Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/326130303a363334303a343030303a3a2f34382d3438203d3e203538323939.roa
File: 326130303a363334303a343030303a3a2f34382d3438203d3e203538323939.roa (raw, json)
Hash identifier: 2cIUBbXFtw6TIW3gtkGzSlPyISGn3/RYjHd6OQ6VrYU=
Subject key identifier: BA:45:C8:B7:05:70:9B:C8:12:3C:22:A3:B2:90:44:1E:0E:2E:95:5C
Certificate issuer: /CN=fac4708d7e265db1044f9bb0ee8728587f48b484
Certificate serial: 551F60AE7F14E2C8970AB9DB688FAFC2D6194615
Authority key identifier: FA:C4:70:8D:7E:26:5D:B1:04:4F:9B:B0:EE:87:28:58:7F:48:B4:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-sRwjX4mXbEET5uw7ocoWH9ItIQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/326130303a363334303a343030303a3a2f34382d3438203d3e203538323939.roa
Signing time: Wed 04 Jun 2025 21:32:16 +0000
ROA not before: Wed 04 Jun 2025 21:27:16 +0000
ROA not after: Wed 03 Jun 2026 21:32:16 +0000
asID: 58299
IP address blocks: 2a00:6340:4000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/FAC4708D7E265DB1044F9BB0EE8728587F48B484.crl
rsync://rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/FAC4708D7E265DB1044F9BB0EE8728587F48B484.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-sRwjX4mXbEET5uw7ocoWH9ItIQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 18:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:1f:60:ae:7f:14:e2:c8:97:0a:b9:db:68:8f:af:c2:d6:19:46:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fac4708d7e265db1044f9bb0ee8728587f48b484
Validity
Not Before: Jun 4 21:27:16 2025 GMT
Not After : Jun 3 21:32:16 2026 GMT
Subject: CN=BA45C8B705709BC8123C22A3B290441E0E2E955C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:dc:bb:5e:6a:24:5d:cd:2e:d0:3d:53:28:3c:
c8:8b:31:7b:e5:65:5e:6e:4e:23:c9:a6:23:a5:9e:
ec:1f:34:5d:af:6e:02:38:a3:d0:ab:63:6b:7c:53:
c5:97:d1:6e:8a:49:f0:78:11:d8:c2:9f:cd:54:b2:
0b:01:c0:87:7e:9d:b2:65:00:52:d0:2e:cd:92:b7:
45:d7:d7:e7:4d:a3:de:bf:ba:bb:f8:6c:97:35:6e:
be:44:65:6a:1e:ba:7a:56:b4:9f:b0:af:3f:d3:07:
2f:1e:95:15:6e:a6:9e:bd:46:f2:55:52:9e:11:26:
1d:51:f2:72:0a:a7:46:c7:19:d6:f0:a7:05:e2:ca:
24:4e:45:80:d2:5b:8e:d2:77:87:d7:9d:17:1e:e9:
e0:c5:3b:04:2b:5a:db:30:9c:84:80:0a:f6:8a:f7:
33:07:ce:30:9c:74:da:07:bc:20:08:2d:14:ee:20:
69:ba:a5:f0:e8:54:5a:c8:8c:43:39:0e:5a:cb:e6:
9c:85:af:90:35:cb:9a:b0:1e:4f:b8:16:2b:4d:77:
50:b5:05:20:2f:8f:7b:84:35:e0:3f:63:4f:f3:fb:
9e:41:c2:7c:bb:4a:de:7e:c5:15:36:52:4e:88:fb:
d3:19:17:bd:af:f4:2e:69:90:1c:32:f7:19:12:13:
a9:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:45:C8:B7:05:70:9B:C8:12:3C:22:A3:B2:90:44:1E:0E:2E:95:5C
X509v3 Authority Key Identifier:
keyid:FA:C4:70:8D:7E:26:5D:B1:04:4F:9B:B0:EE:87:28:58:7F:48:B4:84
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/FAC4708D7E265DB1044F9BB0EE8728587F48B484.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-sRwjX4mXbEET5uw7ocoWH9ItIQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/326130303a363334303a343030303a3a2f34382d3438203d3e203538323939.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:6340:4000::/48
Signature Algorithm: sha256WithRSAEncryption
ae:51:5c:b9:74:eb:c5:94:6a:fd:80:32:c1:bf:2c:6e:2c:16:
cf:3d:d0:75:e8:a0:09:09:4b:86:ad:01:e9:b3:32:d4:da:16:
83:5e:73:dc:c1:98:c0:95:4e:99:1c:4c:a5:1d:b9:9c:d0:04:
72:47:1b:28:d8:ed:d5:07:77:87:9b:73:5e:ec:4f:26:23:a2:
59:73:51:f5:c5:ca:0a:90:58:5e:ee:dd:3c:67:17:94:e5:4e:
df:0f:20:85:2f:d5:27:0b:b5:59:eb:a1:66:2c:37:d4:99:70:
32:6e:fb:f5:ba:09:5e:fb:c5:f4:37:eb:76:48:00:47:21:af:
e6:72:43:8b:99:75:27:41:9b:2a:98:93:38:32:6f:4c:74:9d:
ba:5c:8d:15:43:bf:39:72:29:38:aa:6c:e5:73:eb:c1:5e:19:
85:1c:68:f6:d1:06:ad:19:d7:90:c4:ab:31:d2:a3:6e:1d:79:
d9:62:cc:ff:ff:17:9f:1f:83:ff:81:2d:dd:a1:49:47:81:a9:
2b:5c:1e:b2:d5:2b:0c:d8:7b:95:2b:2e:d5:3b:98:a4:24:54:
58:5e:93:75:0a:40:39:af:d5:26:65:5e:9a:b8:d9:c1:43:8c:
fa:71:de:40:6e:de:46:33:a6:d4:01:07:a4:a2:d6:38:c0:ba:
1d:37:f4:dc
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIUVR9grn8U4siXCrnbaI+vwtYZRhUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZmFjNDcwOGQ3ZTI2NWRiMTA0NGY5YmIwZWU4NzI4NTg3
ZjQ4YjQ4NDAeFw0yNTA2MDQyMTI3MTZaFw0yNjA2MDMyMTMyMTZaMDMxMTAvBgNV
BAMTKEJBNDVDOEI3MDU3MDlCQzgxMjNDMjJBM0IyOTA0NDFFMEUyRTk1NUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCz3LteaiRdzS7QPVMoPMiLMXvl
ZV5uTiPJpiOlnuwfNF2vbgI4o9CrY2t8U8WX0W6KSfB4EdjCn81UsgsBwId+nbJl
AFLQLs2St0XX1+dNo96/urv4bJc1br5EZWoeunpWtJ+wrz/TBy8elRVupp69RvJV
Up4RJh1R8nIKp0bHGdbwpwXiyiRORYDSW47Sd4fXnRce6eDFOwQrWtswnISACvaK
9zMHzjCcdNoHvCAILRTuIGm6pfDoVFrIjEM5DlrL5pyFr5A1y5qwHk+4FitNd1C1
BSAvj3uENeA/Y0/z+55Bwny7St5+xRU2Uk6I+9MZF72v9C5pkBwy9xkSE6mBAgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQUukXItwVwm8gSPCKjspBEHg4ulVwwHwYDVR0j
BBgwFoAU+sRwjX4mXbEET5uw7ocoWH9ItIQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNWI1OGU2NDYtZTdhMi00NjVjLTg3YzUtNDNjMzU5YWQ5
MzY5LzAvRkFDNDcwOEQ3RTI2NURCMTA0NEY5QkIwRUU4NzI4NTg3RjQ4QjQ4NC5j
cmwwZQYIKwYBBQUHAQEEWTBXMFUGCCsGAQUFBzAChklyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzEtc1J3alg0bVhiRUVUNXV3N29jb1dI
OUl0SVEuY2VyMIG1BggrBgEFBQcBCwSBqDCBpTCBogYIKwYBBQUHMAuGgZVyc3lu
YzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzViNThlNjQ2
LWU3YTItNDY1Yy04N2M1LTQzYzM1OWFkOTM2OS8wLzMyNjEzMDMwM2EzNjMzMzQz
MDNhMzQzMDMwMzAzYTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzNTM4MzIzOTM5LnJv
YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAKgBjQEAAMA0GCSqGSIb3DQEBCwUAA4IBAQCuUVy5dOvFlGr9gDLB
vyxuLBbPPdB16KAJCUuGrQHpszLU2haDXnPcwZjAlU6ZHEylHbmc0ARyRxso2O3V
B3eHm3Ne7E8mI6JZc1H1xcoKkFhe7t08ZxeU5U7fDyCFL9UnC7VZ66FmLDfUmXAy
bvv1ugle+8X0N+t2SABHIa/mckOLmXUnQZsqmJM4Mm9MdJ26XI0VQ785cik4qmzl
c+vBXhmFHGj20QatGdeQxKsx0qNuHXnZYsz//xefH4P/gS3doUlHgakrXB6y1SsM
2HuVKy7VO5ikJFRYXpN1CkA5r9UmZV6auNnBQ4z6cd5Abt5GM6bUAQekotY4wLod
N/Tc
-----END CERTIFICATE-----
Generated at Sun Jun 8 03:14:03 2025 by rpki-client