Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466363a3a2f34382d3438203d3e20323038343231.roa
File: 326131313a323963303a336466363a3a2f34382d3438203d3e20323038343231.roa (raw, json)
Hash identifier: Gx/BZWV/akLI/GkfrDAce3H3VtNqbvxhS/XHwy1ZErw=
Subject key identifier: 9F:97:47:DD:A5:A7:EF:A6:C0:2C:95:83:00:30:2B:E9:FA:A6:9D:64
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 04414531F1584C4571BD0C4B5CAF70D6BF89BC4D
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466363a3a2f34382d3438203d3e20323038343231.roa
Signing time: Wed 21 May 2025 14:05:55 +0000
ROA not before: Wed 21 May 2025 14:00:55 +0000
ROA not after: Wed 20 May 2026 14:05:55 +0000
asID: 208421
IP address blocks: 2a11:29c0:3df6::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 10:22:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:41:45:31:f1:58:4c:45:71:bd:0c:4b:5c:af:70:d6:bf:89:bc:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: May 21 14:00:55 2025 GMT
Not After : May 20 14:05:55 2026 GMT
Subject: CN=9F9747DDA5A7EFA6C02C958300302BE9FAA69D64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:1d:60:06:59:e8:49:da:05:f1:0e:d1:58:06:
98:c5:10:d5:c9:e9:e8:d9:f1:3f:77:4e:fb:4a:47:
94:72:10:20:90:04:98:03:e8:9d:ca:b4:b4:b1:44:
0e:8a:6b:5a:67:43:02:af:da:aa:f3:c2:30:34:46:
42:e8:7c:38:b2:65:c3:4a:ac:58:35:7a:75:27:01:
a1:58:c9:ae:1c:ba:a8:84:e3:ad:78:0e:c3:9d:28:
34:9e:89:af:38:c4:0f:dc:2f:d2:65:1e:c8:49:b5:
4d:dc:7a:0a:3f:76:6b:4b:56:c7:80:3f:1e:b4:b9:
cd:1b:9d:47:e5:89:12:97:9a:5d:6d:ba:1f:e4:63:
93:c4:49:9f:4b:d5:ea:c0:5e:9e:6b:dd:9a:eb:1d:
0b:3d:b0:df:70:a7:81:0e:37:63:cf:2c:2c:19:00:
c4:00:70:85:b9:61:50:94:22:ca:ab:30:9d:90:92:
b3:95:8d:77:36:66:f3:fd:fb:3d:e7:8d:24:b0:46:
b5:2c:e1:63:9f:0b:71:72:0c:c8:8c:79:76:70:27:
f8:69:42:65:58:aa:19:5d:b7:55:92:0e:45:92:2c:
48:f9:06:bf:d1:bd:dd:22:09:67:c8:b2:7e:32:06:
25:2f:fc:3d:8c:00:23:3d:71:f5:87:62:4f:6a:b5:
1f:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:97:47:DD:A5:A7:EF:A6:C0:2C:95:83:00:30:2B:E9:FA:A6:9D:64
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466363a3a2f34382d3438203d3e20323038343231.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:3df6::/48
Signature Algorithm: sha256WithRSAEncryption
4b:fb:3b:c6:4b:c7:f9:a9:ea:56:21:87:7e:8b:38:79:68:d5:
7d:3a:36:04:cc:da:c7:91:82:ba:04:34:cf:65:5f:2a:b7:1d:
67:59:98:56:a5:ac:bd:35:74:f8:3f:02:47:23:54:2c:f5:ef:
5f:75:08:71:bb:a3:69:5e:b3:a8:2c:9f:cd:02:a4:05:45:79:
0f:5d:6d:80:a3:3a:b2:7d:94:4c:83:35:b0:0b:76:5a:da:0f:
08:b2:16:8d:6a:48:37:8e:da:7a:6b:d7:2f:9f:29:da:11:af:
24:e5:3e:e5:6b:c3:f2:22:22:84:31:db:4d:93:4a:02:c7:45:
97:b1:ea:13:44:40:95:d1:73:95:0e:b3:5c:50:61:11:82:2f:
6a:22:7d:7a:b5:86:7e:79:62:6b:cb:db:85:4a:99:c2:8c:27:
57:79:df:22:03:36:a2:83:36:05:a8:cd:36:89:11:d7:aa:1f:
7a:33:d4:85:8c:cf:64:da:ad:d9:73:76:36:36:47:f0:59:bc:
34:b8:ed:e5:78:cd:b1:bd:00:1d:e5:d2:99:37:35:18:e8:1e:
c3:58:dc:11:4b:95:39:46:cd:6e:28:33:4b:1e:ff:80:c8:8b:
11:0e:50:81:a3:85:b6:36:a5:95:40:c8:bb:fb:a7:fa:b2:80:
ca:d6:de:d2
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUBEFFMfFYTEVxvQxLXK9w1r+JvE0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNTA1MjExNDAwNTVaFw0yNjA1MjAxNDA1NTVaMDMxMTAvBgNV
BAMTKDlGOTc0N0REQTVBN0VGQTZDMDJDOTU4MzAwMzAyQkU5RkFBNjlENjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMHWAGWehJ2gXxDtFYBpjFENXJ
6ejZ8T93TvtKR5RyECCQBJgD6J3KtLSxRA6Ka1pnQwKv2qrzwjA0RkLofDiyZcNK
rFg1enUnAaFYya4cuqiE4614DsOdKDSeia84xA/cL9JlHshJtU3cego/dmtLVseA
Px60uc0bnUfliRKXml1tuh/kY5PESZ9L1erAXp5r3ZrrHQs9sN9wp4EON2PPLCwZ
AMQAcIW5YVCUIsqrMJ2QkrOVjXc2ZvP9+z3njSSwRrUs4WOfC3FyDMiMeXZwJ/hp
QmVYqhldt1WSDkWSLEj5Br/Rvd0iCWfIsn4yBiUv/D2MACM9cfWHYk9qtR9zAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUn5dH3aWn76bALJWDADAr6fqmnWQwHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzMzY0NjYzNjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAzODM0MzIzMS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoRKcA99jANBgkqhkiG9w0BAQsFAAOCAQEAS/s7xkvH+anqViGH
fos4eWjVfTo2BMzax5GCugQ0z2VfKrcdZ1mYVqWsvTV0+D8CRyNULPXvX3UIcbuj
aV6zqCyfzQKkBUV5D11tgKM6sn2UTIM1sAt2WtoPCLIWjWpIN47aemvXL58p2hGv
JOU+5WvD8iIihDHbTZNKAsdFl7HqE0RAldFzlQ6zXFBhEYIvaiJ9erWGfnlia8vb
hUqZwownV3nfIgM2ooM2BajNNokR16ofejPUhYzPZNqt2XN2NjZH8Fm8NLjt5XjN
sb0AHeXSmTc1GOgew1jcEUuVOUbNbigzSx7/gMiLEQ5QgaOFtjallUDIu/un+rKA
ytbe0g==
-----END CERTIFICATE-----
Generated at Fri Jun 6 23:02:27 2025 by rpki-client