Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/3130332e3134392e3136392e302f32342d3234203d3e203630373831.roa
File: 3130332e3134392e3136392e302f32342d3234203d3e203630373831.roa (raw, json)
Hash identifier: M972A2zux5bp2vtM/yV/ifXNBlJMRB7g6qDIDzpgNsU=
Subject key identifier: 59:DC:D2:32:5E:12:55:59:A8:21:70:C4:D7:DF:FA:AF:24:25:B6:56
Certificate issuer: /CN=5cdc04bb23eaa4cecc791dfe04bb028b7e797b68
Certificate serial: 1DF4AD0C972E31C00EB51C455DD3698811FAB6AC
Authority key identifier: 5C:DC:04:BB:23:EA:A4:CE:CC:79:1D:FE:04:BB:02:8B:7E:79:7B:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XNwEuyPqpM7MeR3-BLsCi355e2g.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/3130332e3134392e3136392e302f32342d3234203d3e203630373831.roa
Signing time: Tue 24 Jun 2025 23:46:56 +0000
ROA not before: Tue 24 Jun 2025 23:41:56 +0000
ROA not after: Tue 23 Jun 2026 23:46:56 +0000
asID: 60781
IP address blocks: 103.149.169.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/5CDC04BB23EAA4CECC791DFE04BB028B7E797B68.crl
rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/5CDC04BB23EAA4CECC791DFE04BB028B7E797B68.mft
rsync://rpki.ripe.net/repository/DEFAULT/XNwEuyPqpM7MeR3-BLsCi355e2g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 01:27:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:f4:ad:0c:97:2e:31:c0:0e:b5:1c:45:5d:d3:69:88:11:fa:b6:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cdc04bb23eaa4cecc791dfe04bb028b7e797b68
Validity
Not Before: Jun 24 23:41:56 2025 GMT
Not After : Jun 23 23:46:56 2026 GMT
Subject: CN=59DCD2325E125559A82170C4D7DFFAAF2425B656
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:cd:4f:39:ab:11:bb:7f:13:29:b6:30:f7:ef:
55:f4:88:e6:42:1e:c5:7a:5c:fe:1c:64:72:31:5f:
ad:5b:1b:48:c4:9d:c4:47:b0:53:02:c0:27:fa:18:
92:54:27:6c:b0:3b:ad:d8:81:f4:82:97:8d:30:e4:
3a:39:d6:27:35:e2:d5:5b:bc:2a:21:f8:29:91:08:
25:07:09:8d:52:39:0f:67:51:46:a3:0e:ec:3c:b2:
dc:8d:c2:d0:95:f3:c6:81:95:ce:e4:39:58:0f:db:
ff:77:d3:a7:04:e2:f3:b1:8f:f6:e8:5d:34:5a:b4:
d6:48:2c:b4:1b:bf:23:4c:66:57:8d:86:82:09:18:
49:40:da:b6:0b:d1:07:00:cc:81:be:5c:b2:3e:bc:
89:e8:c3:4b:e4:2d:11:7d:69:19:12:c5:fb:23:ee:
f0:ea:dc:d7:6c:7c:55:03:ec:02:c5:26:d1:62:b5:
fd:ae:76:83:ed:22:ce:37:b5:8c:48:5d:64:88:f3:
96:45:b9:e4:40:77:30:75:71:d3:a2:2b:51:c1:21:
ca:7f:83:29:b6:be:0e:98:f5:f6:0b:2d:bd:dd:17:
87:c2:6e:1a:96:6a:a0:00:ea:53:d1:38:ad:f3:4b:
72:57:5b:89:4a:60:a3:70:50:3a:e1:60:52:c8:87:
73:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:DC:D2:32:5E:12:55:59:A8:21:70:C4:D7:DF:FA:AF:24:25:B6:56
X509v3 Authority Key Identifier:
keyid:5C:DC:04:BB:23:EA:A4:CE:CC:79:1D:FE:04:BB:02:8B:7E:79:7B:68
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/5CDC04BB23EAA4CECC791DFE04BB028B7E797B68.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XNwEuyPqpM7MeR3-BLsCi355e2g.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/3130332e3134392e3136392e302f32342d3234203d3e203630373831.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.149.169.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:12:07:4f:a3:ca:0d:e6:6f:f2:5b:1e:35:f4:52:1b:97:d1:
94:7f:3c:09:8b:45:49:a8:dd:70:71:c7:66:d2:86:0b:ec:ec:
98:2e:bf:f7:fe:24:f5:42:cb:81:38:63:dc:8d:ce:2f:5b:1a:
67:b7:0c:0f:02:c9:c3:c9:42:68:f5:9c:ea:cb:d2:b5:e4:62:
63:66:0b:55:95:1a:b5:a3:63:f3:12:dd:36:cd:ee:f6:b7:e8:
35:85:3d:bb:4d:f8:3a:4e:e1:11:03:bc:bf:b5:e9:63:c8:fc:
d1:d3:1b:76:f1:f7:87:f8:7a:8a:e5:db:44:56:aa:b2:4e:db:
a9:73:e2:6e:93:4f:9c:1e:24:db:19:66:7c:1e:e4:4f:da:a1:
59:70:46:91:bb:51:cc:79:f4:4a:32:50:4b:c2:5f:f9:ec:ec:
64:3c:ef:0a:0d:20:a3:08:f0:71:0c:00:5c:4a:c6:26:40:da:
f4:d3:0c:e2:1f:e0:93:8b:9d:fa:1f:eb:e0:cd:37:a9:bd:10:
e8:01:9d:80:31:5c:c5:3b:5c:ea:c7:50:69:4b:2d:96:19:ff:
e2:1c:ed:76:18:0d:f7:1e:82:6f:55:7c:52:8f:d3:55:de:fd:
9b:68:71:58:e1:93:e8:ec:86:c8:8a:6c:67:20:86:3d:d9:c8:
3b:e4:dc:82
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUHfStDJcuMcAOtRxFXdNpiBH6tqwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWNkYzA0YmIyM2VhYTRjZWNjNzkxZGZlMDRiYjAyOGI3
ZTc5N2I2ODAeFw0yNTA2MjQyMzQxNTZaFw0yNjA2MjMyMzQ2NTZaMDMxMTAvBgNV
BAMTKDU5RENEMjMyNUUxMjU1NTlBODIxNzBDNEQ3REZGQUFGMjQyNUI2NTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCczU85qxG7fxMptjD371X0iOZC
HsV6XP4cZHIxX61bG0jEncRHsFMCwCf6GJJUJ2ywO63YgfSCl40w5Do51ic14tVb
vCoh+CmRCCUHCY1SOQ9nUUajDuw8styNwtCV88aBlc7kOVgP2/9306cE4vOxj/bo
XTRatNZILLQbvyNMZleNhoIJGElA2rYL0QcAzIG+XLI+vInow0vkLRF9aRkSxfsj
7vDq3NdsfFUD7ALFJtFitf2udoPtIs43tYxIXWSI85ZFueRAdzB1cdOiK1HBIcp/
gym2vg6Y9fYLLb3dF4fCbhqWaqAA6lPROK3zS3JXW4lKYKNwUDrhYFLIh3MHAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUWdzSMl4SVVmoIXDE19/6ryQltlYwHwYDVR0j
BBgwFoAUXNwEuyPqpM7MeR3+BLsCi355e2gwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2QxOWRiMjAtNDY1My00OGQ0LThmYzQtNTgwZDEzNjli
N2M0LzAvNUNEQzA0QkIyM0VBQTRDRUNDNzkxREZFMDRCQjAyOEI3RTc5N0I2OC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hOd0V1eVBxcE03TWVSMy1CTHNDaTM1
NWUyZy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2QxOWRiMjAt
NDY1My00OGQ0LThmYzQtNTgwZDEzNjliN2M0LzAvMzEzMDMzMmUzMTM0MzkyZTMx
MzYzOTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzAzNzM4MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABnlakwDQYJKoZIhvcNAQELBQADggEBALcSB0+jyg3mb/JbHjX0UhuX0ZR/PAmL
RUmo3XBxx2bShgvs7Jguv/f+JPVCy4E4Y9yNzi9bGme3DA8CycPJQmj1nOrL0rXk
YmNmC1WVGrWjY/MS3TbN7va36DWFPbtN+DpO4REDvL+16WPI/NHTG3bx94f4eorl
20RWqrJO26lz4m6TT5weJNsZZnwe5E/aoVlwRpG7Ucx59EoyUEvCX/ns7GQ87woN
IKMI8HEMAFxKxiZA2vTTDOIf4JOLnfof6+DNN6m9EOgBnYAxXMU7XOrHUGlLLZYZ
/+Ic7XYYDfcegm9VfFKP01Xe/ZtocVjhk+jshsiKbGcghj3ZyDvk3II=
-----END CERTIFICATE-----
Generated at Sun Jun 29 09:12:02 2025 by rpki-client