Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e31322e38322e302f32342d3234203d3e20313532363732.roa
File: 34352e31322e38322e302f32342d3234203d3e20313532363732.roa (raw, json)
Hash identifier: hDEWa4YgvVkR2h8DGs1/jvQlj/SlYRHzoeNeN8U7c0U=
Subject key identifier: 6C:F5:79:4B:A3:0E:45:90:28:D7:7D:7E:F1:3D:C9:72:E2:09:7E:6E
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 41CE95788C55E81B8154AE788091520D3A8A4DB4
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e31322e38322e302f32342d3234203d3e20313532363732.roa
Signing time: Mon 30 Jun 2025 06:02:47 +0000
ROA not before: Mon 30 Jun 2025 05:57:47 +0000
ROA not after: Mon 29 Jun 2026 06:02:47 +0000
asID: 152672
IP address blocks: 45.12.82.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 23:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:ce:95:78:8c:55:e8:1b:81:54:ae:78:80:91:52:0d:3a:8a:4d:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Jun 30 05:57:47 2025 GMT
Not After : Jun 29 06:02:47 2026 GMT
Subject: CN=6CF5794BA30E459028D77D7EF13DC972E2097E6E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:d9:bc:70:5e:0b:fe:d8:67:e0:4c:67:e2:32:
85:03:03:b1:8f:ea:8c:aa:cc:41:fb:c3:af:5f:ae:
25:9d:ad:40:d6:22:74:1f:d8:97:27:40:52:a3:60:
c3:54:5b:eb:60:3e:e8:84:f0:44:db:a5:30:c1:23:
ea:b1:3a:24:65:f1:4b:1b:12:dc:ab:81:64:4c:4d:
9f:b7:e3:f1:53:05:ce:18:1f:bb:c6:4a:2f:17:e9:
53:89:22:60:66:04:05:a5:88:89:c0:f0:06:8c:ec:
e1:8a:6e:43:67:2e:c6:18:d6:f8:ef:ec:89:45:cc:
48:5c:3a:13:2a:5c:46:d6:41:4e:73:e7:ca:31:7e:
88:98:87:b3:31:65:bf:ed:cf:c0:b1:1e:c0:77:e8:
05:fe:d6:25:74:74:c0:67:ff:e3:d6:39:93:1e:77:
1e:2c:bd:12:c1:53:5a:9e:5e:8d:c7:ae:82:16:1a:
36:07:9b:56:ca:c4:14:ff:a8:5a:e8:27:1d:02:61:
74:7a:84:5a:1f:f0:a6:98:6b:98:a6:37:85:f9:8a:
06:51:a1:92:78:20:a8:c5:14:68:e9:2f:4d:13:91:
89:a8:14:35:1c:ba:79:83:92:7e:9f:d2:27:da:ab:
25:14:a4:cb:17:91:7f:4d:b5:fa:ba:34:aa:4a:75:
9c:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:F5:79:4B:A3:0E:45:90:28:D7:7D:7E:F1:3D:C9:72:E2:09:7E:6E
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e31322e38322e302f32342d3234203d3e20313532363732.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.82.0/24
Signature Algorithm: sha256WithRSAEncryption
91:bb:c0:fe:54:6e:52:da:0f:39:2c:85:d7:02:2d:18:1e:de:
0c:20:1c:22:87:ab:d3:88:31:74:db:46:06:ea:c3:2f:17:36:
60:75:30:b5:7f:4b:9e:d2:fe:49:10:41:be:70:d8:80:ab:e6:
74:40:9b:c0:8a:d8:ec:9d:cc:2e:9f:f3:4d:3d:0e:fb:c2:a4:
fc:f7:3d:92:b6:36:1b:e5:35:61:d4:8c:0f:db:d6:5d:8c:23:
21:0b:09:3f:50:5e:0d:ca:30:38:7e:ac:9c:bf:92:8b:56:dd:
cc:6f:53:4e:0f:f8:cf:2d:ba:58:5f:6c:4b:d2:10:e1:0e:7f:
dd:86:12:e0:0c:87:f3:63:31:e2:8d:05:a2:fb:dc:bd:38:e9:
c2:6f:ec:78:ac:82:5d:47:24:30:15:dc:76:3b:46:9e:1a:ed:
05:22:5a:97:6d:9e:dc:3a:33:78:13:7e:8e:c9:12:3e:aa:3c:
35:38:99:53:78:19:93:e4:86:cf:73:db:2b:00:5c:74:59:2f:
0a:b0:be:fd:37:5f:9f:7f:2b:87:ba:76:f2:64:77:20:db:b9:
f4:ad:5d:6d:8d:ff:d1:3a:9f:ca:4a:78:be:e5:f2:96:f2:31:
28:36:38:20:2e:cd:0e:2c:ae:c2:7a:6c:59:fe:82:60:28:7d:
f4:bc:73:09
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUQc6VeIxV6BuBVK54gJFSDTqKTbQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNTA2MzAwNTU3NDdaFw0yNjA2MjkwNjAyNDdaMDMxMTAvBgNV
BAMTKDZDRjU3OTRCQTMwRTQ1OTAyOEQ3N0Q3RUYxM0RDOTcyRTIwOTdFNkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCN2bxwXgv+2GfgTGfiMoUDA7GP
6oyqzEH7w69friWdrUDWInQf2JcnQFKjYMNUW+tgPuiE8ETbpTDBI+qxOiRl8Usb
EtyrgWRMTZ+34/FTBc4YH7vGSi8X6VOJImBmBAWliInA8AaM7OGKbkNnLsYY1vjv
7IlFzEhcOhMqXEbWQU5z58oxfoiYh7MxZb/tz8CxHsB36AX+1iV0dMBn/+PWOZMe
dx4svRLBU1qeXo3HroIWGjYHm1bKxBT/qFroJx0CYXR6hFof8KaYa5imN4X5igZR
oZJ4IKjFFGjpL00TkYmoFDUcunmDkn6f0ifaqyUUpMsXkX9Ntfq6NKpKdZxFAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUbPV5S6MORZAo131+8T3JcuIJfm4wHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzEzMjJlMzgzMjJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzUzMjM2MzczMi5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC0M
UjANBgkqhkiG9w0BAQsFAAOCAQEAkbvA/lRuUtoPOSyF1wItGB7eDCAcIoer04gx
dNtGBurDLxc2YHUwtX9LntL+SRBBvnDYgKvmdECbwIrY7J3MLp/zTT0O+8Kk/Pc9
krY2G+U1YdSMD9vWXYwjIQsJP1BeDcowOH6snL+Si1bdzG9TTg/4zy26WF9sS9IQ
4Q5/3YYS4AyH82Mx4o0FovvcvTjpwm/seKyCXUckMBXcdjtGnhrtBSJal22e3Doz
eBN+jskSPqo8NTiZU3gZk+SGz3PbKwBcdFkvCrC+/Tdfn38rh7p28mR3INu59K1d
bY3/0Tqfykp4vuXylvIxKDY4IC7NDiyuwnpsWf6CYCh99LxzCQ==
-----END CERTIFICATE-----
Generated at Wed Aug 6 05:22:56 2025 by rpki-client