Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35392e35392e302f32342d3234203d3e20323132333335.roa
File: 322e35392e35392e302f32342d3234203d3e20323132333335.roa (raw, json)
Hash identifier: RkAxzwxFi/GMqDWOazFl/1aVzYy+2uGFFGLzuX9A3Y8=
Subject key identifier: 08:0F:FB:2F:AD:6C:6B:4E:93:8F:D9:A9:CD:E1:51:24:26:7F:32:7E
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 4A63DA4DC786CE691A91C2FF34A10AE6C304D047
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35392e35392e302f32342d3234203d3e20323132333335.roa
Signing time: Wed 22 Jan 2025 19:53:51 +0000
ROA not before: Wed 22 Jan 2025 19:48:51 +0000
ROA not after: Wed 21 Jan 2026 19:53:51 +0000
asID: 212335
IP address blocks: 2.59.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 19:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:63:da:4d:c7:86:ce:69:1a:91:c2:ff:34:a1:0a:e6:c3:04:d0:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Jan 22 19:48:51 2025 GMT
Not After : Jan 21 19:53:51 2026 GMT
Subject: CN=080FFB2FAD6C6B4E938FD9A9CDE15124267F327E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:a4:17:4d:f2:89:44:26:7a:b9:c0:c6:29:01:
3a:c3:40:47:14:5f:36:e2:03:8f:1e:a3:71:76:8f:
b7:d6:a4:c4:8c:df:3e:63:46:ca:97:33:77:af:17:
00:c7:6d:65:33:a5:1b:37:70:7a:e5:34:27:84:c1:
e4:61:59:87:0d:72:2c:e7:5e:3c:2e:d3:ec:87:98:
85:1e:26:f1:0e:b5:cb:c1:df:4f:a9:49:22:56:16:
fb:04:b6:8a:2c:e7:63:5e:fd:b8:6f:ba:68:cc:8a:
27:14:ee:8d:6d:44:34:05:21:60:2c:2b:b0:17:05:
e5:4f:d7:b5:b7:68:ae:c3:d7:6a:8e:82:0c:3b:01:
b0:42:55:9e:0f:a3:b7:a3:d6:cc:0c:e3:1c:ea:b9:
6e:46:a7:2b:bf:87:cd:64:da:bf:58:0f:52:03:db:
e8:63:45:3e:95:2e:f0:f9:2a:5e:9c:a2:fc:cc:c6:
36:d9:02:3b:fd:04:04:01:1e:99:a5:3a:a4:ec:c9:
8b:6a:07:cd:33:40:97:cb:2c:f6:20:ef:5a:45:ee:
c7:b7:18:a6:02:f9:1d:68:71:86:e6:53:6d:67:61:
1e:62:8e:3e:54:0a:9b:6d:a8:a7:b3:2b:a8:24:1c:
e3:e6:91:cc:ce:06:9c:60:23:72:07:cb:e8:c8:0d:
c0:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:0F:FB:2F:AD:6C:6B:4E:93:8F:D9:A9:CD:E1:51:24:26:7F:32:7E
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35392e35392e302f32342d3234203d3e20323132333335.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.59.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:29:2e:0e:36:61:9c:ba:66:ef:7b:bc:43:f8:4a:7b:16:3c:
89:22:0c:f4:aa:a4:a8:f6:ff:96:27:90:62:0b:d2:a7:21:26:
8d:8e:29:16:b9:1d:8e:fc:77:c7:06:6c:50:59:e5:56:9a:aa:
da:52:4b:08:40:09:99:5d:3c:30:69:32:81:0e:2c:22:18:a9:
bf:77:d6:48:7e:1d:db:3f:fe:6d:16:d2:c1:01:4f:4a:e4:df:
61:b8:ef:81:63:8a:a1:fe:12:30:2d:f7:91:38:bc:7a:a0:ce:
fc:a8:63:f6:58:ae:1a:1f:a8:5b:13:e8:f4:e5:4a:3a:41:bf:
6f:37:c0:10:cc:34:78:90:95:9c:7a:76:89:bb:ba:cb:e5:c4:
30:9c:fd:48:e2:f4:92:38:f8:a2:ef:1e:e0:0a:8c:bd:11:ae:
4f:69:c8:60:30:fe:0f:aa:8b:fb:41:8b:54:48:5d:a5:9a:5d:
01:55:10:eb:6e:f7:1e:7d:03:35:2c:52:8b:e7:d0:9d:a3:b8:
e3:ff:ee:c0:bc:2e:12:89:09:d2:99:31:7e:1d:31:46:9e:45:
38:6b:ba:70:da:e3:18:5c:fb:12:59:53:00:2d:d1:95:1c:6a:
96:3f:76:8d:b4:94:c3:95:da:8a:3c:85:59:db:29:c6:e7:10:
3d:a6:06:61
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUSmPaTceGzmkakcL/NKEK5sME0EcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNTAxMjIxOTQ4NTFaFw0yNjAxMjExOTUzNTFaMDMxMTAvBgNV
BAMTKDA4MEZGQjJGQUQ2QzZCNEU5MzhGRDlBOUNERTE1MTI0MjY3RjMyN0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBpBdN8olEJnq5wMYpATrDQEcU
XzbiA48eo3F2j7fWpMSM3z5jRsqXM3evFwDHbWUzpRs3cHrlNCeEweRhWYcNcizn
Xjwu0+yHmIUeJvEOtcvB30+pSSJWFvsEtoos52Ne/bhvumjMiicU7o1tRDQFIWAs
K7AXBeVP17W3aK7D12qOggw7AbBCVZ4Po7ej1swM4xzquW5Gpyu/h81k2r9YD1ID
2+hjRT6VLvD5Kl6covzMxjbZAjv9BAQBHpmlOqTsyYtqB80zQJfLLPYg71pF7se3
GKYC+R1ocYbmU21nYR5ijj5UCpttqKezK6gkHOPmkczOBpxgI3IHy+jIDcA7AgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUCA/7L61sa06Tj9mpzeFRJCZ/Mn4wHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzIyZTM1MzkyZTM1MzkyZTMw
MmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzIzMzMzMzUucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAACOzsw
DQYJKoZIhvcNAQELBQADggEBAD8pLg42YZy6Zu97vEP4SnsWPIkiDPSqpKj2/5Yn
kGIL0qchJo2OKRa5HY78d8cGbFBZ5VaaqtpSSwhACZldPDBpMoEOLCIYqb931kh+
Hds//m0W0sEBT0rk32G474FjiqH+EjAt95E4vHqgzvyoY/ZYrhofqFsT6PTlSjpB
v283wBDMNHiQlZx6dom7usvlxDCc/Uji9JI4+KLvHuAKjL0Rrk9pyGAw/g+qi/tB
i1RIXaWaXQFVEOtu9x59AzUsUovn0J2juOP/7sC8LhKJCdKZMX4dMUaeRThrunDa
4xhc+xJZUwAt0ZUcapY/do20lMOV2oo8hVnbKcbnED2mBmE=
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:43:31 2025 by rpki-client