Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563373a313130303a3a2f34302d3438203d3e20323135343337.roa
File: 326131343a316563373a313130303a3a2f34302d3438203d3e20323135343337.roa (raw, json)
Hash identifier: LSZWA34YwCO9D6JtWEG8LpUQ1o3Anb+MGXWPU43gT4A=
Subject key identifier: 19:DD:C0:AF:CE:F2:2A:76:80:DC:E1:5F:A5:41:CD:5B:F5:32:43:E2
Certificate issuer: /CN=3134ee987e08d8b5583feef621a03150c4f35434
Certificate serial: 44A32C96AD9663C3D9AF64E4195EDC261D18F266
Authority key identifier: 31:34:EE:98:7E:08:D8:B5:58:3F:EE:F6:21:A0:31:50:C4:F3:54:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563373a313130303a3a2f34302d3438203d3e20323135343337.roa
Signing time: Thu 29 May 2025 20:08:56 +0000
ROA not before: Thu 29 May 2025 20:03:56 +0000
ROA not after: Thu 28 May 2026 20:08:56 +0000
asID: 215437
IP address blocks: 2a14:1ec7:1100::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.crl
rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.mft
rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 09:17:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:a3:2c:96:ad:96:63:c3:d9:af:64:e4:19:5e:dc:26:1d:18:f2:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3134ee987e08d8b5583feef621a03150c4f35434
Validity
Not Before: May 29 20:03:56 2025 GMT
Not After : May 28 20:08:56 2026 GMT
Subject: CN=19DDC0AFCEF22A7680DCE15FA541CD5BF53243E2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:fc:4f:79:a9:74:b6:d6:83:c5:e4:a6:67:04:
70:e2:d3:10:73:54:ba:1f:d7:45:d1:54:59:e6:86:
26:af:d0:e0:ae:78:7e:ba:95:30:ad:d9:fc:a4:86:
1e:dc:43:4b:2b:b2:c5:86:38:8a:25:d8:33:70:17:
ce:a1:27:f8:1d:69:fb:fc:f6:28:b5:40:08:4d:a3:
a6:3f:a0:9d:92:6a:bc:b1:bd:1c:57:09:72:a0:4a:
a5:b6:4d:18:f4:db:b9:31:9f:85:8c:97:73:85:15:
6d:b6:97:cb:43:ec:e2:ed:98:4a:ae:83:a5:0a:e0:
f0:0e:07:08:73:74:87:a5:a1:c2:62:32:b4:0e:c2:
fb:b7:0c:4c:d0:12:11:16:c2:de:12:dd:15:04:2e:
6b:89:a7:c8:e2:ef:b7:38:a3:34:96:be:86:19:f9:
69:7f:0a:b1:0f:ec:7a:65:1d:02:55:04:78:7b:91:
43:8e:c3:a9:03:7a:b8:ff:5c:23:99:ba:ee:6b:b8:
73:a4:0b:bd:e4:b5:af:35:3d:f7:e0:20:97:62:a0:
d8:df:a6:92:e8:29:9c:d4:da:aa:0b:4f:b1:5d:16:
e4:87:b4:d8:45:ed:0d:a2:0d:10:3b:05:d4:de:be:
a4:77:e5:0b:3f:f0:e2:38:c2:77:2b:29:6b:45:d6:
6b:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:DD:C0:AF:CE:F2:2A:76:80:DC:E1:5F:A5:41:CD:5B:F5:32:43:E2
X509v3 Authority Key Identifier:
keyid:31:34:EE:98:7E:08:D8:B5:58:3F:EE:F6:21:A0:31:50:C4:F3:54:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563373a313130303a3a2f34302d3438203d3e20323135343337.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:1ec7:1100::/40
Signature Algorithm: sha256WithRSAEncryption
12:39:c6:9f:0b:96:bf:d6:f2:d7:57:80:8b:9c:7b:6c:4d:16:
02:ef:ab:18:c8:ad:49:50:3c:da:96:e1:4f:93:0d:54:27:a5:
cb:59:98:46:0c:71:29:5b:ea:a9:59:9c:13:3f:bd:2c:40:84:
c7:0f:0a:72:88:4f:b1:c1:80:d0:fc:48:ec:6a:cb:51:e8:5d:
29:98:72:ee:1e:88:30:db:ae:04:ec:b0:a5:8c:ba:a7:02:c9:
e3:05:7d:26:e9:c7:93:8c:1d:ce:3e:07:76:ca:bc:6d:72:b0:
fc:65:d4:bb:37:ca:f1:84:ea:34:f8:8c:0e:9d:f5:66:26:3e:
34:13:5e:c9:eb:77:ee:13:34:6b:94:97:47:e4:b4:bd:1a:1e:
e1:36:37:a0:cb:51:9f:0d:7a:2e:72:db:cd:38:b5:92:ba:63:
13:d5:72:ba:eb:87:e0:b6:08:81:bb:23:9d:bb:24:73:63:5e:
b9:1c:6c:f4:07:69:5e:81:82:56:a6:d6:d6:26:7b:1e:5a:2d:
ff:13:b7:53:0d:d6:20:99:07:3e:04:40:e1:2b:e6:9d:76:87:
76:98:44:6d:37:11:ac:db:ea:46:d4:4b:a6:49:a6:f8:6b:44:
da:97:98:72:33:e3:7b:2a:e9:a4:3b:48:c8:de:1b:78:f0:f0:
0d:cc:0b:10
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIURKMslq2WY8PZr2TkGV7cJh0Y8mYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzEzNGVlOTg3ZTA4ZDhiNTU4M2ZlZWY2MjFhMDMxNTBj
NGYzNTQzNDAeFw0yNTA1MjkyMDAzNTZaFw0yNjA1MjgyMDA4NTZaMDMxMTAvBgNV
BAMTKDE5RERDMEFGQ0VGMjJBNzY4MERDRTE1RkE1NDFDRDVCRjUzMjQzRTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCO/E95qXS21oPF5KZnBHDi0xBz
VLof10XRVFnmhiav0OCueH66lTCt2fykhh7cQ0srssWGOIol2DNwF86hJ/gdafv8
9ii1QAhNo6Y/oJ2SaryxvRxXCXKgSqW2TRj027kxn4WMl3OFFW22l8tD7OLtmEqu
g6UK4PAOBwhzdIelocJiMrQOwvu3DEzQEhEWwt4S3RUELmuJp8ji77c4ozSWvoYZ
+Wl/CrEP7HplHQJVBHh7kUOOw6kDerj/XCOZuu5ruHOkC73kta81PffgIJdioNjf
ppLoKZzU2qoLT7FdFuSHtNhF7Q2iDRA7BdTevqR35Qs/8OI4wncrKWtF1mv3AgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQUGd3Ar87yKnaA3OFfpUHNW/UyQ+IwHwYDVR0j
BBgwFoAUMTTumH4I2LVYP+72IaAxUMTzVDQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWEzYmI5M2YtOThhNC00YzdlLWEwZTEtODA1N2E0ZjA4
NmM5LzAvMzEzNEVFOTg3RTA4RDhCNTU4M0ZFRUY2MjFBMDMxNTBDNEYzNTQzNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL01UVHVtSDRJMkxWWVAtNzJJYUF4VU1U
elZEUS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWEzYmI5M2Yt
OThhNC00YzdlLWEwZTEtODA1N2E0ZjA4NmM5LzAvMzI2MTMxMzQzYTMxNjU2MzM3
M2EzMTMxMzAzMDNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDMyMzEzNTM0MzMzNy5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw
DgQCAAIwCAMGACoUHscRMA0GCSqGSIb3DQEBCwUAA4IBAQASOcafC5a/1vLXV4CL
nHtsTRYC76sYyK1JUDzaluFPkw1UJ6XLWZhGDHEpW+qpWZwTP70sQITHDwpyiE+x
wYDQ/EjsastR6F0pmHLuHogw264E7LCljLqnAsnjBX0m6ceTjB3OPgd2yrxtcrD8
ZdS7N8rxhOo0+IwOnfVmJj40E17J63fuEzRrlJdH5LS9Gh7hNjegy1GfDXouctvN
OLWSumMT1XK664fgtgiBuyOduyRzY165HGz0B2legYJWptbWJnseWi3/E7dTDdYg
mQc+BEDhK+addod2mERtNxGs2+pG1EumSab4a0Tal5hyM+N7KumkO0jI3ht48PAN
zAsQ
-----END CERTIFICATE-----
Generated at Fri Jun 6 23:22:18 2025 by rpki-client