Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a34323a3a2f34382d3438203d3e20323135353231.roa
File: 326131313a323963303a34323a3a2f34382d3438203d3e20323135353231.roa (raw, json)
Hash identifier: GBZdRwrpFz+WuHqJ0SUFq+mgJeTJWzXdWSTWr+B1jeE=
Subject key identifier: 3F:FC:44:AB:21:E1:D6:D4:B4:66:99:5D:A5:66:42:59:01:24:34:7C
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 1C9DE43D6B6B06A387418BD464092A1F83BE650B
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a34323a3a2f34382d3438203d3e20323135353231.roa
Signing time: Wed 22 Jan 2025 10:01:40 +0000
ROA not before: Wed 22 Jan 2025 09:56:40 +0000
ROA not after: Wed 21 Jan 2026 10:01:40 +0000
asID: 215521
IP address blocks: 2a11:29c0:42::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 14:04:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:9d:e4:3d:6b:6b:06:a3:87:41:8b:d4:64:09:2a:1f:83:be:65:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: Jan 22 09:56:40 2025 GMT
Not After : Jan 21 10:01:40 2026 GMT
Subject: CN=3FFC44AB21E1D6D4B466995DA56642590124347C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:a4:e9:93:8a:f6:1c:70:ba:56:fe:ef:39:e9:
56:c0:83:95:c1:7f:9c:c4:ff:2b:92:42:3a:4e:c4:
66:51:c2:7c:0e:22:62:35:42:2a:dc:20:66:1e:3f:
1a:bc:75:bd:74:55:eb:57:81:f5:da:b3:5f:b6:bf:
68:ad:3f:4e:9f:0c:0d:33:68:f6:b7:d7:b1:ac:aa:
66:6e:74:98:ed:6c:e5:02:90:0e:b9:60:f2:56:51:
22:18:52:8b:c1:67:da:5f:26:bc:d1:56:07:b5:37:
bc:54:fb:4e:01:53:47:1b:c0:c1:e6:13:6a:5d:0c:
85:ed:f4:65:7e:9a:12:34:8f:d5:1c:d2:77:a9:78:
62:a9:da:b5:81:3f:4d:81:f3:19:b5:7d:e9:02:cc:
c9:57:11:cb:28:59:ae:43:c5:ca:86:f5:bd:55:c2:
07:09:dc:c4:b3:00:4b:4b:22:e6:0c:26:e8:e5:d0:
f1:c0:4c:e2:96:0f:d1:13:1d:1a:fe:31:42:c4:23:
09:7b:42:9d:d0:f2:30:62:44:93:7a:bf:9a:91:20:
bc:f7:0b:0a:7a:df:3f:17:a4:4c:94:8d:96:cf:f2:
75:93:fa:b0:ed:22:8c:d6:5d:3f:35:7e:24:5e:fe:
9e:26:b8:1d:91:4c:e7:58:68:73:f7:be:7c:0b:48:
a1:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:FC:44:AB:21:E1:D6:D4:B4:66:99:5D:A5:66:42:59:01:24:34:7C
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a34323a3a2f34382d3438203d3e20323135353231.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:42::/48
Signature Algorithm: sha256WithRSAEncryption
23:03:31:47:cd:b0:90:b4:f2:cc:e4:1f:cd:97:70:e2:e9:44:
bf:85:c4:8b:47:5e:93:e2:99:d7:82:ad:5d:76:75:69:0d:76:
5f:47:80:b7:b9:fc:b9:c9:e2:3f:f2:e5:1d:95:d7:f2:fa:39:
2e:1e:0a:07:e0:cd:a8:c9:53:56:ea:5c:57:89:71:ed:ab:1d:
c3:05:c5:c0:a9:7c:ad:18:21:70:a6:a7:44:6b:a8:76:cf:e4:
bf:c3:75:29:ed:74:58:24:02:89:c4:e2:4c:e7:c3:8d:66:20:
02:5c:71:37:3c:61:34:16:4e:b3:cf:1a:1e:22:96:6e:90:60:
a5:64:99:f6:73:22:a0:60:14:22:11:90:98:5c:96:e2:18:0a:
59:33:ab:c4:9f:69:5a:33:f2:8f:de:d4:eb:24:5e:f0:3e:20:
ea:5a:bb:78:f3:10:c1:23:26:3d:ec:70:cc:b1:f7:87:da:47:
42:7d:42:43:c5:a9:bb:db:96:e9:08:47:5f:be:1b:85:cd:a2:
c3:f2:f4:61:25:a1:34:6b:dc:cb:8e:21:56:79:13:71:7c:fb:
f9:1b:dd:d9:91:a0:be:92:b9:ec:fc:ee:7c:5d:06:e1:1c:f8:
a0:86:ac:7a:52:ff:a9:cf:1c:db:a1:ee:b4:78:59:57:c9:a4:
fd:47:0b:75
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUHJ3kPWtrBqOHQYvUZAkqH4O+ZQswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNTAxMjIwOTU2NDBaFw0yNjAxMjExMDAxNDBaMDMxMTAvBgNV
BAMTKDNGRkM0NEFCMjFFMUQ2RDRCNDY2OTk1REE1NjY0MjU5MDEyNDM0N0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrpOmTivYccLpW/u856VbAg5XB
f5zE/yuSQjpOxGZRwnwOImI1QircIGYePxq8db10VetXgfXas1+2v2itP06fDA0z
aPa317GsqmZudJjtbOUCkA65YPJWUSIYUovBZ9pfJrzRVge1N7xU+04BU0cbwMHm
E2pdDIXt9GV+mhI0j9Uc0nepeGKp2rWBP02B8xm1fekCzMlXEcsoWa5DxcqG9b1V
wgcJ3MSzAEtLIuYMJujl0PHATOKWD9ETHRr+MULEIwl7Qp3Q8jBiRJN6v5qRILz3
Cwp63z8XpEyUjZbP8nWT+rDtIozWXT81fiRe/p4muB2RTOdYaHP3vnwLSKG7AgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUP/xEqyHh1tS0ZpldpWZCWQEkNHwwHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzNDMyM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzMTM1MzUzMjMxLnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAKhEpwABCMA0GCSqGSIb3DQEBCwUAA4IBAQAjAzFHzbCQtPLM5B/Nl3Di
6US/hcSLR16T4pnXgq1ddnVpDXZfR4C3ufy5yeI/8uUdldfy+jkuHgoH4M2oyVNW
6lxXiXHtqx3DBcXAqXytGCFwpqdEa6h2z+S/w3Up7XRYJAKJxOJM58ONZiACXHE3
PGE0Fk6zzxoeIpZukGClZJn2cyKgYBQiEZCYXJbiGApZM6vEn2laM/KP3tTrJF7w
PiDqWrt48xDBIyY97HDMsfeH2kdCfUJDxam725bpCEdfvhuFzaLD8vRhJaE0a9zL
jiFWeRNxfPv5G93ZkaC+krns/O58XQbhHPighqx6Uv+pzxzboe60eFlXyaT9Rwt1
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:32:02 2025 by rpki-client