Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466373a3a2f34382d3438203d3e20323038343731.roa
File: 326131313a323963303a336466373a3a2f34382d3438203d3e20323038343731.roa (raw, json)
Hash identifier: YHTWixxFWPzA53jP694g1VSdnJkFBrd5QU/5q/nEiMM=
Subject key identifier: 14:E8:EA:DF:25:1B:10:7E:B6:4D:BB:75:31:DF:DB:1A:ED:CB:09:A3
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 577E501A3FC30630A70A1149D8FAFC9ED498F4D5
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466373a3a2f34382d3438203d3e20323038343731.roa
Signing time: Wed 21 May 2025 14:05:55 +0000
ROA not before: Wed 21 May 2025 14:00:55 +0000
ROA not after: Wed 20 May 2026 14:05:55 +0000
asID: 208471
IP address blocks: 2a11:29c0:3df7::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 10:22:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:7e:50:1a:3f:c3:06:30:a7:0a:11:49:d8:fa:fc:9e:d4:98:f4:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: May 21 14:00:55 2025 GMT
Not After : May 20 14:05:55 2026 GMT
Subject: CN=14E8EADF251B107EB64DBB7531DFDB1AEDCB09A3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:62:17:59:66:f2:89:80:50:b9:c6:1b:83:37:
bd:32:f4:1e:ae:c3:c0:49:09:5b:e8:d8:4a:34:cb:
2c:60:ff:79:5d:11:a0:72:7d:c5:d1:e2:d8:a0:40:
26:94:70:23:a6:a5:5a:18:d8:33:77:6e:23:4b:ab:
f4:95:4a:76:e7:b8:1d:fe:53:af:1d:99:d0:ea:11:
b1:78:aa:3e:83:8f:e9:0b:75:0b:ea:c8:a5:9e:99:
53:81:7a:60:f8:bf:4b:45:4a:ee:91:a9:de:06:50:
f2:2c:00:e6:2f:04:bc:6f:57:c8:09:10:9c:e8:dd:
a9:9b:d2:79:0b:83:37:4d:62:0a:c9:c1:ed:ce:a5:
5c:22:28:7a:33:c8:6f:b3:de:5d:35:e7:d9:c6:6f:
59:e5:b8:3f:1e:06:bf:29:14:f2:b7:b0:96:59:88:
54:c2:0b:88:d2:ab:ce:f6:c0:f7:d6:f5:2e:c4:cd:
c6:25:d0:ec:ed:a3:d2:86:ef:7b:ce:d2:db:b8:6d:
e7:90:83:8f:08:f1:8e:db:a2:f7:83:4e:eb:43:d4:
e4:34:49:6e:26:fe:8a:df:05:cc:63:43:f5:a5:fd:
84:8c:23:3a:97:de:07:ae:04:6e:9f:9b:44:9c:6e:
13:47:e8:c7:fa:af:74:80:96:6c:db:fc:ca:39:ff:
b7:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:E8:EA:DF:25:1B:10:7E:B6:4D:BB:75:31:DF:DB:1A:ED:CB:09:A3
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466373a3a2f34382d3438203d3e20323038343731.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:3df7::/48
Signature Algorithm: sha256WithRSAEncryption
15:a5:94:24:5f:d5:b7:e8:d0:26:1d:71:2a:10:50:77:5b:e7:
bc:e3:12:ee:e1:c2:62:ce:40:59:e5:a9:88:a1:6d:27:bc:15:
80:fb:68:4d:76:bb:de:5a:12:79:12:05:ae:26:b9:18:f2:ea:
49:f2:7b:9b:28:74:21:08:46:36:17:de:df:1a:b8:91:1f:1a:
90:cf:26:b0:d9:f0:f9:4f:a7:e0:2b:7b:6c:90:45:91:a4:fb:
75:6e:af:09:47:f7:39:46:cb:da:5a:6b:e3:50:f7:68:1a:7a:
c3:f7:c9:52:66:b3:94:b5:5e:bb:91:37:d8:42:1f:9a:73:a4:
09:a6:0b:89:33:17:1d:7a:fd:83:bb:5f:d7:e0:39:91:c2:c6:
dc:e4:c2:d3:3a:c0:4f:46:94:5e:f3:7a:f7:d0:6a:c2:77:5d:
65:ff:87:b5:42:e4:69:7f:5c:0a:46:ce:04:8b:c4:37:20:f5:
dd:12:b2:2e:5a:53:dd:4c:90:62:53:fe:c9:ab:f6:53:ea:50:
e2:b7:43:a1:81:9b:b4:d0:52:b2:62:4b:f5:63:3e:fa:9e:77:
d9:08:e1:d6:36:bc:95:33:c7:74:fc:6f:c7:5c:9a:f7:4c:4c:
ca:fa:23:aa:4d:0b:e5:80:92:b9:ee:91:55:fc:aa:c6:06:d3:
20:9e:92:0b
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUV35QGj/DBjCnChFJ2Pr8ntSY9NUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNTA1MjExNDAwNTVaFw0yNjA1MjAxNDA1NTVaMDMxMTAvBgNV
BAMTKDE0RThFQURGMjUxQjEwN0VCNjREQkI3NTMxREZEQjFBRURDQjA5QTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMYhdZZvKJgFC5xhuDN70y9B6u
w8BJCVvo2Eo0yyxg/3ldEaByfcXR4tigQCaUcCOmpVoY2DN3biNLq/SVSnbnuB3+
U68dmdDqEbF4qj6Dj+kLdQvqyKWemVOBemD4v0tFSu6Rqd4GUPIsAOYvBLxvV8gJ
EJzo3amb0nkLgzdNYgrJwe3OpVwiKHozyG+z3l0159nGb1nluD8eBr8pFPK3sJZZ
iFTCC4jSq872wPfW9S7EzcYl0Ozto9KG73vO0tu4beeQg48I8Y7boveDTutD1OQ0
SW4m/orfBcxjQ/Wl/YSMIzqX3geuBG6fm0ScbhNH6Mf6r3SAlmzb/Mo5/7e1AgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUFOjq3yUbEH62Tbt1Md/bGu3LCaMwHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzMzY0NjYzNzNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAzODM0MzczMS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoRKcA99zANBgkqhkiG9w0BAQsFAAOCAQEAFaWUJF/Vt+jQJh1x
KhBQd1vnvOMS7uHCYs5AWeWpiKFtJ7wVgPtoTXa73loSeRIFria5GPLqSfJ7myh0
IQhGNhfe3xq4kR8akM8msNnw+U+n4Ct7bJBFkaT7dW6vCUf3OUbL2lpr41D3aBp6
w/fJUmazlLVeu5E32EIfmnOkCaYLiTMXHXr9g7tf1+A5kcLG3OTC0zrAT0aUXvN6
99BqwnddZf+HtULkaX9cCkbOBIvENyD13RKyLlpT3UyQYlP+yav2U+pQ4rdDoYGb
tNBSsmJL9WM++p532Qjh1ja8lTPHdPxvx1ya90xMyvojqk0L5YCSue6RVfyqxgbT
IJ6SCw==
-----END CERTIFICATE-----
Generated at Fri Jun 6 23:04:04 2025 by rpki-client