Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3138352e3137322e3137332e302f32342d3234203d3e20323135303532.roa
File: 3138352e3137322e3137332e302f32342d3234203d3e20323135303532.roa (raw, json)
Hash identifier: FmivEtg/O3Tc2Lhzfnjc8Hsm/7LrrCFk8mh57UvOSRg=
Subject key identifier: 5D:FD:36:30:D9:DB:B4:B5:17:70:35:AE:36:F6:97:DD:F4:C0:98:A2
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 38C9106FF59B52AA15CE7A8CB9D02C8356464331
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3138352e3137322e3137332e302f32342d3234203d3e20323135303532.roa
Signing time: Fri 23 May 2025 09:54:08 +0000
ROA not before: Fri 23 May 2025 09:49:08 +0000
ROA not after: Fri 22 May 2026 09:54:08 +0000
asID: 215052
IP address blocks: 185.172.173.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 06:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:c9:10:6f:f5:9b:52:aa:15:ce:7a:8c:b9:d0:2c:83:56:46:43:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: May 23 09:49:08 2025 GMT
Not After : May 22 09:54:08 2026 GMT
Subject: CN=5DFD3630D9DBB4B5177035AE36F697DDF4C098A2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:9a:f3:2e:7c:1c:38:4d:c2:dc:35:0d:78:25:
c6:ea:c5:f4:87:9a:a7:09:d8:2f:e7:2a:2a:8b:08:
79:b5:3b:0b:6e:17:7a:28:27:d5:66:83:18:0f:22:
e7:62:1f:f1:09:81:a1:8b:a0:fa:76:c6:de:81:15:
0d:b8:54:02:17:c2:a5:cd:16:7f:16:5b:b4:9f:04:
e0:78:8d:0d:0f:d7:cd:37:52:19:7a:e1:d8:52:f7:
5e:02:e7:50:7a:bc:51:81:ed:3b:3c:50:81:6f:0e:
0e:db:0f:9d:95:b4:92:97:31:9d:76:1a:8a:b1:79:
52:0f:c8:01:ec:20:6e:1b:02:4a:45:c6:a3:24:4c:
c6:e8:92:37:83:44:e7:d0:91:6d:bf:af:d8:fa:f7:
e9:4a:d1:98:ac:e7:6d:a7:32:75:1b:51:e9:2a:ec:
be:38:c4:dd:0f:59:16:a7:dc:d3:f2:ef:7c:e3:af:
40:e5:7b:89:c5:6e:53:62:24:5f:ac:b8:30:6e:50:
d1:cd:49:62:cb:30:22:2a:47:b0:c0:b2:ef:54:64:
b1:7c:87:59:44:c1:00:fc:a7:70:d0:14:92:a6:82:
10:c6:62:7c:31:3f:ad:51:c3:18:a2:7f:aa:83:48:
16:72:7c:fc:b3:d8:62:53:ff:77:1c:6c:0d:a2:d3:
19:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:FD:36:30:D9:DB:B4:B5:17:70:35:AE:36:F6:97:DD:F4:C0:98:A2
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3138352e3137322e3137332e302f32342d3234203d3e20323135303532.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.172.173.0/24
Signature Algorithm: sha256WithRSAEncryption
96:c5:49:6c:e9:4d:0d:b2:79:1d:c4:1d:cd:15:92:a3:d6:c1:
54:ed:88:9f:86:5f:fd:21:73:dc:da:e6:74:55:b6:b5:1d:f3:
d0:80:05:20:9a:1c:f2:6a:dc:f0:3d:dc:25:ad:f6:2c:23:bd:
c6:27:14:12:d2:e9:5c:bd:15:61:47:fc:bf:7c:ff:f6:ec:65:
b5:bb:ae:ef:49:17:8e:42:77:88:24:6e:0f:70:fd:19:03:85:
16:b6:8d:9c:24:23:ee:49:14:0f:12:4b:14:0e:35:d2:9f:ac:
02:ff:b0:b5:02:0e:0d:90:64:2c:66:85:73:48:d5:3f:cf:06:
d4:03:ad:98:29:55:36:59:0e:66:fb:26:6c:40:dc:47:bc:06:
bd:97:a5:79:03:99:a8:fe:d0:c9:08:2f:c7:f8:f5:c1:83:42:
c5:52:dd:6f:b7:95:e1:6e:6d:b9:c5:95:60:9b:57:a6:65:63:
e1:dd:b1:8b:39:1c:ef:61:0f:c3:ec:45:a9:8f:95:d8:8f:d1:
60:bf:59:9b:5a:63:6d:e9:c6:4e:49:fd:87:7b:c8:0b:ce:ec:
4c:65:c8:98:92:a5:a0:68:ce:a4:c8:db:8f:38:d8:a3:93:37:
44:af:95:47:3e:db:3d:77:76:1c:25:4f:ea:c6:e5:a2:94:ea:
1e:46:5f:54
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUOMkQb/WbUqoVznqMudAsg1ZGQzEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNTA1MjMwOTQ5MDhaFw0yNjA1MjIwOTU0MDhaMDMxMTAvBgNV
BAMTKDVERkQzNjMwRDlEQkI0QjUxNzcwMzVBRTM2RjY5N0RERjRDMDk4QTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxmvMufBw4TcLcNQ14JcbqxfSH
mqcJ2C/nKiqLCHm1OwtuF3ooJ9VmgxgPIudiH/EJgaGLoPp2xt6BFQ24VAIXwqXN
Fn8WW7SfBOB4jQ0P1803Uhl64dhS914C51B6vFGB7Ts8UIFvDg7bD52VtJKXMZ12
GoqxeVIPyAHsIG4bAkpFxqMkTMbokjeDROfQkW2/r9j69+lK0Zis522nMnUbUekq
7L44xN0PWRan3NPy73zjr0Dle4nFblNiJF+suDBuUNHNSWLLMCIqR7DAsu9UZLF8
h1lEwQD8p3DQFJKmghDGYnwxP61Rwxiif6qDSBZyfPyz2GJT/3ccbA2i0xn7AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUXf02MNnbtLUXcDWuNvaX3fTAmKIwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzEzODM1MmUzMTM3MzIyZTMx
MzczMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzNTMwMzUzMi5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALmsrTANBgkqhkiG9w0BAQsFAAOCAQEAlsVJbOlNDbJ5HcQdzRWSo9bBVO2I
n4Zf/SFz3NrmdFW2tR3z0IAFIJoc8mrc8D3cJa32LCO9xicUEtLpXL0VYUf8v3z/
9uxltbuu70kXjkJ3iCRuD3D9GQOFFraNnCQj7kkUDxJLFA410p+sAv+wtQIODZBk
LGaFc0jVP88G1AOtmClVNlkOZvsmbEDcR7wGvZeleQOZqP7QyQgvx/j1wYNCxVLd
b7eV4W5tucWVYJtXpmVj4d2xizkc72EPw+xFqY+V2I/RYL9Zm1pjbenGTkn9h3vI
C87sTGXImJKloGjOpMjbjzjYo5M3RK+VRz7bPXd2HCVP6sblopTqHkZfVA==
-----END CERTIFICATE-----
Generated at Fri Jun 6 16:51:26 2025 by rpki-client