Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963333a623030623a3a2f34382d3438203d3e20323132313439.roa
File: 326131313a323963333a623030623a3a2f34382d3438203d3e20323132313439.roa (raw, json)
Hash identifier: he/C3nESmoc3oB6XMo1IQN7xMBduMYWahVOzk+BFfns=
Subject key identifier: 34:EA:48:45:86:4C:55:63:C9:41:AC:74:25:81:38:02:6B:46:F7:C8
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 5A5B867B989FD94AD49DCA4F76F5FC067EACAA1E
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963333a623030623a3a2f34382d3438203d3e20323132313439.roa
Signing time: Wed 21 May 2025 14:05:56 +0000
ROA not before: Wed 21 May 2025 14:00:56 +0000
ROA not after: Wed 20 May 2026 14:05:56 +0000
asID: 212149
IP address blocks: 2a11:29c3:b00b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 05 Jun 2025 03:30:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:5b:86:7b:98:9f:d9:4a:d4:9d:ca:4f:76:f5:fc:06:7e:ac:aa:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: May 21 14:00:56 2025 GMT
Not After : May 20 14:05:56 2026 GMT
Subject: CN=34EA4845864C5563C941AC74258138026B46F7C8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:8b:08:2e:57:60:1c:44:8d:8f:fc:ab:31:e1:
57:b5:1e:c2:9f:c5:c7:c3:1f:f5:7b:e5:e6:58:c2:
d0:88:38:54:2c:c6:37:15:a3:b2:f0:db:31:92:f5:
ab:14:5d:d7:cb:4e:c3:02:4a:57:66:a7:66:39:dd:
33:a2:d9:85:d3:5c:09:6d:cc:28:20:a9:e1:f1:db:
7a:fa:aa:1e:c4:80:5f:66:c9:a6:83:f6:d4:3f:5f:
61:ac:f0:e7:6b:df:db:46:c4:dc:0f:b1:88:6c:6f:
f2:ee:67:ad:23:d5:ae:78:a3:2e:37:5b:71:5e:af:
d7:42:cb:99:3e:b7:c4:f1:0a:b4:46:2c:de:42:b1:
41:25:fe:0a:d8:e8:53:49:37:97:79:40:3f:4a:d3:
57:d3:17:39:e8:58:2a:86:29:2f:38:c5:c3:a6:a4:
62:79:cc:ed:dc:30:df:18:5e:8c:4b:76:d4:9d:f0:
7f:dc:59:2e:30:5f:1f:61:77:60:44:48:92:a4:28:
f1:e4:aa:16:5c:36:30:12:43:ff:10:bb:58:4d:e3:
c9:d5:2f:d6:c5:6a:c5:95:d5:6a:ff:fd:18:ef:35:
f0:e9:5c:46:37:da:2f:4d:ab:74:1a:db:43:ad:92:
e9:6d:42:28:cb:51:b2:9c:12:64:4e:84:62:9f:41:
2f:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:EA:48:45:86:4C:55:63:C9:41:AC:74:25:81:38:02:6B:46:F7:C8
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963333a623030623a3a2f34382d3438203d3e20323132313439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c3:b00b::/48
Signature Algorithm: sha256WithRSAEncryption
3e:f0:58:a9:53:ba:90:a8:24:fc:22:ce:75:48:c6:7e:62:00:
18:da:17:07:5b:f6:10:92:5a:8d:92:f2:a6:7f:e8:c5:38:10:
86:d9:02:e7:ad:fe:41:42:78:2a:72:37:5b:16:45:ec:d9:47:
12:f6:f2:7d:10:f7:ef:b2:2c:dc:c9:28:37:c4:09:1a:67:2b:
2e:cc:90:7e:6c:5b:a5:d8:bf:7d:e3:65:f0:4b:43:7d:fb:29:
6e:55:ea:0f:f4:db:59:97:3f:55:95:88:42:03:37:6e:cb:99:
71:e0:37:5f:cc:0a:19:89:cc:d9:ee:be:9e:55:d3:62:76:79:
04:a7:3c:64:09:fa:8d:a7:28:fc:33:db:de:b1:de:9b:4b:62:
a4:00:08:65:bc:47:20:79:71:47:bb:9f:a0:b0:7d:d1:26:ba:
43:3c:49:1d:1e:fa:05:2d:30:49:0a:44:46:60:72:a9:8d:d4:
16:64:16:e2:4f:db:41:b5:72:3e:f9:08:d8:c9:2e:1f:0f:9f:
2f:ce:bc:26:3b:10:9b:39:2f:bd:81:4f:40:d2:75:3e:3a:52:
e6:79:12:66:fb:23:37:eb:ec:7e:36:e7:75:b1:b4:3e:08:43:
91:1a:75:38:08:d0:2b:a7:e4:63:f3:33:75:7d:c5:08:76:f5:
4f:26:a0:9c
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUWluGe5if2UrUncpPdvX8Bn6sqh4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNTA1MjExNDAwNTZaFw0yNjA1MjAxNDA1NTZaMDMxMTAvBgNV
BAMTKDM0RUE0ODQ1ODY0QzU1NjNDOTQxQUM3NDI1ODEzODAyNkI0NkY3QzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9iwguV2AcRI2P/Ksx4Ve1HsKf
xcfDH/V75eZYwtCIOFQsxjcVo7Lw2zGS9asUXdfLTsMCSldmp2Y53TOi2YXTXAlt
zCggqeHx23r6qh7EgF9myaaD9tQ/X2Gs8Odr39tGxNwPsYhsb/LuZ60j1a54oy43
W3Fer9dCy5k+t8TxCrRGLN5CsUEl/grY6FNJN5d5QD9K01fTFznoWCqGKS84xcOm
pGJ5zO3cMN8YXoxLdtSd8H/cWS4wXx9hd2BESJKkKPHkqhZcNjASQ/8Qu1hN48nV
L9bFasWV1Wr//RjvNfDpXEY32i9Nq3Qa20OtkultQijLUbKcEmROhGKfQS8pAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUNOpIRYZMVWPJQax0JYE4AmtG98gwHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMz
M2E2MjMwMzA2MjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzMjMxMzQzOS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoRKcOwCzANBgkqhkiG9w0BAQsFAAOCAQEAPvBYqVO6kKgk/CLO
dUjGfmIAGNoXB1v2EJJajZLypn/oxTgQhtkC563+QUJ4KnI3WxZF7NlHEvbyfRD3
77Is3MkoN8QJGmcrLsyQfmxbpdi/feNl8EtDffspblXqD/TbWZc/VZWIQgM3bsuZ
ceA3X8wKGYnM2e6+nlXTYnZ5BKc8ZAn6jaco/DPb3rHem0tipAAIZbxHIHlxR7uf
oLB90Sa6QzxJHR76BS0wSQpERmByqY3UFmQW4k/bQbVyPvkI2MkuHw+fL868JjsQ
mzkvvYFPQNJ1PjpS5nkSZvsjN+vsfjbndbG0PghDkRp1OAjQK6fkY/MzdX3FCHb1
TyagnA==
-----END CERTIFICATE-----
Generated at Wed Jun 4 22:05:05 2025 by rpki-client