Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e38372e3137352e302f32342d3234203d3e20313532343630.roa
File: 34352e38372e3137352e302f32342d3234203d3e20313532343630.roa (raw, json)
Hash identifier: QcY9LorlBLOnJprwpIEZjapzfxAoX75Qzqxi5pCTkcI=
Subject key identifier: 5F:84:21:0F:75:18:2A:9C:8C:AF:24:F2:3B:32:A8:AE:D8:C9:C5:91
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 5E7C4303660E5B114D610BDFBBCA66ADC3363592
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e38372e3137352e302f32342d3234203d3e20313532343630.roa
Signing time: Fri 06 Jun 2025 06:54:08 +0000
ROA not before: Fri 06 Jun 2025 06:49:08 +0000
ROA not after: Fri 05 Jun 2026 06:54:08 +0000
asID: 152460
IP address blocks: 45.87.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 06:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:7c:43:03:66:0e:5b:11:4d:61:0b:df:bb:ca:66:ad:c3:36:35:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Jun 6 06:49:08 2025 GMT
Not After : Jun 5 06:54:08 2026 GMT
Subject: CN=5F84210F75182A9C8CAF24F23B32A8AED8C9C591
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:77:49:0e:b3:7a:bf:bd:f9:3e:f6:e0:27:0c:
d5:ad:e2:45:ca:d2:c3:35:8d:dc:cc:86:cd:eb:e5:
1c:4d:25:26:a3:e4:24:12:12:52:39:df:bf:77:9a:
2b:b7:fb:1d:5d:bb:e9:5b:ec:f4:e3:a9:bd:0e:c3:
52:01:65:e1:e2:55:13:fc:df:1e:12:d4:1d:aa:ab:
cd:c4:56:3e:f4:cd:db:74:a9:18:c9:a1:59:7f:71:
97:9e:18:c6:85:d8:b7:74:6e:90:cd:dc:21:f6:8e:
fb:c0:98:71:a5:20:f5:12:39:1d:80:c3:77:73:56:
41:80:75:ea:dc:17:18:28:d1:06:b5:88:30:98:e7:
ef:26:4d:f3:44:41:37:c2:fd:e1:53:b7:63:8e:c6:
05:c4:81:3e:3b:cf:7a:a7:eb:e9:44:23:0e:15:05:
6a:cf:3c:b2:cf:56:53:e9:bd:ce:b5:51:ae:e6:f3:
18:43:14:73:7b:aa:00:b1:1a:f3:d9:11:9e:84:16:
69:d2:28:1b:bb:b4:c9:7d:67:ca:07:4b:64:79:97:
c2:d9:73:24:a0:18:df:41:b6:be:a0:b6:f7:1c:2f:
60:e2:79:12:26:9d:f7:90:e4:db:08:72:ae:55:3d:
5d:73:33:75:d3:cd:b4:4e:19:18:5f:18:5f:e1:19:
9d:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:84:21:0F:75:18:2A:9C:8C:AF:24:F2:3B:32:A8:AE:D8:C9:C5:91
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e38372e3137352e302f32342d3234203d3e20313532343630.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.175.0/24
Signature Algorithm: sha256WithRSAEncryption
67:1b:2a:94:fe:77:fa:3c:90:23:be:55:da:e0:6e:bf:79:16:
12:76:63:eb:17:7b:50:6b:c2:11:d9:28:67:78:1b:1d:ca:02:
2f:53:06:c6:a6:f3:ea:01:e6:81:87:7d:ff:c3:1d:06:3b:be:
97:48:f2:1b:38:34:3d:0d:9c:07:14:71:6e:42:3c:eb:6e:71:
c9:f5:1e:b3:4e:a7:2d:cf:68:61:94:ac:e8:d9:e6:18:7f:bf:
fb:2c:60:d7:40:5d:3d:92:81:78:61:39:9c:6b:ce:16:25:c7:
a8:72:8e:ae:0b:cf:5f:59:b8:6b:55:1f:52:79:eb:1c:a2:3f:
61:c1:3b:e4:c8:03:59:9e:0c:ca:d3:9c:2e:02:5f:aa:b3:00:
16:2e:aa:ea:03:51:74:29:4a:42:2b:a3:77:22:9b:56:98:b1:
c2:e8:4d:fe:ad:dc:51:ad:69:85:db:cb:9a:d5:14:12:55:81:
d5:1e:b7:18:c3:9f:7b:eb:1c:bc:8a:6b:b5:7f:ab:02:de:57:
87:76:b2:3b:a0:a6:ed:36:52:98:1a:bd:a1:d3:09:2c:5c:ce:
2c:ad:cc:64:05:aa:0d:07:7b:97:05:be:09:e6:c1:9a:30:30:
18:4e:0b:74:ee:16:ba:2f:36:b9:4c:da:59:64:71:ae:09:44:
07:3c:9c:9d
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUXnxDA2YOWxFNYQvfu8pmrcM2NZIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNTA2MDYwNjQ5MDhaFw0yNjA2MDUwNjU0MDhaMDMxMTAvBgNV
BAMTKDVGODQyMTBGNzUxODJBOUM4Q0FGMjRGMjNCMzJBOEFFRDhDOUM1OTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLd0kOs3q/vfk+9uAnDNWt4kXK
0sM1jdzMhs3r5RxNJSaj5CQSElI53793miu3+x1du+lb7PTjqb0Ow1IBZeHiVRP8
3x4S1B2qq83EVj70zdt0qRjJoVl/cZeeGMaF2Ld0bpDN3CH2jvvAmHGlIPUSOR2A
w3dzVkGAdercFxgo0Qa1iDCY5+8mTfNEQTfC/eFTt2OOxgXEgT47z3qn6+lEIw4V
BWrPPLLPVlPpvc61Ua7m8xhDFHN7qgCxGvPZEZ6EFmnSKBu7tMl9Z8oHS2R5l8LZ
cySgGN9Btr6gtvccL2DieRImnfeQ5NsIcq5VPV1zM3XTzbROGRhfGF/hGZ1jAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUX4QhD3UYKpyMryTyOzKortjJxZEwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzgzNzJlMzEzNzM1
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzNTMyMzQzNjMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LVevMA0GCSqGSIb3DQEBCwUAA4IBAQBnGyqU/nf6PJAjvlXa4G6/eRYSdmPrF3tQ
a8IR2ShneBsdygIvUwbGpvPqAeaBh33/wx0GO76XSPIbODQ9DZwHFHFuQjzrbnHJ
9R6zTqctz2hhlKzo2eYYf7/7LGDXQF09koF4YTmca84WJceoco6uC89fWbhrVR9S
eescoj9hwTvkyANZngzK05wuAl+qswAWLqrqA1F0KUpCK6N3IptWmLHC6E3+rdxR
rWmF28ua1RQSVYHVHrcYw5976xy8imu1f6sC3leHdrI7oKbtNlKYGr2h0wksXM4s
rcxkBaoNB3uXBb4J5sGaMDAYTgt07ha6Lza5TNpZZHGuCUQHPJyd
-----END CERTIFICATE-----
Generated at Fri Jun 6 16:39:16 2025 by rpki-client