Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e38372e3137322e302f32342d3234203d3e20323135303236.roa
File: 34352e38372e3137322e302f32342d3234203d3e20323135303236.roa (raw, json)
Hash identifier: RBIDHFV69Acs2+Po/ieVtawkZyu8FPGeYN9/mFQ8so8=
Subject key identifier: C8:F4:E4:8D:D5:61:72:DE:A3:EE:EC:53:16:70:63:BE:25:9A:B0:D1
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 3E7C1963375BAD7C2981ED54BEC1B88ABB368375
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e38372e3137322e302f32342d3234203d3e20323135303236.roa
Signing time: Wed 15 Oct 2025 13:55:08 +0000
ROA not before: Wed 15 Oct 2025 13:50:08 +0000
ROA not after: Wed 14 Oct 2026 13:55:08 +0000
asID: 215026
IP address blocks: 45.87.172.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:7c:19:63:37:5b:ad:7c:29:81:ed:54:be:c1:b8:8a:bb:36:83:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Oct 15 13:50:08 2025 GMT
Not After : Oct 14 13:55:08 2026 GMT
Subject: CN=C8F4E48DD56172DEA3EEEC53167063BE259AB0D1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:c9:c4:1a:82:53:2d:ef:26:eb:43:fe:a6:29:
73:58:2b:f5:24:4c:3a:b8:dd:84:e2:68:dc:5e:43:
eb:50:52:10:b0:94:e5:2f:ab:52:cf:fa:1d:45:25:
75:dd:db:8c:93:17:36:bd:19:12:23:aa:d6:da:3a:
a7:93:24:e9:ec:55:b5:a0:1e:f8:9f:80:03:b1:f9:
63:af:6c:07:5d:0c:fa:5a:a2:53:4a:a6:9b:89:f0:
bf:12:01:a9:0d:f5:08:9c:54:26:d2:ff:a0:90:ff:
a2:f2:8a:6f:5e:ad:2c:18:b6:75:50:2b:14:8c:2b:
be:0c:05:92:78:f1:36:27:ec:11:56:b3:b5:13:29:
ed:66:b1:36:39:f9:ac:7f:8e:6a:35:82:c1:70:9b:
aa:af:69:31:22:dc:51:56:fb:b0:f1:63:4e:5e:40:
30:0d:b8:a3:2c:7e:d3:0a:b6:fe:2d:ca:34:0b:41:
20:80:4a:f8:a6:e5:97:bd:df:2c:13:27:f5:4f:75:
fc:01:78:ae:5c:a6:2b:e1:5f:62:9e:a5:83:c0:84:
95:08:d9:e3:dc:5d:0a:8f:2d:39:55:5e:71:9e:58:
c7:15:7b:56:86:62:8d:42:b8:87:1f:fc:96:05:61:
c6:35:92:cc:0a:a3:80:69:80:a3:ff:79:1b:93:74:
b1:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:F4:E4:8D:D5:61:72:DE:A3:EE:EC:53:16:70:63:BE:25:9A:B0:D1
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e38372e3137322e302f32342d3234203d3e20323135303236.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.172.0/24
Signature Algorithm: sha256WithRSAEncryption
25:f1:40:9f:29:a3:46:55:75:7d:da:6c:1c:b2:a4:dc:00:17:
0f:fb:b0:50:95:57:18:9f:44:13:e2:28:25:4c:a7:61:1b:63:
f8:db:e9:ce:e6:b8:a5:43:0e:39:45:14:3f:ee:28:43:96:25:
be:98:29:90:4f:95:87:b1:15:3b:2b:e6:9d:35:fa:ff:48:ec:
1d:0e:a9:03:48:8c:b6:49:a1:0d:5a:f3:e8:f1:13:d2:18:a0:
d0:3a:fc:4f:c0:fa:05:5c:0a:ff:e9:a8:70:c3:22:b3:7f:5d:
89:fe:57:c2:f2:33:14:3e:a8:d7:50:ab:b9:79:42:4f:5e:f0:
44:bf:5f:79:95:6c:2b:b0:9e:1e:85:dc:45:26:e0:41:17:67:
26:8d:dd:55:30:9a:95:bf:c9:a1:16:a2:f0:af:a8:35:90:f6:
1f:d9:37:98:b2:47:81:03:f7:89:b5:c4:06:1d:67:df:ae:7f:
6d:81:7e:34:bf:c8:56:f1:9c:78:ea:2b:5f:a7:c8:e7:52:df:
17:63:6a:cb:de:2b:24:57:9d:e7:4f:a0:2f:ac:d0:66:0f:5a:
82:52:8c:b1:06:57:04:15:f4:57:bb:f8:cd:ca:69:c3:f3:1a:
ca:50:d6:84:2d:51:65:a0:51:c0:cb:3f:bd:37:cd:b3:51:29:
fa:c0:c1:ea
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUPnwZYzdbrXwpge1UvsG4irs2g3UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNTEwMTUxMzUwMDhaFw0yNjEwMTQxMzU1MDhaMDMxMTAvBgNV
BAMTKEM4RjRFNDhERDU2MTcyREVBM0VFRUM1MzE2NzA2M0JFMjU5QUIwRDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAycQaglMt7ybrQ/6mKXNYK/Uk
TDq43YTiaNxeQ+tQUhCwlOUvq1LP+h1FJXXd24yTFza9GRIjqtbaOqeTJOnsVbWg
HvifgAOx+WOvbAddDPpaolNKppuJ8L8SAakN9QicVCbS/6CQ/6Lyim9erSwYtnVQ
KxSMK74MBZJ48TYn7BFWs7UTKe1msTY5+ax/jmo1gsFwm6qvaTEi3FFW+7DxY05e
QDANuKMsftMKtv4tyjQLQSCASvim5Ze93ywTJ/VPdfwBeK5cpivhX2KepYPAhJUI
2ePcXQqPLTlVXnGeWMcVe1aGYo1CuIcf/JYFYcY1kswKo4BpgKP/eRuTdLGZAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUyPTkjdVhct6j7uxTFnBjviWasNEwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzgzNzJlMzEzNzMy
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTM1MzAzMjM2LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LVesMA0GCSqGSIb3DQEBCwUAA4IBAQAl8UCfKaNGVXV92mwcsqTcABcP+7BQlVcY
n0QT4iglTKdhG2P42+nO5rilQw45RRQ/7ihDliW+mCmQT5WHsRU7K+adNfr/SOwd
DqkDSIy2SaENWvPo8RPSGKDQOvxPwPoFXAr/6ahwwyKzf12J/lfC8jMUPqjXUKu5
eUJPXvBEv195lWwrsJ4ehdxFJuBBF2cmjd1VMJqVv8mhFqLwr6g1kPYf2TeYskeB
A/eJtcQGHWffrn9tgX40v8hW8Zx46itfp8jnUt8XY2rL3iskV53nT6AvrNBmD1qC
UoyxBlcEFfRXu/jNymnD8xrKUNaELVFloFHAyz+9N82zUSn6wMHq
-----END CERTIFICATE-----
Generated at Mon Oct 20 10:03:25 2025 by rpki-client