Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336463303a3a2f34342d3434203d3e20323039363030.roa
File: 326131313a323963303a336463303a3a2f34342d3434203d3e20323039363030.roa (raw, json)
Hash identifier: e9+8YUeMNSHmjHApIaR6jg3Y6E7r2icOYQDbpCt+gHk=
Subject key identifier: B7:97:EE:92:1E:7A:81:7F:72:0D:21:FC:D0:1B:37:B0:D6:71:BD:59
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 023E0E8AC920BB3A769FBE5FC9214B20B44165EB
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336463303a3a2f34342d3434203d3e20323039363030.roa
Signing time: Fri 04 Apr 2025 11:01:40 +0000
ROA not before: Fri 04 Apr 2025 10:56:40 +0000
ROA not after: Fri 03 Apr 2026 11:01:40 +0000
asID: 209600
IP address blocks: 2a11:29c0:3dc0::/44 maxlen: 44
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 14:04:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:3e:0e:8a:c9:20:bb:3a:76:9f:be:5f:c9:21:4b:20:b4:41:65:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: Apr 4 10:56:40 2025 GMT
Not After : Apr 3 11:01:40 2026 GMT
Subject: CN=B797EE921E7A817F720D21FCD01B37B0D671BD59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:65:7a:c0:aa:4a:cc:86:80:56:20:d5:c1:b9:
95:ea:6f:b5:61:06:3e:b7:94:c8:c8:cf:ae:fa:86:
c7:77:6a:a8:31:86:11:a3:4b:a6:b3:bf:0e:9e:d1:
75:35:0a:ff:d0:b6:b8:e0:fc:9c:91:d0:3a:aa:7c:
16:94:a3:8a:60:a9:03:12:87:4d:9c:71:bb:34:e4:
18:a7:2c:14:e3:49:e7:a7:b6:3b:4a:c7:f9:11:18:
34:c4:45:d1:bd:bf:8b:4e:04:bd:7a:06:5c:62:26:
c7:ea:50:30:77:e5:92:ca:99:3b:2d:40:3f:19:12:
46:f4:53:25:a5:42:a5:e8:5a:bd:d0:c5:38:81:92:
cf:7b:f9:c5:39:a3:e9:8d:7b:7e:72:30:7c:26:35:
90:ff:2c:25:72:4a:c3:ee:08:50:7a:78:98:b8:e6:
d9:2b:8c:90:e1:95:7b:d4:a1:0b:b0:80:22:09:17:
88:61:eb:1c:76:da:6d:eb:62:2f:08:58:0a:51:e7:
4a:24:06:19:e0:c7:b1:cf:28:a7:e5:7e:51:28:ca:
99:7d:8a:f0:4a:09:97:6a:6c:3b:99:fb:a5:2e:1c:
bd:e3:bb:98:e1:ce:c7:5e:90:c3:44:01:10:0d:f1:
60:4f:58:43:d2:47:14:52:58:10:b6:2c:12:ff:16:
91:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:97:EE:92:1E:7A:81:7F:72:0D:21:FC:D0:1B:37:B0:D6:71:BD:59
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336463303a3a2f34342d3434203d3e20323039363030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:3dc0::/44
Signature Algorithm: sha256WithRSAEncryption
80:bb:1d:6c:c3:c3:95:d3:b4:61:ae:58:ad:89:e4:b5:65:4a:
dd:b9:f2:79:5a:70:5e:b5:1a:b1:07:87:5a:eb:6f:ce:10:7a:
eb:d0:85:41:77:e4:80:52:93:3d:20:1a:25:1a:ec:f4:24:f1:
9f:d4:34:5a:92:cb:37:74:26:28:70:c3:2f:79:a7:c5:bf:3c:
4c:b4:2c:99:8b:aa:fe:db:30:03:9c:bf:36:81:f8:6f:8c:b3:
74:47:1a:6c:1f:6a:b5:4b:f0:68:07:48:0f:e9:0f:28:f3:93:
e6:c9:c6:5c:06:20:0a:13:cf:b7:a1:a8:bf:23:dc:b4:54:16:
42:21:4b:95:8e:22:24:e0:40:ab:71:f2:49:e1:44:28:ad:57:
10:28:e1:50:08:5a:33:d0:93:2e:ea:28:71:91:40:5a:73:4a:
b3:20:f7:52:43:f4:fe:b5:cb:ff:6e:37:2a:cf:fe:fb:ae:54:
d8:86:49:ec:0b:c2:ef:d8:f7:3d:01:20:73:a5:a9:c0:56:b4:
f6:f8:6a:c8:38:23:51:53:cd:58:7e:c0:65:98:f7:d4:34:38:
07:b2:26:c9:82:76:be:50:ef:40:b5:3b:89:d2:d1:70:2a:e7:
8a:de:eb:eb:9f:1e:d2:9d:2c:15:d4:5e:ef:24:c3:27:87:56:
66:b3:09:b3
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUAj4Oiskguzp2n75fySFLILRBZeswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNTA0MDQxMDU2NDBaFw0yNjA0MDMxMTAxNDBaMDMxMTAvBgNV
BAMTKEI3OTdFRTkyMUU3QTgxN0Y3MjBEMjFGQ0QwMUIzN0IwRDY3MUJENTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFZXrAqkrMhoBWINXBuZXqb7Vh
Bj63lMjIz676hsd3aqgxhhGjS6azvw6e0XU1Cv/Qtrjg/JyR0DqqfBaUo4pgqQMS
h02ccbs05BinLBTjSeentjtKx/kRGDTERdG9v4tOBL16BlxiJsfqUDB35ZLKmTst
QD8ZEkb0UyWlQqXoWr3QxTiBks97+cU5o+mNe35yMHwmNZD/LCVySsPuCFB6eJi4
5tkrjJDhlXvUoQuwgCIJF4hh6xx22m3rYi8IWApR50okBhngx7HPKKflflEoypl9
ivBKCZdqbDuZ+6UuHL3ju5jhzsdekMNEARAN8WBPWEPSRxRSWBC2LBL/FpElAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUt5fukh56gX9yDSH80Bs3sNZxvVkwHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzMzY0NjMzMDNhM2EyZjM0MzQyZDM0MzQyMDNkM2UyMDMyMzAzOTM2MzAzMC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHBCoRKcA9wDANBgkqhkiG9w0BAQsFAAOCAQEAgLsdbMPDldO0Ya5Y
rYnktWVK3bnyeVpwXrUasQeHWutvzhB669CFQXfkgFKTPSAaJRrs9CTxn9Q0WpLL
N3QmKHDDL3mnxb88TLQsmYuq/tswA5y/NoH4b4yzdEcabB9qtUvwaAdID+kPKPOT
5snGXAYgChPPt6GovyPctFQWQiFLlY4iJOBAq3HySeFEKK1XECjhUAhaM9CTLuoo
cZFAWnNKsyD3UkP0/rXL/243Ks/++65U2IZJ7AvC79j3PQEgc6WpwFa09vhqyDgj
UVPNWH7AZZj31DQ4B7ImyYJ2vlDvQLU7idLRcCrnit7r658e0p0sFdRe7yTDJ4dW
ZrMJsw==
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:31:55 2025 by rpki-client