Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466343a3a2f34382d3438203d3e20323130333434.roa
File: 326131313a323963303a336466343a3a2f34382d3438203d3e20323130333434.roa (raw, json)
Hash identifier: l8I3fTiML2J/WcN7w0kn/CZeR7tleXza78LovFX+K+Y=
Subject key identifier: 52:9B:0A:4C:D7:C9:A3:D3:CE:CE:C5:70:57:54:8D:F3:5B:F3:AB:4D
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 53CBAE92BD4FDF9089FACE4828F6854E41E38B94
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466343a3a2f34382d3438203d3e20323130333434.roa
Signing time: Wed 21 May 2025 14:05:54 +0000
ROA not before: Wed 21 May 2025 14:00:54 +0000
ROA not after: Wed 20 May 2026 14:05:54 +0000
asID: 210344
IP address blocks: 2a11:29c0:3df4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 10:22:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:cb:ae:92:bd:4f:df:90:89:fa:ce:48:28:f6:85:4e:41:e3:8b:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: May 21 14:00:54 2025 GMT
Not After : May 20 14:05:54 2026 GMT
Subject: CN=529B0A4CD7C9A3D3CECEC57057548DF35BF3AB4D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:70:70:72:9a:c0:8a:42:60:5e:9d:23:ae:fa:
e7:a5:c8:7c:e2:7f:58:c6:d3:ce:32:ca:e9:51:d8:
d1:95:fb:f6:2b:86:5c:41:13:b6:88:e0:33:13:b1:
3c:f6:ea:62:3b:87:ef:43:f9:b7:c0:02:eb:af:f8:
f0:39:e8:74:ee:db:05:05:4c:3a:0f:f0:30:c4:8a:
75:8f:41:81:b4:7a:8f:07:3b:72:1b:82:ce:09:f8:
64:cc:bb:14:af:0f:f6:27:8c:88:0e:4e:e1:62:d5:
30:7f:5a:d8:82:a3:29:65:75:ae:2b:06:4c:d2:94:
65:e3:f1:62:81:96:0c:8a:1c:58:77:c9:51:53:41:
08:fa:e7:17:54:51:7f:05:3e:a4:1d:f0:23:97:47:
fa:ab:86:2b:43:92:14:dd:a3:c4:88:4c:0a:4d:aa:
a0:01:81:d2:9d:4b:1c:85:8a:71:88:ed:82:b2:68:
2c:26:ce:48:9a:5f:15:11:43:28:7f:e5:5e:c4:42:
df:ff:41:ff:c5:dd:07:a0:5c:87:4d:ee:ad:3f:1d:
ad:80:da:d7:b6:2f:da:21:fc:c9:a6:42:0c:1c:7f:
0a:5b:6c:23:e4:df:62:1e:28:22:78:36:8c:d9:c8:
ca:09:cc:22:46:73:85:50:4c:bc:1e:c8:e1:44:89:
aa:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:9B:0A:4C:D7:C9:A3:D3:CE:CE:C5:70:57:54:8D:F3:5B:F3:AB:4D
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466343a3a2f34382d3438203d3e20323130333434.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:3df4::/48
Signature Algorithm: sha256WithRSAEncryption
aa:d0:69:58:6f:a8:45:30:89:69:13:b2:2c:60:32:2c:8f:49:
e5:63:e9:f7:47:e8:ee:ea:e0:32:3d:9d:99:6d:de:ca:5e:65:
80:28:2f:38:b4:dc:e1:2d:4a:69:67:89:2e:7f:8a:31:f5:88:
81:5c:24:ee:81:7f:37:d9:e8:04:0d:8d:7e:7f:64:80:4a:f1:
6d:9c:6f:ed:30:04:88:1d:62:7c:74:db:4d:eb:32:07:be:49:
ab:0a:52:a6:e0:61:cb:2a:0d:1b:4f:01:10:e9:84:b3:8f:36:
91:2c:c3:ee:f7:90:17:cd:c1:d9:aa:fa:05:fa:a8:ce:50:28:
67:37:e1:12:98:e5:72:b0:49:3f:fa:6c:8a:47:8e:09:c7:fc:
52:f3:e7:3d:9f:66:af:d4:dd:95:a4:f4:fd:4c:96:c7:3e:4d:
88:56:eb:18:71:e3:eb:d7:ff:97:5b:8d:98:25:5e:17:2a:9a:
1c:60:3d:d7:44:43:dc:b2:ea:a3:6d:4e:5d:7b:ce:ef:ed:cf:
48:90:c8:16:b2:3a:14:2c:6c:08:37:78:b5:e3:25:14:75:70:
7d:9f:b8:72:68:3d:3b:8c:51:8b:cd:94:64:87:61:63:bf:b7:
0a:5f:7d:1e:c3:67:ea:ae:b0:1b:70:b5:08:f9:82:3f:69:f1:
f7:b1:f8:67
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUU8uukr1P35CJ+s5IKPaFTkHji5QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNTA1MjExNDAwNTRaFw0yNjA1MjAxNDA1NTRaMDMxMTAvBgNV
BAMTKDUyOUIwQTRDRDdDOUEzRDNDRUNFQzU3MDU3NTQ4REYzNUJGM0FCNEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCecHBymsCKQmBenSOu+uelyHzi
f1jG084yyulR2NGV+/YrhlxBE7aI4DMTsTz26mI7h+9D+bfAAuuv+PA56HTu2wUF
TDoP8DDEinWPQYG0eo8HO3Ibgs4J+GTMuxSvD/YnjIgOTuFi1TB/WtiCoyllda4r
BkzSlGXj8WKBlgyKHFh3yVFTQQj65xdUUX8FPqQd8COXR/qrhitDkhTdo8SITApN
qqABgdKdSxyFinGI7YKyaCwmzkiaXxURQyh/5V7EQt//Qf/F3QegXIdN7q0/Ha2A
2te2L9oh/MmmQgwcfwpbbCPk32IeKCJ4NozZyMoJzCJGc4VQTLweyOFEiao/AgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUUpsKTNfJo9POzsVwV1SN81vzq00wHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzMzY0NjYzNDNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzMDMzMzQzNC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoRKcA99DANBgkqhkiG9w0BAQsFAAOCAQEAqtBpWG+oRTCJaROy
LGAyLI9J5WPp90fo7urgMj2dmW3eyl5lgCgvOLTc4S1KaWeJLn+KMfWIgVwk7oF/
N9noBA2Nfn9kgErxbZxv7TAEiB1ifHTbTesyB75JqwpSpuBhyyoNG08BEOmEs482
kSzD7veQF83B2ar6BfqozlAoZzfhEpjlcrBJP/psikeOCcf8UvPnPZ9mr9TdlaT0
/UyWxz5NiFbrGHHj69f/l1uNmCVeFyqaHGA910RD3LLqo21OXXvO7+3PSJDIFrI6
FCxsCDd4teMlFHVwfZ+4cmg9O4xRi82UZIdhY7+3Cl99HsNn6q6wG3C1CPmCP2nx
97H4Zw==
-----END CERTIFICATE-----
Generated at Fri Jun 6 23:02:23 2025 by rpki-client