Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466643a3a2f34382d3438203d3e20323036303538.roa
File: 326131313a323963303a336466643a3a2f34382d3438203d3e20323036303538.roa (raw, json)
Hash identifier: C/w26Ca7m7yUGszebsxVHed1hECeaD8W0QFjfL7oPew=
Subject key identifier: 89:4B:2A:33:BB:86:AF:C9:A3:43:E9:A4:38:40:50:59:08:52:CD:71
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 040084220BC4DE2394C57325D505FF84950FFBA7
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466643a3a2f34382d3438203d3e20323036303538.roa
Signing time: Wed 21 May 2025 14:05:53 +0000
ROA not before: Wed 21 May 2025 14:00:53 +0000
ROA not after: Wed 20 May 2026 14:05:53 +0000
asID: 206058
IP address blocks: 2a11:29c0:3dfd::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 10:22:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:00:84:22:0b:c4:de:23:94:c5:73:25:d5:05:ff:84:95:0f:fb:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: May 21 14:00:53 2025 GMT
Not After : May 20 14:05:53 2026 GMT
Subject: CN=894B2A33BB86AFC9A343E9A4384050590852CD71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:a7:c2:02:d2:4b:e6:2f:5d:69:65:e8:04:3d:
7c:86:5f:b0:a5:8a:9b:2f:8e:64:57:f6:34:52:bd:
2f:e1:21:9c:cc:c8:d5:71:1f:aa:44:5d:54:cd:25:
14:bd:22:31:a2:c7:96:62:a7:16:85:10:08:8f:77:
0e:c7:be:85:3c:76:22:0e:a9:9d:c0:a2:01:30:ac:
87:df:aa:70:4a:25:5b:ae:cb:e5:2e:8f:b9:68:df:
32:ac:c5:f4:89:6e:44:37:4d:fc:9a:0a:47:9c:33:
a0:41:53:76:90:9c:b8:9a:05:b9:6c:d0:59:a2:18:
b3:ba:48:be:3d:dc:b5:22:d9:1e:4b:e9:e3:2f:e5:
cc:62:63:d7:fe:e3:e2:38:6a:b0:df:e1:33:bf:7f:
91:7e:5a:19:94:3a:54:8c:bb:6a:ce:e6:fa:93:ef:
37:ae:5b:d2:88:68:7f:e1:fe:d4:5e:00:48:8a:12:
6c:02:fa:1e:23:77:51:cb:8e:0e:2c:70:c3:23:f3:
b2:ef:c3:5f:d4:cc:f0:9b:27:60:ee:84:ba:4b:af:
9e:3b:6c:ae:cf:10:79:af:1f:1a:03:f4:f9:8f:c9:
16:06:b0:58:c8:f4:13:7c:a1:15:48:27:88:8b:a0:
9b:72:9b:7e:15:ab:51:8e:41:25:22:af:f7:9e:6f:
de:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:4B:2A:33:BB:86:AF:C9:A3:43:E9:A4:38:40:50:59:08:52:CD:71
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466643a3a2f34382d3438203d3e20323036303538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:3dfd::/48
Signature Algorithm: sha256WithRSAEncryption
4b:a7:ba:a2:36:86:79:7f:f4:54:b2:9e:86:fb:66:60:55:15:
67:f5:f3:e8:6e:73:be:35:fb:d0:cd:a2:9b:ee:c6:f3:66:e2:
8a:c4:25:9e:a2:a2:22:6f:4d:d8:eb:a8:ba:70:1e:9a:4d:fd:
ef:a7:3f:77:94:08:40:12:8e:48:f8:e1:40:f1:07:e7:9c:08:
3b:75:55:69:4b:87:fa:82:e8:2d:4d:01:59:46:40:a9:2a:30:
2c:d1:63:49:4b:89:1a:58:3f:90:4d:18:39:53:d2:d7:b6:2b:
af:4e:c8:11:e7:fa:41:2e:20:38:e2:78:43:70:b4:8b:d3:3f:
b2:8a:d5:b8:c5:c2:ef:c5:c4:43:64:d3:49:c3:1e:18:a1:4d:
9f:e1:3d:e0:be:c0:76:ab:c9:20:3e:f7:bb:d0:43:72:65:76:
cf:0f:aa:e4:75:5e:f0:3f:c4:e7:46:81:da:33:f4:47:43:c9:
60:a2:ea:37:ae:52:9a:13:c3:f2:5d:49:cc:ba:0b:c9:a7:0e:
d6:68:5b:2b:dc:93:b5:fc:f4:eb:79:fe:fa:6a:3e:a5:9e:9b:
50:54:8d:f9:84:df:1b:7f:76:32:7c:f0:b1:53:30:98:fd:6c:
2e:e6:a7:88:db:2d:1f:9c:69:f9:61:4b:db:a3:b0:33:1e:d6:
37:ff:65:80
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUBACEIgvE3iOUxXMl1QX/hJUP+6cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNTA1MjExNDAwNTNaFw0yNjA1MjAxNDA1NTNaMDMxMTAvBgNV
BAMTKDg5NEIyQTMzQkI4NkFGQzlBMzQzRTlBNDM4NDA1MDU5MDg1MkNENzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRp8IC0kvmL11pZegEPXyGX7Cl
ipsvjmRX9jRSvS/hIZzMyNVxH6pEXVTNJRS9IjGix5ZipxaFEAiPdw7HvoU8diIO
qZ3AogEwrIffqnBKJVuuy+Uuj7lo3zKsxfSJbkQ3TfyaCkecM6BBU3aQnLiaBbls
0FmiGLO6SL493LUi2R5L6eMv5cxiY9f+4+I4arDf4TO/f5F+WhmUOlSMu2rO5vqT
7zeuW9KIaH/h/tReAEiKEmwC+h4jd1HLjg4scMMj87Lvw1/UzPCbJ2DuhLpLr547
bK7PEHmvHxoD9PmPyRYGsFjI9BN8oRVIJ4iLoJtym34Vq1GOQSUir/eeb94xAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUiUsqM7uGr8mjQ+mkOEBQWQhSzXEwHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzMzY0NjY2NDNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAzNjMwMzUzOC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoRKcA9/TANBgkqhkiG9w0BAQsFAAOCAQEAS6e6ojaGeX/0VLKe
hvtmYFUVZ/Xz6G5zvjX70M2im+7G82biisQlnqKiIm9N2OuounAemk3976c/d5QI
QBKOSPjhQPEH55wIO3VVaUuH+oLoLU0BWUZAqSowLNFjSUuJGlg/kE0YOVPS17Yr
r07IEef6QS4gOOJ4Q3C0i9M/sorVuMXC78XEQ2TTScMeGKFNn+E94L7AdqvJID73
u9BDcmV2zw+q5HVe8D/E50aB2jP0R0PJYKLqN65SmhPD8l1JzLoLyacO1mhbK9yT
tfz063n++mo+pZ6bUFSN+YTfG392MnzwsVMwmP1sLuaniNstH5xp+WFL26OwMx7W
N/9lgA==
-----END CERTIFICATE-----
Generated at Fri Jun 6 22:53:51 2025 by rpki-client