Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e31322e38312e302f32342d3234203d3e20323133333138.roa
File: 34352e31322e38312e302f32342d3234203d3e20323133333138.roa (raw, json)
Hash identifier: mQ3/THHtYEtEf3DAlYoINSPG0DUe6j0fL597iZURIXE=
Subject key identifier: AB:C5:83:6C:F6:1F:26:D2:67:43:85:33:BE:C8:CC:E8:A2:6D:C7:22
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 355BA65646B6A588954BE8BC325418036C58D520
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e31322e38312e302f32342d3234203d3e20323133333138.roa
Signing time: Thu 10 Apr 2025 08:12:37 +0000
ROA not before: Thu 10 Apr 2025 08:07:37 +0000
ROA not after: Thu 09 Apr 2026 08:12:37 +0000
asID: 213318
IP address blocks: 45.12.81.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 18:22:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:5b:a6:56:46:b6:a5:88:95:4b:e8:bc:32:54:18:03:6c:58:d5:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Apr 10 08:07:37 2025 GMT
Not After : Apr 9 08:12:37 2026 GMT
Subject: CN=ABC5836CF61F26D267438533BEC8CCE8A26DC722
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:68:d5:53:f1:06:1e:d1:a6:1b:6d:03:f0:91:
8d:c7:23:2f:ce:dc:d2:65:dc:af:b5:12:61:d2:aa:
ee:28:2a:98:bc:85:18:37:a0:4c:d3:0e:17:ce:7b:
e7:22:af:4d:76:76:a4:45:16:a2:98:3a:50:8d:a9:
99:08:10:cf:87:37:dc:7a:d4:b3:35:db:80:00:17:
6f:78:a7:f8:6f:43:e1:e1:ee:29:a8:43:e6:59:6b:
07:ed:14:72:a9:3d:c3:f8:b2:9a:38:cf:fe:ea:17:
1c:41:58:40:bd:5c:11:62:ce:3d:29:ff:95:99:fd:
e9:fb:19:bd:bc:75:51:f3:a9:aa:7e:bb:49:7f:27:
46:e8:a0:59:67:32:cb:41:9c:5f:43:ad:b6:f8:aa:
64:e7:24:40:af:f2:01:7f:58:f5:32:c3:bf:16:36:
78:32:18:43:1b:a2:9f:4a:ee:ae:7b:56:14:81:31:
7d:7c:c0:0c:cd:a3:1c:cd:7b:0f:02:e8:a6:56:c0:
1d:c8:36:5d:a6:d8:50:56:ad:e1:2d:6c:aa:c7:51:
c0:a8:14:fa:c3:9c:ee:6a:b5:fb:46:c1:5a:17:65:
5f:2d:35:c6:7a:9c:46:0d:73:77:e9:e5:e7:02:69:
72:26:b4:c7:74:66:9e:0d:7d:da:69:b9:63:a3:89:
8b:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:C5:83:6C:F6:1F:26:D2:67:43:85:33:BE:C8:CC:E8:A2:6D:C7:22
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e31322e38312e302f32342d3234203d3e20323133333138.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.81.0/24
Signature Algorithm: sha256WithRSAEncryption
07:9e:4e:34:91:1b:13:68:da:c3:9d:85:40:cb:be:dc:cc:a5:
b4:10:e1:06:7f:ac:33:38:2e:9e:1b:25:50:e2:0b:db:03:38:
93:ca:10:55:11:80:da:16:29:f5:9a:0c:15:35:b6:ef:78:9b:
7f:69:37:32:ad:5e:d3:7c:6e:97:ed:e0:80:b0:09:9a:a2:e7:
3b:49:14:82:c9:8e:e8:e0:8c:da:38:b5:96:6d:eb:30:18:13:
e8:f9:a3:15:c9:ea:ed:bf:ec:93:09:0c:94:08:83:e0:c3:83:
14:02:3e:84:d4:56:b5:31:1e:a2:2c:02:b2:a0:06:f5:d2:64:
4c:3a:da:c0:63:8b:96:83:3a:d9:30:b1:bd:44:8f:cb:32:3a:
77:80:37:4d:84:b2:9a:22:c7:fe:62:66:62:5b:7e:fd:3d:45:
d3:01:d8:a3:12:d8:40:97:d9:96:b5:37:99:0a:52:bc:0d:d3:
15:24:f9:17:2b:83:9d:73:51:6f:a7:5b:78:82:2d:77:22:c1:
4e:52:0b:57:41:fb:e8:14:73:da:bf:12:47:28:a8:2d:07:14:
78:0d:95:be:5c:f1:92:62:b9:b9:a8:b8:f3:9c:51:e5:eb:19:
27:0c:bc:bb:a4:17:e5:c1:56:66:16:37:fa:c0:f5:2d:9a:1d:
7f:68:34:31
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUNVumVka2pYiVS+i8MlQYA2xY1SAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNTA0MTAwODA3MzdaFw0yNjA0MDkwODEyMzdaMDMxMTAvBgNV
BAMTKEFCQzU4MzZDRjYxRjI2RDI2NzQzODUzM0JFQzhDQ0U4QTI2REM3MjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/aNVT8QYe0aYbbQPwkY3HIy/O
3NJl3K+1EmHSqu4oKpi8hRg3oEzTDhfOe+cir012dqRFFqKYOlCNqZkIEM+HN9x6
1LM124AAF294p/hvQ+Hh7imoQ+ZZawftFHKpPcP4spo4z/7qFxxBWEC9XBFizj0p
/5WZ/en7Gb28dVHzqap+u0l/J0booFlnMstBnF9Drbb4qmTnJECv8gF/WPUyw78W
NngyGEMbop9K7q57VhSBMX18wAzNoxzNew8C6KZWwB3INl2m2FBWreEtbKrHUcCo
FPrDnO5qtftGwVoXZV8tNcZ6nEYNc3fp5ecCaXImtMd0Zp4NfdppuWOjiYsPAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUq8WDbPYfJtJnQ4UzvsjM6KJtxyIwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzEzMjJlMzgzMTJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMzMzMzEzOC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC0M
UTANBgkqhkiG9w0BAQsFAAOCAQEAB55ONJEbE2jaw52FQMu+3MyltBDhBn+sMzgu
nhslUOIL2wM4k8oQVRGA2hYp9ZoMFTW273ibf2k3Mq1e03xul+3ggLAJmqLnO0kU
gsmO6OCM2ji1lm3rMBgT6PmjFcnq7b/skwkMlAiD4MODFAI+hNRWtTEeoiwCsqAG
9dJkTDrawGOLloM62TCxvUSPyzI6d4A3TYSymiLH/mJmYlt+/T1F0wHYoxLYQJfZ
lrU3mQpSvA3TFST5FyuDnXNRb6dbeIItdyLBTlILV0H76BRz2r8SRyioLQcUeA2V
vlzxkmK5uai485xR5esZJwy8u6QX5cFWZhY3+sD1LZodf2g0MQ==
-----END CERTIFICATE-----
Generated at Sun Apr 27 10:33:26 2025 by rpki-client