Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/3130332e34392e3132382e302f32342d3234203d3e20313531313036.roa
File: 3130332e34392e3132382e302f32342d3234203d3e20313531313036.roa (raw, json)
Hash identifier: JqZwwTv3XcFCl1IzFcnoBrVKvFS5JMd+d9rIxVN+6kI=
Subject key identifier: 83:D3:6C:A2:56:F4:1A:25:BD:AD:88:A4:C8:F2:9A:01:27:6D:AE:E7
Certificate issuer: /CN=c770f43358b97ba0aa9bdc62bbd511e90aeab29d
Certificate serial: 330F4695A42491BA28435CCC28DCB8B7FF02AE84
Authority key identifier: C7:70:F4:33:58:B9:7B:A0:AA:9B:DC:62:BB:D5:11:E9:0A:EA:B2:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x3D0M1i5e6Cqm9xiu9UR6Qrqsp0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/3130332e34392e3132382e302f32342d3234203d3e20313531313036.roa
Signing time: Thu 10 Apr 2025 14:26:45 +0000
ROA not before: Thu 10 Apr 2025 14:21:45 +0000
ROA not after: Thu 09 Apr 2026 14:26:45 +0000
asID: 151106
IP address blocks: 103.49.128.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/C770F43358B97BA0AA9BDC62BBD511E90AEAB29D.crl
rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/C770F43358B97BA0AA9BDC62BBD511E90AEAB29D.mft
rsync://rpki.ripe.net/repository/DEFAULT/x3D0M1i5e6Cqm9xiu9UR6Qrqsp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 30 Apr 2025 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:0f:46:95:a4:24:91:ba:28:43:5c:cc:28:dc:b8:b7:ff:02:ae:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c770f43358b97ba0aa9bdc62bbd511e90aeab29d
Validity
Not Before: Apr 10 14:21:45 2025 GMT
Not After : Apr 9 14:26:45 2026 GMT
Subject: CN=83D36CA256F41A25BDAD88A4C8F29A01276DAEE7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:97:a7:32:e9:91:1e:19:c7:1a:56:41:84:46:
33:53:9d:27:86:04:53:70:2a:a2:1a:a9:40:23:db:
80:d4:42:2e:f2:aa:cf:74:35:a8:a8:ac:33:bd:df:
8b:58:e6:cb:5b:c5:3a:16:90:92:70:22:7c:39:17:
1a:a8:56:2e:79:3e:44:2c:e4:84:0e:d6:e3:00:68:
61:b4:ef:71:7e:e9:de:58:4d:b3:39:f0:06:92:38:
27:c0:d0:4e:5e:ec:a5:d8:5b:ca:b1:2e:2a:fb:f7:
58:46:99:00:27:69:8a:d0:ee:9f:a9:78:48:56:96:
a6:bf:f8:23:34:7a:83:ce:7b:58:7f:b2:6d:2b:f2:
20:8d:4e:b1:8e:e6:19:bc:11:71:af:d1:5a:c8:e5:
55:fd:30:ad:9b:df:b8:a0:7d:97:93:ba:dd:f9:e7:
e5:68:c7:1c:9a:69:84:2e:0c:9a:f1:90:ea:54:0d:
ea:cf:37:3c:7e:12:a1:fe:47:7f:9f:9c:84:59:55:
bc:6f:58:19:14:5d:6c:fa:a4:29:94:cf:d7:d4:25:
42:42:ed:6b:8b:e7:9c:e1:c5:93:19:70:dd:da:aa:
66:b2:aa:7a:41:44:e5:d6:e9:db:d6:2b:cf:0a:3a:
a3:8c:d7:4d:64:e7:27:1f:b2:8b:b1:84:fd:a6:3f:
cf:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:D3:6C:A2:56:F4:1A:25:BD:AD:88:A4:C8:F2:9A:01:27:6D:AE:E7
X509v3 Authority Key Identifier:
keyid:C7:70:F4:33:58:B9:7B:A0:AA:9B:DC:62:BB:D5:11:E9:0A:EA:B2:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/C770F43358B97BA0AA9BDC62BBD511E90AEAB29D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x3D0M1i5e6Cqm9xiu9UR6Qrqsp0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/3130332e34392e3132382e302f32342d3234203d3e20313531313036.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.49.128.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:23:17:b5:64:97:9d:b5:00:a5:06:68:83:5e:62:1d:5c:23:
2e:69:cf:3f:95:66:b1:2d:27:d9:13:94:a5:d7:5a:7f:ea:06:
27:13:a7:b7:67:1e:93:10:28:50:4a:b7:10:f9:60:52:c1:1a:
ea:60:d2:ef:02:e0:90:4e:a5:dd:eb:9e:5c:85:bb:22:1e:2a:
3e:ef:fa:72:f4:78:85:7d:bd:fe:4f:db:3f:f5:55:da:3c:b2:
c4:36:db:43:99:ff:71:71:9f:24:b5:1f:fa:38:28:5e:ba:40:
ca:28:29:17:f1:7f:69:28:f4:96:24:d4:28:3c:f0:92:d7:4a:
60:95:e7:39:b6:e5:24:8c:12:24:37:37:bc:19:dd:11:43:cf:
7e:05:5b:8c:b6:7a:8a:c1:29:5e:88:48:08:b9:96:05:c4:22:
26:68:ed:b7:22:80:a9:d5:75:b0:65:32:78:10:a6:4c:5d:62:
df:c6:ce:f4:8f:77:b3:eb:63:ae:1b:b4:15:c7:db:7e:ff:fe:
43:ee:92:2a:33:01:90:7b:51:0b:3e:f9:12:70:57:bc:bc:70:
ca:02:05:41:f0:c3:d6:d9:83:37:4a:d1:3b:4a:b9:eb:90:86:
93:72:8c:c5:e2:13:4e:2f:39:35:3f:17:1c:9a:1f:cc:03:ad:
58:b2:bd:eb
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUMw9GlaQkkbooQ1zMKNy4t/8CroQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzc3MGY0MzM1OGI5N2JhMGFhOWJkYzYyYmJkNTExZTkw
YWVhYjI5ZDAeFw0yNTA0MTAxNDIxNDVaFw0yNjA0MDkxNDI2NDVaMDMxMTAvBgNV
BAMTKDgzRDM2Q0EyNTZGNDFBMjVCREFEODhBNEM4RjI5QTAxMjc2REFFRTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvl6cy6ZEeGccaVkGERjNTnSeG
BFNwKqIaqUAj24DUQi7yqs90NaiorDO934tY5stbxToWkJJwInw5FxqoVi55PkQs
5IQO1uMAaGG073F+6d5YTbM58AaSOCfA0E5e7KXYW8qxLir791hGmQAnaYrQ7p+p
eEhWlqa/+CM0eoPOe1h/sm0r8iCNTrGO5hm8EXGv0VrI5VX9MK2b37igfZeTut35
5+VoxxyaaYQuDJrxkOpUDerPNzx+EqH+R3+fnIRZVbxvWBkUXWz6pCmUz9fUJUJC
7WuL55zhxZMZcN3aqmayqnpBROXW6dvWK88KOqOM101k5ycfsouxhP2mP89BAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUg9Nsolb0GiW9rYikyPKaASdtrucwHwYDVR0j
BBgwFoAUx3D0M1i5e6Cqm9xiu9UR6Qrqsp0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZWFmZWJkYjQtNmYwYi00MDRiLTk4ZTItYTI2YmU5NGE2
NjIwLzAvQzc3MEY0MzM1OEI5N0JBMEFBOUJEQzYyQkJENTExRTkwQUVBQjI5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3gzRDBNMWk1ZTZDcW05eGl1OVVSNlFy
cXNwMC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZWFmZWJkYjQt
NmYwYi00MDRiLTk4ZTItYTI2YmU5NGE2NjIwLzAvMzEzMDMzMmUzNDM5MmUzMTMy
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM1MzEzMTMwMzYucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABnMYAwDQYJKoZIhvcNAQELBQADggEBAIwjF7Vkl521AKUGaINeYh1cIy5pzz+V
ZrEtJ9kTlKXXWn/qBicTp7dnHpMQKFBKtxD5YFLBGupg0u8C4JBOpd3rnlyFuyIe
Kj7v+nL0eIV9vf5P2z/1Vdo8ssQ220OZ/3FxnyS1H/o4KF66QMooKRfxf2ko9JYk
1Cg88JLXSmCV5zm25SSMEiQ3N7wZ3RFDz34FW4y2eorBKV6ISAi5lgXEIiZo7bci
gKnVdbBlMngQpkxdYt/GzvSPd7PrY64btBXH237//kPukiozAZB7UQs++RJwV7y8
cMoCBUHww9bZgzdK0TtKueuQhpNyjMXiE04vOTU/FxyaH8wDrViyves=
-----END CERTIFICATE-----
Generated at Tue Apr 29 08:30:46 2025 by rpki-client