Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3133372e39372e302f32342d3234203d3e20313432313131.roa
File: 34352e3133372e39372e302f32342d3234203d3e20313432313131.roa (raw, json)
Hash identifier: EhgdGCu+gxpL3zUKV0aW5LfO1AEmRisOk9+1lfYOI5k=
Subject key identifier: 2F:A8:14:6D:BB:51:D5:51:D5:8C:A6:FF:A7:44:E3:5B:1E:3F:A1:E5
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 527E4905351BEC502A4D8F4A330FD95C8C99A359
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3133372e39372e302f32342d3234203d3e20313432313131.roa
Signing time: Sat 07 Jun 2025 16:54:09 +0000
ROA not before: Sat 07 Jun 2025 16:49:09 +0000
ROA not after: Sat 06 Jun 2026 16:54:09 +0000
asID: 142111
IP address blocks: 45.137.97.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 18:41:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:7e:49:05:35:1b:ec:50:2a:4d:8f:4a:33:0f:d9:5c:8c:99:a3:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Jun 7 16:49:09 2025 GMT
Not After : Jun 6 16:54:09 2026 GMT
Subject: CN=2FA8146DBB51D551D58CA6FFA744E35B1E3FA1E5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:58:2d:78:7a:b5:0e:bd:20:88:26:c7:73:51:
ad:04:79:41:3e:3e:b9:f8:42:16:42:58:94:42:9a:
a4:b2:15:33:d8:db:71:02:3e:fd:89:11:16:89:1e:
84:a3:0a:f2:a2:3a:7c:f5:3c:6c:cf:a0:c6:9d:18:
80:84:69:b5:2e:95:2b:fe:77:ad:f6:08:c3:e6:38:
b6:ed:52:95:67:aa:8f:02:8a:ec:57:4a:f9:8e:0d:
78:9d:92:e7:45:9a:d8:84:fe:8e:c0:c5:42:72:e0:
85:d0:b3:02:3c:2a:ed:3b:7d:c7:6f:a4:80:02:69:
09:1e:cd:9d:25:5f:9a:9c:c1:5e:61:fd:76:08:c9:
3f:65:9f:11:2c:85:91:9d:8f:04:2b:bb:42:cd:ec:
d0:bf:4a:01:3c:70:22:cc:90:24:88:c7:c5:90:3d:
8c:ab:ee:6f:f9:d6:1b:5d:87:76:24:3f:33:13:69:
ff:23:69:c6:29:0f:ca:88:90:bd:22:f9:a7:86:cb:
54:c8:a5:81:e9:a9:ef:eb:39:24:cc:b5:a6:22:c8:
51:f1:c8:af:fc:5f:2d:ac:24:07:8c:1d:78:73:d7:
46:4d:99:d9:98:78:93:dc:e7:79:cf:a0:fc:a5:85:
64:77:7b:fb:a3:29:42:82:ff:fa:c2:37:66:8d:5c:
2c:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:A8:14:6D:BB:51:D5:51:D5:8C:A6:FF:A7:44:E3:5B:1E:3F:A1:E5
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3133372e39372e302f32342d3234203d3e20313432313131.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.97.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:05:78:89:21:79:06:5e:51:ac:25:d2:0d:71:24:cf:13:94:
ce:1a:47:24:1b:31:b5:ae:db:82:34:80:5b:48:e8:7b:38:e3:
c5:b4:f4:37:34:10:15:1d:48:fc:15:ed:b9:6e:c9:8e:d6:1a:
04:ff:82:69:92:d6:ac:01:36:d0:40:c1:e2:b8:5f:68:fe:e2:
1e:6e:8b:7b:78:8c:db:1f:64:5f:83:b5:df:53:c4:0f:1b:68:
2e:e9:ec:c6:25:c0:25:70:78:c9:4d:33:66:ae:38:ae:6f:af:
d4:ed:11:6c:01:ff:7a:bc:c0:e8:39:b3:da:e2:6a:ca:e3:e9:
a6:70:0c:b7:6b:3e:70:c1:20:a7:e3:0b:c8:39:10:6b:d5:4c:
e3:37:07:96:ee:65:a0:4d:88:55:f8:5f:03:a1:85:23:f6:f5:
83:8d:93:b8:d5:8b:53:be:70:48:f8:57:08:be:89:de:37:f7:
f5:ee:b3:e6:0f:20:fb:5e:16:11:3f:7e:49:f5:d6:2b:0e:75:
c6:62:a4:e3:6d:e3:73:35:89:06:aa:b7:0b:55:ff:fb:3d:3c:
79:83:cc:d3:04:26:e0:bb:b2:58:2b:fd:85:64:8e:62:ab:b2:
3c:25:ef:c6:12:ed:2a:c4:79:ed:32:f0:12:22:47:ab:53:37:
9f:46:c2:0e
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUUn5JBTUb7FAqTY9KMw/ZXIyZo1kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNTA2MDcxNjQ5MDlaFw0yNjA2MDYxNjU0MDlaMDMxMTAvBgNV
BAMTKDJGQTgxNDZEQkI1MUQ1NTFENThDQTZGRkE3NDRFMzVCMUUzRkExRTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBWC14erUOvSCIJsdzUa0EeUE+
Prn4QhZCWJRCmqSyFTPY23ECPv2JERaJHoSjCvKiOnz1PGzPoMadGICEabUulSv+
d632CMPmOLbtUpVnqo8CiuxXSvmODXidkudFmtiE/o7AxUJy4IXQswI8Ku07fcdv
pIACaQkezZ0lX5qcwV5h/XYIyT9lnxEshZGdjwQru0LN7NC/SgE8cCLMkCSIx8WQ
PYyr7m/51htdh3YkPzMTaf8jacYpD8qIkL0i+aeGy1TIpYHpqe/rOSTMtaYiyFHx
yK/8Xy2sJAeMHXhz10ZNmdmYeJPc53nPoPylhWR3e/ujKUKC//rCN2aNXCwnAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUL6gUbbtR1VHVjKb/p0TjWx4/oeUwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzEzMzM3MmUzOTM3
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzNDMyMzEzMTMxLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LYlhMA0GCSqGSIb3DQEBCwUAA4IBAQCcBXiJIXkGXlGsJdINcSTPE5TOGkckGzG1
rtuCNIBbSOh7OOPFtPQ3NBAVHUj8Fe25bsmO1hoE/4JpktasATbQQMHiuF9o/uIe
bot7eIzbH2Rfg7XfU8QPG2gu6ezGJcAlcHjJTTNmrjiub6/U7RFsAf96vMDoObPa
4mrK4+mmcAy3az5wwSCn4wvIORBr1UzjNweW7mWgTYhV+F8DoYUj9vWDjZO41YtT
vnBI+FcIvoneN/f17rPmDyD7XhYRP35J9dYrDnXGYqTjbeNzNYkGqrcLVf/7PTx5
g8zTBCbgu7JYK/2FZI5iq7I8Je/GEu0qxHntMvASIkerUzefRsIO
-----END CERTIFICATE-----
Generated at Sun Jun 15 05:56:37 2025 by rpki-client