Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e38372e3137322e302f32342d3234203d3e20313939303330.roa
File: 34352e38372e3137322e302f32342d3234203d3e20313939303330.roa (raw, json)
Hash identifier: HYXpSCcrtxWqPdb7L1DYxOrVi61un6qVIQZMueLuekk=
Subject key identifier: D2:70:7B:EF:EE:E5:50:03:F1:F6:9E:44:AD:F6:F9:E7:8C:86:D5:EB
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 22001B1C7BA08D19E9D3167DB69F05B35278180B
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e38372e3137322e302f32342d3234203d3e20313939303330.roa
Signing time: Fri 08 May 2026 03:08:58 +0000
ROA not before: Fri 08 May 2026 03:03:58 +0000
ROA not after: Fri 07 May 2027 03:08:58 +0000
asID: 199030
IP address blocks: 45.87.172.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:38:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:00:1b:1c:7b:a0:8d:19:e9:d3:16:7d:b6:9f:05:b3:52:78:18:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: May 8 03:03:58 2026 GMT
Not After : May 7 03:08:58 2027 GMT
Subject: CN=D2707BEFEEE55003F1F69E44ADF6F9E78C86D5EB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:dd:c8:4b:f1:97:f1:af:1d:d8:9b:a7:87:58:
a8:7d:4b:d7:6a:aa:f9:0f:a4:12:c6:0d:02:56:9b:
61:9a:5a:a0:53:5b:11:16:37:c2:b7:35:bf:4c:4c:
4b:2e:04:d8:f3:af:8b:11:47:a9:2d:3b:bd:af:03:
c2:54:3c:31:bd:af:07:c4:61:c3:d1:4f:e4:4b:f2:
39:67:33:6c:be:2b:20:34:a2:a7:bb:c8:c5:2e:91:
7f:d3:f1:d7:f4:36:b4:8c:b5:a5:c5:94:c8:b2:8c:
af:b6:0f:f7:be:9e:e1:17:39:84:dc:59:5d:36:96:
4f:13:f8:bc:e3:6a:95:ba:9c:6d:41:c6:dd:e5:e6:
d9:53:ae:68:6e:fd:60:4c:e2:51:08:e4:3f:24:2e:
16:e7:c7:57:f8:ce:9c:ec:1c:af:a1:ad:62:16:d1:
82:98:11:0c:47:68:c5:54:3f:a9:f6:a7:57:9e:0c:
95:23:37:43:41:c5:f2:f1:42:50:74:1f:20:75:8f:
c4:a7:eb:65:60:71:39:2a:e9:d1:0d:c5:f6:43:17:
39:44:c7:0d:9f:47:25:c5:c1:17:06:8c:66:cf:55:
75:68:21:aa:21:b8:23:86:75:86:7e:fe:ff:4d:74:
45:75:6f:df:59:5c:98:89:f0:5a:2f:8c:bb:e2:42:
99:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:70:7B:EF:EE:E5:50:03:F1:F6:9E:44:AD:F6:F9:E7:8C:86:D5:EB
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e38372e3137322e302f32342d3234203d3e20313939303330.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.172.0/24
Signature Algorithm: sha256WithRSAEncryption
34:c5:a0:f4:b8:24:81:a2:74:a7:6d:3b:74:5e:f3:8b:12:16:
3f:22:46:bf:86:7e:72:ec:b3:eb:9b:ad:06:ea:5d:10:f1:1c:
f7:c8:d8:91:f6:89:02:c8:28:39:e3:43:44:0a:11:27:fd:38:
75:10:09:3a:40:90:36:99:b9:33:10:ff:b9:f3:e4:22:61:50:
1b:40:6e:29:bf:c2:21:f3:5d:39:25:20:56:83:ab:e9:ed:5f:
5e:06:45:ae:49:eb:a1:57:da:cb:65:a3:0c:c9:9d:84:5c:34:
7d:a6:c2:e0:1a:db:77:20:7e:a2:f2:09:46:9c:36:44:21:e4:
f7:ab:20:f6:1a:fa:76:7d:c7:41:7b:52:0d:4a:4f:94:ec:70:
64:a5:d9:14:c5:55:67:fa:eb:ed:1e:d9:27:f0:ee:b3:23:0d:
d8:58:fd:ef:13:17:41:e9:24:9f:44:40:9c:a5:c9:1e:7a:cb:
21:82:64:b9:19:4e:6b:f7:bd:b6:68:0e:1b:0d:86:cc:f1:3e:
4a:b6:d6:84:14:05:6e:6b:47:04:81:78:95:4a:19:77:ef:35:
b7:4c:a9:47:1f:57:13:06:fe:fb:f9:66:97:8d:fd:8a:84:2d:
8f:dd:c4:13:6d:f1:64:67:34:7e:77:fe:27:fe:5e:6f:6f:76:
04:b5:ac:3c
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUIgAbHHugjRnp0xZ9tp8Fs1J4GAswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNjA1MDgwMzAzNThaFw0yNzA1MDcwMzA4NThaMDMxMTAvBgNV
BAMTKEQyNzA3QkVGRUVFNTUwMDNGMUY2OUU0NEFERjZGOUU3OEM4NkQ1RUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZ3chL8Zfxrx3Ym6eHWKh9S9dq
qvkPpBLGDQJWm2GaWqBTWxEWN8K3Nb9MTEsuBNjzr4sRR6ktO72vA8JUPDG9rwfE
YcPRT+RL8jlnM2y+KyA0oqe7yMUukX/T8df0NrSMtaXFlMiyjK+2D/e+nuEXOYTc
WV02lk8T+LzjapW6nG1Bxt3l5tlTrmhu/WBM4lEI5D8kLhbnx1f4zpzsHK+hrWIW
0YKYEQxHaMVUP6n2p1eeDJUjN0NBxfLxQlB0HyB1j8Sn62VgcTkq6dENxfZDFzlE
xw2fRyXFwRcGjGbPVXVoIaohuCOGdYZ+/v9NdEV1b99ZXJiJ8FovjLviQpknAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU0nB77+7lUAPx9p5Erfb554yG1eswHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzgzNzJlMzEzNzMy
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzOTM5MzAzMzMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LVesMA0GCSqGSIb3DQEBCwUAA4IBAQA0xaD0uCSBonSnbTt0XvOLEhY/Ika/hn5y
7LPrm60G6l0Q8Rz3yNiR9okCyCg540NEChEn/Th1EAk6QJA2mbkzEP+58+QiYVAb
QG4pv8Ih8105JSBWg6vp7V9eBkWuSeuhV9rLZaMMyZ2EXDR9psLgGtt3IH6i8glG
nDZEIeT3qyD2Gvp2fcdBe1INSk+U7HBkpdkUxVVn+uvtHtkn8O6zIw3YWP3vExdB
6SSfRECcpckeesshgmS5GU5r9722aA4bDYbM8T5KttaEFAVua0cEgXiVShl37zW3
TKlHH1cTBv77+WaXjf2KhC2P3cQTbfFkZzR+d/4n/l5vb3YEtaw8
-----END CERTIFICATE-----
Generated at Wed May 13 05:55:26 2026 by rpki-client