Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/3eafc32b-ec03-4319-b1c6-3c1c4727e06f/0/323030313a3637633a6638633a3a2f34382d3438203d3e20323132383535.roa
File: 323030313a3637633a6638633a3a2f34382d3438203d3e20323132383535.roa (raw, json)
Hash identifier: prfcq9YIMAg2ry1iZCXqsMkFnalbT+MPZdyoUmwmw6g=
Subject key identifier: F2:2B:03:4B:A3:96:3E:5A:A8:FC:F2:A5:B8:C4:55:F3:6B:D3:E5:6E
Certificate issuer: /CN=27851163005f59c06e35a8fd365f96356eb34971
Certificate serial: 39A4E78A68936B7F9D59BCCDF057C6C411F59164
Authority key identifier: 27:85:11:63:00:5F:59:C0:6E:35:A8:FD:36:5F:96:35:6E:B3:49:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J4URYwBfWcBuNaj9Nl-WNW6zSXE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/3eafc32b-ec03-4319-b1c6-3c1c4727e06f/0/323030313a3637633a6638633a3a2f34382d3438203d3e20323132383535.roa
Signing time: Sun 26 Jan 2025 10:42:04 +0000
ROA not before: Sun 26 Jan 2025 10:37:04 +0000
ROA not after: Sun 25 Jan 2026 10:42:04 +0000
asID: 212855
IP address blocks: 2001:67c:f8c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/3eafc32b-ec03-4319-b1c6-3c1c4727e06f/0/27851163005F59C06E35A8FD365F96356EB34971.crl
rsync://rsync.paas.rpki.ripe.net/repository/3eafc32b-ec03-4319-b1c6-3c1c4727e06f/0/27851163005F59C06E35A8FD365F96356EB34971.mft
rsync://rpki.ripe.net/repository/DEFAULT/J4URYwBfWcBuNaj9Nl-WNW6zSXE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:a4:e7:8a:68:93:6b:7f:9d:59:bc:cd:f0:57:c6:c4:11:f5:91:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27851163005f59c06e35a8fd365f96356eb34971
Validity
Not Before: Jan 26 10:37:04 2025 GMT
Not After : Jan 25 10:42:04 2026 GMT
Subject: CN=F22B034BA3963E5AA8FCF2A5B8C455F36BD3E56E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:a3:fd:17:a2:22:7d:28:fe:0a:be:0e:02:c7:
f7:49:0b:54:4f:e9:31:0b:24:29:d2:91:f0:bb:be:
c0:ad:ad:1a:88:3c:41:b0:a2:32:c1:28:df:61:66:
80:8d:36:db:b5:fa:f8:7f:ee:63:5a:e9:84:82:6a:
fc:84:25:72:0e:0a:74:1d:48:dc:50:02:ae:27:d0:
e6:4d:fe:5f:74:69:f4:76:48:76:6d:06:1a:f8:4f:
b5:fd:a1:02:4a:ea:a0:8f:53:af:98:9f:a2:33:ae:
30:4f:c6:bc:30:99:93:22:fd:ee:db:47:77:e6:1c:
2b:56:b9:54:48:d3:03:1b:0a:95:5f:a6:0d:3d:f9:
77:7f:8e:56:3f:e2:56:2e:5f:a6:80:40:9d:1d:21:
e3:c2:a7:00:8f:39:9c:36:d7:d4:c4:71:bf:ee:71:
73:73:66:5b:b1:48:89:a0:e6:66:27:72:bf:c5:51:
b0:25:5f:e0:6d:36:6c:f8:0a:ec:12:8d:3b:2e:d5:
c4:1f:8e:9c:58:8f:ab:f1:7b:55:a6:4f:c1:68:75:
82:02:09:45:63:2e:91:98:a0:03:97:6f:bb:7f:b7:
93:49:1c:f5:c0:79:b5:dd:7c:c8:26:df:0a:1f:d3:
0b:64:f6:4a:57:66:6a:d7:8e:b8:9b:4a:1a:79:cd:
1c:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:2B:03:4B:A3:96:3E:5A:A8:FC:F2:A5:B8:C4:55:F3:6B:D3:E5:6E
X509v3 Authority Key Identifier:
keyid:27:85:11:63:00:5F:59:C0:6E:35:A8:FD:36:5F:96:35:6E:B3:49:71
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/3eafc32b-ec03-4319-b1c6-3c1c4727e06f/0/27851163005F59C06E35A8FD365F96356EB34971.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J4URYwBfWcBuNaj9Nl-WNW6zSXE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/3eafc32b-ec03-4319-b1c6-3c1c4727e06f/0/323030313a3637633a6638633a3a2f34382d3438203d3e20323132383535.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:f8c::/48
Signature Algorithm: sha256WithRSAEncryption
6a:b4:86:15:99:e8:eb:64:d3:04:3e:b1:b4:ee:e6:dd:9e:07:
de:7f:61:79:40:4c:aa:be:9e:1c:95:92:cd:84:53:78:06:bd:
c6:c4:48:7e:76:d0:4f:9f:1e:e5:53:d7:ab:eb:0a:30:a9:db:
e3:c6:68:51:d5:89:16:3c:7c:49:d6:d3:d0:01:56:be:0a:d1:
0c:55:7f:a7:a2:1b:ff:51:a4:c2:8e:e7:a1:6b:7d:b8:c5:bf:
43:63:37:e1:95:2c:e8:50:3f:3a:e2:b2:29:4e:a3:98:8a:86:
36:82:f9:9a:ac:88:bf:2a:22:30:26:53:4e:15:81:f1:09:2b:
1a:06:70:21:40:64:d4:d3:8f:4d:42:58:fd:d1:59:71:c7:f6:
d7:a3:4e:7a:27:21:74:61:e7:5b:5b:ec:3f:07:2d:d0:cb:ad:
13:f7:7b:9d:7f:03:26:20:c5:62:44:b5:39:29:9a:2a:c9:82:
e8:ae:f8:3e:d9:1b:cc:00:da:ab:47:69:16:2a:97:c1:47:03:
3f:1e:48:4d:c3:0e:63:8e:de:b4:2c:ed:93:26:9e:3d:1a:34:
48:a8:04:15:48:45:4f:f6:ea:3a:0b:d4:99:16:4c:13:d2:fb:
91:ae:1b:4c:5f:db:43:5d:b0:c9:d4:69:db:b7:f8:fe:89:03:
9b:f3:60:1f
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUOaTnimiTa3+dWbzN8FfGxBH1kWQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjc4NTExNjMwMDVmNTljMDZlMzVhOGZkMzY1Zjk2MzU2
ZWIzNDk3MTAeFw0yNTAxMjYxMDM3MDRaFw0yNjAxMjUxMDQyMDRaMDMxMTAvBgNV
BAMTKEYyMkIwMzRCQTM5NjNFNUFBOEZDRjJBNUI4QzQ1NUYzNkJEM0U1NkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6o/0XoiJ9KP4Kvg4Cx/dJC1RP
6TELJCnSkfC7vsCtrRqIPEGwojLBKN9hZoCNNtu1+vh/7mNa6YSCavyEJXIOCnQd
SNxQAq4n0OZN/l90afR2SHZtBhr4T7X9oQJK6qCPU6+Yn6IzrjBPxrwwmZMi/e7b
R3fmHCtWuVRI0wMbCpVfpg09+Xd/jlY/4lYuX6aAQJ0dIePCpwCPOZw219TEcb/u
cXNzZluxSImg5mYncr/FUbAlX+BtNmz4CuwSjTsu1cQfjpxYj6vxe1WmT8FodYIC
CUVjLpGYoAOXb7t/t5NJHPXAebXdfMgm3wof0wtk9kpXZmrXjribShp5zRzHAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQU8isDS6OWPlqo/PKluMRV82vT5W4wHwYDVR0j
BBgwFoAUJ4URYwBfWcBuNaj9Nl+WNW6zSXEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvM2VhZmMzMmItZWMwMy00MzE5LWIxYzYtM2MxYzQ3Mjdl
MDZmLzAvMjc4NTExNjMwMDVGNTlDMDZFMzVBOEZEMzY1Rjk2MzU2RUIzNDk3MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0o0VVJZd0JmV2NCdU5hajlObC1XTlc2
elNYRS5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvM2VhZmMzMmIt
ZWMwMy00MzE5LWIxYzYtM2MxYzQ3MjdlMDZmLzAvMzIzMDMwMzEzYTM2Mzc2MzNh
NjYzODYzM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzMTMyMzgzNTM1LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAIAEGfA+MMA0GCSqGSIb3DQEBCwUAA4IBAQBqtIYVmejrZNMEPrG07ubd
ngfef2F5QEyqvp4clZLNhFN4Br3GxEh+dtBPnx7lU9er6wowqdvjxmhR1YkWPHxJ
1tPQAVa+CtEMVX+nohv/UaTCjueha324xb9DYzfhlSzoUD864rIpTqOYioY2gvma
rIi/KiIwJlNOFYHxCSsaBnAhQGTU049NQlj90Vlxx/bXo056JyF0YedbW+w/By3Q
y60T93udfwMmIMViRLU5KZoqyYLorvg+2RvMANqrR2kWKpfBRwM/HkhNww5jjt60
LO2TJp49GjRIqAQVSEVP9uo6C9SZFkwT0vuRrhtMX9tDXbDJ1Gnbt/j+iQOb82Af
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:07:54 2025 by rpki-client