Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/38352e3230392e3232322e302f32342d3234203d3e203631333137.roa
File: 38352e3230392e3232322e302f32342d3234203d3e203631333137.roa (raw, json)
Hash identifier: kVoGCQU0nZ0Y5HxTv7aSIZd4ymLr9HiKZlXPTkbKG1U=
Subject key identifier: 6F:4C:60:EA:A7:ED:10:DB:6B:D4:99:DC:2B:3B:99:0E:8D:09:2D:A2
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 61F17DDAC55A709BE531EBFF5515A3C117253A29
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/38352e3230392e3232322e302f32342d3234203d3e203631333137.roa
Signing time: Sun 04 May 2025 03:54:05 +0000
ROA not before: Sun 04 May 2025 03:49:05 +0000
ROA not after: Sun 03 May 2026 03:54:05 +0000
asID: 61317
IP address blocks: 85.209.222.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 11 May 2025 13:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:f1:7d:da:c5:5a:70:9b:e5:31:eb:ff:55:15:a3:c1:17:25:3a:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: May 4 03:49:05 2025 GMT
Not After : May 3 03:54:05 2026 GMT
Subject: CN=6F4C60EAA7ED10DB6BD499DC2B3B990E8D092DA2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:0e:b6:d5:81:28:d3:6f:c0:47:bc:81:cd:35:
f4:78:f9:36:d8:d1:d7:1b:8a:03:05:fd:ac:71:75:
3e:bd:fb:e2:0e:87:46:05:14:fa:a6:d7:03:9f:2f:
a0:d3:02:07:54:8d:d4:3f:55:3b:7f:83:39:ec:a9:
a1:62:ef:13:34:33:51:9d:b9:77:ce:fa:d8:27:4a:
9c:83:6a:fc:d9:b2:b8:4c:66:96:3b:83:69:88:25:
e6:1f:fa:f3:44:b4:94:d2:73:fd:31:88:97:fe:16:
f0:93:49:e8:dd:e1:92:b2:72:9d:79:0b:04:e5:c5:
e2:d4:2e:49:fd:05:62:b8:8b:12:b1:97:91:a2:ec:
c3:51:7e:b5:60:d2:5d:97:28:4d:df:bc:79:40:2d:
3b:17:01:73:3c:1e:19:c2:23:d3:9f:c1:b5:54:95:
f5:62:e6:94:8a:4d:cd:d2:b3:3e:37:d6:42:9a:05:
90:ea:b0:ad:82:64:66:5f:eb:99:5a:78:41:fe:6e:
8d:04:88:db:e6:56:02:34:57:d1:dd:9a:5b:31:6e:
ef:57:b5:14:25:4f:bd:2f:39:f0:f3:04:d5:78:b9:
02:33:e7:66:55:28:3d:76:04:ec:36:8d:34:09:10:
b6:6a:b3:0c:2d:c7:38:70:02:f6:77:ed:0e:34:68:
33:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:4C:60:EA:A7:ED:10:DB:6B:D4:99:DC:2B:3B:99:0E:8D:09:2D:A2
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/38352e3230392e3232322e302f32342d3234203d3e203631333137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.222.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:cc:37:84:64:16:8a:f6:23:b9:46:8e:e8:c4:6c:41:59:f6:
69:1c:e3:8b:50:4d:2d:63:fc:48:57:41:7d:47:bf:d1:5a:57:
fb:e6:97:83:f7:31:e2:0b:fc:77:41:93:a1:2a:93:35:9a:9d:
0a:81:8d:a4:e7:f1:b9:67:07:f0:b8:3a:d8:49:1e:c6:14:25:
fc:51:c4:1f:47:7d:d7:ab:1e:ea:b4:b6:fc:1e:50:ac:6c:31:
29:57:a8:43:5a:6e:ba:06:ca:3f:85:b4:86:45:12:6a:b1:5c:
e9:90:9d:b0:2c:91:d2:28:aa:2b:ee:3f:54:60:6d:55:9c:94:
c2:f4:4b:c3:cb:5f:f7:cc:65:62:55:83:3b:39:8d:8a:7b:76:
bc:08:1d:35:bb:4b:4c:3d:e8:87:28:d0:7c:76:f2:a4:22:20:
47:95:79:f3:74:96:ef:26:7e:19:f9:85:40:17:e5:20:e0:39:
68:14:e6:89:e8:b6:2f:f9:65:aa:0d:e8:d5:05:e2:a6:c2:a8:
6f:83:08:9e:17:0d:c3:5b:79:4f:17:cb:a8:e7:f2:47:7b:83:
df:90:19:da:5a:6a:e6:23:5e:fb:90:29:0f:66:a9:41:a3:2f:
d9:5d:60:a3:bc:7d:82:68:2c:9d:66:a1:ab:12:83:0a:e9:36:
59:55:57:8d
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUYfF92sVacJvlMev/VRWjwRclOikwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNTA1MDQwMzQ5MDVaFw0yNjA1MDMwMzU0MDVaMDMxMTAvBgNV
BAMTKDZGNEM2MEVBQTdFRDEwREI2QkQ0OTlEQzJCM0I5OTBFOEQwOTJEQTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5DrbVgSjTb8BHvIHNNfR4+TbY
0dcbigMF/axxdT69++IOh0YFFPqm1wOfL6DTAgdUjdQ/VTt/gznsqaFi7xM0M1Gd
uXfO+tgnSpyDavzZsrhMZpY7g2mIJeYf+vNEtJTSc/0xiJf+FvCTSejd4ZKycp15
CwTlxeLULkn9BWK4ixKxl5Gi7MNRfrVg0l2XKE3fvHlALTsXAXM8HhnCI9OfwbVU
lfVi5pSKTc3Ssz431kKaBZDqsK2CZGZf65laeEH+bo0EiNvmVgI0V9Hdmlsxbu9X
tRQlT70vOfDzBNV4uQIz52ZVKD12BOw2jTQJELZqswwtxzhwAvZ37Q40aDPlAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUb0xg6qftENtr1JncKzuZDo0JLaIwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzgzNTJlMzIzMDM5MmUzMjMy
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMxMzMzMTM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
VdHeMA0GCSqGSIb3DQEBCwUAA4IBAQChzDeEZBaK9iO5Ro7oxGxBWfZpHOOLUE0t
Y/xIV0F9R7/RWlf75peD9zHiC/x3QZOhKpM1mp0KgY2k5/G5ZwfwuDrYSR7GFCX8
UcQfR33Xqx7qtLb8HlCsbDEpV6hDWm66Bso/hbSGRRJqsVzpkJ2wLJHSKKor7j9U
YG1VnJTC9EvDy1/3zGViVYM7OY2Ke3a8CB01u0tMPeiHKNB8dvKkIiBHlXnzdJbv
Jn4Z+YVAF+Ug4DloFOaJ6LYv+WWqDejVBeKmwqhvgwieFw3DW3lPF8uo5/JHe4Pf
kBnaWmrmI177kCkPZqlBoy/ZXWCjvH2CaCydZqGrEoMK6TZZVVeN
-----END CERTIFICATE-----
Generated at Sat May 10 18:48:50 2025 by rpki-client