Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e39312e3133392e302f32342d3234203d3e203230343733.roa
File: 34352e39312e3133392e302f32342d3234203d3e203230343733.roa (raw, json)
Hash identifier: y/NiOHpRxyRaKctLQwx3khjyFw2/8BpDv1ZQ3o2Tybo=
Subject key identifier: 73:FD:CC:30:06:43:A2:37:00:61:B2:90:4A:F8:01:1F:0B:D1:5C:2A
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 73C96D9C6032CB4043A3D372BBFCA36714FCB28B
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e39312e3133392e302f32342d3234203d3e203230343733.roa
Signing time: Wed 14 May 2025 13:54:08 +0000
ROA not before: Wed 14 May 2025 13:49:08 +0000
ROA not after: Wed 13 May 2026 13:54:08 +0000
asID: 20473
IP address blocks: 45.91.139.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 18:54:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:c9:6d:9c:60:32:cb:40:43:a3:d3:72:bb:fc:a3:67:14:fc:b2:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: May 14 13:49:08 2025 GMT
Not After : May 13 13:54:08 2026 GMT
Subject: CN=73FDCC300643A2370061B2904AF8011F0BD15C2A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:a4:df:5e:f6:7a:44:61:cc:be:a5:db:70:b7:
3a:62:aa:90:52:32:87:2e:c8:0b:18:45:a2:d9:6b:
f6:c1:a0:1c:e8:b4:f0:70:13:40:2a:43:6d:cc:c5:
0d:c0:1f:92:cc:f0:72:b7:fd:3c:e7:8b:f5:70:58:
85:a3:0c:3c:9c:fe:83:d8:1e:8a:11:6b:5a:3c:c6:
d4:9d:32:0c:0b:a1:73:7a:a1:50:2b:d6:c3:9b:ab:
fb:aa:06:54:2e:3d:3d:39:76:19:76:ec:0a:d6:6d:
5f:db:96:f8:89:5e:b2:72:a2:08:ed:1c:b1:5a:45:
e0:91:df:0f:e5:68:1c:ab:a9:cb:d1:24:a0:5a:4f:
a3:56:5d:75:a4:8e:27:ac:f7:cc:11:c5:92:9c:67:
7a:3c:9e:78:0e:74:d3:d6:12:0d:fd:88:89:0f:70:
44:aa:7b:d4:df:8b:db:b5:a4:cf:f9:00:8f:cd:48:
94:4d:8e:bb:13:59:bd:9f:96:e2:5a:3a:70:4d:31:
39:0e:00:b5:b2:65:f2:f1:7f:05:ae:5a:b2:ff:0c:
89:78:17:10:21:cd:e3:f2:fe:0c:2f:eb:76:9d:a2:
03:67:04:12:44:69:11:34:76:b2:25:48:03:18:ba:
99:04:c0:43:99:b8:f1:ed:2b:d5:8b:9a:85:db:f6:
85:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:FD:CC:30:06:43:A2:37:00:61:B2:90:4A:F8:01:1F:0B:D1:5C:2A
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e39312e3133392e302f32342d3234203d3e203230343733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.139.0/24
Signature Algorithm: sha256WithRSAEncryption
53:f0:89:bc:b9:7b:c3:e5:22:94:da:0c:46:3e:27:d8:c5:fc:
cb:4b:b2:15:ed:33:44:46:61:1c:8e:a6:c0:35:f1:7f:ee:4b:
37:32:80:70:92:ec:9f:44:a6:45:b7:2a:32:15:36:60:d3:ff:
3c:18:ed:3e:e4:ae:49:81:f7:58:e7:b3:1e:2a:e1:01:ed:94:
87:91:9f:4d:07:5a:97:c4:ff:4b:d1:15:bf:c7:de:a1:e0:a3:
c1:ca:61:f8:16:25:27:cb:90:b7:18:34:0a:f6:d1:90:99:bc:
65:05:97:16:01:ae:d3:fe:c8:e0:71:10:72:79:f3:00:d1:9b:
97:f4:47:63:be:63:50:39:47:8c:e3:5a:28:3c:7d:71:39:4a:
64:9d:e8:23:a6:8b:4b:0c:ce:d1:9e:01:a0:c0:06:6c:32:82:
7b:b5:73:de:ed:cc:c3:c7:48:14:fe:73:50:9e:bb:06:7f:b2:
9b:91:b2:52:fa:a7:44:62:ad:27:b9:7c:65:52:d0:0a:e7:f1:
e8:50:b7:aa:5e:ab:05:d3:f2:0d:c9:a0:0e:1c:25:fd:29:5f:
f1:43:bb:96:cd:40:05:fc:14:25:89:0c:52:c8:1d:ca:b1:55:
8f:95:cb:48:09:da:8a:88:69:ed:7b:5b:7a:0e:1c:9e:5f:f4:
2e:5e:f5:4b
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUc8ltnGAyy0BDo9Nyu/yjZxT8soswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNTA1MTQxMzQ5MDhaFw0yNjA1MTMxMzU0MDhaMDMxMTAvBgNV
BAMTKDczRkRDQzMwMDY0M0EyMzcwMDYxQjI5MDRBRjgwMTFGMEJEMTVDMkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCspN9e9npEYcy+pdtwtzpiqpBS
MocuyAsYRaLZa/bBoBzotPBwE0AqQ23MxQ3AH5LM8HK3/Tzni/VwWIWjDDyc/oPY
HooRa1o8xtSdMgwLoXN6oVAr1sObq/uqBlQuPT05dhl27ArWbV/blviJXrJyogjt
HLFaReCR3w/laByrqcvRJKBaT6NWXXWkjies98wRxZKcZ3o8nngOdNPWEg39iIkP
cESqe9Tfi9u1pM/5AI/NSJRNjrsTWb2fluJaOnBNMTkOALWyZfLxfwWuWrL/DIl4
FxAhzePy/gwv63adogNnBBJEaRE0drIlSAMYupkEwEOZuPHtK9WLmoXb9oV5AgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUc/3MMAZDojcAYbKQSvgBHwvRXCowHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzkzMTJlMzEzMzM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDM0MzczMy5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC1b
izANBgkqhkiG9w0BAQsFAAOCAQEAU/CJvLl7w+UilNoMRj4n2MX8y0uyFe0zREZh
HI6mwDXxf+5LNzKAcJLsn0SmRbcqMhU2YNP/PBjtPuSuSYH3WOezHirhAe2Uh5Gf
TQdal8T/S9EVv8feoeCjwcph+BYlJ8uQtxg0CvbRkJm8ZQWXFgGu0/7I4HEQcnnz
ANGbl/RHY75jUDlHjONaKDx9cTlKZJ3oI6aLSwzO0Z4BoMAGbDKCe7Vz3u3Mw8dI
FP5zUJ67Bn+ym5GyUvqnRGKtJ7l8ZVLQCufx6FC3ql6rBdPyDcmgDhwl/Slf8UO7
ls1ABfwUJYkMUsgdyrFVj5XLSAnaiohp7Xtbeg4cnl/0Ll71Sw==
-----END CERTIFICATE-----
Generated at Sun Jun 8 07:35:25 2025 by rpki-client