Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963323a623030623a3a2f34382d3438203d3e20323132313439.roa
File: 326131313a323963323a623030623a3a2f34382d3438203d3e20323132313439.roa (raw, json)
Hash identifier: UKJOYel/JfQg4gvkhDR9yYw03yYGqLO3VzHrcZ+TS18=
Subject key identifier: C7:6C:9F:B6:F7:EF:11:31:E4:E5:B5:0C:8E:0D:FF:E3:CB:BF:A3:F9
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 6AF362FC384727713FA9F81444068C5519F0C7A7
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963323a623030623a3a2f34382d3438203d3e20323132313439.roa
Signing time: Wed 21 May 2025 14:05:54 +0000
ROA not before: Wed 21 May 2025 14:00:54 +0000
ROA not after: Wed 20 May 2026 14:05:54 +0000
asID: 212149
IP address blocks: 2a11:29c2:b00b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 05 Jun 2025 18:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:f3:62:fc:38:47:27:71:3f:a9:f8:14:44:06:8c:55:19:f0:c7:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: May 21 14:00:54 2025 GMT
Not After : May 20 14:05:54 2026 GMT
Subject: CN=C76C9FB6F7EF1131E4E5B50C8E0DFFE3CBBFA3F9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:eb:96:14:26:e2:27:33:7f:9b:81:71:33:45:
2c:67:b1:29:aa:7e:8b:9c:69:18:8a:b9:e2:97:df:
7e:6e:e5:aa:4e:84:82:24:20:4e:32:18:a4:30:92:
46:7a:8d:f7:27:5b:f4:c5:0b:7c:3b:83:f7:a4:61:
54:70:7a:c5:fe:02:e5:d7:b9:42:db:67:c0:58:74:
4f:24:53:b8:e9:26:77:80:ba:ff:2f:38:37:8f:00:
21:6f:1d:39:20:8b:02:47:02:2f:f2:c3:0f:7b:8d:
15:89:a2:7f:63:03:9c:d7:88:2d:2f:4c:09:0a:55:
af:ca:bf:90:a0:cf:24:90:d3:b0:78:3b:f9:11:9b:
8e:7a:c0:39:9c:e5:1b:e8:73:45:74:a8:4b:52:82:
38:6b:92:fb:69:2f:f3:c4:e4:d6:ef:57:a3:89:27:
1c:30:a3:36:35:3b:d5:63:df:aa:3e:df:7a:c0:19:
6c:1a:5a:c5:44:da:6f:f9:da:c1:5a:90:e3:ce:63:
06:b2:5a:8b:d6:16:99:4d:bc:b8:62:f2:9d:15:4e:
ad:00:16:35:1f:d2:42:74:fd:30:a8:0e:4f:8d:59:
0d:68:73:62:94:07:5f:bc:28:e8:e6:79:45:4a:37:
6c:70:a2:1a:86:08:05:ce:a3:c6:c0:35:0a:44:31:
97:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:6C:9F:B6:F7:EF:11:31:E4:E5:B5:0C:8E:0D:FF:E3:CB:BF:A3:F9
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963323a623030623a3a2f34382d3438203d3e20323132313439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c2:b00b::/48
Signature Algorithm: sha256WithRSAEncryption
4b:97:c1:a7:8c:56:8f:fd:0d:c6:1e:3f:6d:7a:f2:36:e7:78:
08:f5:70:da:52:c8:db:a4:f2:be:d6:6d:76:0f:d3:9f:ae:1e:
7e:0f:3e:62:00:fe:68:5f:97:7b:1a:e8:09:75:94:a7:0c:c9:
ab:25:0e:2f:cb:b7:66:fe:3c:48:48:6b:e8:c6:a8:f3:84:e3:
58:c0:f4:8e:e1:9d:eb:85:70:ca:e1:11:4c:e3:4c:3f:7d:18:
ea:4f:df:3d:b9:e5:a2:15:b9:6f:1d:b4:ec:65:0a:24:eb:c4:
26:e0:70:6e:68:f9:67:f4:19:80:48:d8:d9:d1:59:75:49:9d:
2f:66:85:c0:b6:1a:0c:22:1e:37:ae:f4:17:ef:c2:72:ab:c6:
b9:e2:5b:e8:4b:0b:f6:2f:f3:3e:ab:c5:18:0b:ad:a2:9f:fc:
40:b5:0f:54:98:5b:c3:c9:0b:aa:12:43:87:10:80:95:c1:01:
08:d5:bc:c5:5a:81:b6:62:77:3d:3a:0b:fb:fe:9c:ac:b0:69:
98:8e:f9:80:cd:2f:5d:0a:51:28:47:c2:79:b9:4b:c8:72:04:
2b:6c:f3:8e:62:42:a9:75:3c:33:54:19:c6:cc:bf:fa:41:0d:
4e:13:2f:39:28:fc:86:9f:8a:d3:0e:05:7e:6a:3a:5d:3c:dd:
07:9b:ac:85
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUavNi/DhHJ3E/qfgURAaMVRnwx6cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNTA1MjExNDAwNTRaFw0yNjA1MjAxNDA1NTRaMDMxMTAvBgNV
BAMTKEM3NkM5RkI2RjdFRjExMzFFNEU1QjUwQzhFMERGRkUzQ0JCRkEzRjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC165YUJuInM3+bgXEzRSxnsSmq
foucaRiKueKX335u5apOhIIkIE4yGKQwkkZ6jfcnW/TFC3w7g/ekYVRwesX+AuXX
uULbZ8BYdE8kU7jpJneAuv8vODePACFvHTkgiwJHAi/yww97jRWJon9jA5zXiC0v
TAkKVa/Kv5CgzySQ07B4O/kRm456wDmc5Rvoc0V0qEtSgjhrkvtpL/PE5NbvV6OJ
JxwwozY1O9Vj36o+33rAGWwaWsVE2m/52sFakOPOYwayWovWFplNvLhi8p0VTq0A
FjUf0kJ0/TCoDk+NWQ1oc2KUB1+8KOjmeUVKN2xwohqGCAXOo8bANQpEMZcxAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUx2yftvfvETHk5bUMjg3/48u/o/kwHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMy
M2E2MjMwMzA2MjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzMjMxMzQzOS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoRKcKwCzANBgkqhkiG9w0BAQsFAAOCAQEAS5fBp4xWj/0Nxh4/
bXryNud4CPVw2lLI26TyvtZtdg/Tn64efg8+YgD+aF+XexroCXWUpwzJqyUOL8u3
Zv48SEhr6Mao84TjWMD0juGd64VwyuERTONMP30Y6k/fPbnlohW5bx207GUKJOvE
JuBwbmj5Z/QZgEjY2dFZdUmdL2aFwLYaDCIeN670F+/CcqvGueJb6EsL9i/zPqvF
GAutop/8QLUPVJhbw8kLqhJDhxCAlcEBCNW8xVqBtmJ3PToL+/6crLBpmI75gM0v
XQpRKEfCeblLyHIEK2zzjmJCqXU8M1QZxsy/+kENThMvOSj8hp+K0w4Ffmo6XTzd
B5ushQ==
-----END CERTIFICATE-----
Generated at Wed Jun 4 22:01:29 2025 by rpki-client