Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3137312e32322e37382e302f32342d3234203d3e20313532363732.roa
File: 3137312e32322e37382e302f32342d3234203d3e20313532363732.roa (raw, json)
Hash identifier: XWl2Wbis27g0jnwihTnC0m1BfuOV5Slw+J2jwsr12oY=
Subject key identifier: 05:DE:B0:14:1B:5A:1C:F3:60:98:C0:6D:08:2E:94:7A:53:C5:2C:79
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 1DDF4D70BD350EE093E6DA36D2B98372CBCCC9C2
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3137312e32322e37382e302f32342d3234203d3e20313532363732.roa
Signing time: Mon 30 Jun 2025 12:45:52 +0000
ROA not before: Mon 30 Jun 2025 12:40:52 +0000
ROA not after: Mon 29 Jun 2026 12:45:52 +0000
asID: 152672
IP address blocks: 171.22.78.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 07:39:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:df:4d:70:bd:35:0e:e0:93:e6:da:36:d2:b9:83:72:cb:cc:c9:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Jun 30 12:40:52 2025 GMT
Not After : Jun 29 12:45:52 2026 GMT
Subject: CN=05DEB0141B5A1CF36098C06D082E947A53C52C79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:b7:d5:d2:88:31:b9:12:ff:e2:a0:e6:0f:0c:
36:90:59:2c:73:c1:c8:37:f6:3f:dd:57:e2:07:08:
5e:62:54:2f:c0:1b:23:40:2a:8e:7c:68:99:74:f9:
be:96:97:be:5e:45:a9:a7:01:77:7c:6f:17:09:16:
6b:5d:cd:4e:10:5e:14:a2:54:a5:1e:3c:d5:c0:f5:
f1:0c:a2:e6:16:fe:98:23:1f:0e:cd:8a:4d:bd:9b:
ae:1b:2d:ac:01:75:65:99:75:71:e9:6b:8d:80:27:
ae:67:6f:d1:65:c5:16:6e:88:8e:52:57:7f:6a:cc:
5f:c7:93:a4:42:a5:7b:e2:d1:42:0b:55:de:04:01:
75:3f:98:b1:d1:b6:e6:68:91:09:17:5e:3b:c7:60:
37:82:f3:51:e3:20:8a:91:dc:49:66:ee:af:98:94:
c8:2a:fc:8e:6d:45:62:88:ff:73:96:83:08:6f:44:
ac:e5:45:69:47:90:0b:00:fe:29:7a:b0:6b:18:17:
f8:40:7a:7c:4e:62:50:1d:d7:17:ff:63:fb:7a:da:
3a:67:5d:31:9d:6f:94:46:12:d2:06:1f:57:53:bc:
34:11:a5:f5:61:61:a8:b1:a4:7e:0b:51:bd:c3:3c:
0a:d4:4b:a4:e2:31:94:f0:89:a2:11:4f:f4:90:96:
89:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:DE:B0:14:1B:5A:1C:F3:60:98:C0:6D:08:2E:94:7A:53:C5:2C:79
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3137312e32322e37382e302f32342d3234203d3e20313532363732.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.22.78.0/24
Signature Algorithm: sha256WithRSAEncryption
25:21:68:5e:7a:fd:2e:6a:f2:5f:ef:30:6c:a4:82:55:3a:6c:
38:5c:00:78:cf:3f:18:9c:23:40:72:12:a7:43:4d:3a:13:1d:
37:7e:59:14:19:7c:e2:5e:f4:86:ec:8f:3b:38:cb:91:cd:e3:
8f:f9:17:1b:b1:89:0e:00:c6:af:ed:94:d9:7f:97:b6:15:c0:
d0:82:c9:4f:18:5b:71:a5:59:dd:3d:b8:9e:b9:a9:99:74:b2:
9f:b5:7a:60:d6:14:89:7e:25:10:7f:87:85:b9:37:45:a6:64:
1b:73:41:7f:65:db:30:94:6a:53:24:33:d1:9d:8d:75:43:b5:
87:2c:43:c0:8b:f5:82:ad:06:66:35:72:f8:90:46:c8:ef:d6:
10:ce:bf:56:82:ee:c6:1c:e0:e9:ef:f5:de:c8:c7:73:e0:54:
32:3e:59:8c:62:da:3d:8c:0d:61:45:70:ec:fb:8c:7e:82:66:
81:5d:fc:da:df:ee:43:f0:f7:dc:cb:81:c2:87:ad:ca:4f:88:
94:48:7d:97:31:a1:2a:bb:77:4f:2c:ea:69:b3:ab:9f:29:54:
77:9b:16:77:e9:14:8b:2c:c1:1f:04:18:61:27:1e:6c:63:e8:
b9:83:65:3e:16:ff:2d:97:3d:ba:67:c3:a3:c3:12:2d:05:52:
50:11:8c:fa
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUHd9NcL01DuCT5to20rmDcsvMycIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNTA2MzAxMjQwNTJaFw0yNjA2MjkxMjQ1NTJaMDMxMTAvBgNV
BAMTKDA1REVCMDE0MUI1QTFDRjM2MDk4QzA2RDA4MkU5NDdBNTNDNTJDNzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjt9XSiDG5Ev/ioOYPDDaQWSxz
wcg39j/dV+IHCF5iVC/AGyNAKo58aJl0+b6Wl75eRamnAXd8bxcJFmtdzU4QXhSi
VKUePNXA9fEMouYW/pgjHw7Nik29m64bLawBdWWZdXHpa42AJ65nb9FlxRZuiI5S
V39qzF/Hk6RCpXvi0UILVd4EAXU/mLHRtuZokQkXXjvHYDeC81HjIIqR3Elm7q+Y
lMgq/I5tRWKI/3OWgwhvRKzlRWlHkAsA/il6sGsYF/hAenxOYlAd1xf/Y/t62jpn
XTGdb5RGEtIGH1dTvDQRpfVhYaixpH4LUb3DPArUS6TiMZTwiaIRT/SQlolNAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUBd6wFBtaHPNgmMBtCC6UelPFLHkwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzEzNzMxMmUzMjMyMmUzNzM4
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzNTMyMzYzNzMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
qxZOMA0GCSqGSIb3DQEBCwUAA4IBAQAlIWheev0uavJf7zBspIJVOmw4XAB4zz8Y
nCNAchKnQ006Ex03flkUGXziXvSG7I87OMuRzeOP+RcbsYkOAMav7ZTZf5e2FcDQ
gslPGFtxpVndPbieuamZdLKftXpg1hSJfiUQf4eFuTdFpmQbc0F/ZdswlGpTJDPR
nY11Q7WHLEPAi/WCrQZmNXL4kEbI79YQzr9Wgu7GHODp7/XeyMdz4FQyPlmMYto9
jA1hRXDs+4x+gmaBXfza3+5D8Pfcy4HCh63KT4iUSH2XMaEqu3dPLOpps6ufKVR3
mxZ36RSLLMEfBBhhJx5sY+i5g2U+Fv8tlz26Z8OjwxItBVJQEYz6
-----END CERTIFICATE-----
Generated at Wed Aug 6 00:52:40 2025 by rpki-client