Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/326131333a393634303a3a2f34342d3434203d3e203532313132.roa
File: 326131333a393634303a3a2f34342d3434203d3e203532313132.roa (raw, json)
Hash identifier: DOR1Pt3ct68s+ey18ZghPrs5rAUoZlIbwxjvP68BE+k=
Subject key identifier: 5A:3E:1A:D1:8E:19:B3:01:6B:54:71:6D:6B:37:7B:BA:D3:05:2D:9D
Certificate issuer: /CN=f1d0572fe72991bd32854bac716676ebdad22ace
Certificate serial: 2F448CEDC972A9F756E7BF54F0C7C45A1B2CF601
Authority key identifier: F1:D0:57:2F:E7:29:91:BD:32:85:4B:AC:71:66:76:EB:DA:D2:2A:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/326131333a393634303a3a2f34342d3434203d3e203532313132.roa
Signing time: Thu 10 Jul 2025 16:08:17 +0000
ROA not before: Thu 10 Jul 2025 16:03:17 +0000
ROA not after: Thu 09 Jul 2026 16:08:17 +0000
asID: 52112
IP address blocks: 2a13:9640::/44 maxlen: 44
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.crl
rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.mft
rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 08:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:44:8c:ed:c9:72:a9:f7:56:e7:bf:54:f0:c7:c4:5a:1b:2c:f6:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d0572fe72991bd32854bac716676ebdad22ace
Validity
Not Before: Jul 10 16:03:17 2025 GMT
Not After : Jul 9 16:08:17 2026 GMT
Subject: CN=5A3E1AD18E19B3016B54716D6B377BBAD3052D9D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:af:ca:76:81:d5:ed:0d:85:e4:cb:ad:b1:c4:
5f:b0:32:8c:78:a3:a8:83:0b:7e:e5:be:fa:88:cf:
4d:53:17:7e:55:ba:ab:77:5d:d4:7e:33:4d:de:f9:
f5:4b:ca:fb:ee:b9:5f:2a:7b:94:1a:3a:60:62:ff:
2b:39:20:08:05:61:84:66:cc:4c:1b:c7:fb:41:ae:
62:58:c0:96:09:a6:18:48:db:44:3f:2a:1a:17:a5:
be:5f:49:92:22:c3:6e:90:80:23:8b:fc:e8:66:58:
e4:a7:f6:ef:30:ac:42:d0:a4:db:79:ce:53:a6:f1:
e4:f7:e7:83:47:d7:2f:d8:57:fb:81:01:a8:f8:bc:
b1:e7:2b:1d:66:95:c4:ac:f0:48:98:6f:be:2d:2e:
a9:9f:55:b8:aa:d9:9e:5c:01:82:e4:18:8f:d4:7e:
c1:cb:6b:56:4a:28:ea:b6:95:66:75:02:73:6c:ab:
47:de:2a:43:6f:83:85:5c:34:83:82:8a:fa:38:a8:
79:3f:3c:fc:a9:e0:50:75:50:8f:c2:c3:5c:06:85:
49:a1:5a:87:08:06:a4:b4:21:4e:12:22:a9:4f:a6:
52:0f:7f:68:48:5f:1c:3e:73:04:aa:5d:e7:43:b0:
63:c7:d6:54:0e:ad:1b:35:d6:f6:0a:34:47:7e:96:
5f:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:3E:1A:D1:8E:19:B3:01:6B:54:71:6D:6B:37:7B:BA:D3:05:2D:9D
X509v3 Authority Key Identifier:
keyid:F1:D0:57:2F:E7:29:91:BD:32:85:4B:AC:71:66:76:EB:DA:D2:2A:CE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/326131333a393634303a3a2f34342d3434203d3e203532313132.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9640::/44
Signature Algorithm: sha256WithRSAEncryption
61:ec:0b:82:27:61:b0:f7:88:39:00:64:55:06:ae:ab:21:c7:
27:9f:bc:ad:2b:46:92:57:74:43:65:79:57:30:55:f3:cd:be:
90:f8:93:6a:04:41:f2:95:e1:18:f5:a5:f1:c0:2a:ab:e6:ab:
38:02:2a:a7:13:58:a5:c9:12:9c:d4:39:ba:a3:21:dc:19:5e:
e7:1c:26:b6:51:c2:98:10:05:9a:93:57:3d:74:b8:e4:47:5c:
cf:58:e4:e4:42:8c:09:50:04:94:b6:46:6c:93:70:21:0a:79:
7e:55:fc:41:de:94:21:6e:bb:f1:2a:9d:d6:cb:f6:d6:18:3d:
9e:46:87:9c:85:7e:49:00:4b:8a:bb:34:cf:98:db:22:9b:dc:
95:2e:d0:d0:1d:b2:30:34:d9:03:37:84:8c:c1:7d:93:3f:9f:
71:6b:f4:2d:27:8a:74:71:ab:1a:01:1f:a7:20:7b:a9:6b:6e:
7e:e5:d3:c8:5d:89:b5:9d:87:7b:6f:88:58:3d:27:d4:a0:66:
57:c2:13:a6:d6:17:cb:92:f3:f9:02:71:27:52:fb:da:4a:fa:
70:6a:8f:c5:b0:4d:8d:bc:21:a5:db:7e:f0:46:1c:74:5e:b4:
93:36:40:97:a4:f6:43:3c:4f:78:a0:fc:e4:69:6e:6f:f1:37:
c4:89:eb:fb
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIUL0SM7clyqfdW579U8MfEWhss9gEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZjFkMDU3MmZlNzI5OTFiZDMyODU0YmFjNzE2Njc2ZWJk
YWQyMmFjZTAeFw0yNTA3MTAxNjAzMTdaFw0yNjA3MDkxNjA4MTdaMDMxMTAvBgNV
BAMTKDVBM0UxQUQxOEUxOUIzMDE2QjU0NzE2RDZCMzc3QkJBRDMwNTJEOUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0r8p2gdXtDYXky62xxF+wMox4
o6iDC37lvvqIz01TF35Vuqt3XdR+M03e+fVLyvvuuV8qe5QaOmBi/ys5IAgFYYRm
zEwbx/tBrmJYwJYJphhI20Q/KhoXpb5fSZIiw26QgCOL/OhmWOSn9u8wrELQpNt5
zlOm8eT354NH1y/YV/uBAaj4vLHnKx1mlcSs8EiYb74tLqmfVbiq2Z5cAYLkGI/U
fsHLa1ZKKOq2lWZ1AnNsq0feKkNvg4VcNIOCivo4qHk/PPyp4FB1UI/Cw1wGhUmh
WocIBqS0IU4SIqlPplIPf2hIXxw+cwSqXedDsGPH1lQOrRs11vYKNEd+ll87AgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQUWj4a0Y4ZswFrVHFtazd7utMFLZ0wHwYDVR0j
BBgwFoAU8dBXL+cpkb0yhUuscWZ269rSKs4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTMwZGU4NGItNDAwYS00ZmQxLWFiOGEtZTc2MTZlMjQ1
YjQ5LzAvRjFEMDU3MkZFNzI5OTFCRDMyODU0QkFDNzE2Njc2RUJEQUQyMkFDRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzhkQlhMLWNwa2IweWhVdXNjV1oyNjly
U0tzNC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTMwZGU4NGIt
NDAwYS00ZmQxLWFiOGEtZTc2MTZlMjQ1YjQ5LzAvMzI2MTMxMzMzYTM5MzYzNDMw
M2EzYTJmMzQzNDJkMzQzNDIwM2QzZTIwMzUzMjMxMzEzMi5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoT
lkAAADANBgkqhkiG9w0BAQsFAAOCAQEAYewLgidhsPeIOQBkVQauqyHHJ5+8rStG
kld0Q2V5VzBV882+kPiTagRB8pXhGPWl8cAqq+arOAIqpxNYpckSnNQ5uqMh3Ble
5xwmtlHCmBAFmpNXPXS45Edcz1jk5EKMCVAElLZGbJNwIQp5flX8Qd6UIW678Sqd
1sv21hg9nkaHnIV+SQBLirs0z5jbIpvclS7Q0B2yMDTZAzeEjMF9kz+fcWv0LSeK
dHGrGgEfpyB7qWtufuXTyF2JtZ2He2+IWD0n1KBmV8ITptYXy5Lz+QJxJ1L72kr6
cGqPxbBNjbwhpdt+8EYcdF60kzZAl6T2QzxPeKD85Glub/E3xInr+w==
-----END CERTIFICATE-----
Generated at Tue Jul 22 20:57:00 2025 by rpki-client