Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466313a3a2f34382d3438203d3e20323039333839.roa
File: 326131313a323963303a336466313a3a2f34382d3438203d3e20323039333839.roa (raw, json)
Hash identifier: jFq8tZofTgQ+Njm4bM7AOnJYioIkxJum1wP0/GMP7NU=
Subject key identifier: B2:31:3A:D5:63:D2:8C:BC:D3:69:00:D7:56:D0:84:42:83:18:20:11
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 346F4DC4044F77761AF4E5345D600FC1CB78C0F6
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466313a3a2f34382d3438203d3e20323039333839.roa
Signing time: Wed 21 May 2025 14:05:53 +0000
ROA not before: Wed 21 May 2025 14:00:53 +0000
ROA not after: Wed 20 May 2026 14:05:53 +0000
asID: 209389
IP address blocks: 2a11:29c0:3df1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 10:22:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:6f:4d:c4:04:4f:77:76:1a:f4:e5:34:5d:60:0f:c1:cb:78:c0:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: May 21 14:00:53 2025 GMT
Not After : May 20 14:05:53 2026 GMT
Subject: CN=B2313AD563D28CBCD36900D756D0844283182011
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:55:64:6e:a8:07:1d:08:68:8d:e0:d0:cd:89:
dd:98:73:8e:04:8b:6b:e5:d9:62:89:c7:c1:f2:02:
74:a5:5d:d4:fd:c1:13:c1:1f:ca:e8:ee:24:d5:ab:
cc:01:cf:44:e0:fb:6b:2a:25:7a:3a:89:10:84:17:
ba:2d:fa:d0:24:7d:38:34:be:01:ba:5d:7d:ad:5d:
15:e3:a0:a5:05:d3:57:f1:fc:73:7b:ce:7c:8d:fd:
c2:dd:ad:b8:b6:91:e3:95:50:ff:44:1d:97:cb:f9:
99:0a:a4:ea:2e:2d:d7:ee:9e:b2:97:ef:0a:fd:9e:
7a:32:bf:e4:a5:b4:d7:ae:bc:9f:5a:da:50:a5:84:
02:f1:e8:42:7d:ca:3d:50:c3:99:57:27:b7:58:e7:
82:e5:26:74:f8:a1:a6:90:f3:bf:16:39:a2:b1:31:
4f:c1:6e:ab:1d:98:8f:cc:5d:a3:93:78:db:2b:73:
28:63:1f:a8:3e:5e:76:d6:97:c3:ce:5d:cb:7f:e8:
5d:41:a3:07:a2:db:65:2d:5a:e4:70:49:07:bd:36:
71:e7:6a:43:39:1e:65:c6:d4:71:74:2f:3b:59:61:
01:4b:5a:0a:bf:39:d6:d6:78:35:6a:45:6a:13:21:
63:bc:d6:a2:7f:40:f0:6a:f7:60:4f:bc:61:42:2f:
ed:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:31:3A:D5:63:D2:8C:BC:D3:69:00:D7:56:D0:84:42:83:18:20:11
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466313a3a2f34382d3438203d3e20323039333839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:3df1::/48
Signature Algorithm: sha256WithRSAEncryption
85:e9:a1:b9:66:e0:65:4c:6d:7f:af:21:0f:01:ad:3e:41:10:
69:4d:9d:9f:5f:cb:f8:32:21:ff:5f:23:36:5f:1a:f8:77:5d:
87:9a:3e:38:96:20:34:62:d2:86:5b:b5:6e:d2:f2:6e:89:52:
db:c9:e1:a1:0d:05:4e:1f:c5:e0:a2:86:a3:92:03:76:c8:bb:
44:d4:fc:70:1c:2e:e1:11:e8:72:6e:3d:56:21:14:64:a4:9d:
95:65:3e:61:4f:6d:17:79:82:bf:e4:14:d4:02:d8:58:95:52:
7e:b0:3e:58:2e:b9:3e:d1:4f:a8:13:8e:a1:c4:00:6a:eb:fe:
ad:f3:14:1e:03:13:df:db:2e:07:29:82:53:01:ea:1e:fe:06:
af:a5:bd:96:0b:ff:a3:75:7c:dc:39:ed:c0:59:e0:8c:ad:ca:
6b:43:ba:3c:ae:74:38:b6:b0:fe:e6:db:88:aa:51:cb:9e:66:
a5:43:7e:27:5a:38:01:8c:8b:62:14:8e:a2:1e:2b:58:92:2c:
92:89:41:e1:6e:f7:9e:1b:61:e1:04:59:e3:15:e6:f0:69:39:
20:dc:f9:99:85:7b:34:b0:b6:cb:dc:87:8e:1e:f7:5b:13:7c:
25:96:49:a3:4c:6c:3a:0f:3f:7b:2d:c8:28:8f:53:04:81:a8:
5c:96:2c:93
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUNG9NxARPd3Ya9OU0XWAPwct4wPYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNTA1MjExNDAwNTNaFw0yNjA1MjAxNDA1NTNaMDMxMTAvBgNV
BAMTKEIyMzEzQUQ1NjNEMjhDQkNEMzY5MDBENzU2RDA4NDQyODMxODIwMTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDoVWRuqAcdCGiN4NDNid2Yc44E
i2vl2WKJx8HyAnSlXdT9wRPBH8ro7iTVq8wBz0Tg+2sqJXo6iRCEF7ot+tAkfTg0
vgG6XX2tXRXjoKUF01fx/HN7znyN/cLdrbi2keOVUP9EHZfL+ZkKpOouLdfunrKX
7wr9nnoyv+SltNeuvJ9a2lClhALx6EJ9yj1Qw5lXJ7dY54LlJnT4oaaQ878WOaKx
MU/BbqsdmI/MXaOTeNsrcyhjH6g+XnbWl8POXct/6F1Bowei22UtWuRwSQe9NnHn
akM5HmXG1HF0LztZYQFLWgq/OdbWeDVqRWoTIWO81qJ/QPBq92BPvGFCL+3/AgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUsjE61WPSjLzTaQDXVtCEQoMYIBEwHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzMzY0NjYzMTNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAzOTMzMzgzOS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoRKcA98TANBgkqhkiG9w0BAQsFAAOCAQEAhemhuWbgZUxtf68h
DwGtPkEQaU2dn1/L+DIh/18jNl8a+Hddh5o+OJYgNGLShlu1btLybolS28nhoQ0F
Th/F4KKGo5IDdsi7RNT8cBwu4RHocm49ViEUZKSdlWU+YU9tF3mCv+QU1ALYWJVS
frA+WC65PtFPqBOOocQAauv+rfMUHgMT39suBymCUwHqHv4Gr6W9lgv/o3V83Dnt
wFngjK3Ka0O6PK50OLaw/ubbiKpRy55mpUN+J1o4AYyLYhSOoh4rWJIskolB4W73
nhth4QRZ4xXm8Gk5INz5mYV7NLC2y9yHjh73WxN8JZZJo0xsOg8/ey3IKI9TBIGo
XJYskw==
-----END CERTIFICATE-----
Generated at Fri Jun 6 22:50:33 2025 by rpki-client