Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a33623a3a2f34382d3438203d3e20323135353839.roa
File: 326131313a323963303a33623a3a2f34382d3438203d3e20323135353839.roa (raw, json)
Hash identifier: FCYqDEtPyrzPOTaNiHuC6Z+dcFFkFog2FTDXhefg6/0=
Subject key identifier: 40:89:29:6B:95:54:5F:81:B9:64:94:B1:C3:1F:D3:2E:82:42:B4:EE
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 3E471F635A24352D56B66F08A06E289E1E601481
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a33623a3a2f34382d3438203d3e20323135353839.roa
Signing time: Tue 07 Jan 2025 18:01:38 +0000
ROA not before: Tue 07 Jan 2025 17:56:38 +0000
ROA not after: Tue 06 Jan 2026 18:01:38 +0000
asID: 215589
IP address blocks: 2a11:29c0:3b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 14:04:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:47:1f:63:5a:24:35:2d:56:b6:6f:08:a0:6e:28:9e:1e:60:14:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: Jan 7 17:56:38 2025 GMT
Not After : Jan 6 18:01:38 2026 GMT
Subject: CN=4089296B95545F81B96494B1C31FD32E8242B4EE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:12:f9:10:7c:e0:a7:66:b0:cd:82:de:36:36:
e9:ab:0c:5e:21:3c:de:c3:96:63:02:cb:5a:f9:43:
be:d5:b8:25:f5:e1:62:df:43:5c:12:d1:5e:0f:ce:
2b:ab:ac:e9:0b:44:38:fa:95:83:a9:b0:98:0e:57:
08:56:b8:29:6f:40:40:ef:1c:47:65:c1:82:a4:aa:
ad:85:25:df:d7:33:81:b0:70:f1:78:ff:de:63:75:
d5:46:64:70:7d:20:ce:88:47:ae:2d:63:75:1b:56:
55:13:16:b2:f8:4b:c8:b5:c3:80:37:a4:92:cc:0e:
5f:dd:0b:57:38:02:ff:ad:cf:f0:28:75:68:81:13:
cb:40:ad:88:df:b9:94:b8:e7:74:02:d0:84:98:06:
7a:ec:4b:5d:c3:6c:96:cc:8f:fd:fe:23:b3:6d:1b:
c4:47:91:2a:ec:97:26:e5:8a:48:6c:3b:ab:25:8a:
2d:69:77:ff:aa:8e:b1:04:03:d7:cf:c2:cb:6f:d5:
06:33:ed:6c:2b:62:c6:b3:b8:c3:df:fb:c4:fc:e4:
c0:28:9e:c6:49:b2:01:3b:3c:67:f0:4e:cd:b8:86:
fc:4f:72:03:9e:a9:ec:57:7b:7e:88:0c:20:a6:9e:
3d:67:3a:32:07:ee:1a:53:3e:0f:55:48:f3:18:85:
db:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:89:29:6B:95:54:5F:81:B9:64:94:B1:C3:1F:D3:2E:82:42:B4:EE
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a33623a3a2f34382d3438203d3e20323135353839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:3b::/48
Signature Algorithm: sha256WithRSAEncryption
4c:d1:b6:19:aa:5f:f6:97:31:50:31:f6:29:2d:72:f2:cb:57:
5b:97:a6:64:e0:ab:2d:cd:1c:84:a0:46:dd:10:5c:52:71:aa:
c7:4e:c6:f9:38:27:d1:87:c4:1c:1b:02:11:96:d4:31:f6:be:
ce:d3:45:f0:ec:24:38:89:35:05:8a:7a:92:6f:55:c1:48:2a:
49:88:b5:73:93:09:3b:20:18:b3:cc:3c:d5:9b:6c:f4:b5:b2:
74:e2:c4:12:0d:9f:ae:e5:46:50:ca:67:85:65:d3:d2:ff:46:
99:a6:6c:8e:3a:c9:67:a1:52:db:32:4b:86:7a:e9:b0:50:e4:
51:95:e5:ef:bf:06:42:a9:44:ae:47:3c:fc:36:94:75:6c:ee:
0e:ed:31:7a:a3:de:28:6f:50:d5:f2:82:86:1b:95:a6:aa:62:
1b:28:03:e4:38:a9:09:1b:66:13:4b:12:cd:90:43:14:83:69:
67:3c:ac:61:c1:f7:ff:5a:cb:43:04:69:1e:57:84:4f:18:56:
d9:52:66:c8:29:33:cd:49:37:86:81:be:64:53:52:6a:99:6b:
da:04:28:34:fd:a0:af:ff:b3:06:65:74:03:19:33:ef:03:84:
b7:5f:5a:b3:5e:bd:4e:5a:28:8c:3f:b2:a8:fc:af:9b:eb:52:
97:00:2e:67
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUPkcfY1okNS1Wtm8IoG4onh5gFIEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNTAxMDcxNzU2MzhaFw0yNjAxMDYxODAxMzhaMDMxMTAvBgNV
BAMTKDQwODkyOTZCOTU1NDVGODFCOTY0OTRCMUMzMUZEMzJFODI0MkI0RUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOEvkQfOCnZrDNgt42NumrDF4h
PN7DlmMCy1r5Q77VuCX14WLfQ1wS0V4PziurrOkLRDj6lYOpsJgOVwhWuClvQEDv
HEdlwYKkqq2FJd/XM4GwcPF4/95jddVGZHB9IM6IR64tY3UbVlUTFrL4S8i1w4A3
pJLMDl/dC1c4Av+tz/AodWiBE8tArYjfuZS453QC0ISYBnrsS13DbJbMj/3+I7Nt
G8RHkSrslyblikhsO6slii1pd/+qjrEEA9fPwstv1QYz7WwrYsazuMPf+8T85MAo
nsZJsgE7PGfwTs24hvxPcgOeqexXe36IDCCmnj1nOjIH7hpTPg9VSPMYhdtVAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUQIkpa5VUX4G5ZJSxwx/TLoJCtO4wHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzMzYyM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzMTM1MzUzODM5LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAKhEpwAA7MA0GCSqGSIb3DQEBCwUAA4IBAQBM0bYZql/2lzFQMfYpLXLy
y1dbl6Zk4KstzRyEoEbdEFxScarHTsb5OCfRh8QcGwIRltQx9r7O00Xw7CQ4iTUF
inqSb1XBSCpJiLVzkwk7IBizzDzVm2z0tbJ04sQSDZ+u5UZQymeFZdPS/0aZpmyO
OslnoVLbMkuGeumwUORRleXvvwZCqUSuRzz8NpR1bO4O7TF6o94ob1DV8oKGG5Wm
qmIbKAPkOKkJG2YTSxLNkEMUg2lnPKxhwff/WstDBGkeV4RPGFbZUmbIKTPNSTeG
gb5kU1JqmWvaBCg0/aCv/7MGZXQDGTPvA4S3X1qzXr1OWiiMP7Ko/K+b61KXAC5n
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:39:53 2025 by rpki-client