Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/352e3138312e3137362e302f32342d3234203d3e20323032363733.roa
File: 352e3138312e3137362e302f32342d3234203d3e20323032363733.roa (raw, json)
Hash identifier: UXb+qVLo875N8SCRl98neNS8KZG2mCc8IU6NTYqH4S4=
Subject key identifier: 07:7A:2E:65:63:3A:41:FF:D5:48:B0:5C:9D:D3:3D:24:B5:92:37:3B
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 7950FF33164D714A76F24339057F09C5C7F1FD9A
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/352e3138312e3137362e302f32342d3234203d3e20323032363733.roa
Signing time: Tue 02 Sep 2025 21:03:08 +0000
ROA not before: Tue 02 Sep 2025 20:58:08 +0000
ROA not after: Tue 01 Sep 2026 21:03:08 +0000
asID: 202673
IP address blocks: 5.181.176.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 07:56:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:50:ff:33:16:4d:71:4a:76:f2:43:39:05:7f:09:c5:c7:f1:fd:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Sep 2 20:58:08 2025 GMT
Not After : Sep 1 21:03:08 2026 GMT
Subject: CN=077A2E65633A41FFD548B05C9DD33D24B592373B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:72:8d:f4:4b:c0:12:e8:7b:b0:3c:bc:4d:b6:
b3:18:96:06:5c:15:48:c0:d7:b0:cf:31:53:1c:c1:
f6:3a:0f:5e:5a:18:ec:69:48:02:bf:0a:a4:d7:4e:
93:8b:05:7d:b7:be:17:0e:da:cc:fe:6f:33:cd:d2:
74:a0:fc:70:84:9b:1d:13:53:f7:11:16:be:70:66:
33:b7:7a:35:70:9a:34:d3:dc:5a:7b:4a:0e:27:95:
4d:93:8e:55:15:d1:c8:f5:96:1d:7d:7c:98:9a:5f:
ab:81:94:52:58:b7:52:cd:3c:e2:25:13:94:8f:65:
10:f8:8c:23:1d:f4:87:cd:6b:61:2a:96:c8:b0:14:
1a:0b:c0:d8:a7:46:73:c6:64:69:2e:df:89:a9:18:
24:c1:38:7d:cb:1e:48:9b:02:63:12:7d:8b:1a:f8:
e4:23:36:c5:da:17:f4:cc:e6:aa:56:4c:f4:8a:db:
ac:1b:fc:0c:b5:dc:75:bf:1e:64:35:71:97:6d:62:
1c:39:b0:74:76:db:71:5a:63:93:28:48:d6:eb:53:
58:46:9e:d2:4b:a2:e0:18:c7:92:e9:71:e4:9e:46:
dc:7b:f5:a7:00:78:1a:fa:8f:91:8a:9d:48:1d:e1:
7d:76:57:3e:e8:03:e6:e1:c3:fd:e6:c9:e2:aa:26:
1d:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:7A:2E:65:63:3A:41:FF:D5:48:B0:5C:9D:D3:3D:24:B5:92:37:3B
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/352e3138312e3137362e302f32342d3234203d3e20323032363733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.176.0/24
Signature Algorithm: sha256WithRSAEncryption
c4:d0:24:63:ef:45:cb:aa:40:0f:02:f3:66:76:ed:fd:cc:4e:
9f:bd:26:62:d0:a3:27:23:14:a8:13:34:2a:c2:07:bb:ad:26:
62:3c:c3:2f:b8:21:5b:62:05:6d:71:99:15:2a:e4:fd:0d:de:
56:73:7e:59:47:95:e4:c1:d7:98:04:c3:51:79:26:86:b9:9f:
a8:73:94:46:63:7d:8b:c2:9a:99:de:84:0e:85:a6:c3:de:b2:
8d:dd:cc:a2:65:27:08:b9:86:92:ef:ee:3c:a8:9e:8b:87:86:
b1:aa:c4:8c:d2:4b:70:66:9e:fb:c7:7e:12:db:75:12:79:a7:
a0:87:e9:ff:ef:48:28:4d:0c:cf:28:a0:1f:8c:57:2e:90:83:
1b:fc:dd:a7:55:56:02:41:ef:70:d0:72:e8:6e:86:15:0b:b3:
fe:c1:2f:b9:9f:68:1a:45:cf:3d:c9:9e:4f:2f:3a:17:a9:c8:
04:91:2f:2f:10:00:de:10:3e:fd:cb:de:5a:93:f3:f0:66:d7:
2c:84:94:1b:e2:0b:97:f5:46:fa:1b:92:2c:33:dd:19:f4:ba:
e5:8f:31:66:a3:fa:d1:b9:86:a6:cf:eb:51:a1:72:2c:48:2c:
78:0f:9e:da:e7:00:7f:41:da:aa:29:28:cf:c4:e0:13:36:47:
6e:27:1c:04
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUeVD/MxZNcUp28kM5BX8Jxcfx/ZowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNTA5MDIyMDU4MDhaFw0yNjA5MDEyMTAzMDhaMDMxMTAvBgNV
BAMTKDA3N0EyRTY1NjMzQTQxRkZENTQ4QjA1QzlERDMzRDI0QjU5MjM3M0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbco30S8AS6HuwPLxNtrMYlgZc
FUjA17DPMVMcwfY6D15aGOxpSAK/CqTXTpOLBX23vhcO2sz+bzPN0nSg/HCEmx0T
U/cRFr5wZjO3ejVwmjTT3Fp7Sg4nlU2TjlUV0cj1lh19fJiaX6uBlFJYt1LNPOIl
E5SPZRD4jCMd9IfNa2EqlsiwFBoLwNinRnPGZGku34mpGCTBOH3LHkibAmMSfYsa
+OQjNsXaF/TM5qpWTPSK26wb/Ay13HW/HmQ1cZdtYhw5sHR223FaY5MoSNbrU1hG
ntJLouAYx5LpceSeRtx79acAeBr6j5GKnUgd4X12Vz7oA+bhw/3myeKqJh0BAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUB3ouZWM6Qf/VSLBcndM9JLWSNzswHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzUyZTMxMzgzMTJlMzEzNzM2
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDMyMzYzNzMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
BbWwMA0GCSqGSIb3DQEBCwUAA4IBAQDE0CRj70XLqkAPAvNmdu39zE6fvSZi0KMn
IxSoEzQqwge7rSZiPMMvuCFbYgVtcZkVKuT9Dd5Wc35ZR5XkwdeYBMNReSaGuZ+o
c5RGY32LwpqZ3oQOhabD3rKN3cyiZScIuYaS7+48qJ6Lh4axqsSM0ktwZp77x34S
23USeaegh+n/70goTQzPKKAfjFcukIMb/N2nVVYCQe9w0HLoboYVC7P+wS+5n2ga
Rc89yZ5PLzoXqcgEkS8vEADeED79y95ak/PwZtcshJQb4guX9Ub6G5IsM90Z9Lrl
jzFmo/rRuYamz+tRoXIsSCx4D57a5wB/QdqqKSjPxOATNkduJxwE
-----END CERTIFICATE-----
Generated at Mon Sep 8 11:48:21 2025 by rpki-client