Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3137312e32322e37382e302f32342d3234203d3e20313432313131.roa
File: 3137312e32322e37382e302f32342d3234203d3e20313432313131.roa (raw, json)
Hash identifier: 1jGTUe5xAhktMnn/g6XeLus/lXNuvbfZ6dHS8Vru9iA=
Subject key identifier: 58:E4:75:FF:C2:A3:0D:6A:07:DF:68:51:5F:23:21:C3:BC:EB:AF:56
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 7C7EECB45CCD915955707FFB5A79394323452B24
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3137312e32322e37382e302f32342d3234203d3e20313432313131.roa
Signing time: Mon 30 Jun 2025 21:08:32 +0000
ROA not before: Mon 30 Jun 2025 21:03:32 +0000
ROA not after: Mon 29 Jun 2026 21:08:32 +0000
asID: 142111
IP address blocks: 171.22.78.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Jul 2025 07:59:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:7e:ec:b4:5c:cd:91:59:55:70:7f:fb:5a:79:39:43:23:45:2b:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Jun 30 21:03:32 2025 GMT
Not After : Jun 29 21:08:32 2026 GMT
Subject: CN=58E475FFC2A30D6A07DF68515F2321C3BCEBAF56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:ef:e1:b8:0c:41:29:83:6f:1a:33:a3:c9:25:
8f:3b:23:5d:29:f1:b6:ce:c8:6d:a1:68:8e:d0:78:
1e:2a:d2:21:e4:26:11:b7:08:d5:e3:0b:67:c9:2f:
99:a8:bd:25:98:a8:ab:55:4e:8b:09:16:32:c5:dd:
31:ec:6d:61:aa:68:b4:2b:1c:72:59:0a:62:51:18:
1a:28:98:86:47:f0:5c:a6:a3:f0:da:c7:75:74:ba:
a7:22:37:9f:5d:a9:59:0c:26:4b:86:ad:59:35:b8:
d9:62:a5:79:c8:05:af:80:58:d6:16:5f:eb:b6:43:
e3:b2:2f:a6:71:5e:5b:dd:2d:c5:93:d9:0b:88:b7:
97:59:e5:73:35:34:bb:7c:a4:07:0a:60:19:e8:5e:
81:fa:c7:e1:9c:e5:13:b2:ec:62:04:e3:4e:64:4a:
6d:de:e5:ad:eb:6a:76:07:48:bf:4b:7e:09:7b:3c:
b5:80:d9:65:72:93:c8:72:d8:94:0d:22:74:e2:17:
40:82:05:3a:19:3d:55:cf:60:8e:ee:d0:9a:bd:35:
41:e4:3c:4e:0b:2a:3a:7a:36:cb:44:e6:c2:fd:68:
a2:aa:44:54:8d:63:86:7a:4b:ce:fd:32:36:2b:34:
04:7c:f4:d0:07:98:e0:04:d2:cc:54:d9:c9:9e:10:
d0:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:E4:75:FF:C2:A3:0D:6A:07:DF:68:51:5F:23:21:C3:BC:EB:AF:56
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3137312e32322e37382e302f32342d3234203d3e20313432313131.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.22.78.0/24
Signature Algorithm: sha256WithRSAEncryption
54:c0:81:28:0b:c5:0c:22:28:83:a7:a7:7b:ff:c7:ed:ec:4a:
3c:f9:4f:ee:34:5e:b3:a6:8a:39:6c:e2:41:e1:7d:e1:c4:84:
a1:11:01:95:2c:2d:06:5b:5a:93:42:8f:8b:d2:53:0a:38:41:
9b:a1:7d:78:f6:ac:de:b3:81:10:f2:66:1a:93:ba:41:26:55:
4d:c0:0e:7b:76:10:14:02:18:db:73:91:c9:f4:69:e0:f4:3b:
16:ae:06:21:8b:36:93:cb:db:fe:42:f8:bc:6c:c7:69:c6:ca:
f7:1f:51:02:4d:99:46:1c:77:bd:9a:77:da:45:e4:af:fe:0e:
a1:97:9a:11:ea:1a:c3:87:2d:7d:65:a2:4c:5d:c5:8a:d4:e7:
bc:4f:7b:75:33:f9:f8:e9:9e:fb:0e:96:94:46:4f:64:c3:98:
4d:88:12:81:9f:48:a9:d3:08:3f:ff:9b:77:00:55:48:09:6b:
8a:49:81:6d:56:64:a6:8c:25:36:17:af:70:66:e0:55:b6:bc:
62:b1:f2:8a:91:4a:0b:17:61:75:62:39:18:f8:dd:e5:a8:81:
7e:87:40:a1:41:10:0a:8c:16:4c:4d:6f:df:d3:fa:6b:41:e7:
56:37:2f:92:29:b5:ec:8a:f2:e8:0a:87:31:80:72:16:d9:08:
fb:d1:ba:6f
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUfH7stFzNkVlVcH/7Wnk5QyNFKyQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNTA2MzAyMTAzMzJaFw0yNjA2MjkyMTA4MzJaMDMxMTAvBgNV
BAMTKDU4RTQ3NUZGQzJBMzBENkEwN0RGNjg1MTVGMjMyMUMzQkNFQkFGNTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCX7+G4DEEpg28aM6PJJY87I10p
8bbOyG2haI7QeB4q0iHkJhG3CNXjC2fJL5movSWYqKtVTosJFjLF3THsbWGqaLQr
HHJZCmJRGBoomIZH8Fymo/Dax3V0uqciN59dqVkMJkuGrVk1uNlipXnIBa+AWNYW
X+u2Q+OyL6ZxXlvdLcWT2QuIt5dZ5XM1NLt8pAcKYBnoXoH6x+Gc5ROy7GIE405k
Sm3e5a3ranYHSL9Lfgl7PLWA2WVyk8hy2JQNInTiF0CCBToZPVXPYI7u0Jq9NUHk
PE4LKjp6NstE5sL9aKKqRFSNY4Z6S879MjYrNAR89NAHmOAE0sxU2cmeENDhAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUWOR1/8KjDWoH32hRXyMhw7zrr1YwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzEzNzMxMmUzMjMyMmUzNzM4
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzNDMyMzEzMTMxLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
qxZOMA0GCSqGSIb3DQEBCwUAA4IBAQBUwIEoC8UMIiiDp6d7/8ft7Eo8+U/uNF6z
poo5bOJB4X3hxIShEQGVLC0GW1qTQo+L0lMKOEGboX149qzes4EQ8mYak7pBJlVN
wA57dhAUAhjbc5HJ9Gng9DsWrgYhizaTy9v+Qvi8bMdpxsr3H1ECTZlGHHe9mnfa
ReSv/g6hl5oR6hrDhy19ZaJMXcWK1Oe8T3t1M/n46Z77DpaURk9kw5hNiBKBn0ip
0wg//5t3AFVICWuKSYFtVmSmjCU2F69wZuBVtrxisfKKkUoLF2F1YjkY+N3lqIF+
h0ChQRAKjBZMTW/f0/prQedWNy+SKbXsivLoCocxgHIW2Qj70bpv
-----END CERTIFICATE-----
Generated at Wed Jul 2 12:09:22 2025 by rpki-client