Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/326131333a646130353a3a2f33322d3332203d3e20323134393430.roa
File: 326131333a646130353a3a2f33322d3332203d3e20323134393430.roa (raw, json)
Hash identifier: 4U+lv5fdVNtShdj/snUUKz+UGwwRicG7k/GaBlfpAoA=
Subject key identifier: C8:3D:7A:8C:0B:35:69:EF:D0:49:72:65:1D:F2:6F:A5:17:18:23:CE
Certificate issuer: /CN=ff426f19ba67bc89de5ae6df487c1c8c1e752e27
Certificate serial: 5E54BC3622C4DD6314ECAC4FB130D243EA064A22
Authority key identifier: FF:42:6F:19:BA:67:BC:89:DE:5A:E6:DF:48:7C:1C:8C:1E:75:2E:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_0JvGbpnvIneWubfSHwcjB51Lic.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/326131333a646130353a3a2f33322d3332203d3e20323134393430.roa
Signing time: Mon 10 Mar 2025 18:38:05 +0000
ROA not before: Mon 10 Mar 2025 18:33:05 +0000
ROA not after: Mon 09 Mar 2026 18:38:05 +0000
asID: 214940
IP address blocks: 2a13:da05::/32 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/FF426F19BA67BC89DE5AE6DF487C1C8C1E752E27.crl
rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/FF426F19BA67BC89DE5AE6DF487C1C8C1E752E27.mft
rsync://rpki.ripe.net/repository/DEFAULT/_0JvGbpnvIneWubfSHwcjB51Lic.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 03:24:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:54:bc:36:22:c4:dd:63:14:ec:ac:4f:b1:30:d2:43:ea:06:4a:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff426f19ba67bc89de5ae6df487c1c8c1e752e27
Validity
Not Before: Mar 10 18:33:05 2025 GMT
Not After : Mar 9 18:38:05 2026 GMT
Subject: CN=C83D7A8C0B3569EFD04972651DF26FA5171823CE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:4b:a8:a4:1b:ee:4f:83:27:bb:0a:b9:55:ed:
39:4b:6a:21:58:45:93:bf:93:27:da:28:3a:33:d4:
20:40:4f:89:f7:60:00:9a:a7:91:fa:37:9c:a6:5e:
02:a5:aa:d3:51:41:8e:32:86:dc:df:61:0c:7d:25:
c8:42:42:da:e4:f2:c5:71:ab:04:a1:6b:e6:79:65:
27:8f:7f:1c:6d:0d:6b:b6:5a:39:22:5f:7c:68:bd:
ab:d4:8d:2b:83:43:ed:b7:99:5c:39:d5:0b:0d:79:
11:c0:72:1e:1f:28:3f:05:ca:62:d8:5b:75:73:a7:
81:c2:dd:03:76:84:78:2c:d6:27:16:e9:62:1f:75:
df:61:2e:34:4a:25:51:55:69:41:ec:74:f3:cb:03:
b0:f1:d0:a7:1f:04:02:e9:47:40:de:28:ba:6a:41:
c8:76:b2:9e:ce:4d:ec:ec:8d:c5:f9:3d:a4:5b:a6:
98:6d:df:71:2f:26:bb:ed:3c:32:6b:2b:50:72:58:
fb:cf:bf:2f:62:7d:3b:7b:95:20:20:f3:9a:bb:e1:
7c:ba:33:08:9b:b5:0f:33:b2:99:cc:7f:22:23:eb:
06:b3:9c:cb:de:3f:e0:e5:b5:24:a4:b6:6f:ba:b2:
e3:9e:91:5e:ac:ba:7e:df:9d:54:da:34:8c:83:89:
09:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:3D:7A:8C:0B:35:69:EF:D0:49:72:65:1D:F2:6F:A5:17:18:23:CE
X509v3 Authority Key Identifier:
keyid:FF:42:6F:19:BA:67:BC:89:DE:5A:E6:DF:48:7C:1C:8C:1E:75:2E:27
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/FF426F19BA67BC89DE5AE6DF487C1C8C1E752E27.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_0JvGbpnvIneWubfSHwcjB51Lic.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/326131333a646130353a3a2f33322d3332203d3e20323134393430.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:da05::/32
Signature Algorithm: sha256WithRSAEncryption
a5:fc:0e:e8:b9:12:63:0c:24:5d:0a:f4:cb:84:f6:17:c9:29:
40:db:f9:fd:92:de:5f:40:97:bf:00:89:de:c7:44:cb:ad:55:
7a:e8:da:43:b4:03:9a:44:52:cd:a6:2a:ed:dc:f7:63:36:65:
9d:85:26:95:a4:c1:f6:81:27:d4:a0:92:89:74:3f:4b:80:b4:
b7:95:cc:b2:aa:3d:8a:b3:6a:80:9c:b3:8a:36:ed:13:5d:c6:
72:3e:aa:72:d3:34:22:9a:6a:8e:32:6f:e5:1e:e8:81:3e:44:
63:2c:52:99:a2:e1:38:a7:3f:f0:ed:13:59:b9:92:60:56:bb:
15:c6:da:41:87:a9:1f:46:b8:16:da:b5:f7:a1:2d:21:3c:a4:
79:c1:6f:da:a9:da:ce:10:96:61:00:4a:0b:03:76:da:34:d9:
08:76:33:9b:bc:a9:bd:a4:07:19:0b:15:07:bd:2f:9b:f0:09:
96:d9:81:03:52:92:ef:9f:96:e1:c1:35:25:da:22:61:0d:4c:
b7:2f:42:08:35:58:0c:60:21:3a:59:f2:7c:2f:58:83:6c:cc:
5e:34:15:67:62:6c:da:f8:09:76:63:76:90:03:52:09:4c:92:
fd:e4:6f:33:dc:77:30:2c:ae:8a:43:38:49:e8:31:3d:e3:58:
08:b4:23:a9
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIUXlS8NiLE3WMU7KxPsTDSQ+oGSiIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZmY0MjZmMTliYTY3YmM4OWRlNWFlNmRmNDg3YzFjOGMx
ZTc1MmUyNzAeFw0yNTAzMTAxODMzMDVaFw0yNjAzMDkxODM4MDVaMDMxMTAvBgNV
BAMTKEM4M0Q3QThDMEIzNTY5RUZEMDQ5NzI2NTFERjI2RkE1MTcxODIzQ0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuS6ikG+5Pgye7CrlV7TlLaiFY
RZO/kyfaKDoz1CBAT4n3YACap5H6N5ymXgKlqtNRQY4yhtzfYQx9JchCQtrk8sVx
qwSha+Z5ZSePfxxtDWu2WjkiX3xovavUjSuDQ+23mVw51QsNeRHAch4fKD8FymLY
W3Vzp4HC3QN2hHgs1icW6WIfdd9hLjRKJVFVaUHsdPPLA7Dx0KcfBALpR0DeKLpq
Qch2sp7OTezsjcX5PaRbppht33EvJrvtPDJrK1ByWPvPvy9ifTt7lSAg85q74Xy6
MwibtQ8zspnMfyIj6waznMveP+DltSSktm+6suOekV6sun7fnVTaNIyDiQk3AgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQUyD16jAs1ae/QSXJlHfJvpRcYI84wHwYDVR0j
BBgwFoAU/0JvGbpnvIneWubfSHwcjB51LicwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNDY4YjA4MWUtYmE5My00NjVmLTliNmUtN2ZiZDYzYmRm
ZjYzLzAvRkY0MjZGMTlCQTY3QkM4OURFNUFFNkRGNDg3QzFDOEMxRTc1MkUyNy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL18wSnZHYnBudkluZVd1YmZTSHdjakI1
MUxpYy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNDY4YjA4MWUt
YmE5My00NjVmLTliNmUtN2ZiZDYzYmRmZjYzLzAvMzI2MTMxMzMzYTY0NjEzMDM1
M2EzYTJmMzMzMjJkMzMzMjIwM2QzZTIwMzIzMTM0MzkzNDMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUA
KhPaBTANBgkqhkiG9w0BAQsFAAOCAQEApfwO6LkSYwwkXQr0y4T2F8kpQNv5/ZLe
X0CXvwCJ3sdEy61VeujaQ7QDmkRSzaYq7dz3YzZlnYUmlaTB9oEn1KCSiXQ/S4C0
t5XMsqo9irNqgJyzijbtE13Gcj6qctM0IppqjjJv5R7ogT5EYyxSmaLhOKc/8O0T
WbmSYFa7FcbaQYepH0a4Ftq196EtITykecFv2qnazhCWYQBKCwN22jTZCHYzm7yp
vaQHGQsVB70vm/AJltmBA1KS75+W4cE1JdoiYQ1Mty9CCDVYDGAhOlnyfC9Yg2zM
XjQVZ2Js2vgJdmN2kANSCUyS/eRvM9x3MCyuikM4SegxPeNYCLQjqQ==
-----END CERTIFICATE-----
Generated at Thu Mar 13 16:01:46 2025 by rpki-client