Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466613a3a2f34382d3438203d3e20323038383530.roa
File: 326131313a323963303a336466613a3a2f34382d3438203d3e20323038383530.roa (raw, json)
Hash identifier: YNCkbxEE87efYCeQn9FLrPl1UbonQbsx65VD1ekAOaA=
Subject key identifier: 5A:88:BA:42:32:A3:90:A5:1B:80:0B:C3:03:8C:9F:39:3E:F5:9F:DE
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 392DDC3D6F4B63BFEFF73E190F2596F37F1A1F53
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466613a3a2f34382d3438203d3e20323038383530.roa
Signing time: Wed 21 May 2025 14:05:55 +0000
ROA not before: Wed 21 May 2025 14:00:55 +0000
ROA not after: Wed 20 May 2026 14:05:55 +0000
asID: 208850
IP address blocks: 2a11:29c0:3dfa::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 10:22:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:2d:dc:3d:6f:4b:63:bf:ef:f7:3e:19:0f:25:96:f3:7f:1a:1f:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: May 21 14:00:55 2025 GMT
Not After : May 20 14:05:55 2026 GMT
Subject: CN=5A88BA4232A390A51B800BC3038C9F393EF59FDE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:69:5e:9c:0e:6a:42:d2:37:41:00:90:65:01:
e3:4c:c2:be:d5:0c:ae:26:87:9a:77:8d:f6:b7:5d:
f2:bf:69:2b:7a:f3:d5:29:4d:3f:a9:25:83:b6:f8:
07:e0:f7:db:d2:42:83:c2:3c:1b:af:6e:2a:0c:0c:
8e:29:1e:ae:eb:b9:10:b6:d9:7c:54:56:c0:bc:05:
bc:e5:e6:e3:9a:ce:b5:6b:8f:52:13:ec:c6:35:b4:
4a:cd:1c:85:79:07:82:9c:af:f7:d8:49:8c:a5:ec:
73:5a:03:72:b0:13:ba:6c:5f:39:53:b0:19:2d:de:
0e:4e:23:8c:3b:f2:26:a3:85:c5:fa:be:87:8f:c2:
b5:61:2b:6b:df:8a:48:bf:4a:e1:07:94:09:51:71:
0e:25:b4:1c:3c:31:62:4a:8f:e5:84:5d:05:e1:b3:
b3:50:70:41:1d:26:06:10:c1:03:77:e8:51:34:3a:
71:df:e1:f7:96:3c:ff:b6:87:81:c7:88:e3:f2:2c:
29:59:2e:25:7c:fd:7d:1d:54:c1:a7:38:66:39:17:
ed:eb:f8:1f:6e:80:dc:e2:36:82:99:3f:a9:0c:e8:
c0:ab:43:02:64:83:ac:01:1d:53:be:d2:8d:ae:93:
b7:cf:40:46:9c:b9:d6:f7:f9:7f:c6:89:6d:47:12:
25:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:88:BA:42:32:A3:90:A5:1B:80:0B:C3:03:8C:9F:39:3E:F5:9F:DE
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466613a3a2f34382d3438203d3e20323038383530.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:3dfa::/48
Signature Algorithm: sha256WithRSAEncryption
86:e5:d9:f3:63:2d:33:d1:9e:85:7b:67:ef:3d:1f:62:08:5d:
d7:93:e7:db:50:71:b1:1e:1e:1d:79:8e:ab:c9:c1:02:03:c1:
65:cf:39:c4:04:1e:9f:8a:14:60:44:e3:cd:d0:87:43:88:0f:
02:d3:4d:70:d8:a0:63:03:b0:30:38:73:72:ca:29:7d:6e:12:
63:65:77:5d:f7:60:e0:ce:d0:41:c3:a4:11:80:8a:b7:10:81:
3a:c0:d0:12:0b:05:4f:7d:ba:54:93:b1:92:9b:ef:0a:44:86:
55:bd:1f:27:2e:4b:15:32:cc:8a:22:a9:61:8d:ed:c5:ed:09:
55:fc:63:58:94:56:81:3b:5b:67:86:47:f4:b4:11:af:01:3e:
fa:e6:c2:bd:e3:80:57:03:79:e2:24:df:bd:07:60:8e:be:c4:
e3:b3:ca:35:87:c8:76:f3:b3:7c:38:9e:4a:95:09:9e:90:fd:
4d:b4:5b:37:70:a6:b8:c0:cf:ba:79:99:2d:86:0d:b1:35:be:
38:da:c1:eb:25:b5:ab:07:5b:b4:f4:25:25:61:3b:f7:f1:89:
ac:61:bd:40:78:52:07:9b:5a:17:6e:da:01:e3:68:34:8c:71:
d4:76:7d:37:65:0a:ac:66:8e:73:7c:b9:e5:97:32:10:79:fe:
6a:34:0f:b1
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUOS3cPW9LY7/v9z4ZDyWW838aH1MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNTA1MjExNDAwNTVaFw0yNjA1MjAxNDA1NTVaMDMxMTAvBgNV
BAMTKDVBODhCQTQyMzJBMzkwQTUxQjgwMEJDMzAzOEM5RjM5M0VGNTlGREUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpaV6cDmpC0jdBAJBlAeNMwr7V
DK4mh5p3jfa3XfK/aSt689UpTT+pJYO2+Afg99vSQoPCPBuvbioMDI4pHq7ruRC2
2XxUVsC8Bbzl5uOazrVrj1IT7MY1tErNHIV5B4Kcr/fYSYyl7HNaA3KwE7psXzlT
sBkt3g5OI4w78iajhcX6voePwrVhK2vfiki/SuEHlAlRcQ4ltBw8MWJKj+WEXQXh
s7NQcEEdJgYQwQN36FE0OnHf4feWPP+2h4HHiOPyLClZLiV8/X0dVMGnOGY5F+3r
+B9ugNziNoKZP6kM6MCrQwJkg6wBHVO+0o2uk7fPQEacudb3+X/GiW1HEiV5AgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUWoi6QjKjkKUbgAvDA4yfOT71n94wHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzMzY0NjY2MTNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAzODM4MzUzMC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoRKcA9+jANBgkqhkiG9w0BAQsFAAOCAQEAhuXZ82MtM9GehXtn
7z0fYghd15Pn21BxsR4eHXmOq8nBAgPBZc85xAQen4oUYETjzdCHQ4gPAtNNcNig
YwOwMDhzcsopfW4SY2V3Xfdg4M7QQcOkEYCKtxCBOsDQEgsFT326VJOxkpvvCkSG
Vb0fJy5LFTLMiiKpYY3txe0JVfxjWJRWgTtbZ4ZH9LQRrwE++ubCveOAVwN54iTf
vQdgjr7E47PKNYfIdvOzfDieSpUJnpD9TbRbN3CmuMDPunmZLYYNsTW+ONrB6yW1
qwdbtPQlJWE79/GJrGG9QHhSB5taF27aAeNoNIxx1HZ9N2UKrGaOc3y55ZcyEHn+
ajQPsQ==
-----END CERTIFICATE-----
Generated at Fri Jun 6 22:43:10 2025 by rpki-client