Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/3130332e34392e3132382e302f32342d3234203d3e20313534303439.roa
File: 3130332e34392e3132382e302f32342d3234203d3e20313534303439.roa (raw, json)
Hash identifier: RP7fF4ljaFnG1QBw6wHJTYmQiSzsC+UtOPXQULgrH/c=
Subject key identifier: B9:DF:00:E0:E6:65:5F:F6:F2:ED:8F:C5:C1:3D:41:D4:C4:31:5A:85
Certificate issuer: /CN=c770f43358b97ba0aa9bdc62bbd511e90aeab29d
Certificate serial: 2061E0BA99714F9C3771EAA5EE8CAF53A0744599
Authority key identifier: C7:70:F4:33:58:B9:7B:A0:AA:9B:DC:62:BB:D5:11:E9:0A:EA:B2:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x3D0M1i5e6Cqm9xiu9UR6Qrqsp0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/3130332e34392e3132382e302f32342d3234203d3e20313534303439.roa
Signing time: Mon 04 Aug 2025 17:26:50 +0000
ROA not before: Mon 04 Aug 2025 17:21:50 +0000
ROA not after: Mon 03 Aug 2026 17:26:50 +0000
asID: 154049
IP address blocks: 103.49.128.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/C770F43358B97BA0AA9BDC62BBD511E90AEAB29D.crl
rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/C770F43358B97BA0AA9BDC62BBD511E90AEAB29D.mft
rsync://rpki.ripe.net/repository/DEFAULT/x3D0M1i5e6Cqm9xiu9UR6Qrqsp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 10 Aug 2025 05:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:61:e0:ba:99:71:4f:9c:37:71:ea:a5:ee:8c:af:53:a0:74:45:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c770f43358b97ba0aa9bdc62bbd511e90aeab29d
Validity
Not Before: Aug 4 17:21:50 2025 GMT
Not After : Aug 3 17:26:50 2026 GMT
Subject: CN=B9DF00E0E6655FF6F2ED8FC5C13D41D4C4315A85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:51:54:bb:4e:8b:c9:ee:20:9e:60:de:af:a9:
e6:82:13:b2:65:1e:9f:31:21:cf:c3:e8:f9:c8:d2:
47:b1:81:75:c1:45:b8:eb:97:f2:f7:c1:83:4a:09:
2a:98:83:93:fb:d9:31:b7:08:14:9d:57:86:3c:32:
26:59:cb:10:77:3c:20:bd:5f:c2:7b:a5:d0:8b:b7:
99:59:22:51:e7:1e:07:a8:d7:8d:24:5b:14:b5:72:
63:65:86:cb:2b:fd:56:29:ab:47:eb:0b:22:3b:10:
0d:4f:af:1e:f1:9c:00:2b:07:e3:85:a7:ff:1e:e1:
cb:c9:57:f4:27:7e:0d:6c:98:ab:43:ef:4b:7c:4f:
4e:af:ce:09:a8:82:f5:96:91:87:c4:3c:6e:df:4f:
ca:8b:0c:0b:1e:45:bc:61:83:68:07:53:d0:07:52:
c8:5c:05:1e:e2:66:45:ac:59:bf:b5:87:4c:20:1b:
cc:63:df:8a:65:3d:97:bf:b3:09:24:f6:22:8f:45:
9e:9d:bd:e4:93:19:2c:e7:e8:e0:55:3a:ba:4c:5c:
5c:99:1f:c8:d0:2a:a6:7a:5b:9b:36:82:36:c0:9d:
98:ce:ce:17:23:bf:a3:bf:5a:83:81:e6:b3:68:2b:
33:c7:7f:5f:38:f3:c2:86:48:04:76:f6:3b:9c:be:
e8:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:DF:00:E0:E6:65:5F:F6:F2:ED:8F:C5:C1:3D:41:D4:C4:31:5A:85
X509v3 Authority Key Identifier:
keyid:C7:70:F4:33:58:B9:7B:A0:AA:9B:DC:62:BB:D5:11:E9:0A:EA:B2:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/C770F43358B97BA0AA9BDC62BBD511E90AEAB29D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x3D0M1i5e6Cqm9xiu9UR6Qrqsp0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/3130332e34392e3132382e302f32342d3234203d3e20313534303439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.49.128.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:86:fe:96:6c:be:9c:b2:ff:d4:4e:03:4d:2a:28:4f:25:e3:
62:5a:5c:d6:df:52:4a:83:e2:19:c3:08:81:c2:d7:79:d1:c7:
37:31:1e:3b:b2:b9:85:d1:08:bf:1e:cf:45:51:41:84:f6:c2:
7d:d4:02:6e:d3:bc:79:ff:18:8c:0b:d2:3f:93:b6:7f:61:cd:
1b:40:d8:6f:b0:44:66:9c:0b:e1:e7:a3:c0:a2:ba:fd:33:23:
53:47:cd:a4:82:0a:16:88:19:b4:39:39:4a:ec:7d:94:7c:86:
c8:0e:e3:2e:bb:22:d7:11:53:d8:6d:06:d0:e0:d8:c6:fc:37:
70:0e:21:99:0d:62:f3:ab:f4:9a:03:d7:de:e6:71:c2:23:83:
67:15:90:4c:07:4f:46:ca:b4:9e:ac:ec:d4:5e:47:66:0d:18:
19:64:af:49:80:33:4b:96:e2:a8:4d:19:e6:db:86:8f:5c:62:
70:cc:4d:31:31:c7:5c:1e:f4:ed:3f:e4:bf:79:30:8b:71:83:
3b:f6:d8:e5:74:8e:7b:56:33:6d:19:62:8b:57:40:eb:68:aa:
b1:0e:d1:a4:6f:96:7b:9e:94:05:59:c6:69:fc:dd:95:d1:4f:
f6:77:b6:ff:10:d0:32:65:a6:18:36:5c:54:c2:26:64:99:44:
22:3c:b2:bc
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUIGHguplxT5w3ceql7oyvU6B0RZkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzc3MGY0MzM1OGI5N2JhMGFhOWJkYzYyYmJkNTExZTkw
YWVhYjI5ZDAeFw0yNTA4MDQxNzIxNTBaFw0yNjA4MDMxNzI2NTBaMDMxMTAvBgNV
BAMTKEI5REYwMEUwRTY2NTVGRjZGMkVEOEZDNUMxM0Q0MUQ0QzQzMTVBODUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+UVS7TovJ7iCeYN6vqeaCE7Jl
Hp8xIc/D6PnI0kexgXXBRbjrl/L3wYNKCSqYg5P72TG3CBSdV4Y8MiZZyxB3PCC9
X8J7pdCLt5lZIlHnHgeo140kWxS1cmNlhssr/VYpq0frCyI7EA1Prx7xnAArB+OF
p/8e4cvJV/Qnfg1smKtD70t8T06vzgmogvWWkYfEPG7fT8qLDAseRbxhg2gHU9AH
UshcBR7iZkWsWb+1h0wgG8xj34plPZe/swkk9iKPRZ6dveSTGSzn6OBVOrpMXFyZ
H8jQKqZ6W5s2gjbAnZjOzhcjv6O/WoOB5rNoKzPHf18488KGSAR29jucvui7AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUud8A4OZlX/by7Y/FwT1B1MQxWoUwHwYDVR0j
BBgwFoAUx3D0M1i5e6Cqm9xiu9UR6Qrqsp0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZWFmZWJkYjQtNmYwYi00MDRiLTk4ZTItYTI2YmU5NGE2
NjIwLzAvQzc3MEY0MzM1OEI5N0JBMEFBOUJEQzYyQkJENTExRTkwQUVBQjI5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3gzRDBNMWk1ZTZDcW05eGl1OVVSNlFy
cXNwMC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZWFmZWJkYjQt
NmYwYi00MDRiLTk4ZTItYTI2YmU5NGE2NjIwLzAvMzEzMDMzMmUzNDM5MmUzMTMy
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM1MzQzMDM0Mzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABnMYAwDQYJKoZIhvcNAQELBQADggEBADuG/pZsvpyy/9ROA00qKE8l42JaXNbf
UkqD4hnDCIHC13nRxzcxHjuyuYXRCL8ez0VRQYT2wn3UAm7TvHn/GIwL0j+Ttn9h
zRtA2G+wRGacC+Hno8Ciuv0zI1NHzaSCChaIGbQ5OUrsfZR8hsgO4y67ItcRU9ht
BtDg2Mb8N3AOIZkNYvOr9JoD197mccIjg2cVkEwHT0bKtJ6s7NReR2YNGBlkr0mA
M0uW4qhNGebbho9cYnDMTTExx1we9O0/5L95MItxgzv22OV0jntWM20ZYotXQOto
qrEO0aRvlnuelAVZxmn83ZXRT/Z3tv8Q0DJlphg2XFTCJmSZRCI8srw=
-----END CERTIFICATE-----
Generated at Sat Aug 9 10:32:28 2025 by rpki-client