Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3138372e302f32342d3234203d3e20323030303137.roa
File: 3130392e3131302e3138372e302f32342d3234203d3e20323030303137.roa (raw, json)
Hash identifier: QcvgZlgEdJU0vp8+Luo3RgEQoRzZIMsUQNrstju6pog=
Subject key identifier: BB:B7:E5:10:A1:CD:A0:C3:7A:4E:8A:E8:B2:67:FA:F4:10:D9:39:FA
Certificate issuer: /CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Certificate serial: 7B24427B37838724576FE156096D452FEBD3DE10
Authority key identifier: 7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3138372e302f32342d3234203d3e20323030303137.roa
Signing time: Wed 30 Apr 2025 13:30:38 +0000
ROA not before: Wed 30 Apr 2025 13:25:38 +0000
ROA not after: Wed 29 Apr 2026 13:30:38 +0000
asID: 200017
IP address blocks: 109.110.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.mft
rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 11 May 2025 13:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:24:42:7b:37:83:87:24:57:6f:e1:56:09:6d:45:2f:eb:d3:de:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Validity
Not Before: Apr 30 13:25:38 2025 GMT
Not After : Apr 29 13:30:38 2026 GMT
Subject: CN=BBB7E510A1CDA0C37A4E8AE8B267FAF410D939FA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:c1:41:19:50:61:cc:a7:0d:d2:11:d7:8c:53:
60:ef:72:ba:a6:f0:d1:77:6f:70:1a:34:92:a8:ff:
a0:8c:f8:3b:f5:9f:cf:c9:29:67:7c:f8:6d:07:ce:
97:a2:49:32:d0:ad:cc:30:39:83:c7:fa:c7:1c:15:
9e:81:b4:ff:eb:7a:0a:99:fc:0f:6e:2f:d4:82:9a:
f2:b4:b9:9e:e1:3c:e2:4f:68:5b:42:06:50:6e:a1:
59:fd:05:b7:3e:c5:0f:ac:2c:8b:d2:fc:82:f5:da:
41:a0:4c:af:cf:3d:75:c2:8f:d4:f1:82:46:f6:91:
62:de:cb:d9:c2:0d:c8:dc:a4:0d:7a:4d:79:46:6f:
79:60:af:75:b2:ad:d9:9d:79:8e:7c:e5:a6:c2:2f:
80:c4:f2:9c:66:8f:a7:e9:fc:e4:42:f0:7d:e2:19:
35:91:2f:1c:ae:e2:6b:85:fd:2b:a8:5a:8f:63:57:
5f:58:bd:a4:28:be:6b:0c:3d:87:3a:4f:06:08:cb:
c3:21:d3:8d:da:64:58:63:0b:ef:4b:00:6a:c3:fd:
28:e2:81:ad:44:cb:9c:f7:b9:8a:1d:c2:ff:54:9b:
4c:f5:45:0c:f7:d7:b9:17:d0:dc:63:91:82:d3:f6:
e2:2c:2a:39:2d:de:1d:24:35:7c:e0:9d:b1:17:12:
7a:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:B7:E5:10:A1:CD:A0:C3:7A:4E:8A:E8:B2:67:FA:F4:10:D9:39:FA
X509v3 Authority Key Identifier:
keyid:7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3138372e302f32342d3234203d3e20323030303137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.110.187.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:26:d9:58:5b:3f:61:57:b7:b9:95:08:4e:51:d3:12:50:6d:
ed:47:59:39:aa:3e:86:ad:8f:bf:30:2b:fe:34:32:5c:c7:2c:
58:51:0c:f9:14:f6:2f:de:64:cd:7e:7d:e1:88:90:c0:49:52:
4b:15:37:c0:4d:25:ca:fc:94:ca:3a:8a:91:61:a5:42:64:d9:
5a:5f:26:5c:77:83:ff:81:8e:17:a1:2f:17:73:07:e8:54:0a:
0a:67:dd:0c:87:10:e7:8f:89:44:05:b3:8b:17:ed:6a:19:45:
94:ef:90:a7:2e:72:02:e5:0e:06:3f:fd:4e:c5:17:e0:a4:cf:
e1:d1:8f:c0:64:e9:9b:0c:ea:fb:ac:ae:e6:78:f1:b4:ea:f1:
b2:b0:4a:4b:28:57:95:44:6a:7f:16:47:c9:fa:bf:b0:d9:3d:
a0:1a:2b:2f:7b:33:8b:24:9a:55:03:c4:e3:ce:2e:0b:32:68:
c6:03:05:79:43:39:a4:20:08:15:8a:72:41:ce:2d:d1:e4:fb:
a2:16:62:5b:44:93:a6:a5:c7:52:2a:ef:02:85:de:a5:93:9f:
5d:30:d8:83:02:fb:6f:2d:f7:63:fc:be:51:9f:69:19:4e:2b:
b7:b5:f1:f9:16:29:f7:91:ca:39:81:0b:b1:77:3e:c0:90:f3:
4f:4b:b2:c4
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUeyRCezeDhyRXb+FWCW1FL+vT3hAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2FkZjYzZTM3NWIwYjc4NTA4MWI1OTQ1YjFkMThkOWRl
ODZlMGVmYzAeFw0yNTA0MzAxMzI1MzhaFw0yNjA0MjkxMzMwMzhaMDMxMTAvBgNV
BAMTKEJCQjdFNTEwQTFDREEwQzM3QTRFOEFFOEIyNjdGQUY0MTBEOTM5RkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCywUEZUGHMpw3SEdeMU2Dvcrqm
8NF3b3AaNJKo/6CM+Dv1n8/JKWd8+G0HzpeiSTLQrcwwOYPH+sccFZ6BtP/regqZ
/A9uL9SCmvK0uZ7hPOJPaFtCBlBuoVn9Bbc+xQ+sLIvS/IL12kGgTK/PPXXCj9Tx
gkb2kWLey9nCDcjcpA16TXlGb3lgr3WyrdmdeY585abCL4DE8pxmj6fp/ORC8H3i
GTWRLxyu4muF/SuoWo9jV19YvaQovmsMPYc6TwYIy8Mh043aZFhjC+9LAGrD/Sji
ga1Ey5z3uYodwv9Um0z1RQz317kX0NxjkYLT9uIsKjkt3h0kNXzgnbEXEnqrAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUu7flEKHNoMN6Torosmf69BDZOfowHwYDVR0j
BBgwFoAUet9j43Wwt4UIG1lFsdGNnehuDvwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQtOTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2Fi
MDAyLzAvN0FERjYzRTM3NUIwQjc4NTA4MUI1OTQ1QjFEMThEOURFODZFMEVGQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2V0OWo0M1d3dDRVSUcxbEZzZEdObmVo
dUR2dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQt
OTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2FiMDAyLzAvMzEzMDM5MmUzMTMxMzAyZTMx
MzgzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzMDMwMzEzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAG1uuzANBgkqhkiG9w0BAQsFAAOCAQEADibZWFs/YVe3uZUITlHTElBt7UdZ
Oao+hq2PvzAr/jQyXMcsWFEM+RT2L95kzX594YiQwElSSxU3wE0lyvyUyjqKkWGl
QmTZWl8mXHeD/4GOF6EvF3MH6FQKCmfdDIcQ54+JRAWzixftahlFlO+Qpy5yAuUO
Bj/9TsUX4KTP4dGPwGTpmwzq+6yu5njxtOrxsrBKSyhXlURqfxZHyfq/sNk9oBor
L3sziySaVQPE484uCzJoxgMFeUM5pCAIFYpyQc4t0eT7ohZiW0STpqXHUirvAoXe
pZOfXTDYgwL7by33Y/y+UZ9pGU4rt7Xx+RYp95HKOYELsXc+wJDzT0uyxA==
-----END CERTIFICATE-----
Generated at Sat May 10 19:33:01 2025 by rpki-client