Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563373a666666633a3a2f34382d3438203d3e20323136333339.roa
File: 326131343a316563373a666666633a3a2f34382d3438203d3e20323136333339.roa (raw, json)
Hash identifier: Xpu7YHsE9Uu/Z34+AM32q6wFmIndeEkcOzm4kV29gZU=
Subject key identifier: 11:42:AC:33:3F:7E:D7:2D:C7:9B:64:48:61:03:FD:78:3F:DC:AF:BE
Certificate issuer: /CN=3134ee987e08d8b5583feef621a03150c4f35434
Certificate serial: 2190DE51F1E76587B82043AFA8330CF6D9E385F6
Authority key identifier: 31:34:EE:98:7E:08:D8:B5:58:3F:EE:F6:21:A0:31:50:C4:F3:54:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563373a666666633a3a2f34382d3438203d3e20323136333339.roa
Signing time: Sun 02 Mar 2025 16:55:27 +0000
ROA not before: Sun 02 Mar 2025 16:50:27 +0000
ROA not after: Sun 01 Mar 2026 16:55:27 +0000
asID: 216339
IP address blocks: 2a14:1ec7:fffc::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.crl
rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.mft
rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 09:35:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:90:de:51:f1:e7:65:87:b8:20:43:af:a8:33:0c:f6:d9:e3:85:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3134ee987e08d8b5583feef621a03150c4f35434
Validity
Not Before: Mar 2 16:50:27 2025 GMT
Not After : Mar 1 16:55:27 2026 GMT
Subject: CN=1142AC333F7ED72DC79B64486103FD783FDCAFBE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:53:76:d7:bb:1f:d9:36:a6:5d:99:50:ac:aa:
ea:ca:34:aa:f6:17:3f:78:cf:30:ae:3e:38:d3:8d:
ae:ee:41:dc:dc:f0:3a:b1:c0:fe:94:44:02:6b:02:
cd:2b:ac:12:a3:a8:76:2f:5d:91:79:bf:56:1d:98:
a5:b4:2c:a6:65:83:fb:b8:90:72:fb:0c:6b:e1:0c:
20:2c:77:a2:02:e1:28:57:b0:85:ec:d1:1b:6c:5b:
9d:9d:93:23:58:d6:9d:a7:e2:af:c4:38:2a:23:0e:
d4:cd:5d:58:11:7f:3a:d6:cd:f0:90:aa:f7:cb:bc:
08:14:d3:19:88:7c:02:ae:e8:eb:84:15:b8:27:83:
bb:f3:21:96:63:31:6c:33:2d:9c:1f:58:27:f2:97:
3b:15:a4:e0:1e:d9:2f:85:06:e9:2e:47:a4:59:17:
86:2f:f5:7a:96:3b:53:7f:e7:42:8e:e6:3a:c9:15:
f0:e0:de:2c:a7:44:03:b4:73:77:a8:f5:8d:c8:66:
5c:3e:5b:98:e2:3d:cb:af:59:b7:90:00:14:79:8d:
93:f5:2d:97:df:04:8c:89:8f:01:40:04:6c:ed:cb:
09:70:c1:1e:a8:f0:01:22:ae:39:fc:91:3c:9d:49:
98:e6:c2:26:3b:53:7c:62:23:f5:c8:3f:b5:4f:ec:
0a:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:42:AC:33:3F:7E:D7:2D:C7:9B:64:48:61:03:FD:78:3F:DC:AF:BE
X509v3 Authority Key Identifier:
keyid:31:34:EE:98:7E:08:D8:B5:58:3F:EE:F6:21:A0:31:50:C4:F3:54:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563373a666666633a3a2f34382d3438203d3e20323136333339.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:1ec7:fffc::/48
Signature Algorithm: sha256WithRSAEncryption
33:93:46:ed:22:8b:c5:3f:23:cd:b2:92:b8:4b:eb:45:12:8a:
7d:77:56:75:e5:ca:c5:f8:79:0b:bc:66:77:71:3d:7a:c2:2f:
d3:71:46:7c:eb:e3:cb:20:77:f9:d2:6a:7c:ba:51:01:28:11:
4c:1a:97:a0:b2:22:cf:1e:14:20:92:ab:86:e8:ad:7c:0b:b0:
7e:84:8d:07:6a:6c:01:59:3d:e3:d7:e8:e2:6f:f3:9b:ca:90:
87:e9:20:23:23:97:c7:c3:55:e4:b2:d9:d1:47:ee:f5:8e:4c:
62:5b:9b:e6:a5:c4:c1:b4:24:b6:a8:b2:cb:19:44:a3:8d:89:
e7:20:8e:6c:03:43:84:03:38:d2:fd:c3:78:bc:e1:ff:b1:63:
32:5a:40:fe:1d:c2:17:05:91:83:cb:99:8a:09:3d:fe:70:38:
50:0a:96:61:79:58:fc:2a:ae:4a:05:e5:9a:3a:ac:48:24:d1:
76:9c:27:0f:bb:0d:24:2a:94:4a:40:59:d6:7b:0f:35:f0:82:
ad:45:7d:ea:a0:7b:4a:94:c3:32:66:a6:68:ec:00:77:5a:ad:
0f:2b:20:06:2b:62:c5:7c:ba:4a:89:0b:40:1f:65:9d:c7:38:
68:97:3a:58:4d:88:cc:f4:39:2f:08:d5:ee:7a:e0:38:70:8a:
b8:30:f6:fb
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUIZDeUfHnZYe4IEOvqDMM9tnjhfYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzEzNGVlOTg3ZTA4ZDhiNTU4M2ZlZWY2MjFhMDMxNTBj
NGYzNTQzNDAeFw0yNTAzMDIxNjUwMjdaFw0yNjAzMDExNjU1MjdaMDMxMTAvBgNV
BAMTKDExNDJBQzMzM0Y3RUQ3MkRDNzlCNjQ0ODYxMDNGRDc4M0ZEQ0FGQkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD5U3bXux/ZNqZdmVCsqurKNKr2
Fz94zzCuPjjTja7uQdzc8DqxwP6URAJrAs0rrBKjqHYvXZF5v1YdmKW0LKZlg/u4
kHL7DGvhDCAsd6IC4ShXsIXs0RtsW52dkyNY1p2n4q/EOCojDtTNXVgRfzrWzfCQ
qvfLvAgU0xmIfAKu6OuEFbgng7vzIZZjMWwzLZwfWCfylzsVpOAe2S+FBukuR6RZ
F4Yv9XqWO1N/50KO5jrJFfDg3iynRAO0c3eo9Y3IZlw+W5jiPcuvWbeQABR5jZP1
LZffBIyJjwFABGztywlwwR6o8AEirjn8kTydSZjmwiY7U3xiI/XIP7VP7AoRAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUEUKsMz9+1y3Hm2RIYQP9eD/cr74wHwYDVR0j
BBgwFoAUMTTumH4I2LVYP+72IaAxUMTzVDQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWEzYmI5M2YtOThhNC00YzdlLWEwZTEtODA1N2E0ZjA4
NmM5LzAvMzEzNEVFOTg3RTA4RDhCNTU4M0ZFRUY2MjFBMDMxNTBDNEYzNTQzNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL01UVHVtSDRJMkxWWVAtNzJJYUF4VU1U
elZEUS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWEzYmI5M2Yt
OThhNC00YzdlLWEwZTEtODA1N2E0ZjA4NmM5LzAvMzI2MTMxMzQzYTMxNjU2MzM3
M2E2NjY2NjY2MzNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzNjMzMzMzOS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoUHsf//DANBgkqhkiG9w0BAQsFAAOCAQEAM5NG7SKLxT8jzbKS
uEvrRRKKfXdWdeXKxfh5C7xmd3E9esIv03FGfOvjyyB3+dJqfLpRASgRTBqXoLIi
zx4UIJKrhuitfAuwfoSNB2psAVk949fo4m/zm8qQh+kgIyOXx8NV5LLZ0Ufu9Y5M
Ylub5qXEwbQktqiyyxlEo42J5yCObANDhAM40v3DeLzh/7FjMlpA/h3CFwWRg8uZ
igk9/nA4UAqWYXlY/CquSgXlmjqsSCTRdpwnD7sNJCqUSkBZ1nsPNfCCrUV96qB7
SpTDMmamaOwAd1qtDysgBitixXy6SokLQB9lncc4aJc6WE2IzPQ5LwjV7nrgOHCK
uDD2+w==
-----END CERTIFICATE-----
Generated at Tue Apr 8 17:09:27 2025 by rpki-client