Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/326131333a653430313a3a2f33322d3332203d3e20323134393637.roa
File: 326131333a653430313a3a2f33322d3332203d3e20323134393637.roa (raw, json)
Hash identifier: H3nzZLDuD+hMyo0VXetwr0aEFusgjbaL4Ptg0xbrpOA=
Subject key identifier: C4:29:73:D5:52:22:D4:4D:29:AE:92:B9:C9:46:D8:AA:AD:DC:10:AE
Certificate issuer: /CN=ff426f19ba67bc89de5ae6df487c1c8c1e752e27
Certificate serial: 38C8D000E719043D7F5F42CF0ECF84360D9FC162
Authority key identifier: FF:42:6F:19:BA:67:BC:89:DE:5A:E6:DF:48:7C:1C:8C:1E:75:2E:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_0JvGbpnvIneWubfSHwcjB51Lic.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/326131333a653430313a3a2f33322d3332203d3e20323134393637.roa
Signing time: Mon 10 Mar 2025 18:38:11 +0000
ROA not before: Mon 10 Mar 2025 18:33:11 +0000
ROA not after: Mon 09 Mar 2026 18:38:11 +0000
asID: 214967
IP address blocks: 2a13:e401::/32 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/FF426F19BA67BC89DE5AE6DF487C1C8C1E752E27.crl
rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/FF426F19BA67BC89DE5AE6DF487C1C8C1E752E27.mft
rsync://rpki.ripe.net/repository/DEFAULT/_0JvGbpnvIneWubfSHwcjB51Lic.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 03:24:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:c8:d0:00:e7:19:04:3d:7f:5f:42:cf:0e:cf:84:36:0d:9f:c1:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff426f19ba67bc89de5ae6df487c1c8c1e752e27
Validity
Not Before: Mar 10 18:33:11 2025 GMT
Not After : Mar 9 18:38:11 2026 GMT
Subject: CN=C42973D55222D44D29AE92B9C946D8AAADDC10AE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:75:c0:46:f2:77:73:3c:7f:d6:30:1f:68:a6:
71:14:1d:7d:ac:15:1e:e2:5e:98:75:72:81:33:57:
6e:43:d7:b7:9f:08:15:73:41:b4:e0:a2:4a:56:6a:
7c:75:21:f5:fa:f1:b7:2d:ce:a8:da:95:54:b6:42:
56:a8:04:7f:f4:9d:d5:98:03:57:49:79:60:42:a8:
f8:3c:3d:ac:bd:52:74:3d:b3:11:71:11:28:eb:1a:
69:cd:15:0b:98:b5:51:fc:05:6a:86:51:81:12:e5:
59:ab:8c:c7:a7:35:66:1b:3b:a7:88:8d:8f:e3:dc:
fa:47:77:03:0f:12:fb:79:db:c9:4a:0f:a5:f2:af:
e8:78:ca:04:41:69:ba:e1:8d:78:62:e1:e0:e2:b7:
b1:e8:33:57:49:2a:23:df:34:93:a6:f3:90:b4:cb:
4d:95:c7:2e:da:31:97:8b:69:1b:e7:75:52:37:5b:
25:92:a0:e9:5d:b4:1e:d9:29:05:7f:28:b6:e5:06:
92:44:ae:57:8e:d6:68:39:1e:77:49:32:f5:71:b8:
bb:f9:89:d2:07:a2:57:f4:73:31:aa:45:dd:a5:e9:
2e:be:d8:c6:27:b5:ec:55:ef:17:70:62:02:ce:5a:
62:be:ae:ac:01:b3:a9:5b:11:d1:73:7e:14:51:ba:
a9:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:29:73:D5:52:22:D4:4D:29:AE:92:B9:C9:46:D8:AA:AD:DC:10:AE
X509v3 Authority Key Identifier:
keyid:FF:42:6F:19:BA:67:BC:89:DE:5A:E6:DF:48:7C:1C:8C:1E:75:2E:27
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/FF426F19BA67BC89DE5AE6DF487C1C8C1E752E27.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_0JvGbpnvIneWubfSHwcjB51Lic.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/326131333a653430313a3a2f33322d3332203d3e20323134393637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:e401::/32
Signature Algorithm: sha256WithRSAEncryption
a0:bb:84:58:98:19:a4:4d:10:45:d2:df:1f:15:14:e7:54:9a:
12:00:a6:81:90:de:75:26:b6:21:08:0b:d1:10:1d:a8:79:c5:
9a:92:a4:94:a8:d1:8e:ed:d3:28:2f:0f:c0:b9:2c:46:a2:4c:
0b:91:f4:7d:d6:82:30:d4:6d:40:a5:b2:b6:0e:e8:38:2e:eb:
78:d0:2a:18:fe:57:b7:c8:ee:f9:c1:22:a0:b7:5a:d6:27:6c:
f4:77:43:b9:7c:c3:47:f5:27:0b:d3:c9:94:6f:44:4d:fd:4c:
dd:68:47:57:81:c5:5b:f4:bf:4f:80:61:c3:47:96:76:17:ac:
07:62:b3:73:62:2d:7a:9e:f7:c5:58:8b:5b:79:29:a3:a1:36:
f0:b4:5e:f4:4a:d6:1e:12:c5:13:d3:0a:43:be:1f:61:2e:bd:
55:57:ae:da:56:dd:43:3c:28:fe:9c:99:50:97:d9:f1:77:2f:
ff:9c:30:81:fd:92:81:f8:58:13:aa:70:13:cf:05:92:bd:60:
da:5a:37:7d:d9:ca:03:a7:93:b2:36:9e:55:84:cd:2e:39:d1:
d1:43:ae:81:4f:6c:c7:0b:cd:0e:f3:14:a4:10:1e:5d:f3:4f:
a9:82:6c:41:08:f5:78:a2:c2:09:00:94:e4:42:1e:aa:a6:7e:
54:14:06:c8
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIUOMjQAOcZBD1/X0LPDs+ENg2fwWIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZmY0MjZmMTliYTY3YmM4OWRlNWFlNmRmNDg3YzFjOGMx
ZTc1MmUyNzAeFw0yNTAzMTAxODMzMTFaFw0yNjAzMDkxODM4MTFaMDMxMTAvBgNV
BAMTKEM0Mjk3M0Q1NTIyMkQ0NEQyOUFFOTJCOUM5NDZEOEFBQUREQzEwQUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFdcBG8ndzPH/WMB9opnEUHX2s
FR7iXph1coEzV25D17efCBVzQbTgokpWanx1IfX68bctzqjalVS2QlaoBH/0ndWY
A1dJeWBCqPg8Pay9UnQ9sxFxESjrGmnNFQuYtVH8BWqGUYES5VmrjMenNWYbO6eI
jY/j3PpHdwMPEvt528lKD6Xyr+h4ygRBabrhjXhi4eDit7HoM1dJKiPfNJOm85C0
y02Vxy7aMZeLaRvndVI3WyWSoOldtB7ZKQV/KLblBpJErleO1mg5HndJMvVxuLv5
idIHolf0czGqRd2l6S6+2MYntexV7xdwYgLOWmK+rqwBs6lbEdFzfhRRuqmHAgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQUxClz1VIi1E0prpK5yUbYqq3cEK4wHwYDVR0j
BBgwFoAU/0JvGbpnvIneWubfSHwcjB51LicwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNDY4YjA4MWUtYmE5My00NjVmLTliNmUtN2ZiZDYzYmRm
ZjYzLzAvRkY0MjZGMTlCQTY3QkM4OURFNUFFNkRGNDg3QzFDOEMxRTc1MkUyNy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL18wSnZHYnBudkluZVd1YmZTSHdjakI1
MUxpYy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNDY4YjA4MWUt
YmE5My00NjVmLTliNmUtN2ZiZDYzYmRmZjYzLzAvMzI2MTMxMzMzYTY1MzQzMDMx
M2EzYTJmMzMzMjJkMzMzMjIwM2QzZTIwMzIzMTM0MzkzNjM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUA
KhPkATANBgkqhkiG9w0BAQsFAAOCAQEAoLuEWJgZpE0QRdLfHxUU51SaEgCmgZDe
dSa2IQgL0RAdqHnFmpKklKjRju3TKC8PwLksRqJMC5H0fdaCMNRtQKWytg7oOC7r
eNAqGP5Xt8ju+cEioLda1ids9HdDuXzDR/UnC9PJlG9ETf1M3WhHV4HFW/S/T4Bh
w0eWdhesB2Kzc2Itep73xViLW3kpo6E28LRe9ErWHhLFE9MKQ74fYS69VVeu2lbd
Qzwo/pyZUJfZ8Xcv/5wwgf2SgfhYE6pwE88Fkr1g2lo3fdnKA6eTsjaeVYTNLjnR
0UOugU9sxwvNDvMUpBAeXfNPqYJsQQj1eKLCCQCU5EIeqqZ+VBQGyA==
-----END CERTIFICATE-----
Generated at Thu Mar 13 16:00:39 2025 by rpki-client