Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/326130653a666434353a326630303a3a2f34382d3438203d3e20323132393636.roa
File: 326130653a666434353a326630303a3a2f34382d3438203d3e20323132393636.roa (raw, json)
Hash identifier: fCahoT0DASmE4L0CnNku4FHnUTfBEMsJKaoRBnEvKJY=
Subject key identifier: FF:27:D4:A9:6B:DE:DA:AD:30:EB:D8:53:8E:D4:F3:0C:A2:9E:C5:8F
Certificate issuer: /CN=7f216f49a3b9a84a0e85e80a2c42874f09ea3985
Certificate serial: 4DCF49A297242D9B21CB6B62DFD718EC956F275F
Authority key identifier: 7F:21:6F:49:A3:B9:A8:4A:0E:85:E8:0A:2C:42:87:4F:09:EA:39:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fyFvSaO5qEoOhegKLEKHTwnqOYU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/326130653a666434353a326630303a3a2f34382d3438203d3e20323132393636.roa
Signing time: Mon 14 Apr 2025 12:33:44 +0000
ROA not before: Mon 14 Apr 2025 12:28:44 +0000
ROA not after: Mon 13 Apr 2026 12:33:44 +0000
asID: 212966
IP address blocks: 2a0e:fd45:2f00::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.crl
rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.mft
rsync://rpki.ripe.net/repository/DEFAULT/fyFvSaO5qEoOhegKLEKHTwnqOYU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 20 Apr 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:cf:49:a2:97:24:2d:9b:21:cb:6b:62:df:d7:18:ec:95:6f:27:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7f216f49a3b9a84a0e85e80a2c42874f09ea3985
Validity
Not Before: Apr 14 12:28:44 2025 GMT
Not After : Apr 13 12:33:44 2026 GMT
Subject: CN=FF27D4A96BDEDAAD30EBD8538ED4F30CA29EC58F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:31:6f:44:b0:fb:91:f5:a5:fd:4e:5a:96:d7:
12:25:5f:c9:a9:cf:91:c3:a7:f3:bf:9a:af:86:24:
da:91:0c:fb:dc:17:6a:b1:8d:8e:b7:71:27:4e:b7:
16:1e:ea:26:0e:67:bb:85:73:8f:94:ae:c4:4d:b3:
43:ea:6e:9f:a3:0e:11:d4:dc:ba:9f:10:ed:96:60:
62:c0:f0:21:ba:65:1d:26:16:6f:b2:50:ad:1c:84:
29:e0:bc:4f:51:cc:51:99:74:23:6e:65:c6:e6:1e:
5c:a4:a8:3a:28:db:95:8a:0c:eb:7e:68:47:80:a2:
db:74:04:c0:31:91:20:94:b1:32:db:3d:53:94:cb:
a4:1f:61:74:11:60:ec:f7:5a:c5:b4:83:60:7b:3f:
94:85:e2:40:9d:9e:c1:6a:3e:8c:79:47:b6:73:8b:
c7:1e:39:d2:94:85:79:96:54:a8:37:5f:b9:a6:23:
cb:8a:25:e0:65:84:ea:3d:74:2b:d6:6f:a5:d9:40:
5d:f0:69:98:81:0c:f2:dd:9f:38:c5:43:db:23:85:
a2:9c:d7:85:cb:08:db:e0:79:27:34:63:55:77:fa:
e2:b1:c1:10:fc:57:9d:59:4d:62:17:ce:51:36:51:
31:e5:a3:98:24:62:4b:ae:7a:07:45:0c:65:ae:d5:
cd:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:27:D4:A9:6B:DE:DA:AD:30:EB:D8:53:8E:D4:F3:0C:A2:9E:C5:8F
X509v3 Authority Key Identifier:
keyid:7F:21:6F:49:A3:B9:A8:4A:0E:85:E8:0A:2C:42:87:4F:09:EA:39:85
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fyFvSaO5qEoOhegKLEKHTwnqOYU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/326130653a666434353a326630303a3a2f34382d3438203d3e20323132393636.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:fd45:2f00::/48
Signature Algorithm: sha256WithRSAEncryption
4a:71:08:65:8d:50:23:e7:78:b9:0c:d8:b1:25:ab:86:c5:70:
3b:f2:63:e3:4c:a2:1b:02:3f:ed:8f:fb:9b:6d:3c:94:a3:90:
83:f6:de:d2:64:87:86:ba:35:85:ee:dc:62:67:ae:31:54:3e:
0c:68:c9:b7:9d:ae:38:7b:ac:c7:da:4e:15:b5:20:32:48:2a:
d0:8d:88:54:19:3e:e4:b2:b9:57:3e:c3:02:47:c5:59:7d:32:
27:9c:69:1b:e7:1b:ef:f3:02:00:57:9b:11:d7:d0:ff:28:f5:
75:64:23:1b:51:04:e2:7b:71:09:6e:d4:47:45:24:f6:fd:56:
41:a5:ca:20:4e:9d:43:e3:15:17:f1:76:7b:5f:0a:40:cb:4d:
2b:f1:09:39:f3:3b:8a:82:63:1b:d6:83:ef:67:ae:37:46:3d:
93:65:7f:d6:ab:15:15:a5:1c:53:e0:2e:8b:45:90:01:cd:d6:
63:4d:03:ed:5c:f3:2e:a6:d1:c0:35:a8:f3:fe:e8:dd:41:fe:
17:db:93:f8:27:0a:21:72:e9:6f:7c:ba:d9:80:2a:4b:64:8e:
90:68:cc:67:22:95:97:7b:a7:fd:e3:04:49:c0:0b:48:b0:d7:
18:a7:c2:aa:3c:a9:27:42:ab:f4:c0:d6:81:3a:64:05:52:50:
31:cb:fc:17
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUTc9JopckLZshy2ti39cY7JVvJ18wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2YyMTZmNDlhM2I5YTg0YTBlODVlODBhMmM0Mjg3NGYw
OWVhMzk4NTAeFw0yNTA0MTQxMjI4NDRaFw0yNjA0MTMxMjMzNDRaMDMxMTAvBgNV
BAMTKEZGMjdENEE5NkJERURBQUQzMEVCRDg1MzhFRDRGMzBDQTI5RUM1OEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEMW9EsPuR9aX9TlqW1xIlX8mp
z5HDp/O/mq+GJNqRDPvcF2qxjY63cSdOtxYe6iYOZ7uFc4+UrsRNs0Pqbp+jDhHU
3LqfEO2WYGLA8CG6ZR0mFm+yUK0chCngvE9RzFGZdCNuZcbmHlykqDoo25WKDOt+
aEeAott0BMAxkSCUsTLbPVOUy6QfYXQRYOz3WsW0g2B7P5SF4kCdnsFqPox5R7Zz
i8ceOdKUhXmWVKg3X7mmI8uKJeBlhOo9dCvWb6XZQF3waZiBDPLdnzjFQ9sjhaKc
14XLCNvgeSc0Y1V3+uKxwRD8V51ZTWIXzlE2UTHlo5gkYkuuegdFDGWu1c0/AgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQU/yfUqWve2q0w69hTjtTzDKKexY8wHwYDVR0j
BBgwFoAUfyFvSaO5qEoOhegKLEKHTwnqOYUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmRmYjMwY2EtZTFjMi00OTIxLWIwNTQtZDRhZjA5MTY1
YWYxLzAvN0YyMTZGNDlBM0I5QTg0QTBFODVFODBBMkM0Mjg3NEYwOUVBMzk4NS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Z5RnZTYU81cUVvT2hlZ0tMRUtIVHdu
cU9ZVS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmRmYjMwY2Et
ZTFjMi00OTIxLWIwNTQtZDRhZjA5MTY1YWYxLzAvMzI2MTMwNjUzYTY2NjQzNDM1
M2EzMjY2MzAzMDNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzMjM5MzYzNi5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoO/UUvADANBgkqhkiG9w0BAQsFAAOCAQEASnEIZY1QI+d4uQzY
sSWrhsVwO/Jj40yiGwI/7Y/7m208lKOQg/be0mSHhro1he7cYmeuMVQ+DGjJt52u
OHusx9pOFbUgMkgq0I2IVBk+5LK5Vz7DAkfFWX0yJ5xpG+cb7/MCAFebEdfQ/yj1
dWQjG1EE4ntxCW7UR0Uk9v1WQaXKIE6dQ+MVF/F2e18KQMtNK/EJOfM7ioJjG9aD
72euN0Y9k2V/1qsVFaUcU+Aui0WQAc3WY00D7VzzLqbRwDWo8/7o3UH+F9uT+CcK
IXLpb3y62YAqS2SOkGjMZyKVl3un/eMEScALSLDXGKfCqjypJ0Kr9MDWgTpkBVJQ
Mcv8Fw==
-----END CERTIFICATE-----
Generated at Sat Apr 19 10:02:54 2025 by rpki-client