Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e39312e3133362e302f32342d3234203d3e20323134393134.roa
File: 34352e39312e3133362e302f32342d3234203d3e20323134393134.roa (raw, json)
Hash identifier: pr+hOI1rwGP4C5KbpJ2Y6fD7UsgkD7/muqeszJcP1jw=
Subject key identifier: 81:A6:27:5D:74:40:9B:61:0C:AE:F9:AB:B7:8B:5D:83:4A:CD:C7:E9
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 13EF9FA15C8E8D58477B1971F1946B06D129F3A8
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e39312e3133362e302f32342d3234203d3e20323134393134.roa
Signing time: Mon 19 May 2025 16:29:19 +0000
ROA not before: Mon 19 May 2025 16:24:19 +0000
ROA not after: Mon 18 May 2026 16:29:19 +0000
asID: 214914
IP address blocks: 45.91.136.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 10:31:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:ef:9f:a1:5c:8e:8d:58:47:7b:19:71:f1:94:6b:06:d1:29:f3:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: May 19 16:24:19 2025 GMT
Not After : May 18 16:29:19 2026 GMT
Subject: CN=81A6275D74409B610CAEF9ABB78B5D834ACDC7E9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:70:77:17:4f:f8:37:54:66:b2:6b:45:3a:6b:
b3:1e:bb:4d:f7:38:f3:65:a9:2e:95:76:bc:46:b7:
e1:ab:86:7a:80:a2:29:0e:3c:e4:23:69:2a:9f:62:
f8:59:ee:db:68:20:4b:79:fa:32:13:65:43:df:03:
15:8e:fc:fb:74:59:13:9f:b2:62:b8:ed:e3:82:89:
e2:c6:59:4b:c5:ac:dd:8e:8a:b4:8f:72:57:f1:d4:
6a:4a:27:a3:2e:8a:52:99:91:2f:e0:2a:c9:41:de:
36:2a:e4:86:de:e8:6f:6d:27:5f:9c:35:0a:0f:d6:
73:8c:94:bb:b7:d3:cc:20:6a:9b:39:b4:3b:71:cd:
91:52:f0:ca:91:be:7c:a1:2e:46:bf:29:83:0d:a5:
fc:82:eb:66:87:74:48:be:db:4a:d7:69:1d:aa:86:
3b:29:fa:e1:b5:e9:a6:16:f8:f8:d4:3c:dd:f6:0c:
89:66:13:1f:a2:9b:fa:07:56:a4:54:74:e9:17:c7:
80:d5:33:54:c7:61:40:ce:2b:b2:a7:b6:46:92:f8:
13:77:27:55:7e:d2:4b:5e:48:25:d4:cd:9f:be:13:
76:63:fd:19:e2:ed:d2:fd:9d:35:1b:af:60:da:b0:
f9:7b:c4:b4:1e:de:1e:c9:da:c3:95:77:92:69:81:
f2:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:A6:27:5D:74:40:9B:61:0C:AE:F9:AB:B7:8B:5D:83:4A:CD:C7:E9
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e39312e3133362e302f32342d3234203d3e20323134393134.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.136.0/24
Signature Algorithm: sha256WithRSAEncryption
cf:97:c3:1e:5c:2c:c0:38:ee:c6:f6:50:2d:54:9d:eb:5d:d4:
68:07:b0:41:f4:13:ec:32:92:02:00:f4:54:5d:fb:fb:1a:ee:
21:76:60:8f:c7:12:78:8b:6d:fa:86:25:94:92:a8:67:6f:81:
af:d1:ea:78:1b:5d:3a:34:a9:d1:b3:f2:71:3d:28:f6:0a:f3:
73:49:3b:74:7f:63:17:ff:6a:c2:3b:52:34:e6:d5:55:2b:61:
30:ef:e0:42:99:3c:22:7b:fc:a0:b4:e2:9e:f2:8c:d0:6b:f3:
ee:4c:b8:01:01:66:1e:4e:d2:0e:ac:69:bd:10:59:0b:e7:1e:
ca:4a:22:4d:66:ca:6e:d8:3c:0d:9d:ce:f7:37:77:b9:3e:7e:
88:c1:3d:11:21:e9:93:14:52:3b:9b:54:79:d1:02:84:32:d1:
08:73:9c:90:d9:da:0c:b9:0e:f7:44:c4:ae:37:b6:6b:44:10:
9b:0f:39:e9:ea:2a:96:67:11:a0:0a:d7:ef:8b:ee:13:f9:aa:
94:22:31:73:b3:90:b7:c8:c2:92:5f:ac:91:5b:f0:43:57:14:
96:20:f2:7f:4e:6b:2c:f0:82:58:39:c2:79:13:95:49:a2:ab:
85:18:38:34:93:d4:8b:4b:c0:15:8e:02:a3:d2:42:49:83:92:
87:89:ca:af
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUE++foVyOjVhHexlx8ZRrBtEp86gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNTA1MTkxNjI0MTlaFw0yNjA1MTgxNjI5MTlaMDMxMTAvBgNV
BAMTKDgxQTYyNzVENzQ0MDlCNjEwQ0FFRjlBQkI3OEI1RDgzNEFDREM3RTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBcHcXT/g3VGaya0U6a7Meu033
OPNlqS6VdrxGt+GrhnqAoikOPOQjaSqfYvhZ7ttoIEt5+jITZUPfAxWO/Pt0WROf
smK47eOCieLGWUvFrN2OirSPclfx1GpKJ6MuilKZkS/gKslB3jYq5Ibe6G9tJ1+c
NQoP1nOMlLu308wgaps5tDtxzZFS8MqRvnyhLka/KYMNpfyC62aHdEi+20rXaR2q
hjsp+uG16aYW+PjUPN32DIlmEx+im/oHVqRUdOkXx4DVM1THYUDOK7KntkaS+BN3
J1V+0kteSCXUzZ++E3Zj/Rni7dL9nTUbr2DasPl7xLQe3h7J2sOVd5JpgfKFAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUgaYnXXRAm2EMrvmrt4tdg0rNx+kwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzkzMTJlMzEzMzM2
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTM0MzkzMTM0LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LVuIMA0GCSqGSIb3DQEBCwUAA4IBAQDPl8MeXCzAOO7G9lAtVJ3rXdRoB7BB9BPs
MpICAPRUXfv7Gu4hdmCPxxJ4i236hiWUkqhnb4Gv0ep4G106NKnRs/JxPSj2CvNz
STt0f2MX/2rCO1I05tVVK2Ew7+BCmTwie/ygtOKe8ozQa/PuTLgBAWYeTtIOrGm9
EFkL5x7KSiJNZspu2DwNnc73N3e5Pn6IwT0RIemTFFI7m1R50QKEMtEIc5yQ2doM
uQ73RMSuN7ZrRBCbDznp6iqWZxGgCtfvi+4T+aqUIjFzs5C3yMKSX6yRW/BDVxSW
IPJ/Tmss8IJYOcJ5E5VJoquFGDg0k9SLS8AVjgKj0kJJg5KHicqv
-----END CERTIFICATE-----
Generated at Fri Jun 6 16:56:22 2025 by rpki-client