Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3135382e35392e302f32342d3234203d3e20323135363732.roa
File: 34352e3135382e35392e302f32342d3234203d3e20323135363732.roa (raw, json)
Hash identifier: W4QDb6aMlt9/RVirYUrRQ6JvcBc+F36F7xf+pjuJzNs=
Subject key identifier: 37:62:B7:43:7E:11:A6:B3:C8:22:CE:04:6F:17:8D:C7:0B:AE:18:AE
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 0AD26BC40A80064661BB435B0FF5DF46924CB57A
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3135382e35392e302f32342d3234203d3e20323135363732.roa
Signing time: Wed 21 May 2025 14:23:09 +0000
ROA not before: Wed 21 May 2025 14:18:09 +0000
ROA not after: Wed 20 May 2026 14:23:09 +0000
asID: 215672
IP address blocks: 45.158.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 18:46:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:d2:6b:c4:0a:80:06:46:61:bb:43:5b:0f:f5:df:46:92:4c:b5:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: May 21 14:18:09 2025 GMT
Not After : May 20 14:23:09 2026 GMT
Subject: CN=3762B7437E11A6B3C822CE046F178DC70BAE18AE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:24:5d:05:de:04:bd:1d:62:cc:ff:85:c0:62:
ad:9b:52:62:c2:2d:7e:bc:26:54:50:03:16:ad:2c:
40:f0:21:53:c9:ea:f3:3a:d2:67:53:db:88:2b:9d:
ae:9a:51:2a:8f:d6:ce:84:72:aa:fb:27:0d:85:61:
e1:6a:b5:48:ed:9e:85:1e:30:ff:07:ea:a6:a3:f0:
f6:85:3a:96:68:d0:0b:be:c4:6a:7b:93:9d:0c:42:
ed:0d:65:2e:b6:82:16:10:5d:63:a1:7c:7c:f0:06:
48:9e:41:40:eb:41:29:6f:71:50:e5:6e:9b:ee:61:
1f:cc:be:e4:a6:ae:a5:0a:48:d2:33:72:23:71:2d:
4e:41:fe:e4:b2:9e:4c:16:9d:1b:46:46:b2:c4:98:
a0:60:00:dd:bb:88:47:54:9b:8e:26:c7:97:d3:2f:
6c:4d:30:8a:b1:be:6d:6c:75:8e:ee:61:7e:da:b8:
d0:34:ae:9d:77:9a:3a:c5:46:71:6e:a3:b1:10:95:
d4:5b:30:e7:ad:0d:b3:b8:a1:87:7f:f8:b3:e1:09:
6d:fa:8d:aa:ed:ca:af:3f:2b:03:6c:14:f8:f3:73:
d5:70:b7:56:7d:a1:2d:f8:05:35:60:2c:57:7a:9a:
79:f4:26:26:48:19:f3:6f:a5:cf:6d:67:0f:6b:e8:
84:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:62:B7:43:7E:11:A6:B3:C8:22:CE:04:6F:17:8D:C7:0B:AE:18:AE
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3135382e35392e302f32342d3234203d3e20323135363732.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.59.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:bf:20:7a:5b:ec:24:0b:7e:ce:1b:bb:ff:77:3d:6b:5e:8a:
26:76:69:fc:01:93:e4:9d:69:af:3f:ae:85:5a:53:bc:93:41:
af:46:9b:41:8d:5a:6c:92:ad:81:58:db:dc:16:9b:4a:8f:b5:
1f:a3:75:f3:06:d7:55:7c:05:03:f2:89:8f:54:6d:54:bc:e5:
f0:7e:b6:3e:0f:bb:be:3a:9f:f9:87:aa:ae:bd:bd:da:c7:1e:
ed:60:14:6b:89:bc:07:db:72:9d:c7:6e:13:38:10:64:42:dd:
ed:ff:51:f6:95:62:b8:97:62:f3:69:6d:4e:32:1e:e2:94:92:
83:48:8b:47:db:3e:54:26:fc:55:2b:3c:c2:23:cf:9e:4a:42:
7a:c6:5c:67:7e:88:1f:d5:ce:c7:bd:72:16:19:0e:a1:0c:12:
1f:b2:c9:d0:cb:c6:5a:71:ff:1f:07:fa:e0:8b:3b:39:2d:b9:
ae:19:f5:0b:65:19:6b:f6:b3:46:99:b8:d2:a0:e2:e3:1b:40:
e9:cd:25:e5:4e:ce:ec:31:4b:f1:73:d1:9e:10:01:a6:da:46:
85:92:f8:4d:73:e4:aa:2b:f9:d7:3f:90:b1:79:23:c4:9f:7b:
cd:11:7f:93:d4:11:01:7d:89:ab:10:df:8f:11:7f:d9:3f:72:
79:0e:e7:c6
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUCtJrxAqABkZhu0NbD/XfRpJMtXowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNTA1MjExNDE4MDlaFw0yNjA1MjAxNDIzMDlaMDMxMTAvBgNV
BAMTKDM3NjJCNzQzN0UxMUE2QjNDODIyQ0UwNDZGMTc4REM3MEJBRTE4QUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQJF0F3gS9HWLM/4XAYq2bUmLC
LX68JlRQAxatLEDwIVPJ6vM60mdT24grna6aUSqP1s6Ecqr7Jw2FYeFqtUjtnoUe
MP8H6qaj8PaFOpZo0Au+xGp7k50MQu0NZS62ghYQXWOhfHzwBkieQUDrQSlvcVDl
bpvuYR/MvuSmrqUKSNIzciNxLU5B/uSynkwWnRtGRrLEmKBgAN27iEdUm44mx5fT
L2xNMIqxvm1sdY7uYX7auNA0rp13mjrFRnFuo7EQldRbMOetDbO4oYd/+LPhCW36
jartyq8/KwNsFPjzc9Vwt1Z9oS34BTVgLFd6mnn0JiZIGfNvpc9tZw9r6IRrAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUN2K3Q34RprPIIs4EbxeNxwuuGK4wHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzEzNTM4MmUzNTM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTM1MzYzNzMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LZ47MA0GCSqGSIb3DQEBCwUAA4IBAQCxvyB6W+wkC37OG7v/dz1rXoomdmn8AZPk
nWmvP66FWlO8k0GvRptBjVpskq2BWNvcFptKj7Ufo3XzBtdVfAUD8omPVG1UvOXw
frY+D7u+Op/5h6quvb3axx7tYBRribwH23Kdx24TOBBkQt3t/1H2lWK4l2LzaW1O
Mh7ilJKDSItH2z5UJvxVKzzCI8+eSkJ6xlxnfogf1c7HvXIWGQ6hDBIfssnQy8Za
cf8fB/rgizs5LbmuGfULZRlr9rNGmbjSoOLjG0DpzSXlTs7sMUvxc9GeEAGm2kaF
kvhNc+SqK/nXP5CxeSPEn3vNEX+T1BEBfYmrEN+PEX/ZP3J5DufG
-----END CERTIFICATE-----
Generated at Sat Jun 7 12:28:52 2025 by rpki-client