3130332e3134392e3136392e302f32342d3234203d3e203239303636.roa
Signing time: Tue 10 Jun 2025 17:33:33 +0000
ROA not before: Tue 10 Jun 2025 17:28:33 +0000
ROA not after: Tue 09 Jun 2026 17:33:33 +0000
asID: 29066
IP address blocks: 103.149.169.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/5CDC04BB23EAA4CECC791DFE04BB028B7E797B68.crl
rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/5CDC04BB23EAA4CECC791DFE04BB028B7E797B68.mft
rsync://rpki.ripe.net/repository/DEFAULT/XNwEuyPqpM7MeR3-BLsCi355e2g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 16 Jun 2025 04:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:b1:fa:33:e7:11:31:1a:a5:3f:51:a7:90:1b:5f:13:05:a9:f4:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cdc04bb23eaa4cecc791dfe04bb028b7e797b68
Validity
Not Before: Jun 10 17:28:33 2025 GMT
Not After : Jun 9 17:33:33 2026 GMT
Subject: CN=D1DFC757EF68953F4943DD24B4A566BABB3E2BB6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:8b:b9:ee:02:3d:65:47:e9:03:d6:1a:e7:88:
40:00:b8:84:3a:03:5f:c7:55:b0:c7:6e:3f:17:82:
23:e9:43:7f:7e:c6:6a:f9:40:35:56:92:14:28:66:
70:8f:98:a8:20:ad:5c:6d:6c:54:45:cb:dd:7c:76:
25:16:86:00:19:85:59:fd:d8:3d:fd:75:b7:1b:19:
da:c8:93:c3:c6:10:c5:c2:e9:ac:91:b0:51:dc:26:
a9:f1:6f:dd:52:f1:a3:d4:4e:42:60:95:b9:1a:24:
ba:23:d0:b9:0a:bc:ed:82:08:0d:ce:bc:5d:b6:93:
b8:a7:ff:c9:c6:5e:57:de:4e:ba:29:21:66:7e:5b:
9f:bf:86:c0:76:83:af:f4:0a:9d:b7:85:5a:fd:4e:
0e:46:60:7d:d6:a5:da:8f:4b:2a:c4:17:bd:67:88:
b4:34:6e:d8:38:36:a8:7e:b3:08:fa:a3:70:a5:b1:
02:bf:d3:cb:ce:66:77:d7:b7:f8:0e:2a:df:42:3d:
d4:c5:ca:69:5e:64:b1:b1:0a:a1:a7:5e:32:91:f3:
85:ee:47:0d:97:d0:cd:2c:ab:11:e0:a3:83:7c:97:
06:65:61:9e:f6:68:cf:a5:af:5f:5f:f1:3e:ad:bd:
25:41:4f:f4:56:bf:55:01:fa:e0:8f:b7:8c:9d:f7:
a3:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:DF:C7:57:EF:68:95:3F:49:43:DD:24:B4:A5:66:BA:BB:3E:2B:B6
X509v3 Authority Key Identifier:
keyid:5C:DC:04:BB:23:EA:A4:CE:CC:79:1D:FE:04:BB:02:8B:7E:79:7B:68
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/5CDC04BB23EAA4CECC791DFE04BB028B7E797B68.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XNwEuyPqpM7MeR3-BLsCi355e2g.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/3130332e3134392e3136392e302f32342d3234203d3e203239303636.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.149.169.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:27:d9:57:30:9f:0b:af:ac:94:83:17:5c:c1:46:da:c5:7b:
40:97:58:dd:4a:46:96:e2:90:e2:ce:bd:ca:aa:3b:99:0a:88:
a8:28:92:93:17:f5:1c:aa:18:6c:4c:43:cb:03:95:1c:9f:0c:
28:1d:9b:be:dc:56:28:7d:fd:a6:4f:bc:e6:45:eb:a7:cb:b9:
62:24:92:7c:09:3a:0c:83:37:f0:a4:24:f9:b3:b9:9f:fe:df:
5f:8b:5f:ef:9b:ec:9f:d0:6b:e7:8c:67:96:46:4a:94:fd:42:
42:e3:5a:42:c6:26:23:cc:81:ca:37:97:8e:bc:2a:2e:f3:65:
79:76:46:98:c1:cd:4e:19:f4:21:5d:c7:f0:a2:b8:5e:fd:93:
ca:57:35:46:5e:67:bc:e8:35:65:4d:7f:ff:e1:f3:2d:62:84:
f6:5f:65:94:34:bb:b3:c3:d1:f5:74:16:cd:73:31:24:b9:9c:
e7:7d:e9:7d:10:3c:1b:88:18:89:f3:3c:89:d5:88:ff:a5:7e:
5b:79:e5:f0:4f:19:1b:ec:ce:52:3e:f2:ef:d8:9b:c0:f9:19:
5f:a9:51:db:4f:98:92:25:6f:2d:d3:e4:7c:0d:e9:c3:65:ff:
fe:92:3f:5d:94:ac:a9:71:57:03:92:87:1a:d2:9e:8c:0e:44:
6c:4e:42:74
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUZLH6M+cRMRqlP1GnkBtfEwWp9BowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWNkYzA0YmIyM2VhYTRjZWNjNzkxZGZlMDRiYjAyOGI3
ZTc5N2I2ODAeFw0yNTA2MTAxNzI4MzNaFw0yNjA2MDkxNzMzMzNaMDMxMTAvBgNV
BAMTKEQxREZDNzU3RUY2ODk1M0Y0OTQzREQyNEI0QTU2NkJBQkIzRTJCQjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsi7nuAj1lR+kD1hrniEAAuIQ6
A1/HVbDHbj8XgiPpQ39+xmr5QDVWkhQoZnCPmKggrVxtbFRFy918diUWhgAZhVn9
2D39dbcbGdrIk8PGEMXC6ayRsFHcJqnxb91S8aPUTkJglbkaJLoj0LkKvO2CCA3O
vF22k7in/8nGXlfeTropIWZ+W5+/hsB2g6/0Cp23hVr9Tg5GYH3WpdqPSyrEF71n
iLQ0btg4Nqh+swj6o3ClsQK/08vOZnfXt/gOKt9CPdTFymleZLGxCqGnXjKR84Xu
Rw2X0M0sqxHgo4N8lwZlYZ72aM+lr19f8T6tvSVBT/RWv1UB+uCPt4yd96PXAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU0d/HV+9olT9JQ90ktKVmurs+K7YwHwYDVR0j
BBgwFoAUXNwEuyPqpM7MeR3+BLsCi355e2gwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2QxOWRiMjAtNDY1My00OGQ0LThmYzQtNTgwZDEzNjli
N2M0LzAvNUNEQzA0QkIyM0VBQTRDRUNDNzkxREZFMDRCQjAyOEI3RTc5N0I2OC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hOd0V1eVBxcE03TWVSMy1CTHNDaTM1
NWUyZy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2QxOWRiMjAt
NDY1My00OGQ0LThmYzQtNTgwZDEzNjliN2M0LzAvMzEzMDMzMmUzMTM0MzkyZTMx
MzYzOTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzkzMDM2MzYucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABnlakwDQYJKoZIhvcNAQELBQADggEBABwn2VcwnwuvrJSDF1zBRtrFe0CXWN1K
RpbikOLOvcqqO5kKiKgokpMX9RyqGGxMQ8sDlRyfDCgdm77cVih9/aZPvOZF66fL
uWIkknwJOgyDN/CkJPmzuZ/+31+LX++b7J/Qa+eMZ5ZGSpT9QkLjWkLGJiPMgco3
l468Ki7zZXl2RpjBzU4Z9CFdx/CiuF79k8pXNUZeZ7zoNWVNf//h8y1ihPZfZZQ0
u7PD0fV0Fs1zMSS5nOd96X0QPBuIGInzPInViP+lflt55fBPGRvszlI+8u/Ym8D5
GV+pUdtPmJIlby3T5HwN6cNl//6SP12UrKlxVwOShxrSnowORGxOQnQ=
-----END CERTIFICATE-----
Generated at Sun Jun 15 11:49:08 2025 by rpki-client