Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/352e3138312e3137372e302f32342d3234203d3e20323134363737.roa
File: 352e3138312e3137372e302f32342d3234203d3e20323134363737.roa (raw, json)
Hash identifier: vzxuG1+0kmB63/R/Nt/ZMIV9K/FLNdsayN5ApsSCS70=
Subject key identifier: 9E:0A:32:76:35:CE:10:73:8D:0B:BC:35:D1:31:49:FA:D6:13:73:FA
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 579DEBF34B26B157D2C49A6F7E787CB24E6897DD
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/352e3138312e3137372e302f32342d3234203d3e20323134363737.roa
Signing time: Sat 04 Oct 2025 11:55:08 +0000
ROA not before: Sat 04 Oct 2025 11:50:08 +0000
ROA not after: Sat 03 Oct 2026 11:55:08 +0000
asID: 214677
IP address blocks: 5.181.177.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:08:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:9d:eb:f3:4b:26:b1:57:d2:c4:9a:6f:7e:78:7c:b2:4e:68:97:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Oct 4 11:50:08 2025 GMT
Not After : Oct 3 11:55:08 2026 GMT
Subject: CN=9E0A327635CE10738D0BBC35D13149FAD61373FA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:a5:07:78:58:01:51:a0:87:94:17:6c:48:0d:
34:00:48:18:bf:1c:69:dc:55:d8:9f:57:83:68:9b:
ac:9e:40:35:06:38:23:85:38:4d:d8:5c:96:fb:b4:
b7:21:fc:8b:fa:fc:40:fd:d2:6b:b4:ff:30:29:ec:
5a:71:4b:f5:45:20:c7:e0:44:03:07:44:b2:7d:76:
5f:8f:f9:13:97:c0:b0:e4:d5:db:46:ec:4b:1e:56:
41:53:05:1f:b9:d8:36:4c:61:99:9f:5a:8b:36:8b:
69:4a:9c:5e:31:3f:4c:3b:1a:71:ca:3d:df:86:b9:
80:6a:c3:ee:00:cc:86:38:99:94:0a:e7:0a:ba:05:
4a:f3:5d:bb:ad:17:b8:50:f9:c0:b6:bd:1b:02:91:
22:01:36:f5:9d:67:62:e7:18:ca:c0:54:01:05:5f:
01:74:db:ef:d7:fe:68:93:f3:52:61:4a:d6:56:a8:
61:61:f3:fb:40:06:44:ff:f9:49:7e:57:83:ad:e4:
c8:80:d0:25:da:19:1a:29:97:ef:bb:77:ef:ea:09:
11:5d:03:d6:f3:5f:96:53:ae:c9:eb:56:45:63:ef:
d1:2e:d5:cb:37:ac:a5:02:e7:e2:06:38:f2:23:58:
fa:63:d3:fa:8f:9e:3d:eb:50:5b:30:7a:57:9c:16:
3e:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:0A:32:76:35:CE:10:73:8D:0B:BC:35:D1:31:49:FA:D6:13:73:FA
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/352e3138312e3137372e302f32342d3234203d3e20323134363737.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.177.0/24
Signature Algorithm: sha256WithRSAEncryption
70:85:f0:c5:a0:cf:4d:89:12:92:03:ff:e1:30:64:7d:b9:18:
d0:df:88:66:5f:af:1f:96:79:25:68:0a:24:a5:64:d2:8e:da:
79:ee:2c:04:d5:a3:99:2b:98:a1:90:88:00:54:71:79:7f:cc:
eb:28:29:f0:c6:54:e6:1f:90:9d:7e:77:d4:53:da:59:b0:72:
2e:d2:30:69:64:96:a7:c6:ce:34:bd:19:65:e0:aa:3f:58:99:
6f:2b:51:37:7f:75:ed:12:f5:6a:7c:7d:10:42:a2:bc:10:55:
e8:34:a1:bd:86:9d:2a:b0:3f:4d:21:c4:6a:3a:5f:06:9c:11:
ea:53:ae:5b:59:d4:ec:0f:78:cd:62:b7:30:93:42:42:65:d5:
c5:00:e4:2f:a4:f5:0d:5d:66:04:45:06:bf:c5:a1:44:94:06:
da:03:02:71:43:18:ce:41:ed:9f:04:b4:d1:af:75:c7:d8:67:
56:83:95:8d:22:54:8c:65:60:70:01:c0:54:0b:cc:2d:e7:b6:
42:49:dd:b4:69:bd:df:73:68:8d:1b:53:e4:51:0f:42:af:28:
2e:30:41:cf:28:12:c2:26:65:fb:c7:80:f9:fd:2e:8c:88:eb:
74:42:4a:b2:8c:88:39:cb:d1:e4:45:5e:c7:38:00:d5:71:bf:
6b:88:e4:d3
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUV53r80smsVfSxJpvfnh8sk5ol90wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNTEwMDQxMTUwMDhaFw0yNjEwMDMxMTU1MDhaMDMxMTAvBgNV
BAMTKDlFMEEzMjc2MzVDRTEwNzM4RDBCQkMzNUQxMzE0OUZBRDYxMzczRkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEpQd4WAFRoIeUF2xIDTQASBi/
HGncVdifV4Nom6yeQDUGOCOFOE3YXJb7tLch/Iv6/ED90mu0/zAp7FpxS/VFIMfg
RAMHRLJ9dl+P+ROXwLDk1dtG7EseVkFTBR+52DZMYZmfWos2i2lKnF4xP0w7GnHK
Pd+GuYBqw+4AzIY4mZQK5wq6BUrzXbutF7hQ+cC2vRsCkSIBNvWdZ2LnGMrAVAEF
XwF02+/X/miT81JhStZWqGFh8/tABkT/+Ul+V4Ot5MiA0CXaGRopl++7d+/qCRFd
A9bzX5ZTrsnrVkVj79Eu1cs3rKUC5+IGOPIjWPpj0/qPnj3rUFswelecFj77AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUngoydjXOEHONC7w10TFJ+tYTc/owHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzUyZTMxMzgzMTJlMzEzNzM3
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTM0MzYzNzM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
BbWxMA0GCSqGSIb3DQEBCwUAA4IBAQBwhfDFoM9NiRKSA//hMGR9uRjQ34hmX68f
lnklaAokpWTSjtp57iwE1aOZK5ihkIgAVHF5f8zrKCnwxlTmH5CdfnfUU9pZsHIu
0jBpZJanxs40vRll4Ko/WJlvK1E3f3XtEvVqfH0QQqK8EFXoNKG9hp0qsD9NIcRq
Ol8GnBHqU65bWdTsD3jNYrcwk0JCZdXFAOQvpPUNXWYERQa/xaFElAbaAwJxQxjO
Qe2fBLTRr3XH2GdWg5WNIlSMZWBwAcBUC8wt57ZCSd20ab3fc2iNG1PkUQ9Crygu
MEHPKBLCJmX7x4D5/S6MiOt0QkqyjIg5y9HkRV7HOADVcb9riOTT
-----END CERTIFICATE-----
Generated at Mon Oct 20 15:55:57 2025 by rpki-client