Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3133372e39392e302f32342d3234203d3e20323134323039.roa
File: 34352e3133372e39392e302f32342d3234203d3e20323134323039.roa (raw, json)
Hash identifier: wzlp/HaCs411p2A3oEZzcgZrZFjE4uaFeOIU/7w2C3Q=
Subject key identifier: CD:7E:82:AD:49:1B:CC:1F:A6:6C:64:E7:FD:EB:63:64:0E:70:E2:5F
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 068B8D405D6BB0020E1761A886AE3EBFBC036EC7
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3133372e39392e302f32342d3234203d3e20323134323039.roa
Signing time: Tue 07 Jan 2025 01:13:50 +0000
ROA not before: Tue 07 Jan 2025 01:08:50 +0000
ROA not after: Tue 06 Jan 2026 01:13:50 +0000
asID: 214209
IP address blocks: 45.137.99.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 03:19:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:8b:8d:40:5d:6b:b0:02:0e:17:61:a8:86:ae:3e:bf:bc:03:6e:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Jan 7 01:08:50 2025 GMT
Not After : Jan 6 01:13:50 2026 GMT
Subject: CN=CD7E82AD491BCC1FA66C64E7FDEB63640E70E25F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:41:a0:51:7b:d0:59:ae:9d:54:94:28:34:26:
f7:05:41:20:72:3e:06:37:72:68:ff:ce:a2:43:4f:
61:9f:bb:0d:58:58:ec:08:b9:0c:35:9e:68:61:30:
8d:32:ad:44:8a:a8:6a:dd:ec:ff:da:57:b7:e2:6e:
71:0c:8f:3d:a0:21:c7:3c:ff:7d:d4:0d:41:ef:90:
ed:2a:04:5e:6b:1a:62:45:a9:4d:d5:aa:d2:d1:de:
a2:1a:c6:66:55:5b:b3:e3:7f:7d:a5:a3:07:5d:ef:
b6:d0:92:2e:39:2f:e5:bc:23:6a:9d:22:24:8e:8c:
9a:ed:c4:ca:1b:0d:5d:b9:7f:61:4b:52:7f:3d:fa:
4e:7f:4f:02:bd:d6:fe:ac:3a:d5:4e:9a:98:a6:47:
47:d3:b9:c3:5c:e2:aa:a7:76:ff:04:af:17:15:f7:
8f:e7:93:08:fe:c8:1b:01:6a:72:e3:42:66:d9:e1:
2d:66:df:1d:9a:0c:db:e1:95:4f:b8:1b:64:bc:12:
8b:0b:07:be:a3:c4:b8:b1:12:cf:49:15:24:f7:a6:
81:f5:c6:b7:47:76:c5:1f:34:94:b0:73:59:3d:d7:
de:9f:17:56:44:10:ab:ae:db:f0:c6:1b:a8:c4:fb:
3a:74:97:82:48:14:ee:45:0c:df:50:c6:b7:cb:8e:
a3:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:7E:82:AD:49:1B:CC:1F:A6:6C:64:E7:FD:EB:63:64:0E:70:E2:5F
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3133372e39392e302f32342d3234203d3e20323134323039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.99.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:33:7a:2b:33:b1:64:3d:d2:6c:86:cf:99:1e:d7:a9:69:08:
9c:c3:af:3c:c9:ba:51:ee:93:1e:39:b5:86:54:9d:eb:8c:dd:
9a:0b:09:7f:70:bb:ba:c7:0d:95:c0:87:52:10:5e:64:87:fd:
84:b8:7e:4e:1e:c5:e9:32:4b:45:2e:ed:74:86:63:6c:40:3b:
0e:9e:23:50:5d:9f:30:b9:ad:ba:2e:3c:40:4e:68:ba:50:bb:
ed:68:00:70:83:48:f9:1a:bf:2d:15:cf:46:e3:52:f1:48:fd:
29:d8:4f:cc:38:56:70:5d:b3:41:66:29:df:de:23:80:b3:95:
96:d0:44:5e:df:59:b2:79:17:66:9e:bc:a0:4d:57:cc:77:d2:
9c:34:49:fc:84:71:13:f3:49:29:fc:f7:47:75:18:40:4f:05:
a8:d8:cc:46:66:a5:c7:29:6d:36:5a:10:0d:e8:28:91:7c:ed:
af:8e:10:57:68:dc:85:93:ff:b6:26:99:51:3a:d6:6d:af:c7:
ed:b3:75:57:0a:11:33:32:d8:56:7c:c7:e1:6a:e7:41:fe:f5:
55:56:1a:70:21:8f:14:cf:58:43:51:0b:25:0b:1f:26:09:2e:
df:36:ab:fd:8e:5a:6a:96:35:98:8c:5c:a7:18:57:f2:f2:42:
26:e0:a5:21
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUBouNQF1rsAIOF2Gohq4+v7wDbscwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNTAxMDcwMTA4NTBaFw0yNjAxMDYwMTEzNTBaMDMxMTAvBgNV
BAMTKENEN0U4MkFENDkxQkNDMUZBNjZDNjRFN0ZERUI2MzY0MEU3MEUyNUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFQaBRe9BZrp1UlCg0JvcFQSBy
PgY3cmj/zqJDT2Gfuw1YWOwIuQw1nmhhMI0yrUSKqGrd7P/aV7fibnEMjz2gIcc8
/33UDUHvkO0qBF5rGmJFqU3VqtLR3qIaxmZVW7Pjf32lowdd77bQki45L+W8I2qd
IiSOjJrtxMobDV25f2FLUn89+k5/TwK91v6sOtVOmpimR0fTucNc4qqndv8ErxcV
94/nkwj+yBsBanLjQmbZ4S1m3x2aDNvhlU+4G2S8EosLB76jxLixEs9JFST3poH1
xrdHdsUfNJSwc1k9196fF1ZEEKuu2/DGG6jE+zp0l4JIFO5FDN9QxrfLjqOpAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUzX6CrUkbzB+mbGTn/etjZA5w4l8wHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzEzMzM3MmUzOTM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTM0MzIzMDM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LYljMA0GCSqGSIb3DQEBCwUAA4IBAQAsM3orM7FkPdJshs+ZHtepaQicw688ybpR
7pMeObWGVJ3rjN2aCwl/cLu6xw2VwIdSEF5kh/2EuH5OHsXpMktFLu10hmNsQDsO
niNQXZ8wua26LjxATmi6ULvtaABwg0j5Gr8tFc9G41LxSP0p2E/MOFZwXbNBZinf
3iOAs5WW0ERe31myeRdmnrygTVfMd9KcNEn8hHET80kp/PdHdRhATwWo2MxGZqXH
KW02WhAN6CiRfO2vjhBXaNyFk/+2JplROtZtr8fts3VXChEzMthWfMfhaudB/vVV
VhpwIY8Uz1hDUQslCx8mCS7fNqv9jlpqljWYjFynGFfy8kIm4KUh
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:07:50 2025 by rpki-client