Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a33353a3a2f34382d3438203d3e203233343730.roa
File: 326131313a323963303a33353a3a2f34382d3438203d3e203233343730.roa (raw, json)
Hash identifier: ERl2G+7CL08YnTu6Dmvr74HKtXgEpNgMI4OKurvbWQQ=
Subject key identifier: 9A:D3:25:F2:ED:D6:B4:72:5B:13:EA:2B:70:D9:8E:AB:D1:56:EE:23
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 19AEDE6DE1E2CDAF8E1DF69C4385F5255565FE70
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a33353a3a2f34382d3438203d3e203233343730.roa
Signing time: Fri 04 Apr 2025 12:01:41 +0000
ROA not before: Fri 04 Apr 2025 11:56:41 +0000
ROA not after: Fri 03 Apr 2026 12:01:41 +0000
asID: 23470
IP address blocks: 2a11:29c0:35::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 14:04:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:ae:de:6d:e1:e2:cd:af:8e:1d:f6:9c:43:85:f5:25:55:65:fe:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: Apr 4 11:56:41 2025 GMT
Not After : Apr 3 12:01:41 2026 GMT
Subject: CN=9AD325F2EDD6B4725B13EA2B70D98EABD156EE23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:fd:94:bc:5a:b0:ca:b7:f7:0d:a0:37:95:b3:
b9:8c:9a:53:71:77:5b:e8:4e:8a:ed:37:18:8b:12:
a3:00:9c:e3:97:cb:72:13:1a:00:69:e5:3e:a0:fe:
9f:5e:d0:63:c8:f9:18:31:35:c2:36:8f:89:52:b6:
a9:7a:81:c9:b1:92:5d:18:8c:46:a1:9e:eb:2c:a5:
2a:b5:5b:cd:50:e9:cf:c3:8b:ba:d0:a1:5f:db:fc:
14:aa:81:ad:44:c1:8a:fd:e5:39:1d:83:9a:56:8a:
0a:4a:6a:09:32:71:92:c2:2f:b4:5e:38:13:dd:09:
4e:7e:05:7d:31:95:84:c7:a9:d0:c3:d4:73:c8:c8:
fa:a6:7a:a0:03:73:8d:76:39:a6:4e:d0:b6:38:60:
c9:bb:26:39:78:07:87:e0:8f:fa:a1:38:e1:65:c4:
14:d2:3d:db:ea:51:e6:b4:fa:95:b4:d1:a4:4a:14:
4c:31:4d:cf:2f:9a:34:8c:0d:a1:a8:3d:c0:1a:54:
30:49:5d:14:03:b8:8b:ea:ad:b0:2c:98:4a:b9:f6:
6c:58:09:35:94:4d:cd:6c:5e:9c:7e:cf:3a:b4:2b:
6c:8a:58:16:74:2a:ec:6b:eb:9a:e3:ce:e7:bc:03:
fb:98:2f:49:7d:a7:a8:2e:3d:ca:bf:63:7e:14:e3:
03:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:D3:25:F2:ED:D6:B4:72:5B:13:EA:2B:70:D9:8E:AB:D1:56:EE:23
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a33353a3a2f34382d3438203d3e203233343730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:35::/48
Signature Algorithm: sha256WithRSAEncryption
1e:ad:8e:67:22:e9:e7:a2:b3:94:5e:92:00:16:01:f2:52:30:
88:27:da:8d:cf:4e:3d:46:18:eb:12:19:6e:69:b2:8f:e1:dd:
c6:cf:70:85:aa:03:77:b2:cb:79:79:5a:73:b9:82:e0:09:24:
4b:e5:45:8b:31:eb:04:0a:3d:78:56:49:a0:a7:00:fd:a7:15:
d5:f2:01:6b:d0:d5:d2:53:a8:48:d1:84:0c:4c:e8:2b:f3:c3:
94:e5:a0:77:96:9c:00:e6:29:96:a6:1e:15:98:95:28:eb:d9:
56:3a:dc:d3:df:b7:ad:a0:bd:52:25:3b:eb:73:53:60:9f:1a:
33:ad:39:ca:c3:59:99:ca:5c:96:22:dc:c2:a4:89:72:bf:0d:
89:71:e8:47:d4:83:62:42:19:ad:b9:ae:68:33:f0:df:fc:87:
4b:92:7e:71:42:f7:a7:fc:e2:1f:8b:e4:9a:e2:03:95:d8:10:
fc:44:46:83:0a:71:28:39:26:48:8b:ab:a5:39:de:52:60:c8:
ca:b0:f0:7c:3d:ed:84:d5:ef:ef:f6:90:27:38:12:a7:80:5c:
d5:17:f3:1f:cf:c4:9f:65:97:50:b8:f9:ac:6e:a6:10:5b:1a:
66:11:1c:a2:d3:25:d3:ac:97:0b:02:56:37:55:e3:62:d4:f6:
9e:0d:3e:99
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUGa7ebeHiza+OHfacQ4X1JVVl/nAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNTA0MDQxMTU2NDFaFw0yNjA0MDMxMjAxNDFaMDMxMTAvBgNV
BAMTKDlBRDMyNUYyRURENkI0NzI1QjEzRUEyQjcwRDk4RUFCRDE1NkVFMjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCy/ZS8WrDKt/cNoDeVs7mMmlNx
d1voTortNxiLEqMAnOOXy3ITGgBp5T6g/p9e0GPI+RgxNcI2j4lStql6gcmxkl0Y
jEahnusspSq1W81Q6c/Di7rQoV/b/BSqga1EwYr95Tkdg5pWigpKagkycZLCL7Re
OBPdCU5+BX0xlYTHqdDD1HPIyPqmeqADc412OaZO0LY4YMm7Jjl4B4fgj/qhOOFl
xBTSPdvqUea0+pW00aRKFEwxTc8vmjSMDaGoPcAaVDBJXRQDuIvqrbAsmEq59mxY
CTWUTc1sXpx+zzq0K2yKWBZ0Kuxr65rjzue8A/uYL0l9p6guPcq/Y34U4wNFAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUmtMl8u3WtHJbE+orcNmOq9FW7iMwHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzMzM1M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzMzM0MzczMC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHACoRKcAANTANBgkqhkiG9w0BAQsFAAOCAQEAHq2OZyLp56KzlF6SABYB8lIw
iCfajc9OPUYY6xIZbmmyj+Hdxs9whaoDd7LLeXlac7mC4AkkS+VFizHrBAo9eFZJ
oKcA/acV1fIBa9DV0lOoSNGEDEzoK/PDlOWgd5acAOYplqYeFZiVKOvZVjrc09+3
raC9UiU763NTYJ8aM605ysNZmcpcliLcwqSJcr8NiXHoR9SDYkIZrbmuaDPw3/yH
S5J+cUL3p/ziH4vkmuIDldgQ/ERGgwpxKDkmSIurpTneUmDIyrDwfD3thNXv7/aQ
JzgSp4Bc1RfzH8/En2WXULj5rG6mEFsaZhEcotMl06yXCwJWN1XjYtT2ng0+mQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 00:06:53 2025 by rpki-client