Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3133372e39362e302f32342d3234203d3e203239383032.roa
File: 34352e3133372e39362e302f32342d3234203d3e203239383032.roa (raw, json)
Hash identifier: AgLP9O6SDoN/en5RY8c0W82WFcvDJYfsysQkhDd22L8=
Subject key identifier: 6E:BA:B5:97:71:93:E6:15:E6:C3:8B:CF:92:D1:3B:D9:58:8A:C2:2B
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 24712314C54361353836E4B1ED0A15C1859EDE51
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3133372e39362e302f32342d3234203d3e203239383032.roa
Signing time: Wed 04 Jun 2025 21:54:08 +0000
ROA not before: Wed 04 Jun 2025 21:49:08 +0000
ROA not after: Wed 03 Jun 2026 21:54:08 +0000
asID: 29802
IP address blocks: 45.137.96.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 01 Jul 2025 13:38:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:71:23:14:c5:43:61:35:38:36:e4:b1:ed:0a:15:c1:85:9e:de:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Jun 4 21:49:08 2025 GMT
Not After : Jun 3 21:54:08 2026 GMT
Subject: CN=6EBAB5977193E615E6C38BCF92D13BD9588AC22B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:8c:36:07:24:ca:e7:15:4d:93:99:9e:e0:47:
dd:dd:c9:c0:29:68:84:54:09:a6:72:ab:d8:57:b5:
2c:9a:5c:a9:b9:cc:70:c3:d5:b6:25:42:2e:e5:42:
d7:be:98:dc:d4:00:68:6c:8c:8a:1c:07:97:34:0c:
15:84:5f:31:cd:7a:36:2d:57:80:e4:87:cc:ad:de:
77:db:e5:d8:f7:5f:b1:e1:04:3b:01:08:17:f2:6a:
fe:18:f5:c4:29:e2:74:3e:97:f6:40:08:27:b4:2e:
a3:06:a1:60:d7:ef:f3:44:74:fd:3c:e5:07:74:c0:
0e:7f:ef:b6:7f:16:73:ae:96:66:49:ff:10:e6:be:
2f:1a:8c:77:62:be:57:dc:fa:3c:aa:59:01:7f:b5:
c9:98:c4:74:82:1f:33:fa:76:e8:6f:9d:5e:92:96:
a5:94:c3:f3:5b:04:38:13:23:ad:70:ec:06:78:04:
b7:a4:22:03:8b:39:59:d5:40:48:89:82:ed:34:3d:
94:a3:1d:1d:aa:de:a5:f7:9c:24:c3:c5:c4:f9:09:
f6:c9:5e:0d:aa:a8:3b:0e:06:92:71:a9:e7:b4:80:
09:53:69:4d:25:32:15:37:31:f7:99:d7:79:90:5c:
a2:e1:40:eb:4e:eb:64:3b:c2:df:8a:4a:b9:83:a9:
9c:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:BA:B5:97:71:93:E6:15:E6:C3:8B:CF:92:D1:3B:D9:58:8A:C2:2B
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3133372e39362e302f32342d3234203d3e203239383032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.96.0/24
Signature Algorithm: sha256WithRSAEncryption
42:d2:54:2b:26:fe:99:88:ee:23:82:3e:c8:d6:f8:da:59:b8:
ab:54:9d:7d:38:ff:65:8a:e8:ed:17:0d:fb:1a:c5:3b:36:74:
57:51:b1:2f:15:fc:32:37:d6:70:74:0f:a1:a8:21:b0:43:eb:
57:33:b2:3b:5e:cc:76:c4:57:f2:4a:3a:e1:85:ca:40:c1:d5:
3b:2b:f6:00:dd:d4:43:f3:97:24:45:38:e0:75:16:dd:88:4f:
46:dd:2e:7b:c2:40:b1:20:1c:b6:ca:d6:31:b6:c1:0b:2b:e3:
f3:30:69:6b:69:d3:a5:90:0b:38:3c:92:7e:06:46:30:55:b9:
f8:ac:1b:94:31:84:ff:7e:51:26:f0:3c:ba:d6:d6:d8:e2:2e:
ca:74:f2:74:06:11:c7:73:d6:62:13:28:ba:c7:e9:8e:13:21:
7d:5b:e3:6b:ef:96:40:e5:30:96:d7:7f:5b:69:b7:e6:af:88:
d5:d7:a4:42:74:09:02:f5:20:9f:29:1e:00:fc:35:f9:80:c5:
99:3a:2a:d1:cf:f3:f7:f8:16:c0:0d:cc:b0:2c:29:c5:09:ee:
b1:3c:e2:d4:61:57:91:25:ad:75:39:8f:de:fa:b1:6f:e0:1f:
7b:d7:a8:cf:c3:a5:ec:1b:eb:86:80:d4:4b:fd:68:2a:02:d7:
e2:40:20:34
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUJHEjFMVDYTU4NuSx7QoVwYWe3lEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNTA2MDQyMTQ5MDhaFw0yNjA2MDMyMTU0MDhaMDMxMTAvBgNV
BAMTKDZFQkFCNTk3NzE5M0U2MTVFNkMzOEJDRjkyRDEzQkQ5NTg4QUMyMkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5jDYHJMrnFU2TmZ7gR93dycAp
aIRUCaZyq9hXtSyaXKm5zHDD1bYlQi7lQte+mNzUAGhsjIocB5c0DBWEXzHNejYt
V4Dkh8yt3nfb5dj3X7HhBDsBCBfyav4Y9cQp4nQ+l/ZACCe0LqMGoWDX7/NEdP08
5Qd0wA5/77Z/FnOulmZJ/xDmvi8ajHdivlfc+jyqWQF/tcmYxHSCHzP6duhvnV6S
lqWUw/NbBDgTI61w7AZ4BLekIgOLOVnVQEiJgu00PZSjHR2q3qX3nCTDxcT5CfbJ
Xg2qqDsOBpJxqee0gAlTaU0lMhU3MfeZ13mQXKLhQOtO62Q7wt+KSrmDqZxpAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUbrq1l3GT5hXmw4vPktE72ViKwiswHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzEzMzM3MmUzOTM2
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzOTM4MzAzMi5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC2J
YDANBgkqhkiG9w0BAQsFAAOCAQEAQtJUKyb+mYjuI4I+yNb42lm4q1SdfTj/ZYro
7RcN+xrFOzZ0V1GxLxX8MjfWcHQPoaghsEPrVzOyO17MdsRX8ko64YXKQMHVOyv2
AN3UQ/OXJEU44HUW3YhPRt0ue8JAsSActsrWMbbBCyvj8zBpa2nTpZALODySfgZG
MFW5+KwblDGE/35RJvA8utbW2OIuynTydAYRx3PWYhMousfpjhMhfVvja++WQOUw
ltd/W2m35q+I1dekQnQJAvUgnykeAPw1+YDFmToq0c/z9/gWwA3MsCwpxQnusTzi
1GFXkSWtdTmP3vqxb+Afe9eoz8Ol7BvrhoDUS/1oKgLX4kAgNA==
-----END CERTIFICATE-----
Generated at Mon Jun 30 16:07:02 2025 by rpki-client