Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/352e3138312e3137362e302f32342d3234203d3e20323032363733.roa
File: 352e3138312e3137362e302f32342d3234203d3e20323032363733.roa (raw, json)
Hash identifier: eWcJtW0NgulkhRohPcP08d/y6BPzwJ2VkIL18Z7Gqac=
Subject key identifier: 16:0B:DC:61:B4:2F:EC:43:60:6E:56:2D:83:EB:FE:FF:D1:44:7B:8F
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 358476E681697B5193C9C39DC13E00E47EA7F63D
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/352e3138312e3137362e302f32342d3234203d3e20323032363733.roa
Signing time: Mon 02 Jun 2025 05:54:08 +0000
ROA not before: Mon 02 Jun 2025 05:49:08 +0000
ROA not after: Mon 01 Jun 2026 05:54:08 +0000
asID: 202673
IP address blocks: 5.181.176.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 06:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:84:76:e6:81:69:7b:51:93:c9:c3:9d:c1:3e:00:e4:7e:a7:f6:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Jun 2 05:49:08 2025 GMT
Not After : Jun 1 05:54:08 2026 GMT
Subject: CN=160BDC61B42FEC43606E562D83EBFEFFD1447B8F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:60:ae:50:60:58:5f:b5:12:23:ef:ef:a5:4a:
25:b0:18:f3:40:77:66:29:20:d7:bc:72:19:a4:66:
40:35:27:c0:b5:bb:ad:1d:3d:b3:c9:25:a2:ae:2b:
0d:3a:77:0e:9a:1b:8f:b2:a1:8f:19:ce:49:13:76:
65:9a:53:2a:9a:7d:f7:a7:ae:33:b7:8c:30:07:49:
c4:8e:4e:f0:30:d7:49:f4:de:70:b9:02:e8:5a:84:
99:5a:45:d1:ac:e1:32:31:cd:1c:b5:99:ab:74:60:
ef:9f:0a:4d:54:12:8d:42:36:05:c2:ce:d2:20:fe:
47:8f:6d:e1:c4:23:09:62:41:f8:bf:f9:fb:96:d0:
db:8b:7f:06:c7:58:bc:cd:c4:06:25:ff:16:b3:b8:
54:41:d8:c4:85:48:15:02:94:f0:70:1f:f2:b5:d7:
a4:ac:3f:34:7b:b2:3f:62:73:28:1b:ef:91:6c:85:
82:dd:e1:a7:20:6a:9f:cb:7b:f7:90:ca:9c:48:a8:
53:ee:3c:a8:fc:a0:6f:fc:ce:00:50:36:51:73:68:
74:b1:2d:b7:c5:b8:2c:73:e7:da:eb:14:63:00:52:
da:ac:24:af:f3:84:8b:15:20:4f:c3:6f:21:cf:c7:
a2:8c:af:25:87:ed:dd:4e:a0:ee:d8:30:b3:1c:99:
4b:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:0B:DC:61:B4:2F:EC:43:60:6E:56:2D:83:EB:FE:FF:D1:44:7B:8F
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/352e3138312e3137362e302f32342d3234203d3e20323032363733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.176.0/24
Signature Algorithm: sha256WithRSAEncryption
cf:41:85:f5:e8:19:0f:1f:c6:c9:ec:97:d2:ca:61:d1:3c:35:
14:5c:cd:ac:af:4a:b5:0c:73:21:c0:01:3e:fd:0c:bc:71:52:
18:0d:02:56:b3:d5:b6:e2:3b:b2:26:76:de:03:5a:98:89:da:
c6:6e:19:dd:cf:78:f1:e2:44:d2:9a:36:66:8b:fb:75:ed:d7:
e8:6e:43:87:1f:f7:1d:eb:4e:ad:cb:5f:8a:e5:e1:04:d8:25:
57:f5:ad:b1:4d:32:92:7a:35:2b:d1:4d:59:3a:0d:e5:4d:8a:
b1:f7:dc:18:07:90:9f:ff:78:28:56:66:a3:07:c8:04:c5:99:
8a:10:51:36:98:ff:f9:46:3c:af:27:db:90:08:de:9e:e2:89:
dc:54:34:aa:d1:11:3e:d8:41:37:f0:5e:f1:e6:f2:0b:8b:eb:
ce:74:41:6d:19:78:a4:45:0f:4b:83:ca:07:e6:34:db:14:a5:
72:85:70:55:da:50:c7:3a:cd:61:1d:28:e2:11:46:8f:bd:be:
60:f8:77:fb:1b:8b:25:7a:ef:4c:8f:b1:ad:60:f0:1a:78:ad:
b7:85:6f:8e:09:75:fe:9c:9d:dc:c1:ca:05:bd:cb:ce:57:e8:
43:73:42:ea:70:77:ff:a9:7f:d7:41:46:b5:99:a1:12:4d:49:
3c:37:c6:d8
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUNYR25oFpe1GTycOdwT4A5H6n9j0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNTA2MDIwNTQ5MDhaFw0yNjA2MDEwNTU0MDhaMDMxMTAvBgNV
BAMTKDE2MEJEQzYxQjQyRkVDNDM2MDZFNTYyRDgzRUJGRUZGRDE0NDdCOEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNYK5QYFhftRIj7++lSiWwGPNA
d2YpINe8chmkZkA1J8C1u60dPbPJJaKuKw06dw6aG4+yoY8ZzkkTdmWaUyqaffen
rjO3jDAHScSOTvAw10n03nC5AuhahJlaRdGs4TIxzRy1mat0YO+fCk1UEo1CNgXC
ztIg/kePbeHEIwliQfi/+fuW0NuLfwbHWLzNxAYl/xazuFRB2MSFSBUClPBwH/K1
16SsPzR7sj9icygb75FshYLd4acgap/Le/eQypxIqFPuPKj8oG/8zgBQNlFzaHSx
LbfFuCxz59rrFGMAUtqsJK/zhIsVIE/DbyHPx6KMryWH7d1OoO7YMLMcmUszAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUFgvcYbQv7ENgblYtg+v+/9FEe48wHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzUyZTMxMzgzMTJlMzEzNzM2
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDMyMzYzNzMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
BbWwMA0GCSqGSIb3DQEBCwUAA4IBAQDPQYX16BkPH8bJ7JfSymHRPDUUXM2sr0q1
DHMhwAE+/Qy8cVIYDQJWs9W24juyJnbeA1qYidrGbhndz3jx4kTSmjZmi/t17dfo
bkOHH/cd606ty1+K5eEE2CVX9a2xTTKSejUr0U1ZOg3lTYqx99wYB5Cf/3goVmaj
B8gExZmKEFE2mP/5RjyvJ9uQCN6e4oncVDSq0RE+2EE38F7x5vILi+vOdEFtGXik
RQ9Lg8oH5jTbFKVyhXBV2lDHOs1hHSjiEUaPvb5g+Hf7G4sleu9Mj7GtYPAaeK23
hW+OCXX+nJ3cwcoFvcvOV+hDc0LqcHf/qX/XQUa1maESTUk8N8bY
-----END CERTIFICATE-----
Generated at Fri Jun 6 13:36:00 2025 by rpki-client