Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a33613a3a2f34382d3438203d3e20323135343539.roa
File: 326131313a323963303a33613a3a2f34382d3438203d3e20323135343539.roa (raw, json)
Hash identifier: yWc5Xzc5dV9RHeSuzLW97zEXQOS1YHKXeebsnU7IUSo=
Subject key identifier: 8E:36:55:D9:41:71:66:E6:B5:17:C6:5E:63:9E:B1:18:E0:D6:57:9B
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 3238BE91BCA85861C83F6E2C36493E31A31D0AF8
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a33613a3a2f34382d3438203d3e20323135343539.roa
Signing time: Thu 23 Jan 2025 10:01:40 +0000
ROA not before: Thu 23 Jan 2025 09:56:40 +0000
ROA not after: Thu 22 Jan 2026 10:01:40 +0000
asID: 215459
IP address blocks: 2a11:29c0:3a::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 14:04:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:38:be:91:bc:a8:58:61:c8:3f:6e:2c:36:49:3e:31:a3:1d:0a:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: Jan 23 09:56:40 2025 GMT
Not After : Jan 22 10:01:40 2026 GMT
Subject: CN=8E3655D9417166E6B517C65E639EB118E0D6579B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:69:5b:b3:07:45:a9:18:8e:ff:13:0a:29:b3:
87:ab:ab:d2:ad:ca:ae:56:1d:dd:7e:27:c3:06:20:
0a:f7:56:79:54:2a:7d:7f:86:3f:c4:90:0f:b3:08:
ac:5a:95:8b:cc:78:ed:c2:ae:a6:e6:e4:58:5e:62:
c6:02:bc:5d:09:b7:f7:8e:46:19:f1:f8:2e:c0:7d:
92:9e:88:ce:9f:5c:b3:92:e7:b4:bc:41:88:39:c5:
62:9f:ee:0a:69:08:8a:1f:72:50:83:4d:bf:e1:35:
d3:ef:91:32:d4:60:cf:fe:f7:18:1c:0b:be:e2:56:
0d:42:fc:79:1d:3e:12:de:5f:69:c8:f3:98:3a:1c:
b3:dc:3a:9b:35:bc:06:d7:d4:13:55:1e:f6:33:ec:
c0:72:d2:ec:ef:77:c8:ca:d8:87:d3:cd:ef:be:44:
db:2a:b4:53:5f:51:fa:7f:73:71:f3:f7:5f:af:79:
40:5a:63:e2:5b:b9:52:f5:06:19:3d:db:12:78:0f:
b3:b1:d2:94:25:6b:76:8d:b3:95:a5:d7:18:4b:d1:
8e:90:06:13:0e:e9:36:52:7b:40:d8:8b:71:72:ab:
c1:b6:02:3d:f3:91:04:77:e7:af:3d:b3:2b:20:53:
49:05:be:d2:c8:7a:f6:0a:f3:28:a6:7c:ef:46:fc:
bf:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:36:55:D9:41:71:66:E6:B5:17:C6:5E:63:9E:B1:18:E0:D6:57:9B
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a33613a3a2f34382d3438203d3e20323135343539.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:3a::/48
Signature Algorithm: sha256WithRSAEncryption
64:91:44:0a:a3:9e:07:86:b5:f2:d2:19:46:48:a2:2b:93:92:
fc:c7:1d:87:d2:dc:c2:be:08:f4:43:df:dd:13:8f:2a:c6:16:
3b:e0:41:cc:d9:70:db:e1:84:85:1d:b5:e9:70:64:62:3a:d0:
2c:9f:68:a0:35:60:44:d8:d8:c6:b5:fb:58:0e:94:d9:ee:8a:
3b:fb:3d:e5:86:d0:f3:f3:22:1f:c3:40:6b:c5:16:13:98:78:
af:82:62:a8:89:1b:c4:cc:c6:f3:14:9a:0c:a9:76:b7:b0:69:
da:6a:1b:f2:bd:1c:9c:15:4f:2d:f4:67:41:e1:df:f7:f0:80:
40:08:51:5a:e9:9f:93:05:a7:66:e0:c7:00:1a:32:dc:28:f4:
7e:78:11:82:e8:5a:b9:d9:78:f1:1e:f4:fc:a1:ae:d6:23:41:
eb:44:e0:c2:12:0b:1f:64:c2:50:93:66:0e:5e:84:f7:3e:a4:
77:4e:a2:47:e1:4c:f0:d7:05:58:0a:28:55:a3:ad:24:35:fc:
1a:a3:a2:3d:d7:03:b7:37:92:bf:05:8a:6e:55:bc:f4:84:7f:
9c:ad:fe:d9:76:6c:16:44:04:0a:4d:45:87:3f:2e:25:2e:8f:
11:5e:5c:07:cd:a6:9b:02:6f:cb:54:83:a0:a9:f9:cd:32:ff:
88:38:69:41
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUMji+kbyoWGHIP24sNkk+MaMdCvgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNTAxMjMwOTU2NDBaFw0yNjAxMjIxMDAxNDBaMDMxMTAvBgNV
BAMTKDhFMzY1NUQ5NDE3MTY2RTZCNTE3QzY1RTYzOUVCMTE4RTBENjU3OUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8aVuzB0WpGI7/Ewops4erq9Kt
yq5WHd1+J8MGIAr3VnlUKn1/hj/EkA+zCKxalYvMeO3Crqbm5FheYsYCvF0Jt/eO
Rhnx+C7AfZKeiM6fXLOS57S8QYg5xWKf7gppCIofclCDTb/hNdPvkTLUYM/+9xgc
C77iVg1C/HkdPhLeX2nI85g6HLPcOps1vAbX1BNVHvYz7MBy0uzvd8jK2IfTze++
RNsqtFNfUfp/c3Hz91+veUBaY+JbuVL1Bhk92xJ4D7Ox0pQla3aNs5Wl1xhL0Y6Q
BhMO6TZSe0DYi3Fyq8G2Aj3zkQR35689sysgU0kFvtLIevYK8yimfO9G/L/xAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUjjZV2UFxZua1F8ZeY56xGODWV5swHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzMzYxM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzMTM1MzQzNTM5LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAKhEpwAA6MA0GCSqGSIb3DQEBCwUAA4IBAQBkkUQKo54HhrXy0hlGSKIr
k5L8xx2H0tzCvgj0Q9/dE48qxhY74EHM2XDb4YSFHbXpcGRiOtAsn2igNWBE2NjG
tftYDpTZ7oo7+z3lhtDz8yIfw0BrxRYTmHivgmKoiRvEzMbzFJoMqXa3sGnaahvy
vRycFU8t9GdB4d/38IBACFFa6Z+TBadm4McAGjLcKPR+eBGC6Fq52XjxHvT8oa7W
I0HrRODCEgsfZMJQk2YOXoT3PqR3TqJH4Uzw1wVYCihVo60kNfwao6I91wO3N5K/
BYpuVbz0hH+crf7ZdmwWRAQKTUWHPy4lLo8RXlwHzaabAm/LVIOgqfnNMv+IOGlB
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:39:57 2025 by rpki-client