Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963343a623030623a3a2f34382d3438203d3e20323132313439.roa
File: 326131313a323963343a623030623a3a2f34382d3438203d3e20323132313439.roa (raw, json)
Hash identifier: qjZPxwNl6VoEF+M22ydOVp+XUsc3wslZo5bN/uclHh8=
Subject key identifier: 96:AF:F4:7A:F8:F5:1C:26:B3:0F:67:21:A3:18:99:A2:7F:89:AD:25
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: ADE94186A62F9623336CDDDA66B2F314801AEC
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963343a623030623a3a2f34382d3438203d3e20323132313439.roa
Signing time: Wed 21 May 2025 14:05:55 +0000
ROA not before: Wed 21 May 2025 14:00:55 +0000
ROA not after: Wed 20 May 2026 14:05:55 +0000
asID: 212149
IP address blocks: 2a11:29c4:b00b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 05 Jun 2025 18:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
ad:e9:41:86:a6:2f:96:23:33:6c:dd:da:66:b2:f3:14:80:1a:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: May 21 14:00:55 2025 GMT
Not After : May 20 14:05:55 2026 GMT
Subject: CN=96AFF47AF8F51C26B30F6721A31899A27F89AD25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:81:1d:15:92:99:34:1b:07:d5:be:01:78:4c:
50:ac:48:5b:3b:4b:3b:13:0a:60:75:c0:9a:7c:9a:
bc:d5:17:47:fe:67:84:46:b2:05:04:37:a8:2a:f7:
e6:ad:d8:65:9e:5d:fb:45:a0:2e:71:b7:e4:f9:d8:
91:41:09:cb:53:21:fb:35:30:3f:fc:1a:f5:70:97:
ac:3a:b6:6f:50:ec:e1:a6:9b:8e:7c:a7:08:b6:26:
de:76:e4:16:93:f8:91:ed:e2:66:c1:a6:80:3a:a9:
5f:3d:43:f0:dc:9e:b1:f3:f7:f3:4c:4b:4d:df:92:
02:f9:e8:46:65:61:36:fe:e5:f4:92:16:95:8f:3e:
62:12:37:57:f2:ef:e2:39:d1:c8:97:7f:42:56:32:
e7:23:89:e5:38:40:7a:eb:53:2b:e0:8b:57:ce:33:
ea:fc:8e:ed:b9:d0:b1:9d:5c:81:de:03:ca:c1:fd:
0a:1b:7f:e0:e9:c7:ee:8d:0a:85:44:91:73:23:f8:
8d:ec:d3:b8:81:7d:c7:b9:45:56:fc:df:69:21:0a:
57:6e:af:ff:14:33:17:66:c8:71:38:ec:fe:1d:e8:
b5:3b:c6:d2:64:7d:4b:48:e4:30:3d:0c:f4:4c:2a:
44:2f:27:c9:d1:b7:4a:6c:2f:55:06:c6:07:35:20:
dc:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:AF:F4:7A:F8:F5:1C:26:B3:0F:67:21:A3:18:99:A2:7F:89:AD:25
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963343a623030623a3a2f34382d3438203d3e20323132313439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c4:b00b::/48
Signature Algorithm: sha256WithRSAEncryption
54:58:3f:e1:c9:1d:60:22:77:24:54:5f:40:51:5b:53:15:4d:
de:85:e1:fa:1e:2a:4a:c2:ce:3f:ea:7c:94:f2:3a:cc:75:7c:
04:52:34:4b:80:75:b7:c8:66:eb:96:6a:b5:f1:54:3d:00:7a:
57:0e:7f:9b:a6:94:4a:64:34:44:d4:e0:55:0f:0d:36:8d:a8:
e6:e5:18:5d:18:33:a3:75:1b:02:95:a5:a8:3a:08:6c:3d:80:
d8:8e:ae:0b:4a:02:d4:c6:95:77:97:f3:73:3d:33:39:db:86:
23:2a:c5:b0:e8:0d:79:bb:2d:d5:d7:43:7a:02:92:ff:87:3e:
54:3b:dc:4b:be:7c:70:34:c7:f9:db:8b:4d:f1:9e:07:65:a6:
f6:a8:af:d8:09:9e:ca:eb:19:a8:57:f5:d0:8e:a2:88:8b:87:
b9:23:83:a2:05:3b:8c:d2:26:e3:71:a3:61:39:6f:33:15:4d:
0e:1c:e6:b2:b3:ea:34:e4:ce:45:18:6b:a1:6d:d9:1e:49:e1:
63:15:5b:75:70:7d:23:ac:b1:a8:4c:c0:02:d5:1c:13:3f:a2:
7e:57:ae:7d:03:3a:c7:4a:b7:a4:77:b4:2c:fc:46:f0:62:c8:
f6:0c:58:45:c5:3a:df:4a:58:17:64:fa:ee:73:28:c6:1e:6d:
b9:4c:45:68
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUAK3pQYamL5YjM2zd2may8xSAGuwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNTA1MjExNDAwNTVaFw0yNjA1MjAxNDA1NTVaMDMxMTAvBgNV
BAMTKDk2QUZGNDdBRjhGNTFDMjZCMzBGNjcyMUEzMTg5OUEyN0Y4OUFEMjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMgR0Vkpk0GwfVvgF4TFCsSFs7
SzsTCmB1wJp8mrzVF0f+Z4RGsgUEN6gq9+at2GWeXftFoC5xt+T52JFBCctTIfs1
MD/8GvVwl6w6tm9Q7OGmm458pwi2Jt525BaT+JHt4mbBpoA6qV89Q/DcnrHz9/NM
S03fkgL56EZlYTb+5fSSFpWPPmISN1fy7+I50ciXf0JWMucjieU4QHrrUyvgi1fO
M+r8ju250LGdXIHeA8rB/Qobf+Dpx+6NCoVEkXMj+I3s07iBfce5RVb832khCldu
r/8UMxdmyHE47P4d6LU7xtJkfUtI5DA9DPRMKkQvJ8nRt0psL1UGxgc1INxxAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUlq/0evj1HCazD2choxiZon+JrSUwHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzM0
M2E2MjMwMzA2MjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzMjMxMzQzOS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoRKcSwCzANBgkqhkiG9w0BAQsFAAOCAQEAVFg/4ckdYCJ3JFRf
QFFbUxVN3oXh+h4qSsLOP+p8lPI6zHV8BFI0S4B1t8hm65ZqtfFUPQB6Vw5/m6aU
SmQ0RNTgVQ8NNo2o5uUYXRgzo3UbApWlqDoIbD2A2I6uC0oC1MaVd5fzcz0zOduG
IyrFsOgNebst1ddDegKS/4c+VDvcS758cDTH+duLTfGeB2Wm9qiv2AmeyusZqFf1
0I6iiIuHuSODogU7jNIm43GjYTlvMxVNDhzmsrPqNOTORRhroW3ZHknhYxVbdXB9
I6yxqEzAAtUcEz+ifleufQM6x0q3pHe0LPxG8GLI9gxYRcU630pYF2T67nMoxh5t
uUxFaA==
-----END CERTIFICATE-----
Generated at Wed Jun 4 22:01:27 2025 by rpki-client