Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3138372e302f32342d3234203d3e20323039303433.roa
File: 3130392e3131302e3138372e302f32342d3234203d3e20323039303433.roa (raw, json)
Hash identifier: oQcz4DAc7QoGfv9mAd109ngxO6cPVUFbJh7A7TSH4ZM=
Subject key identifier: BD:6C:9A:53:4F:1A:C8:F6:13:B1:2F:38:E6:EC:A5:10:BB:E6:41:16
Certificate issuer: /CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Certificate serial: 1BC515D5585CDBF36BDE5AF3A939A0016BE2B3B7
Authority key identifier: 7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3138372e302f32342d3234203d3e20323039303433.roa
Signing time: Thu 05 Jun 2025 08:54:08 +0000
ROA not before: Thu 05 Jun 2025 08:49:08 +0000
ROA not after: Thu 04 Jun 2026 08:54:08 +0000
asID: 209043
IP address blocks: 109.110.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.mft
rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 06:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:c5:15:d5:58:5c:db:f3:6b:de:5a:f3:a9:39:a0:01:6b:e2:b3:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Validity
Not Before: Jun 5 08:49:08 2025 GMT
Not After : Jun 4 08:54:08 2026 GMT
Subject: CN=BD6C9A534F1AC8F613B12F38E6ECA510BBE64116
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:a8:1d:c5:55:76:99:9e:0f:aa:d7:b6:f9:8f:
d9:ce:c9:79:82:b9:04:3d:cb:5e:40:99:bb:98:be:
46:b4:2e:18:d0:c3:3c:8f:be:b6:b1:9e:02:7f:37:
62:42:7e:6b:09:ec:6e:0a:cd:84:4a:ef:1e:6f:c1:
53:65:ba:6c:a6:03:dc:41:81:51:9f:57:78:84:b8:
c6:b1:4c:f2:08:51:76:01:cd:a9:6a:15:08:70:0c:
bf:d4:55:e2:1c:36:67:45:4b:6b:e7:a4:61:06:41:
28:7b:c8:a8:1b:ed:38:8a:77:dd:0a:5e:97:f9:5e:
33:29:3e:e1:97:72:46:9e:10:09:a2:8f:2d:8b:f5:
f6:be:6d:47:03:7f:c4:fa:73:5e:fa:7b:f0:5b:b6:
f4:b0:e6:a7:6f:27:a8:23:ca:19:e6:65:ba:29:73:
d3:d0:3f:cc:1d:42:87:00:4f:0c:5d:a8:66:6e:84:
15:32:99:53:13:67:5b:aa:53:10:22:62:1a:ee:8f:
ed:e7:40:54:5e:60:2d:05:9b:f1:56:06:3b:c0:42:
c2:b7:31:3a:d6:2d:95:f4:41:eb:57:2b:ec:36:38:
6f:40:ea:11:97:b6:93:de:56:ae:0f:39:3e:13:69:
80:3b:56:e4:26:56:42:a9:74:a8:1c:3b:ef:dc:a7:
81:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:6C:9A:53:4F:1A:C8:F6:13:B1:2F:38:E6:EC:A5:10:BB:E6:41:16
X509v3 Authority Key Identifier:
keyid:7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3138372e302f32342d3234203d3e20323039303433.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.110.187.0/24
Signature Algorithm: sha256WithRSAEncryption
19:fe:35:40:1e:dd:65:c5:84:a9:9a:78:98:44:1a:a7:52:12:
7a:06:00:54:8d:aa:53:62:24:1a:89:0d:96:3a:b6:6f:b4:6c:
07:51:7e:ea:e2:49:70:11:7d:38:00:8f:34:2d:f4:97:48:79:
fd:22:a7:ed:ef:63:07:7b:57:4e:62:e0:5e:94:a3:e3:89:1c:
ce:a9:f0:62:59:d5:9b:b7:18:29:0b:88:a5:a1:8c:b5:38:55:
14:3b:83:da:ae:b2:a1:31:62:68:44:8c:3f:f7:d8:c6:17:82:
b5:28:ca:8f:42:77:2b:c5:3d:1b:c9:84:2e:8f:9e:0d:07:ea:
4b:05:5a:b1:d7:5a:fa:05:98:38:46:8b:fa:6a:91:a1:13:68:
7e:02:98:02:e0:d9:d5:2c:74:fe:b3:e4:5b:cc:c4:43:49:24:
1a:13:5d:cf:91:5a:2e:f9:54:ba:63:95:86:00:0a:9b:70:1e:
10:a4:67:a9:39:64:cb:9c:e4:34:bf:34:65:42:bf:e2:f6:3f:
51:32:d5:fc:5d:ca:1a:76:c1:e1:0d:df:75:9f:75:66:c6:ba:
82:f2:a8:70:f0:1e:b5:fa:c0:57:17:f1:b1:ce:72:44:23:74:
f3:fe:6b:86:98:d2:14:c2:1f:52:30:70:0c:86:b6:06:38:e2:
89:ee:a3:7f
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUG8UV1Vhc2/Nr3lrzqTmgAWvis7cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2FkZjYzZTM3NWIwYjc4NTA4MWI1OTQ1YjFkMThkOWRl
ODZlMGVmYzAeFw0yNTA2MDUwODQ5MDhaFw0yNjA2MDQwODU0MDhaMDMxMTAvBgNV
BAMTKEJENkM5QTUzNEYxQUM4RjYxM0IxMkYzOEU2RUNBNTEwQkJFNjQxMTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHqB3FVXaZng+q17b5j9nOyXmC
uQQ9y15AmbuYvka0LhjQwzyPvraxngJ/N2JCfmsJ7G4KzYRK7x5vwVNlumymA9xB
gVGfV3iEuMaxTPIIUXYBzalqFQhwDL/UVeIcNmdFS2vnpGEGQSh7yKgb7TiKd90K
Xpf5XjMpPuGXckaeEAmijy2L9fa+bUcDf8T6c176e/BbtvSw5qdvJ6gjyhnmZbop
c9PQP8wdQocATwxdqGZuhBUymVMTZ1uqUxAiYhruj+3nQFReYC0Fm/FWBjvAQsK3
MTrWLZX0QetXK+w2OG9A6hGXtpPeVq4POT4TaYA7VuQmVkKpdKgcO+/cp4ErAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUvWyaU08ayPYTsS845uylELvmQRYwHwYDVR0j
BBgwFoAUet9j43Wwt4UIG1lFsdGNnehuDvwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQtOTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2Fi
MDAyLzAvN0FERjYzRTM3NUIwQjc4NTA4MUI1OTQ1QjFEMThEOURFODZFMEVGQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2V0OWo0M1d3dDRVSUcxbEZzZEdObmVo
dUR2dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQt
OTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2FiMDAyLzAvMzEzMDM5MmUzMTMxMzAyZTMx
MzgzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzOTMwMzQzMy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAG1uuzANBgkqhkiG9w0BAQsFAAOCAQEAGf41QB7dZcWEqZp4mEQap1ISegYA
VI2qU2IkGokNljq2b7RsB1F+6uJJcBF9OACPNC30l0h5/SKn7e9jB3tXTmLgXpSj
44kczqnwYlnVm7cYKQuIpaGMtThVFDuD2q6yoTFiaESMP/fYxheCtSjKj0J3K8U9
G8mELo+eDQfqSwVasdda+gWYOEaL+mqRoRNofgKYAuDZ1Sx0/rPkW8zEQ0kkGhNd
z5FaLvlUumOVhgAKm3AeEKRnqTlky5zkNL80ZUK/4vY/UTLV/F3KGnbB4Q3fdZ91
Zsa6gvKocPAetfrAVxfxsc5yRCN08/5rhpjSFMIfUjBwDIa2Bjjiie6jfw==
-----END CERTIFICATE-----
Generated at Sat Jun 28 14:58:55 2025 by rpki-client