Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466323a3a2f34382d3438203d3e20323131393434.roa
File: 326131313a323963303a336466323a3a2f34382d3438203d3e20323131393434.roa (raw, json)
Hash identifier: XouTTq3/NqhUY1+1w6SZ5Rugu0GjED+8ShxY8eLJ2fw=
Subject key identifier: 8A:E9:5A:68:A8:1C:D8:B8:10:80:F7:46:5E:E7:CE:34:1F:F2:A5:CE
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 510B474DDF75C8B36F9CA5880D7DED6F9FE62DB1
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466323a3a2f34382d3438203d3e20323131393434.roa
Signing time: Wed 21 May 2025 14:05:55 +0000
ROA not before: Wed 21 May 2025 14:00:55 +0000
ROA not after: Wed 20 May 2026 14:05:55 +0000
asID: 211944
IP address blocks: 2a11:29c0:3df2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 10:22:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:0b:47:4d:df:75:c8:b3:6f:9c:a5:88:0d:7d:ed:6f:9f:e6:2d:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: May 21 14:00:55 2025 GMT
Not After : May 20 14:05:55 2026 GMT
Subject: CN=8AE95A68A81CD8B81080F7465EE7CE341FF2A5CE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:f6:5b:fe:a6:4d:c2:71:ff:37:12:90:ee:fe:
81:35:50:f0:0c:94:3b:a2:7e:fc:db:b1:b5:75:70:
ca:b2:e5:18:80:30:8c:38:09:ca:65:33:43:7a:ab:
18:f3:df:13:3d:85:c1:70:be:27:44:5b:37:d3:6f:
25:d3:48:93:04:b4:10:60:8f:60:97:35:34:43:2f:
f4:d3:be:a3:f1:0e:eb:1d:ae:12:8e:12:5a:6c:1d:
5b:b0:5d:d3:cd:f6:2a:49:22:e5:bf:a1:88:94:87:
e2:ea:dd:20:2b:88:d1:bc:d9:b6:86:5e:bf:fa:98:
16:f7:a3:ad:a4:49:33:07:28:ad:56:0c:bb:6b:53:
72:8d:bf:ab:ea:f7:9f:0e:b6:0d:81:11:be:67:e0:
f7:ed:50:6a:de:ae:f2:a4:d8:7d:5a:45:50:d7:b3:
a2:e0:48:1c:e6:c1:92:c1:0a:ac:b6:f0:f3:06:06:
63:5f:03:f7:1d:6d:c2:b8:f6:22:32:6b:5d:c8:d8:
30:60:6e:d5:4f:5e:21:58:71:9e:92:27:3a:7f:14:
51:e6:07:4f:38:3f:ee:a3:0c:7b:8c:a5:62:bf:f2:
cf:31:0f:e4:09:2d:ae:c6:0a:f0:75:62:b6:3d:38:
51:3d:0b:59:36:f0:da:54:f6:c1:01:a0:62:7c:dc:
63:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:E9:5A:68:A8:1C:D8:B8:10:80:F7:46:5E:E7:CE:34:1F:F2:A5:CE
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466323a3a2f34382d3438203d3e20323131393434.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:3df2::/48
Signature Algorithm: sha256WithRSAEncryption
30:69:d2:fc:63:21:71:19:54:32:f5:b7:22:b9:41:69:23:3f:
13:5c:33:fc:7d:84:eb:49:db:ad:39:13:bd:39:09:af:63:b9:
a7:a4:49:2b:d6:7b:4d:34:b3:c1:25:13:d7:69:d5:72:2d:f4:
f1:18:d6:35:98:48:f8:5c:d9:24:31:81:11:bd:c2:cd:55:09:
93:1a:bb:06:61:e5:61:b1:05:04:65:27:1e:71:c7:f0:bf:c5:
63:74:2f:a6:54:0d:6c:29:88:19:60:7d:ed:4d:bc:83:cd:b6:
59:74:41:bd:c6:44:e7:c6:e7:c1:1d:f5:dd:cc:2d:f7:13:12:
7c:5c:a7:6a:db:b4:59:f9:de:f4:a6:80:06:2b:14:82:cd:b2:
1c:24:96:11:f9:0f:85:74:f1:be:a6:e2:11:e8:bd:c0:69:8d:
d0:09:1b:97:70:86:ce:df:04:3f:c3:9b:7a:79:28:b7:02:d2:
4a:3e:3e:7d:17:a3:6f:23:7c:9e:d1:d8:d9:0d:c6:10:19:bf:
f9:bb:7c:b6:2c:d1:ad:4d:39:cb:8d:73:ee:13:9a:5d:46:56:
95:1b:02:2c:32:52:93:69:03:35:3e:08:fd:db:83:2c:b4:bf:
18:ef:c3:7e:5c:1d:fa:d6:ea:c6:f4:71:a4:7c:52:35:e1:e5:
f3:04:41:99
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUUQtHTd91yLNvnKWIDX3tb5/mLbEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNTA1MjExNDAwNTVaFw0yNjA1MjAxNDA1NTVaMDMxMTAvBgNV
BAMTKDhBRTk1QTY4QTgxQ0Q4QjgxMDgwRjc0NjVFRTdDRTM0MUZGMkE1Q0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+9lv+pk3Ccf83EpDu/oE1UPAM
lDuifvzbsbV1cMqy5RiAMIw4CcplM0N6qxjz3xM9hcFwvidEWzfTbyXTSJMEtBBg
j2CXNTRDL/TTvqPxDusdrhKOElpsHVuwXdPN9ipJIuW/oYiUh+Lq3SAriNG82baG
Xr/6mBb3o62kSTMHKK1WDLtrU3KNv6vq958Otg2BEb5n4PftUGrervKk2H1aRVDX
s6LgSBzmwZLBCqy28PMGBmNfA/cdbcK49iIya13I2DBgbtVPXiFYcZ6SJzp/FFHm
B084P+6jDHuMpWK/8s8xD+QJLa7GCvB1YrY9OFE9C1k28NpU9sEBoGJ83GMbAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUiulaaKgc2LgQgPdGXufONB/ypc4wHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzMzY0NjYzMjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzMTM5MzQzNC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoRKcA98jANBgkqhkiG9w0BAQsFAAOCAQEAMGnS/GMhcRlUMvW3
IrlBaSM/E1wz/H2E60nbrTkTvTkJr2O5p6RJK9Z7TTSzwSUT12nVci308RjWNZhI
+FzZJDGBEb3CzVUJkxq7BmHlYbEFBGUnHnHH8L/FY3QvplQNbCmIGWB97U28g822
WXRBvcZE58bnwR313cwt9xMSfFynatu0Wfne9KaABisUgs2yHCSWEfkPhXTxvqbi
Eei9wGmN0Akbl3CGzt8EP8ObenkotwLSSj4+fRejbyN8ntHY2Q3GEBm/+bt8tizR
rU05y41z7hOaXUZWlRsCLDJSk2kDNT4I/duDLLS/GO/Dflwd+tbqxvRxpHxSNeHl
8wRBmQ==
-----END CERTIFICATE-----
Generated at Fri Jun 6 23:07:34 2025 by rpki-client