Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e38372e3137332e302f32342d3234203d3e20323130353338.roa
File: 34352e38372e3137332e302f32342d3234203d3e20323130353338.roa (raw, json)
Hash identifier: Jyp/c89vDJfKwRnk0a94estSfPIH5w7KDwI16IbCvlE=
Subject key identifier: 2A:EE:05:C5:4D:80:16:28:C5:76:20:9B:8D:87:0C:3B:E9:21:0D:84
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 1AE021B2A372A31984BE4C43E98EA68B67EE7ECD
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e38372e3137332e302f32342d3234203d3e20323130353338.roa
Signing time: Wed 22 Jan 2025 19:53:51 +0000
ROA not before: Wed 22 Jan 2025 19:48:51 +0000
ROA not after: Wed 21 Jan 2026 19:53:51 +0000
asID: 210538
IP address blocks: 45.87.173.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 03:19:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:e0:21:b2:a3:72:a3:19:84:be:4c:43:e9:8e:a6:8b:67:ee:7e:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Jan 22 19:48:51 2025 GMT
Not After : Jan 21 19:53:51 2026 GMT
Subject: CN=2AEE05C54D801628C576209B8D870C3BE9210D84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:96:4f:91:a5:81:7a:c0:a8:23:81:c5:16:88:
16:f6:5e:5c:50:67:dc:6b:f3:41:5c:a0:2b:a6:28:
fc:4d:68:76:a5:43:45:e1:5e:71:2f:27:e6:cd:2f:
a6:0c:22:0c:7b:4d:73:b2:8c:78:ce:70:22:0c:6e:
7e:6e:84:88:47:12:dc:6e:0e:89:66:c6:98:7d:71:
16:2a:0a:b8:f8:3d:ed:d6:7c:45:cc:d9:71:9f:b1:
65:ac:4f:75:9b:9f:95:18:c4:4e:ec:01:b7:dd:d8:
25:0b:ae:71:f9:96:d5:70:8c:01:eb:24:33:80:01:
9f:cd:47:ba:fe:c1:da:71:f6:31:b1:5d:4a:dd:ec:
64:df:01:a2:39:aa:c7:b7:59:9c:9a:8f:6d:70:8b:
ab:29:31:e5:16:97:e5:19:53:64:d8:17:f1:a4:3a:
82:69:78:6f:d5:14:39:24:de:19:8c:56:d5:ff:6b:
2a:7d:47:21:38:74:12:3a:f7:3c:58:b5:ab:cb:ea:
ac:ad:87:95:29:94:19:48:64:be:f3:e3:d2:86:e8:
e6:ff:d1:44:af:28:1a:82:af:0a:28:e3:4f:ac:9f:
ce:0b:e5:29:36:09:c5:9c:15:d4:2a:ec:ba:ac:6a:
3f:8a:d0:9f:ff:8c:0f:62:cf:2f:91:65:09:03:22:
2f:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:EE:05:C5:4D:80:16:28:C5:76:20:9B:8D:87:0C:3B:E9:21:0D:84
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e38372e3137332e302f32342d3234203d3e20323130353338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.173.0/24
Signature Algorithm: sha256WithRSAEncryption
70:b2:ec:17:b7:aa:b4:63:18:fb:49:af:3d:df:9c:ac:43:b0:
f4:f1:6b:50:36:40:d2:67:12:31:10:4f:af:7a:0b:c1:56:c0:
52:ce:8e:04:77:50:c5:fd:79:e1:38:1b:74:61:0d:a8:27:db:
0a:2b:5c:97:e1:04:cf:c5:ad:f8:1d:f8:9c:d9:ca:52:97:c3:
f8:f3:c8:d5:b1:72:1d:25:0d:c0:8c:07:38:66:c0:4a:3a:f6:
35:01:5b:61:f0:d3:90:b4:88:2b:20:34:f5:67:99:4c:8a:2b:
fb:c0:d3:8d:d8:62:5e:94:dc:6a:0a:e3:87:b3:84:7f:32:43:
35:56:d3:03:4d:26:27:0f:4f:b8:8c:24:39:26:f7:f7:76:f1:
33:6c:75:be:65:88:72:40:e5:79:03:ba:ff:57:11:a1:2d:98:
00:5b:d4:69:f3:5b:a0:a6:0d:a5:45:1f:b5:bc:69:de:2b:89:
63:65:7b:69:a5:85:c1:ea:e2:f9:4f:68:b9:36:f9:31:a7:83:
be:89:48:54:a4:5e:ed:32:1b:bb:d0:7a:af:5f:4a:7e:ea:41:
13:96:ce:45:17:73:5e:6c:6b:1c:b9:42:91:f2:ed:fa:17:24:
aa:fc:13:e0:0d:80:29:eb:ee:0f:53:20:22:c9:9b:19:68:81:
e2:d6:5a:88
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUGuAhsqNyoxmEvkxD6Y6mi2fufs0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNTAxMjIxOTQ4NTFaFw0yNjAxMjExOTUzNTFaMDMxMTAvBgNV
BAMTKDJBRUUwNUM1NEQ4MDE2MjhDNTc2MjA5QjhEODcwQzNCRTkyMTBEODQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDulk+RpYF6wKgjgcUWiBb2XlxQ
Z9xr80FcoCumKPxNaHalQ0XhXnEvJ+bNL6YMIgx7TXOyjHjOcCIMbn5uhIhHEtxu
Dolmxph9cRYqCrj4Pe3WfEXM2XGfsWWsT3Wbn5UYxE7sAbfd2CULrnH5ltVwjAHr
JDOAAZ/NR7r+wdpx9jGxXUrd7GTfAaI5qse3WZyaj21wi6spMeUWl+UZU2TYF/Gk
OoJpeG/VFDkk3hmMVtX/ayp9RyE4dBI69zxYtavL6qyth5UplBlIZL7z49KG6Ob/
0USvKBqCrwoo40+sn84L5Sk2CcWcFdQq7Lqsaj+K0J//jA9izy+RZQkDIi/3AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUKu4FxU2AFijFdiCbjYcMO+khDYQwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzgzNzJlMzEzNzMz
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTMwMzUzMzM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LVetMA0GCSqGSIb3DQEBCwUAA4IBAQBwsuwXt6q0Yxj7Sa8935ysQ7D08WtQNkDS
ZxIxEE+vegvBVsBSzo4Ed1DF/XnhOBt0YQ2oJ9sKK1yX4QTPxa34Hfic2cpSl8P4
88jVsXIdJQ3AjAc4ZsBKOvY1AVth8NOQtIgrIDT1Z5lMiiv7wNON2GJelNxqCuOH
s4R/MkM1VtMDTSYnD0+4jCQ5Jvf3dvEzbHW+ZYhyQOV5A7r/VxGhLZgAW9Rp81ug
pg2lRR+1vGneK4ljZXtppYXB6uL5T2i5Nvkxp4O+iUhUpF7tMhu70HqvX0p+6kET
ls5FF3NebGscuUKR8u36FySq/BPgDYAp6+4PUyAiyZsZaIHi1lqI
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:34:12 2025 by rpki-client