Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e31322e38322e302f32342d3234203d3e20313432313131.roa
File: 34352e31322e38322e302f32342d3234203d3e20313432313131.roa (raw, json)
Hash identifier: mWA5SX6LIHqmpFr4tOXajUtWr9AGzqI/TfVWHdwHfp4=
Subject key identifier: AB:D2:5C:D8:46:5D:0C:FD:52:E0:B6:0B:73:23:DF:08:DE:9B:F8:2C
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 4BFDDEDA7B85F4BB8C48FA00FD5AA9D4C6E6869E
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e31322e38322e302f32342d3234203d3e20313432313131.roa
Signing time: Wed 22 Jan 2025 19:53:51 +0000
ROA not before: Wed 22 Jan 2025 19:48:51 +0000
ROA not after: Wed 21 Jan 2026 19:53:51 +0000
asID: 142111
IP address blocks: 45.12.82.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 03:19:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:fd:de:da:7b:85:f4:bb:8c:48:fa:00:fd:5a:a9:d4:c6:e6:86:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Jan 22 19:48:51 2025 GMT
Not After : Jan 21 19:53:51 2026 GMT
Subject: CN=ABD25CD8465D0CFD52E0B60B7323DF08DE9BF82C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:c9:7c:c2:ee:11:26:3f:e2:d2:20:bf:55:b9:
73:8f:c9:f3:c1:a4:b5:d6:3a:23:90:74:9a:11:54:
15:26:66:ee:cb:ee:95:ca:cc:95:99:70:54:d3:cc:
42:8f:9e:47:b3:52:c6:ed:50:62:4a:de:3b:50:ab:
c5:16:81:57:eb:44:b9:3d:5a:56:ab:28:88:89:89:
d1:da:af:c3:6f:44:8e:38:9a:20:b5:8f:a9:06:78:
4a:7c:e0:cc:3f:20:2c:6d:e0:8d:27:2c:0e:d2:5f:
6c:e7:66:8b:3a:a4:62:67:3c:60:01:dc:78:6e:d5:
b0:c5:39:ee:5f:9d:02:59:de:6c:a8:fc:85:e1:90:
d1:cd:ac:a2:15:85:b0:37:fa:77:d2:b7:45:fd:4b:
99:a1:44:00:9f:1e:ed:07:ed:d1:12:ac:4d:36:a3:
12:8d:40:d6:3e:bd:aa:dc:07:50:a5:ff:be:e1:3c:
d0:36:9b:33:db:e6:f2:bb:9c:6c:ab:47:d5:51:37:
f1:fa:9c:89:28:de:71:e8:2f:a1:ae:65:63:05:84:
25:30:68:fe:d8:b2:43:57:9d:38:c3:e3:35:ac:34:
cf:e6:03:72:43:ab:f8:c3:c8:fb:b0:ef:4c:59:c3:
1c:c9:29:ec:7d:9f:69:89:11:70:a5:8c:cc:88:2d:
01:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:D2:5C:D8:46:5D:0C:FD:52:E0:B6:0B:73:23:DF:08:DE:9B:F8:2C
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e31322e38322e302f32342d3234203d3e20313432313131.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.82.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:d8:65:72:cf:2a:86:ef:ee:a0:12:a6:5e:19:52:9b:d6:be:
95:8c:eb:d6:85:51:a3:a3:43:ca:94:2d:0d:c6:d9:b6:b9:3e:
eb:3f:3a:46:d2:f5:c2:12:80:a5:a1:6e:51:e3:bc:0b:1b:46:
ae:77:3c:0b:7e:96:99:06:1b:29:c0:4d:e6:91:52:28:77:8c:
13:48:61:6a:4f:6a:b7:cf:ae:7d:25:79:ce:de:31:5f:d2:29:
2e:e0:27:1f:41:7b:ea:c3:42:57:ed:5c:ba:3d:4a:43:3d:fa:
05:85:37:17:c2:49:eb:95:c3:fa:f4:c2:45:4e:a2:3d:a5:d5:
ce:85:d1:73:69:9e:98:5d:6b:ec:2b:0e:fa:a5:e5:81:5c:3b:
4f:db:49:aa:1d:cd:38:d8:73:eb:df:03:d6:a1:42:f1:78:69:
36:d1:82:69:28:0f:91:a1:de:21:c0:48:3e:87:51:28:05:4b:
ee:31:63:76:c4:ad:f2:83:ff:bc:86:0a:88:c2:0d:84:2d:ec:
e6:c2:86:f4:aa:6c:d0:22:bb:5f:6b:1f:e9:a9:46:65:6b:6f:
2e:0d:6e:c7:95:92:30:24:47:ba:85:24:01:22:e4:b3:4f:d9:
27:3b:40:c7:41:73:03:2f:a9:1b:b4:1b:bb:44:69:54:ca:a3:
97:73:bc:d5
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUS/3e2nuF9LuMSPoA/Vqp1Mbmhp4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNTAxMjIxOTQ4NTFaFw0yNjAxMjExOTUzNTFaMDMxMTAvBgNV
BAMTKEFCRDI1Q0Q4NDY1RDBDRkQ1MkUwQjYwQjczMjNERjA4REU5QkY4MkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/yXzC7hEmP+LSIL9VuXOPyfPB
pLXWOiOQdJoRVBUmZu7L7pXKzJWZcFTTzEKPnkezUsbtUGJK3jtQq8UWgVfrRLk9
WlarKIiJidHar8NvRI44miC1j6kGeEp84Mw/ICxt4I0nLA7SX2znZos6pGJnPGAB
3Hhu1bDFOe5fnQJZ3myo/IXhkNHNrKIVhbA3+nfSt0X9S5mhRACfHu0H7dESrE02
oxKNQNY+varcB1Cl/77hPNA2mzPb5vK7nGyrR9VRN/H6nIko3nHoL6GuZWMFhCUw
aP7YskNXnTjD4zWsNM/mA3JDq/jDyPuw70xZwxzJKex9n2mJEXCljMyILQGZAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUq9Jc2EZdDP1S4LYLcyPfCN6b+CwwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzEzMjJlMzgzMjJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzQzMjMxMzEzMS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC0M
UjANBgkqhkiG9w0BAQsFAAOCAQEAithlcs8qhu/uoBKmXhlSm9a+lYzr1oVRo6ND
ypQtDcbZtrk+6z86RtL1whKApaFuUeO8CxtGrnc8C36WmQYbKcBN5pFSKHeME0hh
ak9qt8+ufSV5zt4xX9IpLuAnH0F76sNCV+1cuj1KQz36BYU3F8JJ65XD+vTCRU6i
PaXVzoXRc2memF1r7CsO+qXlgVw7T9tJqh3NONhz698D1qFC8XhpNtGCaSgPkaHe
IcBIPodRKAVL7jFjdsSt8oP/vIYKiMINhC3s5sKG9Kps0CK7X2sf6alGZWtvLg1u
x5WSMCRHuoUkASLks0/ZJztAx0FzAy+pG7Qbu0RpVMqjl3O81Q==
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:13:15 2025 by rpki-client