Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466333a3a2f34382d3438203d3e20323131383931.roa
File: 326131313a323963303a336466333a3a2f34382d3438203d3e20323131383931.roa (raw, json)
Hash identifier: WLuCME8N8+NUUNCh582ftc4PA7Lhl/fcEegKqFjzGlQ=
Subject key identifier: 27:B1:0B:8C:88:03:57:60:05:62:05:EA:61:78:D2:71:A5:FB:4C:28
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 7A574B44FEFF0A273BD613C24D4EE63E1D387834
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466333a3a2f34382d3438203d3e20323131383931.roa
Signing time: Wed 21 May 2025 14:05:55 +0000
ROA not before: Wed 21 May 2025 14:00:55 +0000
ROA not after: Wed 20 May 2026 14:05:55 +0000
asID: 211891
IP address blocks: 2a11:29c0:3df3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 10:22:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:57:4b:44:fe:ff:0a:27:3b:d6:13:c2:4d:4e:e6:3e:1d:38:78:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: May 21 14:00:55 2025 GMT
Not After : May 20 14:05:55 2026 GMT
Subject: CN=27B10B8C88035760056205EA6178D271A5FB4C28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:af:b6:2a:18:14:fb:d2:35:d2:07:d7:fe:8f:
35:8d:5a:a5:c8:96:93:7e:fc:1f:fa:a7:54:78:b8:
30:95:17:ce:3f:61:96:49:f5:97:a6:77:e5:00:c3:
d5:39:5d:d2:f6:29:0d:9a:a9:d7:93:78:51:ed:a1:
fb:6b:e9:23:f8:74:00:25:31:f6:e0:2c:ec:b9:86:
9e:52:7f:1e:86:49:3a:68:34:32:1e:e1:22:c0:ca:
8d:b0:18:dc:b6:01:e6:78:4c:37:c6:17:0f:9e:b1:
7f:04:d0:36:c7:54:73:0c:95:09:33:b7:79:d0:36:
04:f5:cd:94:d4:5b:16:a8:03:52:c1:bf:71:97:d3:
e1:da:89:2a:44:9f:50:c8:d4:71:6f:be:56:2e:ba:
1f:02:c3:0e:92:5c:94:27:4c:30:1e:3d:9f:90:21:
60:b8:68:7f:f2:d7:21:75:ac:71:52:e7:0a:b3:84:
98:6c:e0:d1:1a:52:48:14:c3:21:fc:e6:76:c4:e2:
23:5e:8f:26:dc:94:40:7d:48:1c:57:79:80:1a:9f:
da:04:9c:d3:3d:e2:a8:63:23:0d:8f:70:10:cc:57:
9f:7f:87:1a:dd:fa:3a:7b:67:8e:41:f1:ee:0d:a8:
94:75:ff:65:31:12:ce:1b:8a:56:41:6e:3f:93:25:
04:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:B1:0B:8C:88:03:57:60:05:62:05:EA:61:78:D2:71:A5:FB:4C:28
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466333a3a2f34382d3438203d3e20323131383931.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:3df3::/48
Signature Algorithm: sha256WithRSAEncryption
83:70:fc:2e:7e:f3:3d:5b:7a:74:53:ca:e7:7d:62:ef:b3:56:
61:fd:07:bb:99:e4:27:45:45:46:6d:bb:c4:d1:3e:c0:cd:b8:
6f:84:13:11:5e:97:2f:e3:d2:13:7e:29:61:31:5c:c5:26:f0:
81:38:95:d3:24:02:b7:78:84:be:1c:bd:53:df:fc:bb:93:37:
6a:c6:01:52:da:c7:d7:a3:87:fa:52:85:79:e3:3d:83:78:fd:
8c:5c:77:8b:b3:02:96:8e:2a:28:a1:7a:dd:a9:19:fb:69:16:
63:4a:35:14:02:df:e4:0c:78:79:7b:ae:6a:6d:12:a7:b6:79:
62:49:ce:9d:34:6a:80:85:0a:5f:00:6d:71:69:55:5d:14:9b:
5a:b2:17:53:f4:64:36:22:4b:d9:a5:7c:ae:47:dd:43:ab:d8:
dd:63:0b:79:75:07:bb:f3:c1:6b:e3:aa:db:69:70:f0:48:2f:
41:b3:4d:23:bd:61:72:b1:c9:b4:32:b6:d5:7f:aa:bd:6a:6d:
35:30:7d:a2:c8:87:e2:ba:35:42:c0:5a:a2:60:4d:6a:74:4e:
52:71:ba:97:72:3d:70:d9:00:ea:ce:75:c7:8b:a0:44:9f:45:
9d:50:8d:ae:32:75:01:02:14:51:91:95:55:34:1f:27:29:f4:
fc:e9:5b:1c
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUeldLRP7/Cic71hPCTU7mPh04eDQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNTA1MjExNDAwNTVaFw0yNjA1MjAxNDA1NTVaMDMxMTAvBgNV
BAMTKDI3QjEwQjhDODgwMzU3NjAwNTYyMDVFQTYxNzhEMjcxQTVGQjRDMjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFr7YqGBT70jXSB9f+jzWNWqXI
lpN+/B/6p1R4uDCVF84/YZZJ9Zemd+UAw9U5XdL2KQ2aqdeTeFHtoftr6SP4dAAl
MfbgLOy5hp5Sfx6GSTpoNDIe4SLAyo2wGNy2AeZ4TDfGFw+esX8E0DbHVHMMlQkz
t3nQNgT1zZTUWxaoA1LBv3GX0+HaiSpEn1DI1HFvvlYuuh8Cww6SXJQnTDAePZ+Q
IWC4aH/y1yF1rHFS5wqzhJhs4NEaUkgUwyH85nbE4iNejybclEB9SBxXeYAan9oE
nNM94qhjIw2PcBDMV59/hxrd+jp7Z45B8e4NqJR1/2UxEs4bilZBbj+TJQRvAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUJ7ELjIgDV2AFYgXqYXjScaX7TCgwHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzMzY0NjYzMzNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzMTM4MzkzMS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoRKcA98zANBgkqhkiG9w0BAQsFAAOCAQEAg3D8Ln7zPVt6dFPK
531i77NWYf0Hu5nkJ0VFRm27xNE+wM24b4QTEV6XL+PSE34pYTFcxSbwgTiV0yQC
t3iEvhy9U9/8u5M3asYBUtrH16OH+lKFeeM9g3j9jFx3i7MClo4qKKF63akZ+2kW
Y0o1FALf5Ax4eXuuam0Sp7Z5YknOnTRqgIUKXwBtcWlVXRSbWrIXU/RkNiJL2aV8
rkfdQ6vY3WMLeXUHu/PBa+Oq22lw8EgvQbNNI71hcrHJtDK21X+qvWptNTB9osiH
4ro1QsBaomBNanROUnG6l3I9cNkA6s51x4ugRJ9FnVCNrjJ1AQIUUZGVVTQfJyn0
/OlbHA==
-----END CERTIFICATE-----
Generated at Fri Jun 6 23:05:45 2025 by rpki-client