Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3231322e32332e3231392e302f32342d3234203d3e203634323637.roa
File: 3231322e32332e3231392e302f32342d3234203d3e203634323637.roa (raw, json)
Hash identifier: Um7SxalgxGdPPoypgeszomZlee5jRY8UNoDhNrG4N/E=
Subject key identifier: 78:AE:FC:0A:B9:46:9D:E3:91:3F:E2:95:B7:16:B8:8C:42:7F:DB:23
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 0FD87BBD4CBC9F5174B183683BEF11CA78003DA1
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3231322e32332e3231392e302f32342d3234203d3e203634323637.roa
Signing time: Tue 19 Aug 2025 16:58:04 +0000
ROA not before: Tue 19 Aug 2025 16:53:04 +0000
ROA not after: Tue 18 Aug 2026 16:58:04 +0000
asID: 64267
IP address blocks: 212.23.219.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:d8:7b:bd:4c:bc:9f:51:74:b1:83:68:3b:ef:11:ca:78:00:3d:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Aug 19 16:53:04 2025 GMT
Not After : Aug 18 16:58:04 2026 GMT
Subject: CN=78AEFC0AB9469DE3913FE295B716B88C427FDB23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:7e:ec:c4:48:14:a0:65:c8:1f:6c:51:92:cc:
96:f2:1b:5b:59:4a:7d:67:23:67:a8:5c:b8:e0:a7:
a5:ed:76:b1:7b:56:cc:14:be:72:8c:39:57:c0:e1:
73:da:0d:3c:97:65:67:c9:6a:a3:fe:bb:22:fc:d3:
0f:8b:7d:ca:d3:57:61:42:91:d5:15:16:52:3d:bb:
56:a4:e7:99:a4:38:c8:43:04:88:05:e7:30:9a:72:
44:12:6c:d6:74:fc:d2:6b:4f:a8:2b:f8:f0:66:1e:
eb:cd:9c:e9:35:90:17:4e:70:2b:c8:7d:cf:fe:ca:
b4:ea:58:35:a6:ab:1c:11:6c:11:9c:9c:64:cc:27:
e2:90:9a:2e:0c:d5:29:a7:fa:5e:7c:1d:c5:8b:e4:
dd:a3:c0:d3:a6:e9:cc:5f:4a:82:65:82:8e:dd:f7:
ac:6e:4e:43:d2:48:6c:f5:85:2a:56:a8:d7:03:2c:
2c:8a:48:9a:d3:08:55:80:26:78:af:40:9a:72:5c:
fa:2f:f1:4a:03:b5:bc:fe:3b:9e:45:8f:2c:48:fe:
b2:2e:d9:81:03:4d:dc:dc:92:ea:e5:45:f6:f7:d6:
20:a0:c3:bd:29:6a:e1:8b:e8:62:26:8c:79:4d:1c:
ad:24:5a:04:c7:6a:ba:96:d1:2a:be:16:61:67:8d:
32:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:AE:FC:0A:B9:46:9D:E3:91:3F:E2:95:B7:16:B8:8C:42:7F:DB:23
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3231322e32332e3231392e302f32342d3234203d3e203634323637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.23.219.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:64:8d:a1:5b:c5:94:f6:95:68:b0:cf:33:41:a9:49:c0:dc:
59:fc:9b:4d:fa:9a:68:0f:29:0b:f3:ea:c5:f7:6e:ee:9f:c8:
e5:d6:59:be:2b:34:f3:46:d1:62:7c:c6:95:cb:cf:93:54:92:
ff:3d:1f:a3:7e:aa:c2:09:20:1d:f2:7a:b3:d9:63:15:77:dc:
16:f2:1a:4c:db:40:26:1d:c8:31:a8:a9:2e:f1:55:6d:82:dd:
4f:50:81:1e:8f:50:82:fd:88:59:c6:4a:e9:f7:7f:ce:a8:46:
c8:d4:20:25:1d:37:32:64:0a:40:07:35:78:fe:1f:55:89:64:
97:27:be:76:e5:a6:3f:11:af:e2:5b:6b:59:cb:5c:13:e6:21:
c7:2c:8d:d4:13:21:86:ca:ff:42:94:4b:af:00:5c:f1:67:58:
20:23:5b:b5:a9:0d:00:11:63:05:48:85:dd:f3:56:40:81:23:
fd:97:28:8f:9f:f7:c0:59:31:d3:3d:c3:3b:92:7a:56:98:dd:
32:f0:f1:8c:a1:d1:c2:6b:f4:73:93:0c:0f:c4:06:b7:bc:fd:
8c:57:fd:29:87:f0:8f:92:dc:6c:41:d8:cf:a0:dd:f5:c5:6e:
28:d1:9d:39:21:91:55:ee:4a:d8:85:26:a6:15:bf:f6:41:6b:
e1:4e:45:7b
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUD9h7vUy8n1F0sYNoO+8RyngAPaEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNTA4MTkxNjUzMDRaFw0yNjA4MTgxNjU4MDRaMDMxMTAvBgNV
BAMTKDc4QUVGQzBBQjk0NjlERTM5MTNGRTI5NUI3MTZCODhDNDI3RkRCMjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjfuzESBSgZcgfbFGSzJbyG1tZ
Sn1nI2eoXLjgp6XtdrF7VswUvnKMOVfA4XPaDTyXZWfJaqP+uyL80w+LfcrTV2FC
kdUVFlI9u1ak55mkOMhDBIgF5zCackQSbNZ0/NJrT6gr+PBmHuvNnOk1kBdOcCvI
fc/+yrTqWDWmqxwRbBGcnGTMJ+KQmi4M1Smn+l58HcWL5N2jwNOm6cxfSoJlgo7d
96xuTkPSSGz1hSpWqNcDLCyKSJrTCFWAJnivQJpyXPov8UoDtbz+O55FjyxI/rIu
2YEDTdzckurlRfb31iCgw70pauGL6GImjHlNHK0kWgTHarqW0Sq+FmFnjTL/AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUeK78CrlGneORP+KVtxa4jEJ/2yMwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzIzMTMyMmUzMjMzMmUzMjMx
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjM0MzIzNjM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
1BfbMA0GCSqGSIb3DQEBCwUAA4IBAQCKZI2hW8WU9pVosM8zQalJwNxZ/JtN+ppo
DykL8+rF927un8jl1lm+KzTzRtFifMaVy8+TVJL/PR+jfqrCCSAd8nqz2WMVd9wW
8hpM20AmHcgxqKku8VVtgt1PUIEej1CC/YhZxkrp93/OqEbI1CAlHTcyZApABzV4
/h9ViWSXJ7525aY/Ea/iW2tZy1wT5iHHLI3UEyGGyv9ClEuvAFzxZ1ggI1u1qQ0A
EWMFSIXd81ZAgSP9lyiPn/fAWTHTPcM7knpWmN0y8PGModHCa/RzkwwPxAa3vP2M
V/0ph/CPktxsQdjPoN31xW4o0Z05IZFV7krYhSamFb/2QWvhTkV7
-----END CERTIFICATE-----
Generated at Sat Aug 23 21:02:11 2025 by rpki-client