Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a623030623a3a2f34382d3438203d3e20323132313439.roa
File: 326131313a323963303a623030623a3a2f34382d3438203d3e20323132313439.roa (raw, json)
Hash identifier: kzFxzl7aOZK0oGIrxvTnTanK7KgBQ6a0zQ/dnidCwY0=
Subject key identifier: 72:EE:61:D4:13:73:B8:40:45:33:CD:FC:FB:83:DC:8D:5E:10:5B:0D
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 44F0725CD16689C558FF7B0DD3F8CE4D5A2CC821
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a623030623a3a2f34382d3438203d3e20323132313439.roa
Signing time: Wed 21 May 2025 14:05:54 +0000
ROA not before: Wed 21 May 2025 14:00:54 +0000
ROA not after: Wed 20 May 2026 14:05:54 +0000
asID: 212149
IP address blocks: 2a11:29c0:b00b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 05 Jun 2025 03:30:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:f0:72:5c:d1:66:89:c5:58:ff:7b:0d:d3:f8:ce:4d:5a:2c:c8:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: May 21 14:00:54 2025 GMT
Not After : May 20 14:05:54 2026 GMT
Subject: CN=72EE61D41373B8404533CDFCFB83DC8D5E105B0D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:c8:25:4a:d0:7c:c7:da:b6:37:20:f1:54:c3:
39:9b:dd:ed:46:f4:10:9e:e3:be:c2:70:72:08:b5:
15:c9:76:2d:91:58:3a:ad:ca:05:b8:d2:49:9b:65:
62:01:ee:bf:a2:cb:8b:3b:74:b2:00:3f:ae:d6:21:
86:ca:aa:c3:3d:d4:3f:f0:60:9b:a4:3b:58:c7:c4:
0c:f3:77:68:a2:22:a0:34:d5:24:a5:d7:d1:40:dd:
95:3d:a2:28:9e:69:ad:c0:68:0e:77:c7:f7:51:71:
49:3c:78:01:ab:f8:29:f5:4b:d8:25:71:fa:ef:15:
80:63:36:85:be:c4:99:fb:fa:d5:d2:5c:f1:1d:2e:
89:d2:d6:a6:2c:6d:0a:a5:4f:1e:c9:57:09:33:6d:
3e:cb:d6:a3:75:77:81:a7:7a:d6:6e:3a:40:ed:7b:
d6:bf:e6:80:e2:7d:a5:ed:12:15:27:d9:ff:f0:47:
25:06:48:65:e6:0f:7b:d7:f5:04:39:e0:ef:31:62:
17:4d:c4:e4:81:a6:af:a9:3a:31:e6:63:d8:e0:05:
75:5e:7e:1a:69:45:13:8c:54:70:76:d7:98:ac:c9:
6f:a9:f6:e0:47:2a:31:bb:71:3f:8c:e2:ee:cc:ae:
4c:37:56:5e:20:e4:1e:1d:00:85:40:c0:33:7f:72:
94:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:EE:61:D4:13:73:B8:40:45:33:CD:FC:FB:83:DC:8D:5E:10:5B:0D
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a623030623a3a2f34382d3438203d3e20323132313439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:b00b::/48
Signature Algorithm: sha256WithRSAEncryption
93:89:97:9a:6d:fc:0b:a5:55:0e:45:d2:fd:b4:83:99:c4:91:
d5:9e:d7:72:d1:be:9d:df:9f:dc:fb:03:b4:a9:8b:08:2e:33:
cc:6e:3f:b5:77:85:59:18:7a:65:e4:f7:81:17:0f:25:0f:02:
56:31:e7:e3:63:ff:f9:6a:54:85:3e:2b:61:8b:75:5a:e7:3c:
95:71:f9:e1:9e:6d:bf:b5:cb:cc:02:50:9e:88:92:ed:25:a9:
2f:c7:c2:a5:8b:46:94:84:29:61:15:a4:56:4b:dd:ab:65:b7:
2a:8b:a7:94:83:7e:64:37:39:3b:1b:7d:ad:f8:f4:63:07:7f:
f6:10:7b:ea:0c:25:ed:ab:fc:dc:8a:a4:de:b3:8f:84:f5:7b:
31:e4:3d:8d:25:65:b9:12:28:39:c4:83:83:9d:ca:02:db:bf:
43:e6:5f:96:b5:5b:c7:c7:c9:6c:74:35:35:72:3d:02:ee:2c:
12:c9:90:b5:1e:37:f3:4e:ce:2a:fd:b6:ea:98:de:68:a6:47:
ac:0b:7a:46:cd:26:d0:b4:ac:a4:55:39:33:d4:28:47:28:99:
dd:0f:07:81:a8:72:57:59:19:f5:f8:9e:07:dc:5e:59:e6:3f:
f5:ae:70:88:b1:d9:8c:f0:7b:c8:84:42:a9:dc:81:91:b5:2f:
99:72:9a:fd
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIURPByXNFmicVY/3sN0/jOTVosyCEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNTA1MjExNDAwNTRaFw0yNjA1MjAxNDA1NTRaMDMxMTAvBgNV
BAMTKDcyRUU2MUQ0MTM3M0I4NDA0NTMzQ0RGQ0ZCODNEQzhENUUxMDVCMEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLyCVK0HzH2rY3IPFUwzmb3e1G
9BCe477CcHIItRXJdi2RWDqtygW40kmbZWIB7r+iy4s7dLIAP67WIYbKqsM91D/w
YJukO1jHxAzzd2iiIqA01SSl19FA3ZU9oiieaa3AaA53x/dRcUk8eAGr+Cn1S9gl
cfrvFYBjNoW+xJn7+tXSXPEdLonS1qYsbQqlTx7JVwkzbT7L1qN1d4GnetZuOkDt
e9a/5oDifaXtEhUn2f/wRyUGSGXmD3vX9QQ54O8xYhdNxOSBpq+pOjHmY9jgBXVe
fhppRROMVHB215isyW+p9uBHKjG7cT+M4u7Mrkw3Vl4g5B4dAIVAwDN/cpTLAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUcu5h1BNzuEBFM838+4PcjV4QWw0wHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2E2MjMwMzA2MjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzMjMxMzQzOS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoRKcCwCzANBgkqhkiG9w0BAQsFAAOCAQEAk4mXmm38C6VVDkXS
/bSDmcSR1Z7XctG+nd+f3PsDtKmLCC4zzG4/tXeFWRh6ZeT3gRcPJQ8CVjHn42P/
+WpUhT4rYYt1Wuc8lXH54Z5tv7XLzAJQnoiS7SWpL8fCpYtGlIQpYRWkVkvdq2W3
KounlIN+ZDc5Oxt9rfj0Ywd/9hB76gwl7av83Iqk3rOPhPV7MeQ9jSVluRIoOcSD
g53KAtu/Q+ZflrVbx8fJbHQ1NXI9Au4sEsmQtR43807OKv226pjeaKZHrAt6Rs0m
0LSspFU5M9QoRyiZ3Q8HgahyV1kZ9fieB9xeWeY/9a5wiLHZjPB7yIRCqdyBkbUv
mXKa/Q==
-----END CERTIFICATE-----
Generated at Wed Jun 4 22:05:05 2025 by rpki-client