Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e39312e3133372e302f32342d3234203d3e20313337323335.roa
File: 34352e39312e3133372e302f32342d3234203d3e20313337323335.roa (raw, json)
Hash identifier: lcblNssCMxPRwH0+MUS9Y+2tc3tc+M1+biVW3xt8I9U=
Subject key identifier: 84:2C:59:BB:C9:A3:57:2C:E3:8A:87:0D:B6:91:9B:1B:F2:44:93:2A
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 10BF13CAD620E292DC7ACC585033B78D2BDEC95E
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e39312e3133372e302f32342d3234203d3e20313337323335.roa
Signing time: Fri 06 Jun 2025 01:39:02 +0000
ROA not before: Fri 06 Jun 2025 01:34:02 +0000
ROA not after: Fri 05 Jun 2026 01:39:02 +0000
asID: 137235
IP address blocks: 45.91.137.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 15:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:bf:13:ca:d6:20:e2:92:dc:7a:cc:58:50:33:b7:8d:2b:de:c9:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Jun 6 01:34:02 2025 GMT
Not After : Jun 5 01:39:02 2026 GMT
Subject: CN=842C59BBC9A3572CE38A870DB6919B1BF244932A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:63:81:33:18:d2:37:4e:4e:4e:35:05:04:aa:
1b:3c:ea:4f:ff:9f:34:8a:dd:c8:94:08:11:a9:1a:
bd:d1:18:43:9a:fe:97:6c:22:0b:af:5d:5a:0b:de:
4a:56:63:60:4c:dd:b0:5a:59:dc:ef:4a:36:e0:ed:
2d:f9:ad:6d:92:80:3a:4a:cc:14:32:a4:a0:85:25:
ce:19:d0:ed:66:44:1c:b3:42:8f:9e:1e:ca:69:80:
31:8f:85:0e:90:52:8c:6a:15:9a:4c:a1:77:bd:70:
e2:09:ff:19:d2:5f:3c:6a:77:90:bd:2f:6d:b8:d5:
a0:11:87:7e:5b:f4:80:1b:de:f4:25:f8:24:0f:e4:
00:b5:a1:da:5f:72:3e:cc:b9:31:34:95:d5:7e:40:
3b:26:a4:ca:bd:2e:f2:31:e1:3a:9e:f8:02:2f:6e:
f4:97:e4:17:8b:07:0e:f0:ce:5e:4c:6e:f9:68:b5:
43:d5:60:78:51:6f:b6:f2:4a:0a:0d:0a:c0:0a:7a:
e3:a0:15:55:85:0d:8f:8c:4c:b3:4d:37:46:61:b1:
0e:78:38:50:e1:38:37:01:22:3c:65:ca:2e:33:b7:
0a:91:4d:c2:f8:e3:01:75:85:cf:5a:a2:a1:04:5b:
51:b7:65:7b:6b:e0:88:87:29:09:cf:7f:05:5c:6f:
e1:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:2C:59:BB:C9:A3:57:2C:E3:8A:87:0D:B6:91:9B:1B:F2:44:93:2A
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e39312e3133372e302f32342d3234203d3e20313337323335.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.137.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:a0:33:a7:c7:c9:0e:8c:d5:a0:dd:37:ea:ce:b0:f2:0e:4f:
be:d1:64:84:31:8d:23:84:b8:16:c5:7d:17:59:e5:63:f7:7d:
b4:f1:f1:19:04:ad:5d:8e:95:43:f4:d8:89:8a:a6:c4:4c:5f:
88:1b:c7:7c:1d:d0:2f:06:2d:08:50:01:10:c3:b4:c5:e5:ae:
bf:3e:c8:90:0d:cf:64:09:2a:20:45:6f:1a:a3:96:43:85:cb:
db:06:95:fe:39:f3:67:07:d2:b3:49:f4:fd:80:03:cd:09:f3:
72:f5:79:16:49:d4:78:70:71:20:a7:91:38:5b:a8:c2:83:fe:
30:26:e2:33:42:bf:68:8c:a7:91:4c:31:71:e6:c2:5f:f5:af:
bb:f6:33:01:5d:ae:01:65:25:2d:2a:02:bd:b1:6c:c4:4a:4b:
67:2d:f3:44:ca:e8:59:39:70:3a:cc:4d:f9:89:27:3d:1c:16:
11:e4:c9:6a:21:8d:ee:18:3a:07:72:8c:d7:45:28:17:78:58:
5e:f2:57:d9:dc:17:a2:c7:37:ad:13:d1:ac:28:1c:9c:73:38:
1f:ac:01:3d:5d:66:f1:d4:91:18:ad:a2:ef:cc:26:a8:91:29:
ab:99:a0:0a:7e:32:f3:34:47:d9:9a:9a:ed:92:9e:24:7f:dd:
ad:e9:56:62
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUEL8TytYg4pLcesxYUDO3jSveyV4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNTA2MDYwMTM0MDJaFw0yNjA2MDUwMTM5MDJaMDMxMTAvBgNV
BAMTKDg0MkM1OUJCQzlBMzU3MkNFMzhBODcwREI2OTE5QjFCRjI0NDkzMkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/Y4EzGNI3Tk5ONQUEqhs86k//
nzSK3ciUCBGpGr3RGEOa/pdsIguvXVoL3kpWY2BM3bBaWdzvSjbg7S35rW2SgDpK
zBQypKCFJc4Z0O1mRByzQo+eHsppgDGPhQ6QUoxqFZpMoXe9cOIJ/xnSXzxqd5C9
L2241aARh35b9IAb3vQl+CQP5AC1odpfcj7MuTE0ldV+QDsmpMq9LvIx4Tqe+AIv
bvSX5BeLBw7wzl5MbvlotUPVYHhRb7bySgoNCsAKeuOgFVWFDY+MTLNNN0ZhsQ54
OFDhODcBIjxlyi4ztwqRTcL44wF1hc9aoqEEW1G3ZXtr4IiHKQnPfwVcb+GHAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUhCxZu8mjVyzjiocNtpGbG/JEkyowHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzkzMTJlMzEzMzM3
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM3MzIzMzM1LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LVuJMA0GCSqGSIb3DQEBCwUAA4IBAQBvoDOnx8kOjNWg3TfqzrDyDk++0WSEMY0j
hLgWxX0XWeVj93208fEZBK1djpVD9NiJiqbETF+IG8d8HdAvBi0IUAEQw7TF5a6/
PsiQDc9kCSogRW8ao5ZDhcvbBpX+OfNnB9KzSfT9gAPNCfNy9XkWSdR4cHEgp5E4
W6jCg/4wJuIzQr9ojKeRTDFx5sJf9a+79jMBXa4BZSUtKgK9sWzESktnLfNEyuhZ
OXA6zE35iSc9HBYR5MlqIY3uGDoHcozXRSgXeFhe8lfZ3BeixzetE9GsKBycczgf
rAE9XWbx1JEYraLvzCaokSmrmaAKfjLzNEfZmprtkp4kf92t6VZi
-----END CERTIFICATE-----
Generated at Fri Jun 6 23:13:12 2025 by rpki-client