Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3135382e35372e302f32342d3234203d3e20323038343833.roa
File: 34352e3135382e35372e302f32342d3234203d3e20323038343833.roa (raw, json)
Hash identifier: qdL70MCWffQOBsNASz6zAJHmvjWf2cnnTHqEzRy1SSI=
Subject key identifier: F7:28:3A:66:36:E3:32:E9:7D:D7:98:67:73:25:A5:AB:08:5F:5E:5F
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 4EA40E4F39F1EA9CBEB2825ADD4D4D7EA3D59976
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3135382e35372e302f32342d3234203d3e20323038343833.roa
Signing time: Mon 30 Jun 2025 13:05:06 +0000
ROA not before: Mon 30 Jun 2025 13:00:06 +0000
ROA not after: Mon 29 Jun 2026 13:05:06 +0000
asID: 208483
IP address blocks: 45.158.57.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 23:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:a4:0e:4f:39:f1:ea:9c:be:b2:82:5a:dd:4d:4d:7e:a3:d5:99:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Jun 30 13:00:06 2025 GMT
Not After : Jun 29 13:05:06 2026 GMT
Subject: CN=F7283A6636E332E97DD798677325A5AB085F5E5F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:0e:4c:20:d8:9d:5a:ef:4a:cd:a6:28:97:bb:
35:a5:31:53:40:3f:e4:09:54:fa:06:5c:81:7e:37:
e8:65:17:4d:8a:c7:59:34:48:82:de:4d:90:2e:cb:
a0:ff:85:98:a3:fd:19:a9:f0:00:82:ed:e8:d1:e3:
ad:6b:67:2d:8c:01:03:68:b1:5f:0b:2d:0f:b5:9c:
eb:43:8f:b7:ab:12:31:c9:6c:6f:35:eb:69:61:60:
d9:68:20:7b:86:09:ea:7a:11:7d:12:71:e0:08:4c:
5d:f8:ec:dc:92:d1:01:95:b6:51:da:ba:22:dc:1b:
84:29:49:83:e3:33:6f:a6:a7:77:a9:be:00:c3:c0:
49:fe:ba:bc:5a:0c:43:c7:24:75:65:bf:29:e2:7e:
89:6f:27:3f:89:73:cf:93:9a:6b:0e:48:36:ee:e1:
d8:a4:38:c6:3d:5d:9b:ab:9e:63:46:08:8f:fa:be:
6a:e1:fa:3c:84:5a:4c:ab:69:30:71:a9:6f:ce:49:
bf:f4:2e:1a:34:ca:cb:a8:bd:dd:33:44:cb:7d:f1:
60:32:1f:36:0a:f6:60:f2:0b:86:51:fd:78:a3:e4:
42:e5:26:a6:ad:b7:46:47:7a:b7:36:db:59:e0:9f:
8d:bf:6a:8a:b3:93:6f:f1:c0:25:aa:3c:14:79:e0:
b9:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:28:3A:66:36:E3:32:E9:7D:D7:98:67:73:25:A5:AB:08:5F:5E:5F
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3135382e35372e302f32342d3234203d3e20323038343833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.57.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:02:26:0a:ef:a9:5b:26:4c:32:98:b4:93:c2:d1:5e:3c:12:
b8:3c:24:12:a5:7d:c7:ad:94:2f:72:e7:8e:a9:ea:b7:91:6d:
a6:8a:52:43:a7:fa:d2:f6:f4:7f:ee:2b:1f:bf:18:0c:8f:3f:
c2:a2:16:2b:eb:f6:55:01:dc:1b:8f:3f:63:3a:87:86:af:4f:
29:8c:b7:12:bb:bd:dd:34:40:5d:84:af:14:4b:03:68:9f:72:
b1:9a:f4:d2:ed:a5:8f:1c:e3:f9:8c:ff:62:bf:ac:b3:e2:4c:
81:57:e6:9c:37:38:be:c1:4b:eb:c9:26:13:95:3d:83:1e:fd:
e4:e3:14:26:a2:55:53:96:9b:75:0e:a4:e3:fb:a1:45:38:72:
06:2b:00:46:b6:3c:29:8b:db:ad:45:c6:f2:62:0f:94:dd:1d:
48:a0:79:f6:a4:e3:67:d1:fe:b8:ae:d1:2f:de:1e:1b:be:af:
38:ef:b9:45:af:ab:fd:f6:48:b5:52:a2:7b:77:e3:ef:94:0e:
9e:a6:d9:58:44:d8:53:3f:6c:05:de:26:33:6d:7b:33:55:86:
df:14:02:70:3d:7a:a8:86:47:48:de:d7:da:71:83:ed:68:ee:
56:16:48:ce:41:2a:88:64:f9:75:ef:29:10:d1:25:e1:67:50:
c9:13:89:67
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUTqQOTznx6py+soJa3U1NfqPVmXYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNTA2MzAxMzAwMDZaFw0yNjA2MjkxMzA1MDZaMDMxMTAvBgNV
BAMTKEY3MjgzQTY2MzZFMzMyRTk3REQ3OTg2NzczMjVBNUFCMDg1RjVFNUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtDkwg2J1a70rNpiiXuzWlMVNA
P+QJVPoGXIF+N+hlF02Kx1k0SILeTZAuy6D/hZij/Rmp8ACC7ejR461rZy2MAQNo
sV8LLQ+1nOtDj7erEjHJbG8162lhYNloIHuGCep6EX0SceAITF347NyS0QGVtlHa
uiLcG4QpSYPjM2+mp3epvgDDwEn+urxaDEPHJHVlvynifolvJz+Jc8+TmmsOSDbu
4dikOMY9XZurnmNGCI/6vmrh+jyEWkyraTBxqW/OSb/0Lho0ysuovd0zRMt98WAy
HzYK9mDyC4ZR/Xij5ELlJqatt0ZHerc221ngn42/aoqzk2/xwCWqPBR54LkBAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU9yg6ZjbjMul915hncyWlqwhfXl8wHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzEzNTM4MmUzNTM3
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDM4MzQzODMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LZ45MA0GCSqGSIb3DQEBCwUAA4IBAQChAiYK76lbJkwymLSTwtFePBK4PCQSpX3H
rZQvcueOqeq3kW2milJDp/rS9vR/7isfvxgMjz/CohYr6/ZVAdwbjz9jOoeGr08p
jLcSu73dNEBdhK8USwNon3KxmvTS7aWPHOP5jP9iv6yz4kyBV+acNzi+wUvrySYT
lT2DHv3k4xQmolVTlpt1DqTj+6FFOHIGKwBGtjwpi9utRcbyYg+U3R1IoHn2pONn
0f64rtEv3h4bvq8477lFr6v99ki1UqJ7d+PvlA6eptlYRNhTP2wF3iYzbXszVYbf
FAJwPXqohkdI3tfacYPtaO5WFkjOQSqIZPl17ykQ0SXhZ1DJE4ln
-----END CERTIFICATE-----
Generated at Thu Jul 24 04:55:35 2025 by rpki-client