Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3137312e32322e37372e302f32342d3234203d3e20323130393330.roa
File: 3137312e32322e37372e302f32342d3234203d3e20323130393330.roa (raw, json)
Hash identifier: XtuZMnQ7cgIUmJ92FjgoVKUZ/jDNAC2B+i5LustfjHM=
Subject key identifier: 88:6B:6B:E3:F7:A5:77:0A:0B:87:E2:2A:64:85:10:97:97:8E:1A:5E
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 6FA0325761936B195E2F34E0F6F48F2A14F3C409
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3137312e32322e37372e302f32342d3234203d3e20323130393330.roa
Signing time: Tue 03 Jun 2025 15:54:08 +0000
ROA not before: Tue 03 Jun 2025 15:49:08 +0000
ROA not after: Tue 02 Jun 2026 15:54:08 +0000
asID: 210930
IP address blocks: 171.22.77.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 06:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:a0:32:57:61:93:6b:19:5e:2f:34:e0:f6:f4:8f:2a:14:f3:c4:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Jun 3 15:49:08 2025 GMT
Not After : Jun 2 15:54:08 2026 GMT
Subject: CN=886B6BE3F7A5770A0B87E22A64851097978E1A5E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:45:a5:13:59:10:da:5b:34:02:f3:20:03:b3:
d0:bb:e8:27:ab:1b:0d:38:d3:67:28:f4:3e:f9:e8:
d4:0d:fb:af:69:77:05:58:b4:b5:d6:21:e1:50:1d:
32:58:1e:6d:27:1f:87:6c:39:a3:b1:a4:da:95:ba:
3d:fe:6e:21:b5:39:13:ab:41:87:39:88:84:c1:85:
fc:70:c7:a7:f1:7b:53:07:44:01:ea:e3:55:26:34:
38:6c:b3:d5:11:82:98:83:57:0e:1a:e0:29:b8:69:
55:cb:20:9d:38:92:d3:04:2e:f3:4d:e9:af:2f:9d:
c5:57:2e:d9:54:15:ae:44:71:58:b0:46:b6:ba:84:
02:44:07:b8:83:68:34:d7:a8:49:5b:54:55:0f:37:
a6:14:ed:1b:78:77:45:86:1f:43:17:70:76:60:2d:
1c:ed:cf:d6:51:9a:e1:c8:d8:e5:f9:2e:25:4f:c1:
68:bf:aa:59:c5:70:d8:e7:7a:17:c8:e5:0d:3d:0f:
76:a8:95:99:33:f1:2d:78:93:c1:1b:af:52:24:97:
19:7c:19:ee:ca:6f:62:bd:c7:28:2d:48:b0:55:c3:
dc:39:a6:85:75:c0:a2:0a:33:ec:b0:2b:31:5f:13:
d7:c2:cc:74:ca:c6:6d:ef:3a:21:2c:76:d7:4c:58:
9e:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:6B:6B:E3:F7:A5:77:0A:0B:87:E2:2A:64:85:10:97:97:8E:1A:5E
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3137312e32322e37372e302f32342d3234203d3e20323130393330.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.22.77.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:a4:14:34:c4:55:42:a7:41:4c:82:d1:4a:40:bc:cb:78:c6:
34:6f:1a:2e:89:57:2e:77:4d:35:c2:a6:42:58:d3:c4:64:6d:
66:e6:82:c8:2d:4c:81:e8:bc:66:98:1f:0d:be:a5:67:ca:60:
44:47:d1:2a:b7:bd:61:fa:9a:71:1e:15:0a:44:6a:b8:3e:52:
51:46:c1:98:63:9d:93:e0:22:7a:f6:f7:9e:4f:49:1d:93:df:
c0:29:2a:f2:26:70:ad:62:4f:4b:f3:15:18:72:bc:d3:9e:8c:
e4:ff:16:a2:3a:0c:8b:38:aa:ac:a9:85:7c:a1:a4:61:61:95:
25:e8:ab:6e:19:9f:ca:98:80:8d:04:2d:5b:5c:1c:a2:da:38:
79:72:9e:5e:42:b2:8f:28:39:c9:d0:3d:52:5a:bf:64:1d:22:
75:9d:6a:49:23:eb:d1:37:53:8d:9d:10:97:e3:be:7c:d4:3a:
0a:07:af:05:5d:0c:6b:74:ce:0c:2d:50:4e:c7:9e:8d:47:5e:
25:65:7e:0b:48:08:ea:69:fd:dd:f2:19:6c:d1:02:0b:66:be:
c5:f4:2a:61:3e:11:0a:9e:51:81:8e:eb:19:15:28:49:03:21:
74:a0:66:70:66:f5:99:9a:5f:d0:28:3f:82:75:26:f0:d5:1c:
0a:55:e8:0f
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUb6AyV2GTaxleLzTg9vSPKhTzxAkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNTA2MDMxNTQ5MDhaFw0yNjA2MDIxNTU0MDhaMDMxMTAvBgNV
BAMTKDg4NkI2QkUzRjdBNTc3MEEwQjg3RTIyQTY0ODUxMDk3OTc4RTFBNUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0RaUTWRDaWzQC8yADs9C76Cer
Gw0402co9D756NQN+69pdwVYtLXWIeFQHTJYHm0nH4dsOaOxpNqVuj3+biG1OROr
QYc5iITBhfxwx6fxe1MHRAHq41UmNDhss9URgpiDVw4a4Cm4aVXLIJ04ktMELvNN
6a8vncVXLtlUFa5EcViwRra6hAJEB7iDaDTXqElbVFUPN6YU7Rt4d0WGH0MXcHZg
LRztz9ZRmuHI2OX5LiVPwWi/qlnFcNjnehfI5Q09D3aolZkz8S14k8Ebr1Iklxl8
Ge7Kb2K9xygtSLBVw9w5poV1wKIKM+ywKzFfE9fCzHTKxm3vOiEsdtdMWJ4fAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUiGtr4/eldwoLh+IqZIUQl5eOGl4wHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzEzNzMxMmUzMjMyMmUzNzM3
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTMwMzkzMzMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
qxZNMA0GCSqGSIb3DQEBCwUAA4IBAQA/pBQ0xFVCp0FMgtFKQLzLeMY0bxouiVcu
d001wqZCWNPEZG1m5oLILUyB6LxmmB8NvqVnymBER9Eqt71h+ppxHhUKRGq4PlJR
RsGYY52T4CJ69veeT0kdk9/AKSryJnCtYk9L8xUYcrzTnozk/xaiOgyLOKqsqYV8
oaRhYZUl6KtuGZ/KmICNBC1bXByi2jh5cp5eQrKPKDnJ0D1SWr9kHSJ1nWpJI+vR
N1ONnRCX47581DoKB68FXQxrdM4MLVBOx56NR14lZX4LSAjqaf3d8hls0QILZr7F
9CphPhEKnlGBjusZFShJAyF0oGZwZvWZml/QKD+CdSbw1RwKVegP
-----END CERTIFICATE-----
Generated at Fri Jun 6 16:43:29 2025 by rpki-client