Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/323030313a3637633a323634383a3a2f34382d3438203d3e203133303330.roa
File: 323030313a3637633a323634383a3a2f34382d3438203d3e203133303330.roa (raw, json)
Hash identifier: gJcgXZCcNvkeeSlp/fGn07D0YciYEry1v6B6cF0VIYA=
Subject key identifier: 1D:EE:A1:65:82:94:31:69:1C:F3:F4:E7:08:1E:1A:CD:E9:34:04:D1
Certificate issuer: /CN=fac4708d7e265db1044f9bb0ee8728587f48b484
Certificate serial: 67B0D1624EE5F0AF641492D3F53DF8615F2C3FD1
Authority key identifier: FA:C4:70:8D:7E:26:5D:B1:04:4F:9B:B0:EE:87:28:58:7F:48:B4:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-sRwjX4mXbEET5uw7ocoWH9ItIQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/323030313a3637633a323634383a3a2f34382d3438203d3e203133303330.roa
Signing time: Wed 04 Jun 2025 21:32:16 +0000
ROA not before: Wed 04 Jun 2025 21:27:16 +0000
ROA not after: Wed 03 Jun 2026 21:32:16 +0000
asID: 13030
IP address blocks: 2001:67c:2648::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/FAC4708D7E265DB1044F9BB0EE8728587F48B484.crl
rsync://rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/FAC4708D7E265DB1044F9BB0EE8728587F48B484.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-sRwjX4mXbEET5uw7ocoWH9ItIQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 18:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:b0:d1:62:4e:e5:f0:af:64:14:92:d3:f5:3d:f8:61:5f:2c:3f:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fac4708d7e265db1044f9bb0ee8728587f48b484
Validity
Not Before: Jun 4 21:27:16 2025 GMT
Not After : Jun 3 21:32:16 2026 GMT
Subject: CN=1DEEA165829431691CF3F4E7081E1ACDE93404D1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:c2:ec:02:39:74:af:9c:d6:9b:ee:32:b7:9c:
8d:4b:20:41:da:65:e2:db:00:03:e2:cd:80:8d:8a:
4e:5b:4c:e0:cc:f7:66:2b:1b:32:2d:5b:8f:38:7a:
22:57:02:5a:d6:36:89:c0:fc:57:a2:b9:a2:9d:ed:
04:93:46:c1:9b:8c:cb:5a:62:18:8c:22:1d:17:da:
a7:14:89:ab:cb:0b:43:b2:d5:4b:4d:e3:a1:a4:3e:
1a:5b:88:08:db:30:bd:3d:58:37:29:2c:fe:9d:bf:
d0:49:1e:99:c0:bf:e5:eb:73:8a:7a:a0:c6:6c:e2:
b5:0b:41:35:b7:db:18:a6:3b:8e:0c:ee:01:5e:f7:
ef:0c:ea:59:e4:ea:b3:df:12:0d:a2:2b:55:e6:5e:
b1:37:19:be:a1:e6:7a:47:26:86:9c:84:96:57:17:
e7:74:cc:41:83:a2:1a:d8:7a:32:0d:b1:b0:be:4c:
3f:b6:85:40:f3:23:8e:ab:cb:d1:69:d2:bc:bb:f3:
34:bd:fe:93:3b:1c:ea:db:0b:a3:d9:d3:64:3c:59:
cb:08:a4:35:3b:c6:c5:4e:34:01:f9:3c:c9:ca:7f:
0e:b3:e4:54:dc:e7:32:2c:dc:89:05:d6:87:8b:59:
9a:4a:85:1a:32:c1:5d:88:78:a8:bc:48:b6:38:78:
25:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:EE:A1:65:82:94:31:69:1C:F3:F4:E7:08:1E:1A:CD:E9:34:04:D1
X509v3 Authority Key Identifier:
keyid:FA:C4:70:8D:7E:26:5D:B1:04:4F:9B:B0:EE:87:28:58:7F:48:B4:84
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/FAC4708D7E265DB1044F9BB0EE8728587F48B484.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-sRwjX4mXbEET5uw7ocoWH9ItIQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/323030313a3637633a323634383a3a2f34382d3438203d3e203133303330.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:2648::/48
Signature Algorithm: sha256WithRSAEncryption
01:5d:b7:f3:8b:92:17:0a:45:b7:2f:f4:e1:c4:29:41:c3:e5:
0c:84:3d:e4:10:87:09:a0:8f:12:1e:a9:ca:f5:0f:fb:c1:b5:
e0:4c:45:8d:f8:39:1e:5d:7c:56:24:d3:ff:f2:a0:e9:fb:5c:
26:67:8d:86:bc:87:96:df:99:79:ff:e7:c1:d0:bf:93:99:1d:
e5:2a:93:0b:a7:6f:00:f4:fa:85:18:56:64:34:99:dd:57:01:
f2:75:cd:1d:2f:50:56:88:79:5f:44:0d:36:aa:c6:7d:c4:b9:
fb:c5:b0:08:41:82:85:e1:d0:bb:98:16:ac:bf:30:03:2e:de:
0f:2f:79:f8:89:f9:75:06:dc:0e:15:8b:91:6b:aa:67:f0:2f:
6c:8e:6b:b6:dc:c1:13:5a:b3:2c:b0:ae:cc:28:e1:83:e5:5b:
08:60:eb:bd:76:f4:51:80:ac:24:d9:2f:9f:1f:72:00:f4:94:
a9:12:08:41:f3:17:1a:37:53:7c:d4:f0:89:76:11:d0:1c:65:
8a:ec:e8:52:61:a7:23:de:b9:a7:d9:fc:79:ec:17:e8:d0:65:
8f:94:ce:4f:f1:dc:77:11:f9:2b:a9:35:34:97:bf:3b:cd:51:
54:fc:c0:02:bc:46:5b:3d:fa:6d:07:40:0c:df:85:59:34:59:
8f:cc:5d:41
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIUZ7DRYk7l8K9kFJLT9T34YV8sP9EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZmFjNDcwOGQ3ZTI2NWRiMTA0NGY5YmIwZWU4NzI4NTg3
ZjQ4YjQ4NDAeFw0yNTA2MDQyMTI3MTZaFw0yNjA2MDMyMTMyMTZaMDMxMTAvBgNV
BAMTKDFERUVBMTY1ODI5NDMxNjkxQ0YzRjRFNzA4MUUxQUNERTkzNDA0RDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnwuwCOXSvnNab7jK3nI1LIEHa
ZeLbAAPizYCNik5bTODM92YrGzItW484eiJXAlrWNonA/FeiuaKd7QSTRsGbjMta
YhiMIh0X2qcUiavLC0Oy1UtN46GkPhpbiAjbML09WDcpLP6dv9BJHpnAv+Xrc4p6
oMZs4rULQTW32ximO44M7gFe9+8M6lnk6rPfEg2iK1XmXrE3Gb6h5npHJoachJZX
F+d0zEGDohrYejINsbC+TD+2hUDzI46ry9Fp0ry78zS9/pM7HOrbC6PZ02Q8WcsI
pDU7xsVONAH5PMnKfw6z5FTc5zIs3IkF1oeLWZpKhRoywV2IeKi8SLY4eCUFAgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQUHe6hZYKUMWkc8/TnCB4azek0BNEwHwYDVR0j
BBgwFoAU+sRwjX4mXbEET5uw7ocoWH9ItIQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNWI1OGU2NDYtZTdhMi00NjVjLTg3YzUtNDNjMzU5YWQ5
MzY5LzAvRkFDNDcwOEQ3RTI2NURCMTA0NEY5QkIwRUU4NzI4NTg3RjQ4QjQ4NC5j
cmwwZQYIKwYBBQUHAQEEWTBXMFUGCCsGAQUFBzAChklyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzEtc1J3alg0bVhiRUVUNXV3N29jb1dI
OUl0SVEuY2VyMIGzBggrBgEFBQcBCwSBpjCBozCBoAYIKwYBBQUHMAuGgZNyc3lu
YzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzViNThlNjQ2
LWU3YTItNDY1Yy04N2M1LTQzYzM1OWFkOTM2OS8wLzMyMzAzMDMxM2EzNjM3NjMz
YTMyMzYzNDM4M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzEzMzMwMzMzMC5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQC
AAIwCQMHACABBnwmSDANBgkqhkiG9w0BAQsFAAOCAQEAAV2384uSFwpFty/04cQp
QcPlDIQ95BCHCaCPEh6pyvUP+8G14ExFjfg5Hl18ViTT//Kg6ftcJmeNhryHlt+Z
ef/nwdC/k5kd5SqTC6dvAPT6hRhWZDSZ3VcB8nXNHS9QVoh5X0QNNqrGfcS5+8Ww
CEGCheHQu5gWrL8wAy7eDy95+In5dQbcDhWLkWuqZ/AvbI5rttzBE1qzLLCuzCjh
g+VbCGDrvXb0UYCsJNkvnx9yAPSUqRIIQfMXGjdTfNTwiXYR0BxliuzoUmGnI965
p9n8eewX6NBlj5TOT/HcdxH5K6k1NJe/O81RVPzAArxGWz36bQdADN+FWTRZj8xd
QQ==
-----END CERTIFICATE-----
Generated at Sun Jun 8 03:51:39 2025 by rpki-client