Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563373a313030303a3a2f34302d3438203d3e20323134343831.roa
File: 326131343a316563373a313030303a3a2f34302d3438203d3e20323134343831.roa (raw, json)
Hash identifier: CppBrqeBXEhxAuEI9ntzVVwbRJmv6j6O1BcpTNGKwGk=
Subject key identifier: 01:5E:39:70:BE:52:63:7A:C1:DA:FC:17:23:85:8D:8E:DD:F6:64:C2
Certificate issuer: /CN=3134ee987e08d8b5583feef621a03150c4f35434
Certificate serial: 7448EC5B021A7605D8EBD16DE6B1AFC8F69A1540
Authority key identifier: 31:34:EE:98:7E:08:D8:B5:58:3F:EE:F6:21:A0:31:50:C4:F3:54:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563373a313030303a3a2f34302d3438203d3e20323134343831.roa
Signing time: Sun 05 Jan 2025 15:38:46 +0000
ROA not before: Sun 05 Jan 2025 15:33:46 +0000
ROA not after: Sun 04 Jan 2026 15:38:46 +0000
asID: 214481
IP address blocks: 2a14:1ec7:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.crl
rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.mft
rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 01:31:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:48:ec:5b:02:1a:76:05:d8:eb:d1:6d:e6:b1:af:c8:f6:9a:15:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3134ee987e08d8b5583feef621a03150c4f35434
Validity
Not Before: Jan 5 15:33:46 2025 GMT
Not After : Jan 4 15:38:46 2026 GMT
Subject: CN=015E3970BE52637AC1DAFC1723858D8EDDF664C2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:20:f9:2c:f3:91:36:e0:88:2d:54:e9:d0:f3:
90:5d:52:2f:25:39:f5:5f:36:65:7c:41:d8:83:02:
ca:de:e7:5e:e2:21:3b:e2:ea:15:d6:62:39:7c:5d:
aa:4a:bc:d3:de:04:77:f5:9c:b1:53:0e:85:97:29:
51:01:d7:42:df:74:90:54:d0:a7:ae:0f:2d:c0:77:
62:2d:45:3e:15:d6:07:6b:e6:5b:8f:b4:3c:78:c7:
48:20:e3:61:b2:9f:ed:9b:e1:41:34:6c:5f:93:b4:
d9:a6:8c:82:4b:cf:c7:b7:97:ae:e0:88:f2:e8:56:
d1:78:9b:29:c6:00:af:5c:75:5c:7a:88:88:2b:d1:
87:be:cd:c8:46:93:c3:cd:6f:e9:23:e9:cb:9c:3c:
a8:b3:f5:5a:83:9b:11:d3:15:8b:cd:d0:55:39:2f:
30:cf:e4:e8:01:78:af:d0:b8:9f:7e:03:a1:3c:99:
0b:bd:90:ce:23:0b:46:5d:18:63:aa:ed:34:27:13:
2a:a7:ef:25:36:14:7a:9e:c4:dc:01:82:7d:6e:a3:
ba:c7:dd:63:6a:d1:69:a8:96:81:6b:08:c7:c4:21:
20:97:92:73:0a:89:01:db:cf:f5:2d:1d:03:92:5b:
16:28:a9:7b:8d:9e:70:44:b2:f5:50:49:e4:ec:03:
29:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:5E:39:70:BE:52:63:7A:C1:DA:FC:17:23:85:8D:8E:DD:F6:64:C2
X509v3 Authority Key Identifier:
keyid:31:34:EE:98:7E:08:D8:B5:58:3F:EE:F6:21:A0:31:50:C4:F3:54:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563373a313030303a3a2f34302d3438203d3e20323134343831.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:1ec7:1000::/40
Signature Algorithm: sha256WithRSAEncryption
a2:55:8e:a9:a5:f7:bb:d9:ae:34:cf:c5:b3:2d:25:73:e7:9a:
56:cd:9a:15:41:cb:47:a0:89:50:8f:9d:44:08:91:80:e1:2b:
cb:cc:69:22:95:0f:4d:aa:65:d4:7d:c1:94:cb:cf:06:0e:ad:
64:da:f4:62:ea:a5:49:ef:63:bd:34:ba:d6:37:c3:b5:43:ca:
cf:c9:c5:c9:d2:f8:01:fd:a9:d8:7e:3e:d5:a2:e6:ee:82:3a:
4b:ab:86:ae:94:e6:a2:df:c2:bd:d5:b3:65:d4:93:e2:67:62:
12:00:79:3a:1b:fb:8e:8c:d8:b4:24:61:10:86:51:f3:13:ad:
ec:c9:72:21:96:f5:c8:95:0a:27:1a:73:49:a3:f3:4d:b3:6b:
4c:b4:17:8f:e6:ab:20:21:39:7c:09:71:13:42:db:ee:5e:e0:
ca:eb:49:ec:da:09:82:ea:86:aa:bd:71:26:ae:bb:30:d0:f1:
0a:6f:9a:5e:d6:8d:2e:d5:09:be:d8:8b:f5:34:49:28:41:e1:
ef:bc:90:58:70:7b:e7:26:85:b4:6a:cb:72:7b:9e:16:1e:08:
25:ee:87:87:f2:04:eb:5c:f0:cd:35:07:d9:b7:03:65:15:ae:
9e:76:e0:ad:c6:39:86:c1:76:79:d6:a7:ba:b5:98:6f:d9:12:
34:47:39:0a
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIUdEjsWwIadgXY69Ft5rGvyPaaFUAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzEzNGVlOTg3ZTA4ZDhiNTU4M2ZlZWY2MjFhMDMxNTBj
NGYzNTQzNDAeFw0yNTAxMDUxNTMzNDZaFw0yNjAxMDQxNTM4NDZaMDMxMTAvBgNV
BAMTKDAxNUUzOTcwQkU1MjYzN0FDMURBRkMxNzIzODU4RDhFRERGNjY0QzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyIPks85E24IgtVOnQ85BdUi8l
OfVfNmV8QdiDAsre517iITvi6hXWYjl8XapKvNPeBHf1nLFTDoWXKVEB10LfdJBU
0KeuDy3Ad2ItRT4V1gdr5luPtDx4x0gg42Gyn+2b4UE0bF+TtNmmjIJLz8e3l67g
iPLoVtF4mynGAK9cdVx6iIgr0Ye+zchGk8PNb+kj6cucPKiz9VqDmxHTFYvN0FU5
LzDP5OgBeK/QuJ9+A6E8mQu9kM4jC0ZdGGOq7TQnEyqn7yU2FHqexNwBgn1uo7rH
3WNq0WmoloFrCMfEISCXknMKiQHbz/UtHQOSWxYoqXuNnnBEsvVQSeTsAyljAgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQUAV45cL5SY3rB2vwXI4WNjt32ZMIwHwYDVR0j
BBgwFoAUMTTumH4I2LVYP+72IaAxUMTzVDQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWEzYmI5M2YtOThhNC00YzdlLWEwZTEtODA1N2E0ZjA4
NmM5LzAvMzEzNEVFOTg3RTA4RDhCNTU4M0ZFRUY2MjFBMDMxNTBDNEYzNTQzNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL01UVHVtSDRJMkxWWVAtNzJJYUF4VU1U
elZEUS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWEzYmI5M2Yt
OThhNC00YzdlLWEwZTEtODA1N2E0ZjA4NmM5LzAvMzI2MTMxMzQzYTMxNjU2MzM3
M2EzMTMwMzAzMDNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDMyMzEzNDM0MzgzMS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw
DgQCAAIwCAMGACoUHscQMA0GCSqGSIb3DQEBCwUAA4IBAQCiVY6ppfe72a40z8Wz
LSVz55pWzZoVQctHoIlQj51ECJGA4SvLzGkilQ9NqmXUfcGUy88GDq1k2vRi6qVJ
72O9NLrWN8O1Q8rPycXJ0vgB/anYfj7VoubugjpLq4aulOai38K91bNl1JPiZ2IS
AHk6G/uOjNi0JGEQhlHzE63syXIhlvXIlQonGnNJo/NNs2tMtBeP5qsgITl8CXET
QtvuXuDK60ns2gmC6oaqvXEmrrsw0PEKb5pe1o0u1Qm+2Iv1NEkoQeHvvJBYcHvn
JoW0astye54WHggl7oeH8gTrXPDNNQfZtwNlFa6eduCtxjmGwXZ51qe6tZhv2RI0
RzkK
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:21:55 2025 by rpki-client