Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35362e3234392e302f32342d3234203d3e203631333137.roa
File: 322e35362e3234392e302f32342d3234203d3e203631333137.roa (raw, json)
Hash identifier: s8PhY1cKePJ5OYz8BsMgidFyg0eK5DJR+nJKQqUW29A=
Subject key identifier: 82:8C:1A:AF:31:BB:63:CE:7D:9F:22:1E:9A:04:D6:B7:31:C2:36:BE
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 521A2D7F7842FA54EC553F0E187B7CD4DB1C8002
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35362e3234392e302f32342d3234203d3e203631333137.roa
Signing time: Wed 13 Aug 2025 13:54:13 +0000
ROA not before: Wed 13 Aug 2025 13:49:13 +0000
ROA not after: Wed 12 Aug 2026 13:54:13 +0000
asID: 61317
IP address blocks: 2.56.249.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:1a:2d:7f:78:42:fa:54:ec:55:3f:0e:18:7b:7c:d4:db:1c:80:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Aug 13 13:49:13 2025 GMT
Not After : Aug 12 13:54:13 2026 GMT
Subject: CN=828C1AAF31BB63CE7D9F221E9A04D6B731C236BE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:a1:3c:0f:48:eb:d3:b8:64:97:8d:a6:2c:95:
6f:aa:21:fb:c1:13:6a:ca:da:22:56:00:e7:67:6b:
89:06:52:f2:60:d1:61:36:50:79:5e:65:11:27:f2:
ca:a3:82:23:6d:e6:89:e3:a5:8b:96:19:89:58:56:
63:c3:0a:29:77:5a:43:dd:c7:9c:3a:58:99:6f:c1:
da:1e:29:ae:ee:a1:14:0a:2e:cd:be:92:ed:73:80:
38:63:71:2e:3b:35:ff:f7:9b:9e:79:af:df:ab:48:
3e:8a:b7:d3:c6:c6:1b:f6:f5:e6:01:52:3f:1e:a9:
cd:18:c1:dd:32:d5:86:ee:a9:a9:44:4d:c5:d2:35:
bf:2d:d4:a4:e1:fc:6a:53:6a:90:02:af:66:fa:8d:
60:54:7b:f0:2a:96:de:c0:b6:ff:ff:ad:71:1b:24:
da:57:90:4e:f4:f4:09:65:74:f9:d2:6a:62:ab:89:
c0:4d:31:e8:ad:c9:23:da:74:15:1a:d9:46:a1:d9:
92:68:af:66:93:21:92:61:df:0a:07:a0:6d:a4:92:
59:57:e9:82:21:21:75:bf:dd:34:1f:46:41:86:14:
f8:24:70:3c:71:3e:6c:8e:7e:59:bb:bc:4f:e1:7c:
ff:0f:cc:8e:5d:dc:93:8e:1b:5f:1a:5d:e9:61:dc:
fa:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:8C:1A:AF:31:BB:63:CE:7D:9F:22:1E:9A:04:D6:B7:31:C2:36:BE
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35362e3234392e302f32342d3234203d3e203631333137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.249.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:7b:37:73:23:22:95:61:a0:f9:09:4d:6d:8d:24:00:89:79:
2a:33:a7:97:98:87:df:37:61:0e:18:6e:8d:da:ac:79:0e:e9:
5d:2a:b1:57:c5:ec:90:c2:8d:0f:70:ab:72:de:90:54:e7:f0:
85:75:19:be:4b:f2:ac:b8:32:83:87:2b:b7:78:25:2e:ec:21:
59:ad:25:5f:95:20:3f:75:1e:70:d0:b0:1a:cc:b1:27:6f:09:
58:3c:bd:91:17:3f:e9:23:0e:9c:73:7f:61:49:19:d7:7d:ec:
59:ca:3b:4c:e2:13:32:92:fe:f5:1e:56:ad:4a:78:79:b8:ca:
ed:f5:87:17:12:d4:fc:95:30:40:7f:49:dc:d6:6f:b5:06:44:
8f:8d:ed:b6:f9:0f:a3:69:ae:25:e2:36:3a:2a:d7:81:e0:c6:
e5:fd:a1:a9:68:96:cd:d6:11:0f:80:9c:f8:6c:e6:d9:04:c2:
e1:24:50:ed:21:70:b3:af:2d:87:fc:18:8c:38:3b:31:06:48:
81:a8:17:6b:f8:6e:35:3b:0d:6b:5d:54:29:c6:8d:de:8c:36:
c5:11:ef:88:1d:db:67:f2:cb:ac:4f:c2:03:e9:0b:60:bc:f4:
83:3f:ff:28:7f:f8:12:ce:a7:dd:0d:01:c9:ae:90:49:68:bb:
73:00:eb:98
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUUhotf3hC+lTsVT8OGHt81NscgAIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNTA4MTMxMzQ5MTNaFw0yNjA4MTIxMzU0MTNaMDMxMTAvBgNV
BAMTKDgyOEMxQUFGMzFCQjYzQ0U3RDlGMjIxRTlBMDRENkI3MzFDMjM2QkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0oTwPSOvTuGSXjaYslW+qIfvB
E2rK2iJWAOdna4kGUvJg0WE2UHleZREn8sqjgiNt5onjpYuWGYlYVmPDCil3WkPd
x5w6WJlvwdoeKa7uoRQKLs2+ku1zgDhjcS47Nf/3m555r9+rSD6Kt9PGxhv29eYB
Uj8eqc0Ywd0y1YbuqalETcXSNb8t1KTh/GpTapACr2b6jWBUe/Aqlt7Atv//rXEb
JNpXkE709AlldPnSamKricBNMeitySPadBUa2Uah2ZJor2aTIZJh3woHoG2kkllX
6YIhIXW/3TQfRkGGFPgkcDxxPmyOflm7vE/hfP8PzI5d3JOOG18aXelh3PqXAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUgowarzG7Y859nyIemgTWtzHCNr4wHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzIyZTM1MzYyZTMyMzQzOTJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzEzMzMxMzcucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAACOPkw
DQYJKoZIhvcNAQELBQADggEBAD97N3MjIpVhoPkJTW2NJACJeSozp5eYh983YQ4Y
bo3arHkO6V0qsVfF7JDCjQ9wq3LekFTn8IV1Gb5L8qy4MoOHK7d4JS7sIVmtJV+V
ID91HnDQsBrMsSdvCVg8vZEXP+kjDpxzf2FJGdd97FnKO0ziEzKS/vUeVq1KeHm4
yu31hxcS1PyVMEB/SdzWb7UGRI+N7bb5D6NpriXiNjoq14HgxuX9oalols3WEQ+A
nPhs5tkEwuEkUO0hcLOvLYf8GIw4OzEGSIGoF2v4bjU7DWtdVCnGjd6MNsUR74gd
22fyy6xPwgPpC2C89IM//yh/+BLOp90NAcmukElou3MA65g=
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:21:05 2025 by rpki-client