Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3231322e32332e3231392e302f32342d3234203d3e203239383032.roa
File: 3231322e32332e3231392e302f32342d3234203d3e203239383032.roa (raw, json)
Hash identifier: IcM8XYSn4rdbfTJfp09p0UO9tA3osLdDLYePPSwVQ2g=
Subject key identifier: 0B:BF:75:C1:D3:74:03:9E:03:49:21:39:0A:80:A9:EB:D6:E6:73:18
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 5FD16AC569461F118F10D8F8FC8BC5B1EC043749
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3231322e32332e3231392e302f32342d3234203d3e203239383032.roa
Signing time: Wed 02 Jul 2025 15:40:41 +0000
ROA not before: Wed 02 Jul 2025 15:35:41 +0000
ROA not after: Wed 01 Jul 2026 15:40:41 +0000
asID: 29802
IP address blocks: 212.23.219.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Jul 2025 16:21:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:d1:6a:c5:69:46:1f:11:8f:10:d8:f8:fc:8b:c5:b1:ec:04:37:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Jul 2 15:35:41 2025 GMT
Not After : Jul 1 15:40:41 2026 GMT
Subject: CN=0BBF75C1D374039E034921390A80A9EBD6E67318
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:54:c1:a0:0c:df:f0:84:7f:e1:bb:23:da:1a:
f5:e9:db:82:99:3f:b3:8b:65:05:7d:b9:b3:58:2c:
85:65:ee:70:d8:53:90:e4:52:54:25:dc:74:34:a3:
a5:5b:b8:7a:7f:b5:e2:bf:73:15:3c:79:4b:e5:1c:
f0:00:0d:35:b0:7e:12:15:c0:58:9b:13:88:9e:2e:
a3:34:c8:98:b4:ee:46:74:0d:5b:29:9a:80:87:eb:
c6:fb:f0:00:6c:f8:e4:58:4c:77:12:18:58:44:ed:
a5:b5:11:56:2b:18:43:61:66:ac:ce:d2:72:4b:2a:
a9:35:fd:39:5c:0b:6d:bf:0d:f7:18:89:bf:01:53:
f9:fb:9b:c6:a4:40:d9:af:28:df:d1:3f:58:f4:a1:
67:f6:c5:76:b7:73:a8:78:5d:4c:c2:04:4a:31:4b:
3d:80:b2:0f:3c:d3:ca:da:1e:9a:64:e7:2a:9f:49:
ad:6c:fb:35:3f:09:51:67:ab:12:1f:81:e9:16:c6:
e8:7e:dc:f8:f1:de:5b:44:24:29:17:41:65:d5:e1:
72:b0:23:8b:44:e1:d0:53:7f:55:09:7e:bc:6f:d4:
bb:25:d6:4d:e2:01:7b:be:a6:72:bb:76:9b:dc:6c:
93:2b:23:5b:ab:45:e5:fd:27:50:c1:36:fd:9e:22:
cf:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:BF:75:C1:D3:74:03:9E:03:49:21:39:0A:80:A9:EB:D6:E6:73:18
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3231322e32332e3231392e302f32342d3234203d3e203239383032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.23.219.0/24
Signature Algorithm: sha256WithRSAEncryption
cc:22:cd:46:57:77:16:1b:5c:ca:91:f8:46:c5:e5:24:44:6e:
87:5b:c3:67:1b:03:91:6b:09:5b:ed:fc:90:2b:e1:e7:b3:c7:
70:f6:c6:0e:65:3c:67:8c:ed:ea:dd:fa:47:e4:bc:c9:a5:b4:
b6:1c:f5:ba:c0:47:22:4e:87:1b:b3:13:a8:fd:f6:8c:53:95:
55:12:f3:29:52:1e:3a:cd:c2:23:54:a4:64:99:44:3f:92:f7:
90:9c:9c:7c:3d:af:ff:2f:59:4e:07:d6:af:a1:94:c0:76:2c:
0e:c6:e9:0a:e0:4e:f3:4e:5a:dd:b4:12:63:93:c7:d1:b8:b7:
00:e1:d1:5c:f2:42:69:22:46:8a:ee:47:c7:9c:7a:c6:ec:ff:
45:e7:f2:fd:97:35:d9:17:f1:84:2f:e2:92:a8:0f:f1:84:60:
77:7d:36:b5:c9:49:38:86:d4:c9:b6:7d:48:73:77:a8:4b:0c:
96:99:3b:f3:23:89:bd:63:fb:4d:20:17:78:17:b2:87:9d:ad:
ae:0e:e9:09:b1:26:a8:c4:24:9f:f0:71:1c:3e:22:db:79:72:
0b:96:90:e7:c1:22:40:49:45:dd:26:ed:26:1b:b7:75:20:bc:
21:bc:1f:2b:de:5d:56:11:34:8b:98:a2:e2:98:e4:47:ab:9b:
ab:b1:2c:75
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUX9FqxWlGHxGPENj4/IvFsewEN0kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNTA3MDIxNTM1NDFaFw0yNjA3MDExNTQwNDFaMDMxMTAvBgNV
BAMTKDBCQkY3NUMxRDM3NDAzOUUwMzQ5MjEzOTBBODBBOUVCRDZFNjczMTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0VMGgDN/whH/huyPaGvXp24KZ
P7OLZQV9ubNYLIVl7nDYU5DkUlQl3HQ0o6VbuHp/teK/cxU8eUvlHPAADTWwfhIV
wFibE4ieLqM0yJi07kZ0DVspmoCH68b78ABs+ORYTHcSGFhE7aW1EVYrGENhZqzO
0nJLKqk1/TlcC22/DfcYib8BU/n7m8akQNmvKN/RP1j0oWf2xXa3c6h4XUzCBEox
Sz2Asg8808raHppk5yqfSa1s+zU/CVFnqxIfgekWxuh+3Pjx3ltEJCkXQWXV4XKw
I4tE4dBTf1UJfrxv1Lsl1k3iAXu+pnK7dpvcbJMrI1urReX9J1DBNv2eIs9TAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUC791wdN0A54DSSE5CoCp69bmcxgwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzIzMTMyMmUzMjMzMmUzMjMx
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM5MzgzMDMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
1BfbMA0GCSqGSIb3DQEBCwUAA4IBAQDMIs1GV3cWG1zKkfhGxeUkRG6HW8NnGwOR
awlb7fyQK+Hns8dw9sYOZTxnjO3q3fpH5LzJpbS2HPW6wEciTocbsxOo/faMU5VV
EvMpUh46zcIjVKRkmUQ/kveQnJx8Pa//L1lOB9avoZTAdiwOxukK4E7zTlrdtBJj
k8fRuLcA4dFc8kJpIkaK7kfHnHrG7P9F5/L9lzXZF/GEL+KSqA/xhGB3fTa1yUk4
htTJtn1Ic3eoSwyWmTvzI4m9Y/tNIBd4F7KHna2uDukJsSaoxCSf8HEcPiLbeXIL
lpDnwSJASUXdJu0mG7d1ILwhvB8r3l1WETSLmKLimORHq5ursSx1
-----END CERTIFICATE-----
Generated at Mon Jul 7 04:22:11 2025 by rpki-client