Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/326130653a666434353a326366303a3a2f34382d3438203d3e20323032383535.roa
File: 326130653a666434353a326366303a3a2f34382d3438203d3e20323032383535.roa (raw, json)
Hash identifier: lpEMU1X1JLSHAOWUFG4frUPhBZsu7LhlBnijuGC43xs=
Subject key identifier: A0:45:79:BB:B6:A4:F6:00:96:BF:43:19:69:19:29:1C:2A:A7:E5:5E
Certificate issuer: /CN=7f216f49a3b9a84a0e85e80a2c42874f09ea3985
Certificate serial: 50289193D80807C15FB9AE8777B603184F2D8110
Authority key identifier: 7F:21:6F:49:A3:B9:A8:4A:0E:85:E8:0A:2C:42:87:4F:09:EA:39:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fyFvSaO5qEoOhegKLEKHTwnqOYU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/326130653a666434353a326366303a3a2f34382d3438203d3e20323032383535.roa
Signing time: Sat 07 Jun 2025 08:13:24 +0000
ROA not before: Sat 07 Jun 2025 08:08:24 +0000
ROA not after: Sat 06 Jun 2026 08:13:24 +0000
asID: 202855
IP address blocks: 2a0e:fd45:2cf0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.crl
rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.mft
rsync://rpki.ripe.net/repository/DEFAULT/fyFvSaO5qEoOhegKLEKHTwnqOYU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 03:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:28:91:93:d8:08:07:c1:5f:b9:ae:87:77:b6:03:18:4f:2d:81:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7f216f49a3b9a84a0e85e80a2c42874f09ea3985
Validity
Not Before: Jun 7 08:08:24 2025 GMT
Not After : Jun 6 08:13:24 2026 GMT
Subject: CN=A04579BBB6A4F60096BF43196919291C2AA7E55E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:6c:fe:9a:2e:00:d9:54:58:05:38:3f:1a:7f:
14:4c:7f:d4:6b:5d:79:b0:2e:73:80:d3:4e:e9:8d:
4c:3c:36:40:bb:ad:8d:ae:ba:16:1e:da:04:15:e3:
29:3c:80:95:bf:df:1c:1f:2e:90:ad:90:58:11:62:
31:50:94:be:fc:ba:ad:a4:14:6c:b8:51:0d:84:09:
51:dc:00:d4:20:6e:2b:36:cc:b5:06:ef:81:53:f8:
c1:7b:a6:88:b4:bd:11:fb:49:4f:b4:07:1b:e1:da:
45:c5:3c:80:b8:d2:fe:e9:67:2a:ed:b2:da:8b:f5:
8b:59:65:dd:29:e0:b6:8f:bb:c9:ad:35:40:b9:a8:
41:43:82:0e:30:eb:f3:13:45:aa:8a:f4:18:ad:ef:
82:20:57:d2:8a:5a:49:60:f5:6d:58:57:ba:57:8c:
ac:4d:c6:80:05:ee:1f:bb:95:97:9e:4b:c0:7e:de:
05:74:bf:24:66:f6:63:94:8e:93:02:b9:47:10:d6:
f1:10:8a:7a:f3:ef:19:07:df:c0:d3:70:65:49:24:
4f:9f:6e:d9:dd:1b:b8:a1:71:41:78:58:ec:cf:60:
37:59:b9:21:9b:1e:d1:91:f6:fe:e5:ea:1d:87:8b:
4b:7d:b5:f8:32:c9:3d:c2:c3:6f:77:c9:61:3c:5d:
2d:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:45:79:BB:B6:A4:F6:00:96:BF:43:19:69:19:29:1C:2A:A7:E5:5E
X509v3 Authority Key Identifier:
keyid:7F:21:6F:49:A3:B9:A8:4A:0E:85:E8:0A:2C:42:87:4F:09:EA:39:85
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fyFvSaO5qEoOhegKLEKHTwnqOYU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/326130653a666434353a326366303a3a2f34382d3438203d3e20323032383535.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:fd45:2cf0::/48
Signature Algorithm: sha256WithRSAEncryption
5c:1c:ee:3f:80:c1:e6:72:76:ff:66:b6:fc:f7:08:1d:6d:dc:
39:bf:b0:3b:27:58:ef:b1:62:5f:c6:2e:05:f8:96:ab:b5:a6:
b4:76:c7:38:2c:59:90:9c:ef:d1:a0:05:48:f5:3b:ed:da:28:
2a:04:7e:9b:d5:56:87:74:82:31:24:94:3e:34:a4:db:26:0a:
9a:97:03:64:87:2f:f3:2e:60:63:c5:4a:96:f2:f1:d3:b2:6e:
09:59:69:3a:bb:85:05:06:08:32:80:d2:76:26:3d:67:fa:b5:
c1:1a:22:18:a4:2a:b9:80:c8:8e:00:1e:b0:71:7d:18:73:3e:
b4:6a:81:51:c9:cb:41:f5:c7:4e:56:73:7a:88:e3:c2:bb:8a:
7c:1b:d4:ee:42:4c:66:09:fc:9e:1a:5f:8d:4e:66:b5:8d:64:
fa:16:30:8d:b4:04:3f:b2:41:54:33:2c:0d:a7:34:e8:37:d0:
dd:a3:03:0c:5a:76:ad:88:ee:e4:58:f1:e9:88:ef:ad:7e:93:
f5:e6:f3:d4:1b:41:a3:74:a7:a3:ab:a1:c1:5a:72:12:05:42:
49:bb:35:af:7b:61:12:45:c5:45:dc:85:29:06:df:63:0a:b8:
ea:58:ff:d1:f9:b7:a3:eb:b5:22:be:16:01:d0:b0:62:1f:22:
97:9d:fe:0a
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUUCiRk9gIB8Ffua6Hd7YDGE8tgRAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2YyMTZmNDlhM2I5YTg0YTBlODVlODBhMmM0Mjg3NGYw
OWVhMzk4NTAeFw0yNTA2MDcwODA4MjRaFw0yNjA2MDYwODEzMjRaMDMxMTAvBgNV
BAMTKEEwNDU3OUJCQjZBNEY2MDA5NkJGNDMxOTY5MTkyOTFDMkFBN0U1NUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWbP6aLgDZVFgFOD8afxRMf9Rr
XXmwLnOA007pjUw8NkC7rY2uuhYe2gQV4yk8gJW/3xwfLpCtkFgRYjFQlL78uq2k
FGy4UQ2ECVHcANQgbis2zLUG74FT+MF7poi0vRH7SU+0Bxvh2kXFPIC40v7pZyrt
stqL9YtZZd0p4LaPu8mtNUC5qEFDgg4w6/MTRaqK9Bit74IgV9KKWklg9W1YV7pX
jKxNxoAF7h+7lZeeS8B+3gV0vyRm9mOUjpMCuUcQ1vEQinrz7xkH38DTcGVJJE+f
btndG7ihcUF4WOzPYDdZuSGbHtGR9v7l6h2Hi0t9tfgyyT3Cw293yWE8XS29AgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUoEV5u7ak9gCWv0MZaRkpHCqn5V4wHwYDVR0j
BBgwFoAUfyFvSaO5qEoOhegKLEKHTwnqOYUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmRmYjMwY2EtZTFjMi00OTIxLWIwNTQtZDRhZjA5MTY1
YWYxLzAvN0YyMTZGNDlBM0I5QTg0QTBFODVFODBBMkM0Mjg3NEYwOUVBMzk4NS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Z5RnZTYU81cUVvT2hlZ0tMRUtIVHdu
cU9ZVS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmRmYjMwY2Et
ZTFjMi00OTIxLWIwNTQtZDRhZjA5MTY1YWYxLzAvMzI2MTMwNjUzYTY2NjQzNDM1
M2EzMjYzNjYzMDNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAzMjM4MzUzNS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoO/UUs8DANBgkqhkiG9w0BAQsFAAOCAQEAXBzuP4DB5nJ2/2a2
/PcIHW3cOb+wOydY77FiX8YuBfiWq7WmtHbHOCxZkJzv0aAFSPU77dooKgR+m9VW
h3SCMSSUPjSk2yYKmpcDZIcv8y5gY8VKlvLx07JuCVlpOruFBQYIMoDSdiY9Z/q1
wRoiGKQquYDIjgAesHF9GHM+tGqBUcnLQfXHTlZzeojjwruKfBvU7kJMZgn8nhpf
jU5mtY1k+hYwjbQEP7JBVDMsDac06DfQ3aMDDFp2rYju5Fjx6YjvrX6T9ebz1BtB
o3Sno6uhwVpyEgVCSbs1r3thEkXFRdyFKQbfYwq46lj/0fm3o+u1Ir4WAdCwYh8i
l53+Cg==
-----END CERTIFICATE-----
Generated at Sun Jun 8 07:35:48 2025 by rpki-client