Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/326131333a393634343a343030303a3a2f34302d3438203d3e20323034323931.roa
File: 326131333a393634343a343030303a3a2f34302d3438203d3e20323034323931.roa (raw, json)
Hash identifier: OXH7kpuguUKmKnwoouN0IGAOMj3E/W/ffH2kJO7vbOY=
Subject key identifier: 8E:46:B7:FE:FA:CD:3F:0B:B7:40:3F:6B:CF:DD:18:65:EB:48:EF:4B
Certificate issuer: /CN=f1d0572fe72991bd32854bac716676ebdad22ace
Certificate serial: 39AAE956F9D0BC68DFD2A02D99055FACFE44DAA4
Authority key identifier: F1:D0:57:2F:E7:29:91:BD:32:85:4B:AC:71:66:76:EB:DA:D2:2A:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/326131333a393634343a343030303a3a2f34302d3438203d3e20323034323931.roa
Signing time: Thu 10 Jul 2025 16:08:18 +0000
ROA not before: Thu 10 Jul 2025 16:03:18 +0000
ROA not after: Thu 09 Jul 2026 16:08:18 +0000
asID: 204291
IP address blocks: 2a13:9644:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.crl
rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.mft
rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 08:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:aa:e9:56:f9:d0:bc:68:df:d2:a0:2d:99:05:5f:ac:fe:44:da:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d0572fe72991bd32854bac716676ebdad22ace
Validity
Not Before: Jul 10 16:03:18 2025 GMT
Not After : Jul 9 16:08:18 2026 GMT
Subject: CN=8E46B7FEFACD3F0BB7403F6BCFDD1865EB48EF4B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:62:1e:1d:fc:fb:f4:be:e9:27:fc:6a:87:5e:
d5:3a:ee:d7:12:04:1a:f1:f1:38:43:b3:99:61:19:
59:47:42:0c:fe:1c:20:57:65:a4:b0:55:0c:f5:25:
01:20:e0:27:d1:6b:c1:9e:5f:c3:5c:10:60:74:da:
e1:74:a4:8f:70:f5:16:b6:c7:40:d8:bd:76:82:ae:
19:6c:09:23:63:3c:c2:b5:9c:fe:32:62:ac:83:22:
71:3b:4c:c2:e0:e4:82:b2:a0:ea:e4:95:68:49:53:
a3:8a:bd:17:5e:19:8e:e7:fc:4e:c9:14:2a:f5:1c:
d4:9b:18:db:9a:0d:1c:d1:82:e1:e2:2c:15:f3:26:
05:ba:09:92:c3:29:04:0f:36:80:b7:01:35:29:b9:
c1:d7:e7:28:f5:16:08:33:1e:c0:4b:1b:45:16:66:
1c:9b:18:87:78:61:79:d0:08:86:ee:ae:02:3a:dd:
19:02:f7:e2:b7:86:f2:b9:54:5d:27:f8:9c:f9:ba:
aa:20:ba:4b:86:91:c2:da:80:78:52:fd:d2:04:40:
2b:06:6a:e4:ab:94:65:82:50:d7:20:4c:ed:60:0f:
cc:09:61:3a:9c:4a:15:b8:4f:e6:11:53:a2:67:93:
3f:c1:92:39:78:ae:f3:a4:a4:62:9e:20:17:6a:82:
53:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:46:B7:FE:FA:CD:3F:0B:B7:40:3F:6B:CF:DD:18:65:EB:48:EF:4B
X509v3 Authority Key Identifier:
keyid:F1:D0:57:2F:E7:29:91:BD:32:85:4B:AC:71:66:76:EB:DA:D2:2A:CE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/326131333a393634343a343030303a3a2f34302d3438203d3e20323034323931.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9644:4000::/40
Signature Algorithm: sha256WithRSAEncryption
96:4c:95:ac:64:85:25:a1:e2:8c:64:89:9b:e9:5f:5a:a3:29:
3c:3a:be:55:86:fe:e8:05:05:f6:4d:d7:20:34:90:a4:c6:c0:
19:eb:11:eb:cc:7f:5e:4a:27:09:a0:95:b4:01:0e:5a:54:ee:
0b:b7:d9:6c:ee:b8:85:f1:94:fa:d7:0a:42:3e:cf:47:07:a6:
c1:2e:f2:e4:69:e1:c0:3b:e7:23:24:1c:cc:8c:12:a4:7c:d6:
c8:47:c8:eb:53:39:a5:c3:90:83:80:2a:67:2d:b8:1f:af:64:
d2:af:d7:92:34:76:8c:2a:f3:6f:dc:3e:6a:fe:d4:29:62:49:
f3:e1:37:fa:9f:9d:7c:50:f1:d4:7a:f5:c1:57:8d:92:61:4a:
a2:de:84:a6:a7:f4:6f:e6:0f:87:1d:b3:a7:c5:64:24:71:25:
ac:20:5b:5b:8b:db:be:ba:a0:af:ff:f8:c2:6d:a3:40:78:89:
0b:49:76:6e:37:55:47:0b:39:2c:b3:ba:47:61:b4:81:d0:96:
8b:53:e6:a7:ca:2e:b2:62:01:0b:2c:fb:21:07:f6:4b:09:95:
ed:48:5a:ce:eb:e1:da:f5:66:bb:2d:b5:58:47:ec:20:4e:5c:
8f:52:68:5e:de:42:fe:d6:3e:29:f3:31:0c:5f:cb:35:6f:f5:
19:7c:83:91
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIUOarpVvnQvGjf0qAtmQVfrP5E2qQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZjFkMDU3MmZlNzI5OTFiZDMyODU0YmFjNzE2Njc2ZWJk
YWQyMmFjZTAeFw0yNTA3MTAxNjAzMThaFw0yNjA3MDkxNjA4MThaMDMxMTAvBgNV
BAMTKDhFNDZCN0ZFRkFDRDNGMEJCNzQwM0Y2QkNGREQxODY1RUI0OEVGNEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCoYh4d/Pv0vukn/GqHXtU67tcS
BBrx8ThDs5lhGVlHQgz+HCBXZaSwVQz1JQEg4CfRa8GeX8NcEGB02uF0pI9w9Ra2
x0DYvXaCrhlsCSNjPMK1nP4yYqyDInE7TMLg5IKyoOrklWhJU6OKvRdeGY7n/E7J
FCr1HNSbGNuaDRzRguHiLBXzJgW6CZLDKQQPNoC3ATUpucHX5yj1FggzHsBLG0UW
ZhybGId4YXnQCIburgI63RkC9+K3hvK5VF0n+Jz5uqogukuGkcLagHhS/dIEQCsG
auSrlGWCUNcgTO1gD8wJYTqcShW4T+YRU6Jnkz/Bkjl4rvOkpGKeIBdqglNJAgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQUjka3/vrNPwu3QD9rz90YZetI70swHwYDVR0j
BBgwFoAU8dBXL+cpkb0yhUuscWZ269rSKs4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTMwZGU4NGItNDAwYS00ZmQxLWFiOGEtZTc2MTZlMjQ1
YjQ5LzAvRjFEMDU3MkZFNzI5OTFCRDMyODU0QkFDNzE2Njc2RUJEQUQyMkFDRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzhkQlhMLWNwa2IweWhVdXNjV1oyNjly
U0tzNC5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTMwZGU4NGIt
NDAwYS00ZmQxLWFiOGEtZTc2MTZlMjQ1YjQ5LzAvMzI2MTMxMzMzYTM5MzYzNDM0
M2EzNDMwMzAzMDNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDMyMzAzNDMyMzkzMS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw
DgQCAAIwCAMGACoTlkRAMA0GCSqGSIb3DQEBCwUAA4IBAQCWTJWsZIUloeKMZImb
6V9aoyk8Or5Vhv7oBQX2TdcgNJCkxsAZ6xHrzH9eSicJoJW0AQ5aVO4Lt9ls7riF
8ZT61wpCPs9HB6bBLvLkaeHAO+cjJBzMjBKkfNbIR8jrUzmlw5CDgCpnLbgfr2TS
r9eSNHaMKvNv3D5q/tQpYknz4Tf6n518UPHUevXBV42SYUqi3oSmp/Rv5g+HHbOn
xWQkcSWsIFtbi9u+uqCv//jCbaNAeIkLSXZuN1VHCzkss7pHYbSB0JaLU+anyi6y
YgELLPshB/ZLCZXtSFrO6+Ha9Wa7LbVYR+wgTlyPUmhe3kL+1j4p8zEMX8s1b/UZ
fIOR
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:01:37 2025 by rpki-client