Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/69bbfdcf-35cd-4524-8ffa-3005b0b69a29/0/326131343a313463313a3230303a3a2f34302d3438203d3e203138363037.roa
File: 326131343a313463313a3230303a3a2f34302d3438203d3e203138363037.roa (raw, json)
Hash identifier: Pf0WXVKsadiaiJtusSEXuFj/o/oP56mVyLEI27IiyE8=
Subject key identifier: E0:4E:0C:9C:1B:9B:48:91:B9:4F:D3:1B:A0:90:DA:B6:38:BE:6E:C1
Certificate issuer: /CN=25827d84056b8444cc2a7842759035354b8416bc
Certificate serial: 6167638AFB43C683DBCC49E9FE1B4BC9BA749B38
Authority key identifier: 25:82:7D:84:05:6B:84:44:CC:2A:78:42:75:90:35:35:4B:84:16:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JYJ9hAVrhETMKnhCdZA1NUuEFrw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/69bbfdcf-35cd-4524-8ffa-3005b0b69a29/0/326131343a313463313a3230303a3a2f34302d3438203d3e203138363037.roa
Signing time: Fri 17 Jan 2025 08:47:42 +0000
ROA not before: Fri 17 Jan 2025 08:42:42 +0000
ROA not after: Fri 16 Jan 2026 08:47:42 +0000
asID: 18607
IP address blocks: 2a14:14c1:200::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/69bbfdcf-35cd-4524-8ffa-3005b0b69a29/0/25827D84056B8444CC2A7842759035354B8416BC.crl
rsync://rsync.paas.rpki.ripe.net/repository/69bbfdcf-35cd-4524-8ffa-3005b0b69a29/0/25827D84056B8444CC2A7842759035354B8416BC.mft
rsync://rpki.ripe.net/repository/DEFAULT/JYJ9hAVrhETMKnhCdZA1NUuEFrw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Mar 2025 11:49:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:67:63:8a:fb:43:c6:83:db:cc:49:e9:fe:1b:4b:c9:ba:74:9b:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25827d84056b8444cc2a7842759035354b8416bc
Validity
Not Before: Jan 17 08:42:42 2025 GMT
Not After : Jan 16 08:47:42 2026 GMT
Subject: CN=E04E0C9C1B9B4891B94FD31BA090DAB638BE6EC1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:85:d7:7b:6c:3f:52:43:36:62:b2:ca:2a:79:
6e:dd:87:ab:a1:39:ae:7a:3d:aa:71:09:c8:cc:58:
ad:89:36:2a:05:92:60:f1:12:c1:d6:27:4c:a7:a4:
51:83:a4:63:37:7f:98:f9:f6:4d:32:66:44:07:7d:
ae:f7:36:5c:a4:b8:81:f4:cd:80:7a:43:78:31:68:
52:d4:3f:e4:e5:1e:31:18:6d:f3:a0:c2:ed:3f:53:
99:ba:c8:c7:3a:95:6a:4b:7e:1b:80:d8:e1:d7:95:
52:a4:9b:74:b8:29:5e:54:75:f4:0c:c5:88:57:7f:
ad:60:26:8a:7b:f0:30:33:11:77:e9:02:c0:a8:34:
2b:53:ab:f9:c5:18:12:ff:e8:02:66:de:53:1b:fd:
1b:7d:58:78:df:25:44:4d:b2:cc:68:b2:30:ad:b8:
50:2d:0d:29:63:1f:8e:84:7c:9c:d1:4e:06:c9:17:
fe:0d:00:2b:06:08:a9:83:53:8c:88:c8:92:f6:a2:
af:31:60:38:b4:9a:b2:84:a1:4a:07:53:a5:4e:8d:
78:e4:c3:83:f8:2f:7e:59:f8:b9:39:8e:76:91:55:
f6:a1:42:58:de:8d:2a:72:78:00:36:f8:d6:ad:27:
f1:e7:d0:7a:67:87:1a:d6:e5:aa:e4:5b:df:9c:75:
99:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:4E:0C:9C:1B:9B:48:91:B9:4F:D3:1B:A0:90:DA:B6:38:BE:6E:C1
X509v3 Authority Key Identifier:
keyid:25:82:7D:84:05:6B:84:44:CC:2A:78:42:75:90:35:35:4B:84:16:BC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/69bbfdcf-35cd-4524-8ffa-3005b0b69a29/0/25827D84056B8444CC2A7842759035354B8416BC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JYJ9hAVrhETMKnhCdZA1NUuEFrw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/69bbfdcf-35cd-4524-8ffa-3005b0b69a29/0/326131343a313463313a3230303a3a2f34302d3438203d3e203138363037.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:14c1:200::/40
Signature Algorithm: sha256WithRSAEncryption
9a:17:e7:1a:55:3c:a3:d8:6c:c3:3b:f3:2a:2d:23:ca:71:8e:
30:20:ef:53:d1:df:ed:91:f6:aa:1c:e3:96:ab:a8:db:e7:a3:
a9:27:2a:e2:55:2c:75:72:f8:52:18:2e:50:93:96:67:5b:ce:
5e:02:cd:d8:25:14:8c:71:aa:91:11:5b:cb:ee:e7:1e:de:72:
aa:5a:b5:90:98:c8:73:a0:93:e2:ff:4e:42:6e:6a:b5:08:8f:
f6:f6:ab:54:79:77:bd:f0:20:88:a3:f6:11:3f:2b:59:90:15:
ff:f8:44:65:07:2a:15:e8:38:3a:33:4f:6f:ed:c9:31:5c:3b:
91:cd:b3:e8:f7:a2:28:85:d1:db:3f:85:5b:eb:eb:e4:82:98:
2e:81:03:9a:57:2f:3e:41:e0:73:22:fe:0d:3d:72:76:50:2e:
4f:48:46:e9:6a:c9:ab:64:80:20:29:09:db:ec:f2:17:2e:84:
04:64:2d:31:fa:02:39:e4:3d:ae:0d:79:45:b7:8f:c4:ee:1e:
06:a3:d3:58:2c:03:15:75:35:16:87:45:4a:bb:cc:bb:61:76:
c4:8b:2a:1b:47:71:5d:a2:20:72:2d:d9:ba:15:e1:08:1f:03:
5c:24:c8:6c:4c:26:cb:89:84:e6:0d:9d:5d:84:f0:f2:5b:62:
ae:ae:09:be
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgIUYWdjivtDxoPbzEnp/htLybp0mzgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjU4MjdkODQwNTZiODQ0NGNjMmE3ODQyNzU5MDM1MzU0
Yjg0MTZiYzAeFw0yNTAxMTcwODQyNDJaFw0yNjAxMTYwODQ3NDJaMDMxMTAvBgNV
BAMTKEUwNEUwQzlDMUI5QjQ4OTFCOTRGRDMxQkEwOTBEQUI2MzhCRTZFQzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYhdd7bD9SQzZissoqeW7dh6uh
Oa56PapxCcjMWK2JNioFkmDxEsHWJ0ynpFGDpGM3f5j59k0yZkQHfa73NlykuIH0
zYB6Q3gxaFLUP+TlHjEYbfOgwu0/U5m6yMc6lWpLfhuA2OHXlVKkm3S4KV5UdfQM
xYhXf61gJop78DAzEXfpAsCoNCtTq/nFGBL/6AJm3lMb/Rt9WHjfJURNssxosjCt
uFAtDSljH46EfJzRTgbJF/4NACsGCKmDU4yIyJL2oq8xYDi0mrKEoUoHU6VOjXjk
w4P4L35Z+Lk5jnaRVfahQljejSpyeAA2+NatJ/Hn0HpnhxrW5arkW9+cdZnbAgMB
AAGjggJFMIICQTAdBgNVHQ4EFgQU4E4MnBubSJG5T9MboJDatji+bsEwHwYDVR0j
BBgwFoAUJYJ9hAVrhETMKnhCdZA1NUuEFrwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNjliYmZkY2YtMzVjZC00NTI0LThmZmEtMzAwNWIwYjY5
YTI5LzAvMjU4MjdEODQwNTZCODQ0NENDMkE3ODQyNzU5MDM1MzU0Qjg0MTZCQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0pZSjloQVZyaEVUTUtuaENkWkExTlV1
RUZydy5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNjliYmZkY2Yt
MzVjZC00NTI0LThmZmEtMzAwNWIwYjY5YTI5LzAvMzI2MTMxMzQzYTMxMzQ2MzMx
M2EzMjMwMzAzYTNhMmYzNDMwMmQzNDM4MjAzZDNlMjAzMTM4MzYzMDM3LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIA
AjAIAwYAKhQUwQIwDQYJKoZIhvcNAQELBQADggEBAJoX5xpVPKPYbMM78yotI8px
jjAg71PR3+2R9qoc45arqNvno6knKuJVLHVy+FIYLlCTlmdbzl4CzdglFIxxqpER
W8vu5x7ecqpatZCYyHOgk+L/TkJuarUIj/b2q1R5d73wIIij9hE/K1mQFf/4RGUH
KhXoODozT2/tyTFcO5HNs+j3oiiF0ds/hVvr6+SCmC6BA5pXLz5B4HMi/g09cnZQ
Lk9IRulqyatkgCApCdvs8hcuhARkLTH6AjnkPa4NeUW3j8TuHgaj01gsAxV1NRaH
RUq7zLthdsSLKhtHcV2iIHIt2boV4QgfA1wkyGxMJsuJhOYNnV2E8PJbYq6uCb4=
-----END CERTIFICATE-----
Generated at Wed Mar 12 04:17:59 2025 by rpki-client