Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3133372e39372e302f32342d3234203d3e20313532363732.roa
File: 34352e3133372e39372e302f32342d3234203d3e20313532363732.roa (raw, json)
Hash identifier: 63nyPS/nHd8Tol6AWbAJ00jBY0J7VXrtRA+JVHxPnrE=
Subject key identifier: 92:43:1F:85:00:A7:2E:F2:F8:5F:5D:D0:F1:1F:20:C7:B2:F7:49:C9
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 6FA2D0EE1E79AAA21FA238EBBEB5FDD42877C632
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3133372e39372e302f32342d3234203d3e20313532363732.roa
Signing time: Mon 30 Jun 2025 05:58:03 +0000
ROA not before: Mon 30 Jun 2025 05:53:03 +0000
ROA not after: Mon 29 Jun 2026 05:58:03 +0000
asID: 152672
IP address blocks: 45.137.97.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 23:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:a2:d0:ee:1e:79:aa:a2:1f:a2:38:eb:be:b5:fd:d4:28:77:c6:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Jun 30 05:53:03 2025 GMT
Not After : Jun 29 05:58:03 2026 GMT
Subject: CN=92431F8500A72EF2F85F5DD0F11F20C7B2F749C9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:ba:fd:20:38:5c:8b:33:e1:b1:4a:10:97:9c:
15:a6:fe:e8:c7:68:4c:fe:94:e6:9e:60:f2:45:5d:
fd:56:23:89:b3:e0:02:06:3e:ca:80:c9:8d:69:df:
8f:61:da:0f:2a:9d:f7:2a:ac:3c:2b:be:3c:38:c0:
9a:c8:bf:65:3b:c9:b1:a5:8d:98:bf:9a:ad:78:b9:
d6:98:df:f6:ae:67:9f:59:6b:c8:e2:ee:37:88:4f:
41:66:b2:2f:5b:85:14:6f:de:63:93:73:a6:c2:c0:
6a:0e:89:97:b2:c8:6b:c8:a3:51:1a:9a:6a:46:77:
e6:c0:be:3c:d9:cc:81:77:c3:5d:28:b6:3f:73:ea:
56:25:0b:c4:9e:1f:61:d3:57:00:8a:dd:34:0d:30:
54:d3:f6:f0:8b:0d:bd:b1:4a:a1:a3:b1:2b:79:61:
2e:03:ae:05:f2:5f:5d:d9:80:4f:5d:3b:23:e2:2b:
e7:85:21:b6:a8:03:19:1b:1b:b8:37:09:25:84:59:
db:3f:40:d5:a1:4e:11:85:aa:e9:15:19:81:93:a9:
8e:4c:79:dc:48:66:92:1b:cd:04:4e:00:77:fb:f3:
ff:29:a2:55:0b:bd:7a:7f:c1:fb:95:29:66:73:ac:
cf:bc:40:8e:df:43:78:05:70:d4:92:0e:e5:5a:7f:
d4:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:43:1F:85:00:A7:2E:F2:F8:5F:5D:D0:F1:1F:20:C7:B2:F7:49:C9
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3133372e39372e302f32342d3234203d3e20313532363732.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.97.0/24
Signature Algorithm: sha256WithRSAEncryption
97:19:b1:e2:c4:30:f2:d0:f3:9c:19:0e:40:51:2b:de:43:39:
08:be:0a:27:b9:e1:e5:ce:40:19:fa:7e:4f:05:6b:91:90:3a:
36:9f:f3:f8:c0:fc:e8:42:55:9a:bc:a3:44:52:c1:8d:be:72:
04:a1:6c:51:78:34:af:92:40:41:4f:51:c0:58:2c:c1:0c:3f:
c4:f4:f2:9e:c6:e8:c6:7f:f9:9e:de:e7:2d:1e:24:90:83:9c:
cc:37:f9:a5:ce:10:cd:81:68:00:78:eb:72:7c:3b:fc:a3:ba:
b1:cf:78:16:20:0a:a0:1c:89:5c:7c:69:47:93:49:14:4a:e6:
fa:46:a9:ec:e0:0e:98:6a:cd:58:a2:be:90:f0:8b:4e:11:1e:
fb:fe:36:4b:20:8c:c2:0d:f1:81:b8:7c:a5:8a:63:a2:94:ea:
46:24:59:61:3a:d4:c7:a1:23:c0:33:ae:f9:ae:1e:3f:a2:3f:
9d:24:57:ed:fa:b2:5a:61:08:83:a1:ae:7a:9a:c3:c0:f0:82:
08:af:2e:cd:15:28:64:b8:e7:a7:1b:ea:56:95:4a:1c:2f:a2:
6f:ab:cb:2a:c4:9f:91:32:2b:29:be:68:26:8b:26:bc:5b:05:
e7:13:2e:72:63:f6:8c:99:d8:e9:08:ab:24:cf:b0:0a:21:c1:
75:94:ab:3b
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUb6LQ7h55qqIfojjrvrX91Ch3xjIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNTA2MzAwNTUzMDNaFw0yNjA2MjkwNTU4MDNaMDMxMTAvBgNV
BAMTKDkyNDMxRjg1MDBBNzJFRjJGODVGNUREMEYxMUYyMEM3QjJGNzQ5QzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAuv0gOFyLM+GxShCXnBWm/ujH
aEz+lOaeYPJFXf1WI4mz4AIGPsqAyY1p349h2g8qnfcqrDwrvjw4wJrIv2U7ybGl
jZi/mq14udaY3/auZ59Za8ji7jeIT0Fmsi9bhRRv3mOTc6bCwGoOiZeyyGvIo1Ea
mmpGd+bAvjzZzIF3w10otj9z6lYlC8SeH2HTVwCK3TQNMFTT9vCLDb2xSqGjsSt5
YS4DrgXyX13ZgE9dOyPiK+eFIbaoAxkbG7g3CSWEWds/QNWhThGFqukVGYGTqY5M
edxIZpIbzQROAHf78/8polULvXp/wfuVKWZzrM+8QI7fQ3gFcNSSDuVaf9S9AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUkkMfhQCnLvL4X13Q8R8gx7L3SckwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzEzMzM3MmUzOTM3
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzNTMyMzYzNzMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LYlhMA0GCSqGSIb3DQEBCwUAA4IBAQCXGbHixDDy0POcGQ5AUSveQzkIvgonueHl
zkAZ+n5PBWuRkDo2n/P4wPzoQlWavKNEUsGNvnIEoWxReDSvkkBBT1HAWCzBDD/E
9PKexujGf/me3uctHiSQg5zMN/mlzhDNgWgAeOtyfDv8o7qxz3gWIAqgHIlcfGlH
k0kUSub6Rqns4A6Yas1Yor6Q8ItOER77/jZLIIzCDfGBuHylimOilOpGJFlhOtTH
oSPAM675rh4/oj+dJFft+rJaYQiDoa56msPA8IIIry7NFShkuOenG+pWlUocL6Jv
q8sqxJ+RMispvmgmiya8WwXnEy5yY/aMmdjpCKskz7AKIcF1lKs7
-----END CERTIFICATE-----
Generated at Wed Aug 6 10:06:50 2025 by rpki-client