Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a33663a3a2f34382d3438203d3e20323131373437.roa
File: 326131313a323963303a33663a3a2f34382d3438203d3e20323131373437.roa (raw, json)
Hash identifier: lV52ksMBdE3DqThMYpmKYTD9GfjGMbOvt6NE290qvrY=
Subject key identifier: 82:A7:6E:E2:AF:33:A5:FE:C9:72:4B:F4:44:2F:EE:7D:34:C1:3F:18
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 048C13123A7860E0D6F351FB66AD998F8769D724
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a33663a3a2f34382d3438203d3e20323131373437.roa
Signing time: Fri 30 May 2025 11:16:03 +0000
ROA not before: Fri 30 May 2025 11:11:03 +0000
ROA not after: Fri 29 May 2026 11:16:03 +0000
asID: 211747
IP address blocks: 2a11:29c0:3f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 10:22:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:8c:13:12:3a:78:60:e0:d6:f3:51:fb:66:ad:99:8f:87:69:d7:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: May 30 11:11:03 2025 GMT
Not After : May 29 11:16:03 2026 GMT
Subject: CN=82A76EE2AF33A5FEC9724BF4442FEE7D34C13F18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:05:32:18:ab:3d:d2:ff:4c:a7:55:71:20:d7:
ec:60:7e:d0:70:e9:4a:a1:0f:b9:44:fd:9b:1e:46:
55:e8:36:2a:08:15:6f:37:c1:3e:15:75:8a:1a:14:
8c:88:5d:c6:99:5c:74:3a:d5:90:0c:36:78:6d:cc:
a2:85:e6:f3:84:e7:43:09:5e:59:fe:85:bf:1b:7c:
2a:68:f9:bc:81:e2:6a:89:65:2f:b2:02:05:d9:f5:
1e:88:c3:11:fc:4b:d4:8c:51:11:a9:79:4d:cb:73:
58:93:25:fe:17:69:2b:bd:0f:41:2f:f8:4e:c5:b7:
58:47:10:58:04:a3:98:33:a9:03:7c:5a:18:ae:03:
b0:46:36:c0:85:c2:1c:13:8a:c8:2e:07:8f:54:fb:
ee:e7:63:75:13:7e:ce:06:01:18:ab:9a:d8:77:b7:
57:4a:0e:87:f7:c9:54:d6:b3:cf:e5:76:a0:6a:12:
68:15:55:82:a1:b7:fe:d9:bf:6a:dc:43:e6:50:97:
71:01:b8:e4:4a:c3:e1:80:01:cb:e3:cf:f8:94:30:
d7:27:c3:af:08:3d:01:81:d7:7c:80:c7:e7:e4:62:
a8:61:a1:00:d6:bb:66:aa:5b:9f:f2:7b:f5:d6:f9:
03:9e:16:ab:0d:89:8f:63:3b:ef:16:5a:1a:ea:19:
e6:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:A7:6E:E2:AF:33:A5:FE:C9:72:4B:F4:44:2F:EE:7D:34:C1:3F:18
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a33663a3a2f34382d3438203d3e20323131373437.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:3f::/48
Signature Algorithm: sha256WithRSAEncryption
4f:98:ed:42:b5:a8:4b:4e:72:b9:cf:ba:70:cf:1c:25:11:fb:
6a:e8:e7:d3:84:aa:e3:89:e0:14:1c:89:95:09:54:5e:46:60:
07:f3:2b:f1:50:d1:aa:19:47:f8:a1:e4:5e:14:fc:53:b4:02:
1c:7e:f0:e0:a6:ac:ec:d1:a1:d8:a8:2e:e9:2f:0f:19:9a:f7:
b4:9c:5f:28:9a:c3:a0:1d:cb:82:d9:2a:ff:e9:51:92:ea:e9:
70:73:78:a4:f9:d3:9c:74:ad:29:67:5c:4a:12:ca:b9:05:29:
f1:1a:62:3b:8a:19:1d:cb:13:fd:f5:c7:58:9e:63:a4:75:f6:
7b:eb:83:49:56:60:f1:e7:c5:05:26:c3:7d:7e:01:b5:07:e5:
96:14:65:fb:2b:c8:cf:dd:99:b7:01:06:01:77:aa:83:7e:9c:
f9:55:cd:59:38:47:0b:70:80:66:46:90:de:5d:52:28:e5:90:
93:ec:cc:aa:11:e2:98:56:79:70:1e:d1:bc:3e:dd:d3:c6:7d:
38:51:c8:4d:5c:2f:5a:f9:dd:ef:42:de:58:7c:92:df:c1:47:
a9:76:bb:69:5d:8b:4c:bc:86:ef:1f:1d:0f:06:7c:d0:27:e3:
fd:03:e6:24:e0:e2:88:08:f1:0a:cf:cc:17:18:46:a0:bb:0b:
27:b5:1d:10
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUBIwTEjp4YODW81H7Zq2Zj4dp1yQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNTA1MzAxMTExMDNaFw0yNjA1MjkxMTE2MDNaMDMxMTAvBgNV
BAMTKDgyQTc2RUUyQUYzM0E1RkVDOTcyNEJGNDQ0MkZFRTdEMzRDMTNGMTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+BTIYqz3S/0ynVXEg1+xgftBw
6UqhD7lE/ZseRlXoNioIFW83wT4VdYoaFIyIXcaZXHQ61ZAMNnhtzKKF5vOE50MJ
Xln+hb8bfCpo+byB4mqJZS+yAgXZ9R6IwxH8S9SMURGpeU3Lc1iTJf4XaSu9D0Ev
+E7Ft1hHEFgEo5gzqQN8WhiuA7BGNsCFwhwTisguB49U++7nY3UTfs4GARirmth3
t1dKDof3yVTWs8/ldqBqEmgVVYKht/7Zv2rcQ+ZQl3EBuORKw+GAAcvjz/iUMNcn
w68IPQGB13yAx+fkYqhhoQDWu2aqW5/ye/XW+QOeFqsNiY9jO+8WWhrqGeafAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUgqdu4q8zpf7Jckv0RC/ufTTBPxgwHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzMzY2M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzMTMxMzczNDM3LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAKhEpwAA/MA0GCSqGSIb3DQEBCwUAA4IBAQBPmO1CtahLTnK5z7pwzxwl
Eftq6OfThKrjieAUHImVCVReRmAH8yvxUNGqGUf4oeReFPxTtAIcfvDgpqzs0aHY
qC7pLw8Zmve0nF8omsOgHcuC2Sr/6VGS6ulwc3ik+dOcdK0pZ1xKEsq5BSnxGmI7
ihkdyxP99cdYnmOkdfZ764NJVmDx58UFJsN9fgG1B+WWFGX7K8jP3Zm3AQYBd6qD
fpz5Vc1ZOEcLcIBmRpDeXVIo5ZCT7MyqEeKYVnlwHtG8Pt3Txn04UchNXC9a+d3v
Qt5YfJLfwUepdrtpXYtMvIbvHx0PBnzQJ+P9A+Yk4OKICPEKz8wXGEaguwsntR0Q
-----END CERTIFICATE-----
Generated at Fri Jun 6 22:44:55 2025 by rpki-client