Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3231322e32332e3231392e302f32342d3234203d3e20333937363330.roa
File: 3231322e32332e3231392e302f32342d3234203d3e20333937363330.roa (raw, json)
Hash identifier: OFcxI534wQse6RMfgRHNIpD2m0ZEaCjmTMUoc6QPj54=
Subject key identifier: 49:3E:56:E5:D6:CC:14:4C:58:10:08:EE:C6:67:45:A4:97:24:31:24
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 7E2EA7A45718EB65A4A2D4C720D799F0EF248C57
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3231322e32332e3231392e302f32342d3234203d3e20333937363330.roa
Signing time: Tue 19 Aug 2025 16:58:04 +0000
ROA not before: Tue 19 Aug 2025 16:53:04 +0000
ROA not after: Tue 18 Aug 2026 16:58:04 +0000
asID: 397630
IP address blocks: 212.23.219.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:2e:a7:a4:57:18:eb:65:a4:a2:d4:c7:20:d7:99:f0:ef:24:8c:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Aug 19 16:53:04 2025 GMT
Not After : Aug 18 16:58:04 2026 GMT
Subject: CN=493E56E5D6CC144C581008EEC66745A497243124
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:38:e0:95:0c:ea:51:0e:60:ef:7a:09:d9:25:
69:87:a3:f9:b3:39:8e:92:80:b6:a8:a5:ad:d1:bc:
e7:2b:37:c1:3b:7f:22:91:b9:49:c2:3f:6c:a3:0d:
7a:32:c9:02:8e:e4:d8:e4:ab:57:86:96:c0:c0:bf:
64:87:c4:d2:31:cc:df:e2:e9:6e:fa:88:3f:00:c1:
0a:09:81:cf:92:7b:32:81:4f:db:88:ef:2f:96:10:
a1:e8:fc:7d:a5:6f:05:59:d6:d2:9a:84:bb:00:7d:
47:e7:41:49:ac:c2:6f:b8:d4:07:f4:b6:af:65:0a:
51:3a:99:18:8b:63:0e:c3:61:64:b8:f1:5b:d4:ad:
c7:91:df:6b:5b:fe:15:3b:b0:ae:ab:62:49:f2:7d:
81:67:2e:83:0d:28:7b:e3:60:6d:b5:7e:0d:6e:45:
3d:f3:4e:16:40:93:84:95:04:ec:70:66:96:06:12:
9c:ae:c4:58:e5:c3:ab:a5:a3:33:96:29:71:7b:4c:
d9:2e:da:25:84:06:92:06:14:b7:53:92:94:1e:3d:
7e:23:e9:82:64:5a:f7:5e:9a:d1:3c:7b:b4:7b:d9:
0f:84:73:86:47:00:e2:df:b5:6c:e4:d5:5c:f0:e2:
69:3f:23:1e:6f:a2:3f:6e:d1:44:d9:e5:65:f1:a0:
b0:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:3E:56:E5:D6:CC:14:4C:58:10:08:EE:C6:67:45:A4:97:24:31:24
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3231322e32332e3231392e302f32342d3234203d3e20333937363330.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.23.219.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:e2:5f:1f:d0:4c:6f:4b:4e:14:45:df:12:3e:fe:7f:0f:28:
04:2b:84:d8:56:5e:89:7e:61:fe:a4:01:e4:05:c6:af:fd:14:
ff:21:19:d6:13:37:68:bf:e9:59:1d:0a:4e:63:58:99:12:76:
06:77:cb:42:35:6d:3e:7e:ec:f9:3a:b3:5e:1d:4b:19:c1:be:
cd:f5:84:57:31:f9:f6:a7:be:3b:f8:c9:67:55:2f:c6:c7:60:
d9:9f:af:e9:a5:fb:73:0e:75:53:41:15:11:4d:78:a4:a5:26:
e1:c4:b3:92:5b:02:54:18:cb:80:95:aa:59:21:96:37:cf:73:
04:5f:c2:84:6f:87:99:50:59:b4:f6:20:de:c2:5e:79:f2:db:
d4:6e:4e:a1:fe:90:58:3c:b7:d0:90:30:f9:69:b3:46:1a:6e:
e7:a5:43:8f:16:85:38:4d:0e:3d:54:47:a6:fd:49:eb:09:b3:
4a:8c:14:8a:14:79:69:2c:83:29:3c:b5:a6:cb:9f:1d:d6:6b:
42:ba:bb:26:0a:53:81:7d:88:a5:3f:f7:fe:e1:7e:3c:59:df:
7f:94:e8:f7:12:cf:a5:6a:ce:47:33:36:76:40:55:0a:27:9a:
06:9f:1a:4b:f2:cf:62:3a:cb:10:74:fe:88:7e:9c:c0:17:35:
f7:6d:5d:5e
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUfi6npFcY62WkotTHINeZ8O8kjFcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNTA4MTkxNjUzMDRaFw0yNjA4MTgxNjU4MDRaMDMxMTAvBgNV
BAMTKDQ5M0U1NkU1RDZDQzE0NEM1ODEwMDhFRUM2Njc0NUE0OTcyNDMxMjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjOOCVDOpRDmDvegnZJWmHo/mz
OY6SgLaopa3RvOcrN8E7fyKRuUnCP2yjDXoyyQKO5Njkq1eGlsDAv2SHxNIxzN/i
6W76iD8AwQoJgc+SezKBT9uI7y+WEKHo/H2lbwVZ1tKahLsAfUfnQUmswm+41Af0
tq9lClE6mRiLYw7DYWS48VvUrceR32tb/hU7sK6rYknyfYFnLoMNKHvjYG21fg1u
RT3zThZAk4SVBOxwZpYGEpyuxFjlw6ulozOWKXF7TNku2iWEBpIGFLdTkpQePX4j
6YJkWvdemtE8e7R72Q+Ec4ZHAOLftWzk1Vzw4mk/Ix5voj9u0UTZ5WXxoLCRAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUST5W5dbMFExYEAjuxmdFpJckMSQwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzIzMTMyMmUzMjMzMmUzMjMx
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMzM5MzczNjMzMzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADUF9swDQYJKoZIhvcNAQELBQADggEBACviXx/QTG9LThRF3xI+/n8PKAQrhNhW
Xol+Yf6kAeQFxq/9FP8hGdYTN2i/6VkdCk5jWJkSdgZ3y0I1bT5+7Pk6s14dSxnB
vs31hFcx+fanvjv4yWdVL8bHYNmfr+ml+3MOdVNBFRFNeKSlJuHEs5JbAlQYy4CV
qlkhljfPcwRfwoRvh5lQWbT2IN7CXnny29RuTqH+kFg8t9CQMPlps0YabuelQ48W
hThNDj1UR6b9SesJs0qMFIoUeWksgyk8tabLnx3Wa0K6uyYKU4F9iKU/9/7hfjxZ
33+U6PcSz6VqzkczNnZAVQonmgafGkvyz2I6yxB0/oh+nMAXNfdtXV4=
-----END CERTIFICATE-----
Generated at Sat Aug 23 16:39:30 2025 by rpki-client