Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563373a666530303a3a2f34302d3438203d3e20323135343637.roa
File: 326131343a316563373a666530303a3a2f34302d3438203d3e20323135343637.roa (raw, json)
Hash identifier: 8asU86WRYRMPRuHXiCGWb31YsN6wlyGCHOUyjPq08QE=
Subject key identifier: 95:7B:70:C4:20:F6:89:56:D8:D7:C8:08:5D:74:B0:BA:38:A0:7D:48
Certificate issuer: /CN=3134ee987e08d8b5583feef621a03150c4f35434
Certificate serial: 1BFDFA6916601DD4F814CD4A20C9561CA511AF69
Authority key identifier: 31:34:EE:98:7E:08:D8:B5:58:3F:EE:F6:21:A0:31:50:C4:F3:54:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563373a666530303a3a2f34302d3438203d3e20323135343637.roa
Signing time: Wed 14 May 2025 10:20:01 +0000
ROA not before: Wed 14 May 2025 10:15:01 +0000
ROA not after: Wed 13 May 2026 10:20:01 +0000
asID: 215467
IP address blocks: 2a14:1ec7:fe00::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.crl
rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.mft
rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 22:50:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:fd:fa:69:16:60:1d:d4:f8:14:cd:4a:20:c9:56:1c:a5:11:af:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3134ee987e08d8b5583feef621a03150c4f35434
Validity
Not Before: May 14 10:15:01 2025 GMT
Not After : May 13 10:20:01 2026 GMT
Subject: CN=957B70C420F68956D8D7C8085D74B0BA38A07D48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:b8:92:b2:bf:9e:34:bf:87:43:9f:65:b5:7e:
0a:5d:a0:e1:04:05:87:cf:70:b5:2e:85:6d:3c:b0:
82:4a:00:d0:78:d3:fc:e5:55:aa:c3:23:a7:93:9d:
70:19:3c:82:77:7c:b1:46:87:a5:20:00:f5:fc:33:
50:33:80:4b:06:f8:3a:a6:06:a1:83:e1:bf:40:0e:
02:7b:27:70:fb:04:75:60:d5:47:58:88:68:ab:73:
99:3c:96:68:b4:54:67:7c:62:7b:3c:df:ce:5e:89:
20:1e:9a:92:08:d1:86:34:f7:0c:e2:d6:55:60:34:
48:f1:c0:07:4e:aa:db:e4:df:e0:fd:b5:09:2c:31:
88:4a:1f:e0:db:cb:89:ba:66:51:8b:68:94:15:ed:
a8:e9:2e:39:c5:a9:8e:98:62:dc:29:30:03:8f:13:
52:94:01:9b:09:27:6d:54:88:93:4a:05:0d:d2:75:
82:f6:ac:36:bd:65:96:53:de:f8:f7:cb:da:83:d8:
f7:9d:09:0c:72:1f:e3:8d:e6:07:91:c7:83:02:9b:
17:fa:c8:ba:09:d5:4a:a5:e7:df:68:a3:a0:01:57:
47:a1:bd:10:f0:bf:46:d6:14:36:bd:93:52:9f:27:
48:2d:71:34:85:09:0f:f2:62:f8:e0:dd:a3:f0:c4:
07:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:7B:70:C4:20:F6:89:56:D8:D7:C8:08:5D:74:B0:BA:38:A0:7D:48
X509v3 Authority Key Identifier:
keyid:31:34:EE:98:7E:08:D8:B5:58:3F:EE:F6:21:A0:31:50:C4:F3:54:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563373a666530303a3a2f34302d3438203d3e20323135343637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:1ec7:fe00::/40
Signature Algorithm: sha256WithRSAEncryption
13:9f:c0:7f:8e:10:8b:40:e6:fc:ad:68:37:13:0d:d1:f9:83:
88:c6:c7:4b:dc:93:96:14:18:df:15:89:75:f6:dd:a1:f9:7c:
2b:7d:3c:3c:25:80:f8:eb:f5:35:be:1a:9b:d9:0d:78:e2:6d:
b3:32:32:34:06:46:50:33:ee:c0:7a:7f:ee:43:39:1a:cf:6f:
c6:7c:86:61:5a:43:3f:40:30:86:71:0c:dd:22:5e:0d:18:f0:
b3:75:77:fc:0c:d8:f2:d5:b2:f5:71:8d:02:7f:52:74:34:81:
74:cd:8e:94:cf:da:fe:7a:9e:ee:92:47:dc:14:87:86:70:cc:
7d:49:b5:47:59:94:38:fb:73:35:44:52:ef:7c:23:f2:76:91:
6d:4f:58:7d:15:9f:be:c1:c7:0b:38:9a:88:09:84:01:57:d6:
0c:50:fd:97:99:50:c9:3a:a7:f0:90:a3:4c:b9:65:79:cc:ef:
1f:f1:29:52:89:5e:03:f4:23:a0:52:30:c5:8e:8a:9f:28:96:
e5:99:0c:b7:63:da:da:31:df:71:cc:58:ba:c8:74:ab:54:d7:
cb:63:a1:29:cf:80:28:1c:5a:f4:a2:12:e3:6a:26:21:53:74:
59:36:77:3a:de:92:3b:4e:36:2b:03:f0:ce:98:48:c7:63:73:
1a:3d:3d:06
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIUG/36aRZgHdT4FM1KIMlWHKURr2kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzEzNGVlOTg3ZTA4ZDhiNTU4M2ZlZWY2MjFhMDMxNTBj
NGYzNTQzNDAeFw0yNTA1MTQxMDE1MDFaFw0yNjA1MTMxMDIwMDFaMDMxMTAvBgNV
BAMTKDk1N0I3MEM0MjBGNjg5NTZEOEQ3QzgwODVENzRCMEJBMzhBMDdENDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCKuJKyv540v4dDn2W1fgpdoOEE
BYfPcLUuhW08sIJKANB40/zlVarDI6eTnXAZPIJ3fLFGh6UgAPX8M1AzgEsG+Dqm
BqGD4b9ADgJ7J3D7BHVg1UdYiGirc5k8lmi0VGd8Yns8385eiSAempII0YY09wzi
1lVgNEjxwAdOqtvk3+D9tQksMYhKH+Dby4m6ZlGLaJQV7ajpLjnFqY6YYtwpMAOP
E1KUAZsJJ21UiJNKBQ3SdYL2rDa9ZZZT3vj3y9qD2PedCQxyH+ON5geRx4MCmxf6
yLoJ1Uql599oo6ABV0ehvRDwv0bWFDa9k1KfJ0gtcTSFCQ/yYvjg3aPwxAcVAgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQUlXtwxCD2iVbY18gIXXSwujigfUgwHwYDVR0j
BBgwFoAUMTTumH4I2LVYP+72IaAxUMTzVDQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWEzYmI5M2YtOThhNC00YzdlLWEwZTEtODA1N2E0ZjA4
NmM5LzAvMzEzNEVFOTg3RTA4RDhCNTU4M0ZFRUY2MjFBMDMxNTBDNEYzNTQzNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL01UVHVtSDRJMkxWWVAtNzJJYUF4VU1U
elZEUS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWEzYmI5M2Yt
OThhNC00YzdlLWEwZTEtODA1N2E0ZjA4NmM5LzAvMzI2MTMxMzQzYTMxNjU2MzM3
M2E2NjY1MzAzMDNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDMyMzEzNTM0MzYzNy5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw
DgQCAAIwCAMGACoUHsf+MA0GCSqGSIb3DQEBCwUAA4IBAQATn8B/jhCLQOb8rWg3
Ew3R+YOIxsdL3JOWFBjfFYl19t2h+XwrfTw8JYD46/U1vhqb2Q144m2zMjI0BkZQ
M+7Aen/uQzkaz2/GfIZhWkM/QDCGcQzdIl4NGPCzdXf8DNjy1bL1cY0Cf1J0NIF0
zY6Uz9r+ep7ukkfcFIeGcMx9SbVHWZQ4+3M1RFLvfCPydpFtT1h9FZ++wccLOJqI
CYQBV9YMUP2XmVDJOqfwkKNMuWV5zO8f8SlSiV4D9COgUjDFjoqfKJblmQy3Y9ra
Md9xzFi6yHSrVNfLY6Epz4AoHFr0ohLjaiYhU3RZNnc63pI7TjYrA/DOmEjHY3Ma
PT0G
-----END CERTIFICATE-----
Generated at Sat Jun 7 03:59:52 2025 by rpki-client