Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ff7a989-ecdf-43d6-86e1-f6c3935b9b3d/4/326131343a366634303a3a2f33322d3438203d3e20323030323432.roa
File: 326131343a366634303a3a2f33322d3438203d3e20323030323432.roa (raw, json)
Hash identifier: wghHBUAPyTh1k75qu9+3ST+twxsY88XGIADNiAK2tow=
Subject key identifier: 00:64:40:32:12:3E:87:67:70:F8:7D:FC:D4:BD:B6:69:4D:53:7A:DC
Certificate issuer: /CN=3eeebb946a8d21d4083c93dc09cee557bb2ac32e
Certificate serial: 473F98C0AE86F889BD7AF25B52A8E48817D12F65
Authority key identifier: 3E:EE:BB:94:6A:8D:21:D4:08:3C:93:DC:09:CE:E5:57:BB:2A:C3:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pu67lGqNIdQIPJPcCc7lV7sqwy4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ff7a989-ecdf-43d6-86e1-f6c3935b9b3d/4/326131343a366634303a3a2f33322d3438203d3e20323030323432.roa
Signing time: Tue 01 Jul 2025 17:43:50 +0000
ROA not before: Tue 01 Jul 2025 17:38:50 +0000
ROA not after: Tue 30 Jun 2026 17:43:50 +0000
asID: 200242
IP address blocks: 2a14:6f40::/32 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ff7a989-ecdf-43d6-86e1-f6c3935b9b3d/4/3EEEBB946A8D21D4083C93DC09CEE557BB2AC32E.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ff7a989-ecdf-43d6-86e1-f6c3935b9b3d/4/3EEEBB946A8D21D4083C93DC09CEE557BB2AC32E.mft
rsync://rpki.ripe.net/repository/DEFAULT/Pu67lGqNIdQIPJPcCc7lV7sqwy4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 09:58:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:3f:98:c0:ae:86:f8:89:bd:7a:f2:5b:52:a8:e4:88:17:d1:2f:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3eeebb946a8d21d4083c93dc09cee557bb2ac32e
Validity
Not Before: Jul 1 17:38:50 2025 GMT
Not After : Jun 30 17:43:50 2026 GMT
Subject: CN=00644032123E876770F87DFCD4BDB6694D537ADC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:94:d2:04:b2:0e:2f:8a:b4:12:58:26:62:54:
bf:c9:29:56:60:2b:d6:6e:89:43:b7:87:5c:a1:dd:
33:b4:55:fe:05:f1:03:4d:99:4d:c4:6a:b8:c5:96:
99:f5:41:16:7a:34:e4:14:10:d8:d9:ff:fe:ba:46:
c9:6b:24:1a:52:e0:d3:53:16:30:86:36:cd:59:7a:
6e:9f:5c:e8:88:92:48:0e:c1:93:14:b6:7a:24:48:
62:66:2a:54:d8:d5:85:db:b6:23:27:e5:b8:96:54:
e2:dc:e7:eb:d0:e2:b2:02:98:7b:a1:7a:f7:e7:fc:
f2:65:d9:4c:d8:fa:85:be:65:71:a0:54:11:b2:97:
0e:2f:2a:4c:77:09:13:ce:3a:bb:e2:f5:72:36:34:
b8:fc:d6:0a:23:26:20:03:ce:b9:ab:f8:8b:87:87:
b0:07:ba:c5:e3:dd:0f:24:8a:a6:6d:af:68:af:11:
7a:77:a5:a4:a1:ad:60:25:e2:83:f1:ee:7f:36:d6:
dc:d8:ce:22:f0:67:e7:1d:24:ce:b6:ec:17:b1:0e:
d2:df:e5:ea:60:68:eb:04:08:c1:ac:bc:d9:ef:a0:
d7:8d:97:7d:a0:70:15:24:41:c0:2c:5f:ae:9a:cb:
37:d0:9c:39:fd:93:58:83:13:19:36:6b:94:5c:a7:
92:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:64:40:32:12:3E:87:67:70:F8:7D:FC:D4:BD:B6:69:4D:53:7A:DC
X509v3 Authority Key Identifier:
keyid:3E:EE:BB:94:6A:8D:21:D4:08:3C:93:DC:09:CE:E5:57:BB:2A:C3:2E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ff7a989-ecdf-43d6-86e1-f6c3935b9b3d/4/3EEEBB946A8D21D4083C93DC09CEE557BB2AC32E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pu67lGqNIdQIPJPcCc7lV7sqwy4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ff7a989-ecdf-43d6-86e1-f6c3935b9b3d/4/326131343a366634303a3a2f33322d3438203d3e20323030323432.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:6f40::/32
Signature Algorithm: sha256WithRSAEncryption
79:fd:dc:c2:b7:2c:06:84:14:62:19:c4:61:c7:07:11:e7:aa:
6a:f6:a7:47:e6:22:36:4b:05:05:bc:4c:dc:32:93:6b:33:90:
1e:c7:19:8b:ac:fa:b2:5f:62:bb:6d:e9:76:65:68:a6:29:26:
76:fd:de:39:02:7a:ad:c3:48:91:30:fc:4b:ae:e0:a2:9c:1a:
a1:ab:f8:7f:e8:4b:1a:81:c7:b1:d7:27:ce:38:3d:b1:8b:7c:
97:31:bb:08:b8:10:80:38:9b:d3:8d:0f:f8:54:a2:f1:23:29:
cb:4f:25:4e:90:5f:50:84:e6:5d:b1:81:b5:2f:fd:dd:97:c3:
3d:87:e4:a2:aa:17:26:f2:0a:b6:09:26:35:0d:33:4d:70:8b:
cc:c8:62:f2:6f:f6:b3:87:34:da:9b:d1:3d:b3:1a:e1:27:f0:
59:7b:d3:28:c1:09:3d:ef:16:ac:e1:ea:75:02:64:87:7e:db:
f2:c3:95:51:32:4a:94:f8:31:7d:33:14:cc:c6:83:c1:f4:fe:
2e:d5:af:4f:bc:2c:b7:e1:56:02:f0:ed:39:4d:4c:c2:28:43:
f4:3a:55:ad:5c:82:aa:7e:05:4d:4d:a9:cf:e7:e9:a8:e9:40:
ca:80:2d:20:99:dd:f1:59:2f:cb:c5:f8:52:7d:2e:7b:9a:bd:
de:5a:a3:c5
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIURz+YwK6G+Im9evJbUqjkiBfRL2UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2VlZWJiOTQ2YThkMjFkNDA4M2M5M2RjMDljZWU1NTdi
YjJhYzMyZTAeFw0yNTA3MDExNzM4NTBaFw0yNjA2MzAxNzQzNTBaMDMxMTAvBgNV
BAMTKDAwNjQ0MDMyMTIzRTg3Njc3MEY4N0RGQ0Q0QkRCNjY5NEQ1MzdBREMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBlNIEsg4virQSWCZiVL/JKVZg
K9ZuiUO3h1yh3TO0Vf4F8QNNmU3EarjFlpn1QRZ6NOQUENjZ//66RslrJBpS4NNT
FjCGNs1Zem6fXOiIkkgOwZMUtnokSGJmKlTY1YXbtiMn5biWVOLc5+vQ4rICmHuh
evfn/PJl2UzY+oW+ZXGgVBGylw4vKkx3CRPOOrvi9XI2NLj81gojJiADzrmr+IuH
h7AHusXj3Q8kiqZtr2ivEXp3paShrWAl4oPx7n821tzYziLwZ+cdJM627BexDtLf
5epgaOsECMGsvNnvoNeNl32gcBUkQcAsX66ayzfQnDn9k1iDExk2a5Rcp5J7AgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQUAGRAMhI+h2dw+H381L22aU1TetwwHwYDVR0j
BBgwFoAUPu67lGqNIdQIPJPcCc7lV7sqwy4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmZmN2E5ODktZWNkZi00M2Q2LTg2ZTEtZjZjMzkzNWI5
YjNkLzQvM0VFRUJCOTQ2QThEMjFENDA4M0M5M0RDMDlDRUU1NTdCQjJBQzMyRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1B1NjdsR3FOSWRRSVBKUGNDYzdsVjdz
cXd5NC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmZmN2E5ODkt
ZWNkZi00M2Q2LTg2ZTEtZjZjMzkzNWI5YjNkLzQvMzI2MTMxMzQzYTM2NjYzNDMw
M2EzYTJmMzMzMjJkMzQzODIwM2QzZTIwMzIzMDMwMzIzNDMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUA
KhRvQDANBgkqhkiG9w0BAQsFAAOCAQEAef3cwrcsBoQUYhnEYccHEeeqavanR+Yi
NksFBbxM3DKTazOQHscZi6z6sl9iu23pdmVopikmdv3eOQJ6rcNIkTD8S67gopwa
oav4f+hLGoHHsdcnzjg9sYt8lzG7CLgQgDib040P+FSi8SMpy08lTpBfUITmXbGB
tS/93ZfDPYfkoqoXJvIKtgkmNQ0zTXCLzMhi8m/2s4c02pvRPbMa4SfwWXvTKMEJ
Pe8WrOHqdQJkh37b8sOVUTJKlPgxfTMUzMaDwfT+LtWvT7wst+FWAvDtOU1MwihD
9DpVrVyCqn4FTU2pz+fpqOlAyoAtIJnd8Vkvy8X4Un0ue5q93lqjxQ==
-----END CERTIFICATE-----
Generated at Sun Jul 20 20:12:18 2025 by rpki-client