Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3231322e32332e3231392e302f32342d3234203d3e203534323532.roa
File: 3231322e32332e3231392e302f32342d3234203d3e203534323532.roa (raw, json)
Hash identifier: uK4pqtdp1nCzMpCCVur5jnJKzgHmYyK1VHhtWareGf4=
Subject key identifier: 70:C1:C6:DD:0F:47:29:D0:A6:67:3B:B7:BF:5A:72:10:69:47:6D:25
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 6F0E0933F07BE8670627DF07E398DFE29A3EED72
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3231322e32332e3231392e302f32342d3234203d3e203534323532.roa
Signing time: Tue 19 Aug 2025 16:58:04 +0000
ROA not before: Tue 19 Aug 2025 16:53:04 +0000
ROA not after: Tue 18 Aug 2026 16:58:04 +0000
asID: 54252
IP address blocks: 212.23.219.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:0e:09:33:f0:7b:e8:67:06:27:df:07:e3:98:df:e2:9a:3e:ed:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Aug 19 16:53:04 2025 GMT
Not After : Aug 18 16:58:04 2026 GMT
Subject: CN=70C1C6DD0F4729D0A6673BB7BF5A721069476D25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:18:31:26:66:56:cb:6a:db:4b:de:06:8a:2a:
bb:05:ad:74:ae:a5:7f:93:02:7d:65:1b:52:ac:12:
19:0d:8f:bc:37:18:d4:f9:3f:a8:1b:71:bd:6b:22:
f6:2e:5e:87:c8:67:48:6d:1b:2e:5c:03:2a:8a:1c:
75:0f:08:48:8c:b3:b3:df:98:68:e8:e2:b9:22:7a:
8c:c6:4f:17:56:62:fe:10:bb:56:76:30:66:d4:aa:
71:f8:5e:68:89:c6:2c:05:ed:62:f7:59:7b:d8:5d:
e8:46:04:51:d0:a9:9e:c0:66:e7:68:fd:2f:6f:9b:
96:e9:e6:72:d9:6d:ea:2a:a5:e7:78:6f:82:e3:38:
8c:9c:34:7a:e8:11:bb:c8:13:3b:55:1d:b3:03:3b:
ce:7c:31:d2:05:a9:65:06:af:0e:cf:be:6c:3c:98:
48:df:a0:ae:52:d5:1d:16:9b:fc:e7:af:56:6a:1d:
02:3f:6b:dc:a4:c1:37:1c:05:c0:2f:6f:d1:f3:6e:
e6:78:1d:00:06:a9:4e:2f:c5:5d:6c:a2:d3:87:34:
71:23:f2:61:34:46:84:4e:3a:2d:f4:9a:0b:fe:d4:
02:b1:1d:32:f1:86:c9:07:ce:62:00:c2:c6:66:aa:
30:fc:45:39:00:0a:d6:b6:84:c2:05:a6:b4:50:53:
ac:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:C1:C6:DD:0F:47:29:D0:A6:67:3B:B7:BF:5A:72:10:69:47:6D:25
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3231322e32332e3231392e302f32342d3234203d3e203534323532.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.23.219.0/24
Signature Algorithm: sha256WithRSAEncryption
44:94:b9:0d:77:b9:77:9a:9b:59:69:dd:e4:1c:cf:55:00:d1:
da:e7:c6:bb:d0:98:56:48:d8:c8:3e:e3:f7:4d:50:c1:82:55:
71:66:ff:96:c0:b2:75:4a:3a:d6:e7:86:c0:d7:9b:08:91:e0:
77:02:3e:89:30:19:59:a6:4c:ab:cf:87:1e:88:f2:06:d3:75:
e6:9c:4b:2b:14:5d:fd:85:c3:ee:2c:d4:6f:d0:98:16:ea:a6:
c3:a5:1c:db:66:ca:9f:d8:dd:c2:97:4d:5f:8a:3f:dc:83:73:
05:be:1e:7d:a5:4e:f1:a3:d4:6f:00:ac:fb:68:a1:12:76:8d:
b3:8f:27:b9:d1:61:b0:84:d3:17:32:66:7b:0b:16:b3:35:e8:
f4:24:fa:8d:a6:45:3e:95:5c:94:e2:69:5a:96:69:23:4e:8e:
34:93:c5:d5:2a:42:95:9b:3f:b3:91:b2:e5:7e:5d:bf:7c:9d:
bd:ef:13:5e:ad:12:1b:b9:f4:e8:c1:19:aa:31:93:da:46:b9:
81:b0:16:fa:65:10:f1:a7:56:a1:c7:60:9a:c8:7a:b7:cf:ca:
ea:ed:26:07:e2:35:aa:86:5c:5d:d1:6f:f6:16:30:93:34:f7:
25:e8:5b:ad:ad:ac:7b:67:b3:17:ee:0b:35:d1:e5:6a:45:38:
df:8b:eb:60
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUbw4JM/B76GcGJ98H45jf4po+7XIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNTA4MTkxNjUzMDRaFw0yNjA4MTgxNjU4MDRaMDMxMTAvBgNV
BAMTKDcwQzFDNkREMEY0NzI5RDBBNjY3M0JCN0JGNUE3MjEwNjk0NzZEMjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGGDEmZlbLattL3gaKKrsFrXSu
pX+TAn1lG1KsEhkNj7w3GNT5P6gbcb1rIvYuXofIZ0htGy5cAyqKHHUPCEiMs7Pf
mGjo4rkieozGTxdWYv4Qu1Z2MGbUqnH4XmiJxiwF7WL3WXvYXehGBFHQqZ7AZudo
/S9vm5bp5nLZbeoqped4b4LjOIycNHroEbvIEztVHbMDO858MdIFqWUGrw7Pvmw8
mEjfoK5S1R0Wm/znr1ZqHQI/a9ykwTccBcAvb9HzbuZ4HQAGqU4vxV1sotOHNHEj
8mE0RoROOi30mgv+1AKxHTLxhskHzmIAwsZmqjD8RTkACta2hMIFprRQU6ybAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUcMHG3Q9HKdCmZzu3v1pyEGlHbSUwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzIzMTMyMmUzMjMzMmUzMjMx
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNTM0MzIzNTMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
1BfbMA0GCSqGSIb3DQEBCwUAA4IBAQBElLkNd7l3mptZad3kHM9VANHa58a70JhW
SNjIPuP3TVDBglVxZv+WwLJ1SjrW54bA15sIkeB3Aj6JMBlZpkyrz4ceiPIG03Xm
nEsrFF39hcPuLNRv0JgW6qbDpRzbZsqf2N3Cl01fij/cg3MFvh59pU7xo9RvAKz7
aKESdo2zjye50WGwhNMXMmZ7CxazNej0JPqNpkU+lVyU4mlalmkjTo40k8XVKkKV
mz+zkbLlfl2/fJ297xNerRIbufTowRmqMZPaRrmBsBb6ZRDxp1ahx2CayHq3z8rq
7SYH4jWqhlxd0W/2FjCTNPcl6Futrax7Z7MX7gs10eVqRTjfi+tg
-----END CERTIFICATE-----
Generated at Sat Aug 23 18:55:15 2025 by rpki-client