Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e39312e3133362e302f32342d3234203d3e20323132333533.roa
File: 34352e39312e3133362e302f32342d3234203d3e20323132333533.roa (raw, json)
Hash identifier: pun2Lau0SYco6/pNRMojSzBsUZNhAUxPa4bOtUFodyI=
Subject key identifier: 76:3E:94:BD:4D:55:A1:64:09:9A:12:04:B6:25:DE:52:C1:A1:BD:20
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 475077908F40B648050C1B7E7DB5DF9A7EAEC7C0
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e39312e3133362e302f32342d3234203d3e20323132333533.roa
Signing time: Fri 11 Jul 2025 13:37:34 +0000
ROA not before: Fri 11 Jul 2025 13:32:34 +0000
ROA not after: Fri 10 Jul 2026 13:37:34 +0000
asID: 212353
IP address blocks: 45.91.136.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Jul 2025 03:04:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:50:77:90:8f:40:b6:48:05:0c:1b:7e:7d:b5:df:9a:7e:ae:c7:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Jul 11 13:32:34 2025 GMT
Not After : Jul 10 13:37:34 2026 GMT
Subject: CN=763E94BD4D55A164099A1204B625DE52C1A1BD20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:c5:05:88:a7:86:c9:c9:ec:5a:0c:d9:c2:0b:
22:46:a4:f2:ac:46:bf:26:29:d3:ce:ec:fe:61:5b:
2f:b0:44:5a:11:3f:68:c3:b9:b6:c1:94:1c:4e:ec:
27:d2:ad:0b:42:52:b4:6b:38:ca:7d:f4:3a:64:ca:
33:8d:68:23:1d:90:1a:eb:78:5b:30:47:4e:97:bb:
32:11:24:9c:f5:e2:bc:08:15:23:ec:56:01:0b:84:
d8:8a:ad:00:e5:6d:a9:be:4f:b7:9d:73:47:cd:f3:
27:b6:25:58:ee:50:e0:70:48:68:f2:f0:94:d3:00:
e0:48:91:ee:10:52:90:69:f5:1a:95:e3:07:f7:3a:
f9:ff:90:12:65:17:25:db:51:99:07:05:7e:ba:bd:
fe:fc:58:d8:a7:5e:cc:84:2b:b5:10:8e:15:db:6a:
31:13:d0:48:ef:3f:68:79:a7:ba:25:cd:c2:e3:80:
2d:cb:ab:ca:6e:7a:a3:22:c1:d7:b2:17:ed:8b:80:
08:5f:eb:83:80:80:c3:98:b3:a4:93:25:1e:4f:87:
7f:ac:74:de:f4:0b:e4:ec:15:0a:0a:5f:03:93:eb:
ec:87:7a:d6:99:50:6d:5e:a1:f9:f3:5a:65:5d:33:
39:ec:34:17:7e:88:2b:2e:36:cc:4d:16:99:03:8c:
fd:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:3E:94:BD:4D:55:A1:64:09:9A:12:04:B6:25:DE:52:C1:A1:BD:20
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e39312e3133362e302f32342d3234203d3e20323132333533.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.136.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:f8:ea:6e:d9:4a:38:d3:2a:71:28:74:82:aa:8b:96:a7:19:
67:3d:54:af:a6:29:d3:6e:40:58:9c:b2:cf:7c:0f:9f:01:76:
6f:86:c6:c8:29:d0:93:29:b6:5b:7f:8d:26:13:4b:bd:d5:47:
f9:bb:e5:ac:09:4b:57:84:2f:23:54:fe:f7:6c:12:cb:07:41:
71:58:b4:16:28:34:46:79:ac:38:e2:ea:09:82:1e:11:4e:4b:
b3:c7:72:6f:71:e5:2b:9c:2d:ee:4d:0e:5a:cf:9c:ed:37:c8:
08:31:0e:29:28:32:5e:35:02:4a:4b:a3:ee:c5:b4:a7:0e:92:
a0:ae:ee:06:9f:78:1b:04:7a:63:6d:14:be:de:31:44:a9:67:
c7:e1:36:0b:20:35:85:a7:97:d8:0d:b5:f3:a7:81:22:be:56:
25:80:90:d8:64:7b:21:f8:58:a5:72:4a:22:5d:87:34:95:54:
3b:19:7e:0d:cd:c3:54:ff:4f:8d:70:ac:7a:ee:d4:7e:8c:7b:
21:07:2c:cd:9e:e7:da:2e:9a:1c:2b:9c:aa:2b:24:8a:e0:fd:
1e:ea:26:e6:c5:6d:1a:65:48:89:1e:02:75:59:23:95:51:0b:
8f:60:2d:62:df:50:73:b5:16:54:f5:d0:8b:81:19:8d:d7:cd:
eb:00:09:00
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUR1B3kI9AtkgFDBt+fbXfmn6ux8AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNTA3MTExMzMyMzRaFw0yNjA3MTAxMzM3MzRaMDMxMTAvBgNV
BAMTKDc2M0U5NEJENEQ1NUExNjQwOTlBMTIwNEI2MjVERTUyQzFBMUJEMjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIxQWIp4bJyexaDNnCCyJGpPKs
Rr8mKdPO7P5hWy+wRFoRP2jDubbBlBxO7CfSrQtCUrRrOMp99DpkyjONaCMdkBrr
eFswR06XuzIRJJz14rwIFSPsVgELhNiKrQDlbam+T7edc0fN8ye2JVjuUOBwSGjy
8JTTAOBIke4QUpBp9RqV4wf3Ovn/kBJlFyXbUZkHBX66vf78WNinXsyEK7UQjhXb
ajET0EjvP2h5p7olzcLjgC3Lq8pueqMiwdeyF+2LgAhf64OAgMOYs6STJR5Ph3+s
dN70C+TsFQoKXwOT6+yHetaZUG1eofnzWmVdMznsNBd+iCsuNsxNFpkDjP1NAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUdj6UvU1VoWQJmhIEtiXeUsGhvSAwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzkzMTJlMzEzMzM2
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTMyMzMzNTMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LVuIMA0GCSqGSIb3DQEBCwUAA4IBAQC8+Opu2Uo40ypxKHSCqouWpxlnPVSvpinT
bkBYnLLPfA+fAXZvhsbIKdCTKbZbf40mE0u91Uf5u+WsCUtXhC8jVP73bBLLB0Fx
WLQWKDRGeaw44uoJgh4RTkuzx3JvceUrnC3uTQ5az5ztN8gIMQ4pKDJeNQJKS6Pu
xbSnDpKgru4Gn3gbBHpjbRS+3jFEqWfH4TYLIDWFp5fYDbXzp4EivlYlgJDYZHsh
+FilckoiXYc0lVQ7GX4NzcNU/0+NcKx67tR+jHshByzNnufaLpocK5yqKySK4P0e
6ibmxW0aZUiJHgJ1WSOVUQuPYC1i31BztRZU9dCLgRmN183rAAkA
-----END CERTIFICATE-----
Generated at Mon Jul 21 18:12:26 2025 by rpki-client