Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/326131333a646130323a3a2f33322d3332203d3e20323135343230.roa
File: 326131333a646130323a3a2f33322d3332203d3e20323135343230.roa (raw, json)
Hash identifier: /XIIDyQLovgvuWo+FMAvONj9QZYopmDAHKNtoUoPi4w=
Subject key identifier: D3:B0:AD:E6:B6:E1:B1:10:A1:4D:61:51:58:80:1C:73:32:37:10:FF
Certificate issuer: /CN=ff426f19ba67bc89de5ae6df487c1c8c1e752e27
Certificate serial: 0EF0C0CC03793A2DA52D00252FF3DD5422040B8B
Authority key identifier: FF:42:6F:19:BA:67:BC:89:DE:5A:E6:DF:48:7C:1C:8C:1E:75:2E:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_0JvGbpnvIneWubfSHwcjB51Lic.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/326131333a646130323a3a2f33322d3332203d3e20323135343230.roa
Signing time: Mon 10 Mar 2025 18:38:20 +0000
ROA not before: Mon 10 Mar 2025 18:33:20 +0000
ROA not after: Mon 09 Mar 2026 18:38:20 +0000
asID: 215420
IP address blocks: 2a13:da02::/32 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/FF426F19BA67BC89DE5AE6DF487C1C8C1E752E27.crl
rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/FF426F19BA67BC89DE5AE6DF487C1C8C1E752E27.mft
rsync://rpki.ripe.net/repository/DEFAULT/_0JvGbpnvIneWubfSHwcjB51Lic.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 03:24:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:f0:c0:cc:03:79:3a:2d:a5:2d:00:25:2f:f3:dd:54:22:04:0b:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff426f19ba67bc89de5ae6df487c1c8c1e752e27
Validity
Not Before: Mar 10 18:33:20 2025 GMT
Not After : Mar 9 18:38:20 2026 GMT
Subject: CN=D3B0ADE6B6E1B110A14D615158801C73323710FF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:55:89:2e:ac:d4:64:75:49:26:19:0d:91:c5:
5b:1d:46:9d:88:9b:ce:97:82:a0:cf:3b:6d:66:ba:
1b:a4:56:ed:5d:af:41:41:87:94:53:26:05:70:a4:
7a:d2:cd:4b:10:40:3c:eb:cb:61:3e:86:a3:25:63:
e2:99:40:45:b3:c5:1a:19:d1:e7:f3:58:c3:e1:63:
50:e0:94:3a:5f:a7:6f:7d:67:15:be:dc:ac:d7:dc:
56:dd:ae:fe:47:bd:f4:d2:bd:9c:21:bc:4e:5c:63:
35:68:99:ed:cd:33:19:8a:48:84:e4:45:e4:a8:ac:
0f:e6:eb:5f:ba:8b:51:99:f7:7b:f3:fb:b6:8f:5c:
bd:20:d9:8e:44:b2:e9:90:46:68:9f:23:7f:db:0d:
04:ea:c5:3f:28:17:73:a6:b4:88:d3:1b:0e:87:d7:
78:fd:2a:a8:0d:ae:bb:94:03:a2:c2:1a:32:28:bf:
ee:ab:05:d8:68:ea:66:6d:9e:aa:a4:8b:b0:a2:b5:
4a:d7:76:47:98:2c:6e:4f:90:09:f7:01:e2:1a:41:
80:b4:9c:e2:a2:46:73:ff:8b:e7:47:88:e1:d6:cf:
04:d1:ca:2e:8e:5f:fc:b7:a5:d2:48:5e:ee:c8:4f:
f9:1f:d4:02:82:91:be:b4:cf:d5:b2:3a:d7:a4:73:
80:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:B0:AD:E6:B6:E1:B1:10:A1:4D:61:51:58:80:1C:73:32:37:10:FF
X509v3 Authority Key Identifier:
keyid:FF:42:6F:19:BA:67:BC:89:DE:5A:E6:DF:48:7C:1C:8C:1E:75:2E:27
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/FF426F19BA67BC89DE5AE6DF487C1C8C1E752E27.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_0JvGbpnvIneWubfSHwcjB51Lic.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/326131333a646130323a3a2f33322d3332203d3e20323135343230.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:da02::/32
Signature Algorithm: sha256WithRSAEncryption
1e:61:02:7f:cf:67:91:86:a7:72:a2:f0:91:87:84:99:ae:5c:
ce:67:d5:35:56:b3:db:6b:3f:78:17:5b:2e:e1:a5:ce:64:6e:
03:60:48:d4:63:e9:6a:f9:84:0d:c5:21:b1:48:2a:2c:4b:f8:
a9:2f:2f:98:63:1d:d3:b8:84:1e:c3:72:06:cd:4e:56:74:34:
cd:ff:63:38:ea:1a:3e:ff:ea:1e:57:13:06:af:0a:de:63:4a:
b6:9b:6a:d1:12:c9:2c:c4:f8:91:3d:68:f9:b8:cf:d4:64:15:
13:f2:8a:ef:5a:f4:fa:4f:cc:d9:6c:34:2f:65:9c:61:60:1c:
b0:c5:9e:c6:44:32:bc:69:52:32:ad:7f:c1:43:29:f3:e8:da:
7e:c2:18:d9:3b:01:5a:d7:e9:8c:6b:e8:f9:10:6b:76:13:fc:
d5:90:5d:2c:f4:2c:af:c2:f2:b4:41:69:98:2f:c0:0d:a3:95:
73:f3:cb:77:12:85:e5:4e:4e:c7:78:58:3d:79:b3:34:55:fc:
dc:54:ae:14:d9:e7:cb:04:67:6c:71:8c:10:85:52:75:3b:0c:
1f:ee:0d:ee:b4:2c:c8:b3:be:f9:f7:5f:46:93:4d:a8:01:21:
d9:37:ff:f3:e9:30:0b:ff:68:f4:ea:c5:3a:81:4c:e0:67:86:
82:49:12:83
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIUDvDAzAN5Oi2lLQAlL/PdVCIEC4swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZmY0MjZmMTliYTY3YmM4OWRlNWFlNmRmNDg3YzFjOGMx
ZTc1MmUyNzAeFw0yNTAzMTAxODMzMjBaFw0yNjAzMDkxODM4MjBaMDMxMTAvBgNV
BAMTKEQzQjBBREU2QjZFMUIxMTBBMTRENjE1MTU4ODAxQzczMzIzNzEwRkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEVYkurNRkdUkmGQ2RxVsdRp2I
m86XgqDPO21muhukVu1dr0FBh5RTJgVwpHrSzUsQQDzry2E+hqMlY+KZQEWzxRoZ
0efzWMPhY1DglDpfp299ZxW+3KzX3Fbdrv5HvfTSvZwhvE5cYzVome3NMxmKSITk
ReSorA/m61+6i1GZ93vz+7aPXL0g2Y5EsumQRmifI3/bDQTqxT8oF3OmtIjTGw6H
13j9KqgNrruUA6LCGjIov+6rBdho6mZtnqqki7CitUrXdkeYLG5PkAn3AeIaQYC0
nOKiRnP/i+dHiOHWzwTRyi6OX/y3pdJIXu7IT/kf1AKCkb60z9WyOtekc4BPAgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQU07Ct5rbhsRChTWFRWIAcczI3EP8wHwYDVR0j
BBgwFoAU/0JvGbpnvIneWubfSHwcjB51LicwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNDY4YjA4MWUtYmE5My00NjVmLTliNmUtN2ZiZDYzYmRm
ZjYzLzAvRkY0MjZGMTlCQTY3QkM4OURFNUFFNkRGNDg3QzFDOEMxRTc1MkUyNy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL18wSnZHYnBudkluZVd1YmZTSHdjakI1
MUxpYy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNDY4YjA4MWUt
YmE5My00NjVmLTliNmUtN2ZiZDYzYmRmZjYzLzAvMzI2MTMxMzMzYTY0NjEzMDMy
M2EzYTJmMzMzMjJkMzMzMjIwM2QzZTIwMzIzMTM1MzQzMjMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUA
KhPaAjANBgkqhkiG9w0BAQsFAAOCAQEAHmECf89nkYancqLwkYeEma5czmfVNVaz
22s/eBdbLuGlzmRuA2BI1GPpavmEDcUhsUgqLEv4qS8vmGMd07iEHsNyBs1OVnQ0
zf9jOOoaPv/qHlcTBq8K3mNKtptq0RLJLMT4kT1o+bjP1GQVE/KK71r0+k/M2Ww0
L2WcYWAcsMWexkQyvGlSMq1/wUMp8+jafsIY2TsBWtfpjGvo+RBrdhP81ZBdLPQs
r8LytEFpmC/ADaOVc/PLdxKF5U5Ox3hYPXmzNFX83FSuFNnnywRnbHGMEIVSdTsM
H+4N7rQsyLO++fdfRpNNqAEh2Tf/8+kwC/9o9OrFOoFM4GeGgkkSgw==
-----END CERTIFICATE-----
Generated at Thu Mar 13 16:20:45 2025 by rpki-client