Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/326131333a653430323a3a2f33322d3332203d3e20323135343230.roa
File: 326131333a653430323a3a2f33322d3332203d3e20323135343230.roa (raw, json)
Hash identifier: 4kV2/I3YxBchjG3IOXi1hr0lRxiFuT7fxsWyAbTDWfo=
Subject key identifier: 39:32:74:DE:3B:A0:C3:3A:5E:10:6A:84:B3:11:8C:9A:AD:21:20:86
Certificate issuer: /CN=ff426f19ba67bc89de5ae6df487c1c8c1e752e27
Certificate serial: 6743B71120ED33B0CE38BBCD35799B64F19EE805
Authority key identifier: FF:42:6F:19:BA:67:BC:89:DE:5A:E6:DF:48:7C:1C:8C:1E:75:2E:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_0JvGbpnvIneWubfSHwcjB51Lic.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/326131333a653430323a3a2f33322d3332203d3e20323135343230.roa
Signing time: Mon 10 Mar 2025 18:38:23 +0000
ROA not before: Mon 10 Mar 2025 18:33:23 +0000
ROA not after: Mon 09 Mar 2026 18:38:23 +0000
asID: 215420
IP address blocks: 2a13:e402::/32 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/FF426F19BA67BC89DE5AE6DF487C1C8C1E752E27.crl
rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/FF426F19BA67BC89DE5AE6DF487C1C8C1E752E27.mft
rsync://rpki.ripe.net/repository/DEFAULT/_0JvGbpnvIneWubfSHwcjB51Lic.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 03:24:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:43:b7:11:20:ed:33:b0:ce:38:bb:cd:35:79:9b:64:f1:9e:e8:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff426f19ba67bc89de5ae6df487c1c8c1e752e27
Validity
Not Before: Mar 10 18:33:23 2025 GMT
Not After : Mar 9 18:38:23 2026 GMT
Subject: CN=393274DE3BA0C33A5E106A84B3118C9AAD212086
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:be:93:2a:a3:27:a5:fd:87:a8:fb:0a:aa:10:
ab:4a:fc:ec:64:2e:2f:3c:e4:8d:bf:05:36:ba:87:
df:75:5d:91:78:90:fc:c4:fc:b9:c4:74:e1:d7:48:
0a:92:42:ce:c2:17:00:98:8a:ca:c5:f1:35:11:cd:
6a:bf:ed:d6:c1:bb:d6:ca:27:82:cf:91:da:d4:6f:
8c:ba:a1:09:ce:8d:a1:54:ee:c5:17:7a:98:36:0e:
f5:c4:5d:38:47:64:0f:cd:2e:13:b7:12:ce:f2:1e:
0f:80:04:63:1f:25:b3:aa:fc:7c:1b:10:5b:48:25:
62:1f:4e:5c:74:42:9b:65:8a:73:4c:ce:59:b8:0d:
1e:a2:6e:ed:64:d0:3a:e9:9f:cc:e2:3b:d0:4f:8d:
ac:ea:5d:40:b6:45:88:f6:3c:3f:06:91:11:d9:54:
a3:2c:1b:00:6f:76:9d:4f:82:df:ac:ae:86:1c:b8:
93:bb:ac:0d:d5:bf:a5:ff:73:fe:cc:6f:58:ff:45:
99:c0:c7:49:73:dc:e6:d1:25:84:f7:09:8f:07:f8:
b9:5c:f1:81:83:23:05:8d:fb:23:74:2b:e0:21:1a:
96:c6:b2:cd:88:1a:68:c1:a8:ee:b2:51:ac:58:18:
de:22:f9:1d:f0:f4:bf:e1:50:21:f2:e3:47:77:bd:
16:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:32:74:DE:3B:A0:C3:3A:5E:10:6A:84:B3:11:8C:9A:AD:21:20:86
X509v3 Authority Key Identifier:
keyid:FF:42:6F:19:BA:67:BC:89:DE:5A:E6:DF:48:7C:1C:8C:1E:75:2E:27
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/FF426F19BA67BC89DE5AE6DF487C1C8C1E752E27.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_0JvGbpnvIneWubfSHwcjB51Lic.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/326131333a653430323a3a2f33322d3332203d3e20323135343230.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:e402::/32
Signature Algorithm: sha256WithRSAEncryption
02:00:7d:67:7a:29:45:f7:ce:61:36:8c:9f:43:ac:a1:2c:a0:
80:94:9c:ab:35:18:e4:70:b0:17:d4:5a:d3:f6:92:ec:b6:54:
4b:7d:7f:ef:07:86:fb:13:98:c1:47:8c:e0:94:66:95:f2:7c:
c6:f2:53:c9:66:f8:a9:30:d1:f2:f1:e1:25:b6:27:fa:f6:ad:
c9:50:94:d0:a9:22:db:a1:15:7e:90:c2:b5:e4:48:f4:8f:65:
64:09:3e:dc:d3:38:bc:c0:7a:6b:10:e1:e3:63:bf:bc:dd:d4:
47:be:ea:4e:4f:5f:c5:4a:12:b0:b6:d6:6a:53:9e:d1:43:32:
7b:83:13:49:f5:ba:99:3c:c6:a1:9e:9f:56:6b:74:b5:f4:c1:
bb:f7:d5:5e:63:e2:59:c1:e8:2e:74:be:df:eb:c6:63:b0:ef:
0b:11:29:8b:8a:bf:a7:2e:8d:c3:78:fc:40:2d:87:b1:c4:64:
4d:12:f4:86:42:c6:b5:fe:72:d3:c0:73:a4:c1:0b:46:f6:70:
3b:d2:97:ea:b3:42:ab:0e:29:f8:0c:1a:c0:0a:80:ae:28:0f:
12:81:0c:cf:89:0d:fc:0f:27:5e:36:b0:a6:55:4a:06:88:34:
f9:2d:c8:ee:fb:23:1b:ed:94:1f:9a:54:93:8e:8d:4e:8f:ea:
1e:03:96:67
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIUZ0O3ESDtM7DOOLvNNXmbZPGe6AUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZmY0MjZmMTliYTY3YmM4OWRlNWFlNmRmNDg3YzFjOGMx
ZTc1MmUyNzAeFw0yNTAzMTAxODMzMjNaFw0yNjAzMDkxODM4MjNaMDMxMTAvBgNV
BAMTKDM5MzI3NERFM0JBMEMzM0E1RTEwNkE4NEIzMTE4QzlBQUQyMTIwODYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+vpMqoyel/Yeo+wqqEKtK/Oxk
Li885I2/BTa6h991XZF4kPzE/LnEdOHXSAqSQs7CFwCYisrF8TURzWq/7dbBu9bK
J4LPkdrUb4y6oQnOjaFU7sUXepg2DvXEXThHZA/NLhO3Es7yHg+ABGMfJbOq/Hwb
EFtIJWIfTlx0QptlinNMzlm4DR6ibu1k0Drpn8ziO9BPjazqXUC2RYj2PD8GkRHZ
VKMsGwBvdp1Pgt+sroYcuJO7rA3Vv6X/c/7Mb1j/RZnAx0lz3ObRJYT3CY8H+Llc
8YGDIwWN+yN0K+AhGpbGss2IGmjBqO6yUaxYGN4i+R3w9L/hUCHy40d3vRaNAgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQUOTJ03jugwzpeEGqEsxGMmq0hIIYwHwYDVR0j
BBgwFoAU/0JvGbpnvIneWubfSHwcjB51LicwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNDY4YjA4MWUtYmE5My00NjVmLTliNmUtN2ZiZDYzYmRm
ZjYzLzAvRkY0MjZGMTlCQTY3QkM4OURFNUFFNkRGNDg3QzFDOEMxRTc1MkUyNy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL18wSnZHYnBudkluZVd1YmZTSHdjakI1
MUxpYy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNDY4YjA4MWUt
YmE5My00NjVmLTliNmUtN2ZiZDYzYmRmZjYzLzAvMzI2MTMxMzMzYTY1MzQzMDMy
M2EzYTJmMzMzMjJkMzMzMjIwM2QzZTIwMzIzMTM1MzQzMjMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUA
KhPkAjANBgkqhkiG9w0BAQsFAAOCAQEAAgB9Z3opRffOYTaMn0OsoSyggJScqzUY
5HCwF9Ra0/aS7LZUS31/7weG+xOYwUeM4JRmlfJ8xvJTyWb4qTDR8vHhJbYn+vat
yVCU0Kki26EVfpDCteRI9I9lZAk+3NM4vMB6axDh42O/vN3UR77qTk9fxUoSsLbW
alOe0UMye4MTSfW6mTzGoZ6fVmt0tfTBu/fVXmPiWcHoLnS+3+vGY7DvCxEpi4q/
py6Nw3j8QC2HscRkTRL0hkLGtf5y08BzpMELRvZwO9KX6rNCqw4p+AwawAqArigP
EoEMz4kN/A8nXjawplVKBog0+S3I7vsjG+2UH5pUk46NTo/qHgOWZw==
-----END CERTIFICATE-----
Generated at Thu Mar 13 16:27:03 2025 by rpki-client