Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e31322e38332e302f32342d3234203d3e203432383331.roa
File: 34352e31322e38332e302f32342d3234203d3e203432383331.roa (raw, json)
Hash identifier: e+WtgTelRzCn9E9mYkmKU1m0eamheYuYHF9hYqMDgDQ=
Subject key identifier: E2:37:84:02:1F:F1:69:37:D9:83:DE:D3:D3:22:E4:71:08:B7:56:C6
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 4AC5462A0C80BDC97E3C660B00E8416E2B009EB3
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e31322e38332e302f32342d3234203d3e203432383331.roa
Signing time: Sat 19 Apr 2025 17:57:17 +0000
ROA not before: Sat 19 Apr 2025 17:52:17 +0000
ROA not after: Sat 18 Apr 2026 17:57:17 +0000
asID: 42831
IP address blocks: 45.12.83.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 26 Apr 2025 22:21:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:c5:46:2a:0c:80:bd:c9:7e:3c:66:0b:00:e8:41:6e:2b:00:9e:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Apr 19 17:52:17 2025 GMT
Not After : Apr 18 17:57:17 2026 GMT
Subject: CN=E23784021FF16937D983DED3D322E47108B756C6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:50:9b:ee:fc:94:f5:5a:f6:bb:ad:bd:5b:8e:
f7:7a:17:18:93:49:4f:c5:69:4a:71:38:97:23:de:
41:7f:0f:af:f6:0a:a2:df:ea:bb:1a:3b:e9:1d:b8:
d0:a4:0c:e5:5a:83:c1:8f:a2:9e:c6:6f:cb:53:34:
0a:01:01:a3:aa:b6:51:a9:79:63:a2:48:d8:b6:78:
54:ad:5c:07:f8:0f:a8:3c:27:bb:6d:26:19:ff:0b:
93:8e:a6:a5:5e:78:26:f4:f5:7b:7f:5f:92:fe:96:
5d:2f:69:44:f1:70:ba:ef:3f:00:f8:47:a9:fe:a0:
49:d5:d2:54:bf:cb:b5:90:e4:6d:84:e4:96:5e:ee:
85:8b:d1:15:af:31:a6:d4:5a:a4:61:88:ef:11:ad:
6a:50:b2:1b:81:cf:0a:a4:ad:4b:d6:6d:12:d1:a4:
31:60:b1:a2:27:b9:78:9b:ca:52:6d:8d:f8:40:b7:
33:5c:ae:0c:5f:76:4d:c3:78:a8:47:37:58:97:73:
b9:94:cb:e7:0f:06:ab:23:8b:fe:69:67:d2:83:13:
37:48:b6:19:23:51:d1:26:7f:e9:03:b6:02:ed:c4:
0e:38:03:9e:83:62:9b:06:06:0b:45:d2:b8:a4:99:
70:6f:c9:ff:98:46:c0:f5:71:8d:bd:88:55:72:ad:
eb:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:37:84:02:1F:F1:69:37:D9:83:DE:D3:D3:22:E4:71:08:B7:56:C6
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e31322e38332e302f32342d3234203d3e203432383331.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.83.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:16:bb:bb:69:30:6a:bf:04:48:66:ab:4e:89:17:ea:28:50:
2c:83:eb:7f:03:ea:6b:9e:b7:6f:75:53:f1:56:6b:6b:1e:8e:
03:28:dd:32:25:37:5a:3a:f2:da:75:15:ce:ea:2c:16:d0:07:
df:f7:ba:6e:d4:8a:8f:58:f4:9f:b0:19:7c:8e:45:a0:62:8c:
33:82:e7:6c:45:8e:9b:8e:0e:e6:ef:ae:f0:ef:f2:10:14:11:
b6:d6:72:72:42:01:a9:a3:a9:7f:02:d5:0d:d2:84:8b:80:31:
d5:fa:39:4e:05:23:a1:33:33:fa:60:36:cc:0c:51:9b:10:04:
ff:47:e3:92:cd:2a:cd:8c:22:c3:83:2e:23:46:4c:19:59:aa:
a6:7c:f7:96:56:24:1f:99:95:12:16:ec:b7:4d:00:af:f8:cb:
40:c7:50:3e:36:ce:03:04:b9:ec:af:75:27:6f:cd:e2:af:4c:
06:db:ca:3b:d8:b1:b7:54:b2:f3:36:1e:a4:19:60:c1:1a:27:
e4:71:fc:ec:be:f1:43:b8:d3:a2:cf:41:2c:42:bd:b2:9e:43:
49:86:42:3c:d1:e7:df:fc:c9:61:f8:ca:f9:a6:5e:11:bc:f7:
b0:eb:f3:7c:03:95:4d:2c:09:4d:37:89:5e:c9:bc:86:1e:d0:
f7:84:38:59
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUSsVGKgyAvcl+PGYLAOhBbisAnrMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNTA0MTkxNzUyMTdaFw0yNjA0MTgxNzU3MTdaMDMxMTAvBgNV
BAMTKEUyMzc4NDAyMUZGMTY5MzdEOTgzREVEM0QzMjJFNDcxMDhCNzU2QzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMUJvu/JT1Wva7rb1bjvd6FxiT
SU/FaUpxOJcj3kF/D6/2CqLf6rsaO+kduNCkDOVag8GPop7Gb8tTNAoBAaOqtlGp
eWOiSNi2eFStXAf4D6g8J7ttJhn/C5OOpqVeeCb09Xt/X5L+ll0vaUTxcLrvPwD4
R6n+oEnV0lS/y7WQ5G2E5JZe7oWL0RWvMabUWqRhiO8RrWpQshuBzwqkrUvWbRLR
pDFgsaInuXibylJtjfhAtzNcrgxfdk3DeKhHN1iXc7mUy+cPBqsji/5pZ9KDEzdI
thkjUdEmf+kDtgLtxA44A56DYpsGBgtF0rikmXBvyf+YRsD1cY29iFVyretbAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQU4jeEAh/xaTfZg97T0yLkcQi3VsYwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzEzMjJlMzgzMzJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzIzODMzMzEucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAtDFMw
DQYJKoZIhvcNAQELBQADggEBAF4Wu7tpMGq/BEhmq06JF+ooUCyD638D6muet291
U/FWa2sejgMo3TIlN1o68tp1Fc7qLBbQB9/3um7Uio9Y9J+wGXyORaBijDOC52xF
jpuODubvrvDv8hAUEbbWcnJCAamjqX8C1Q3ShIuAMdX6OU4FI6EzM/pgNswMUZsQ
BP9H45LNKs2MIsODLiNGTBlZqqZ895ZWJB+ZlRIW7LdNAK/4y0DHUD42zgMEueyv
dSdvzeKvTAbbyjvYsbdUsvM2HqQZYMEaJ+Rx/Oy+8UO406LPQSxCvbKeQ0mGQjzR
59/8yWH4yvmmXhG897Dr83wDlU0sCU03iV7JvIYe0PeEOFk=
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:53:30 2025 by rpki-client