Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a33653a3a2f34382d3438203d3e20323135343031.roa
File: 326131313a323963303a33653a3a2f34382d3438203d3e20323135343031.roa (raw, json)
Hash identifier: 44yeRGhVWp/YCQE0EwQPp+O5iyiAMRc+wZk2cpq5CLs=
Subject key identifier: A7:2A:FF:21:5D:A2:3A:6C:47:31:E9:9F:C3:C0:0F:0E:78:A9:A5:70
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 1FF2B66FA8B08600451FE601F422E4FA2059F315
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a33653a3a2f34382d3438203d3e20323135343031.roa
Signing time: Thu 30 Jan 2025 15:01:40 +0000
ROA not before: Thu 30 Jan 2025 14:56:40 +0000
ROA not after: Thu 29 Jan 2026 15:01:40 +0000
asID: 215401
IP address blocks: 2a11:29c0:3e::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 14:04:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:f2:b6:6f:a8:b0:86:00:45:1f:e6:01:f4:22:e4:fa:20:59:f3:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: Jan 30 14:56:40 2025 GMT
Not After : Jan 29 15:01:40 2026 GMT
Subject: CN=A72AFF215DA23A6C4731E99FC3C00F0E78A9A570
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:bd:4e:54:9f:01:f4:c7:84:ca:b3:ac:68:f0:
92:d1:86:3c:ba:d8:b1:90:74:d6:4d:51:85:22:3c:
f9:f1:70:fb:7a:bb:7c:6b:9f:01:f4:99:12:d9:96:
d2:b1:ae:bc:1a:3c:7e:c5:51:76:7c:1d:5b:18:86:
ee:95:e4:3a:2b:9c:6a:3a:cd:a2:99:57:c5:b0:79:
5d:db:24:13:d6:44:1b:8a:f0:34:30:64:f4:8c:c8:
02:87:34:61:9a:01:4d:ad:4b:3d:f4:c6:f3:85:3e:
f0:8f:57:72:40:ab:b1:53:79:58:93:8d:1d:6e:e7:
86:24:93:d8:25:d2:77:09:76:b3:35:58:6d:c9:25:
09:03:a5:e3:5c:2c:7e:b8:82:5d:6b:3e:bc:1e:56:
b0:44:8e:5b:fc:03:2b:ca:63:19:aa:bf:6a:6f:b3:
36:db:d7:1d:fe:a8:c7:d0:f1:d5:ab:df:dd:04:c1:
d8:2f:3d:4a:d7:7f:1b:e9:64:d1:1e:1d:c8:ac:95:
15:f1:57:0f:f6:d6:4a:28:79:7d:67:ee:0b:d9:a5:
45:90:6b:c9:8c:0c:28:11:0f:aa:2c:40:78:6f:d0:
31:2a:b2:81:82:d2:95:e6:3b:b8:ef:56:4e:06:6a:
6c:bf:3a:04:61:8d:2e:12:78:d2:09:78:37:25:83:
1b:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:2A:FF:21:5D:A2:3A:6C:47:31:E9:9F:C3:C0:0F:0E:78:A9:A5:70
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a33653a3a2f34382d3438203d3e20323135343031.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:3e::/48
Signature Algorithm: sha256WithRSAEncryption
05:ea:35:6b:29:48:37:6a:98:32:ac:d0:ed:62:7e:8a:b5:59:
9d:0c:a8:d4:c6:6a:fa:c3:5f:69:bc:2d:99:84:ed:83:92:4d:
4d:9f:0b:3b:5c:af:a0:a3:90:2f:2d:87:6e:80:3d:8f:b7:d0:
af:c1:bf:d8:c6:79:75:4c:cf:2f:3c:cd:19:b5:ab:9a:fa:9f:
0d:fa:f5:9f:94:7c:60:b3:ca:6e:51:83:76:c9:df:1f:1e:5c:
ef:8c:21:c5:74:50:72:50:28:a0:de:56:1a:f6:6b:ae:88:dd:
c6:d8:68:59:f0:b1:1c:c1:c4:46:04:9e:5c:17:1b:00:36:af:
27:df:1e:c9:93:22:bf:5c:60:ad:ee:12:fc:a6:41:4d:63:7f:
56:be:09:3a:64:d0:83:f1:9e:00:47:be:c8:9e:cc:c0:cb:15:
6e:83:ed:70:67:0b:2d:4c:a6:62:61:b7:4a:68:12:f9:95:44:
60:be:17:c8:d9:8f:93:3f:11:9a:9d:9e:cc:7a:ef:0c:76:cf:
1f:09:c5:77:1a:7a:d6:f8:2a:21:63:82:25:55:eb:ef:50:b9:
dc:e7:11:ba:b5:79:2b:57:47:a0:e5:ae:9c:dc:33:02:d2:db:
4b:94:92:f7:ae:03:73:a3:55:d2:c6:26:53:a8:8c:1b:39:f0:
d3:97:5a:1a
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUH/K2b6iwhgBFH+YB9CLk+iBZ8xUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNTAxMzAxNDU2NDBaFw0yNjAxMjkxNTAxNDBaMDMxMTAvBgNV
BAMTKEE3MkFGRjIxNURBMjNBNkM0NzMxRTk5RkMzQzAwRjBFNzhBOUE1NzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClvU5UnwH0x4TKs6xo8JLRhjy6
2LGQdNZNUYUiPPnxcPt6u3xrnwH0mRLZltKxrrwaPH7FUXZ8HVsYhu6V5DornGo6
zaKZV8WweV3bJBPWRBuK8DQwZPSMyAKHNGGaAU2tSz30xvOFPvCPV3JAq7FTeViT
jR1u54Ykk9gl0ncJdrM1WG3JJQkDpeNcLH64gl1rPrweVrBEjlv8AyvKYxmqv2pv
szbb1x3+qMfQ8dWr390EwdgvPUrXfxvpZNEeHcislRXxVw/21kooeX1n7gvZpUWQ
a8mMDCgRD6osQHhv0DEqsoGC0pXmO7jvVk4Gamy/OgRhjS4SeNIJeDclgxt9AgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUpyr/IV2iOmxHMemfw8APDnippXAwHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzMzY1M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzMTM1MzQzMDMxLnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAKhEpwAA+MA0GCSqGSIb3DQEBCwUAA4IBAQAF6jVrKUg3apgyrNDtYn6K
tVmdDKjUxmr6w19pvC2ZhO2Dkk1Nnws7XK+go5AvLYdugD2Pt9Cvwb/Yxnl1TM8v
PM0Ztaua+p8N+vWflHxgs8puUYN2yd8fHlzvjCHFdFByUCig3lYa9muuiN3G2GhZ
8LEcwcRGBJ5cFxsANq8n3x7JkyK/XGCt7hL8pkFNY39Wvgk6ZNCD8Z4AR77InszA
yxVug+1wZwstTKZiYbdKaBL5lURgvhfI2Y+TPxGanZ7Meu8Mds8fCcV3GnrW+Coh
Y4IlVevvULnc5xG6tXkrV0eg5a6c3DMC0ttLlJL3rgNzo1XSxiZTqIwbOfDTl1oa
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:37:45 2025 by rpki-client