Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963353a623030623a3a2f34382d3438203d3e20323132313439.roa
File: 326131313a323963353a623030623a3a2f34382d3438203d3e20323132313439.roa (raw, json)
Hash identifier: OKSSep6KjMNwzvo9j08qZv0t8OtZKlQGnfWiGL4Zj5U=
Subject key identifier: 43:59:30:1F:0C:E9:9C:2B:E5:2B:17:E6:D3:02:7D:74:F1:C9:EB:84
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 5B95F606293A5E677DEC9699E8BBB613B4DC1B8C
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963353a623030623a3a2f34382d3438203d3e20323132313439.roa
Signing time: Wed 21 May 2025 14:05:53 +0000
ROA not before: Wed 21 May 2025 14:00:53 +0000
ROA not after: Wed 20 May 2026 14:05:53 +0000
asID: 212149
IP address blocks: 2a11:29c5:b00b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 05 Jun 2025 18:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:95:f6:06:29:3a:5e:67:7d:ec:96:99:e8:bb:b6:13:b4:dc:1b:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: May 21 14:00:53 2025 GMT
Not After : May 20 14:05:53 2026 GMT
Subject: CN=4359301F0CE99C2BE52B17E6D3027D74F1C9EB84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:18:f0:fe:4a:29:16:4b:73:4a:46:00:f6:3f:
1b:40:29:4d:68:08:8c:f6:77:0c:70:5c:a4:fc:68:
d9:58:c8:d5:cd:a3:64:68:68:14:18:3a:b2:7e:24:
e8:4d:4f:7e:73:48:3e:c5:b1:cb:0f:b3:0d:9c:06:
aa:b5:5a:31:46:b6:f5:87:f0:c6:1b:a2:64:ce:09:
bc:5b:42:0c:22:12:dd:e8:70:ba:73:83:9b:96:df:
fa:61:fc:c9:eb:ae:59:46:ed:b3:ea:89:c6:55:2d:
f6:ad:49:bd:29:45:1c:2e:0e:f3:9f:c7:ea:96:0b:
2b:2e:ad:74:ef:5f:9b:8a:66:fe:3d:6c:0b:ff:0c:
ac:76:7a:53:d6:61:19:87:b3:47:41:fc:43:ab:cc:
c2:a7:9b:79:b5:0b:e3:18:b8:14:05:c3:aa:be:8d:
38:ce:97:53:c5:10:56:eb:53:3d:85:18:32:8e:17:
79:41:da:15:32:30:6d:f9:1e:16:88:55:31:93:44:
11:fe:04:0d:c3:23:41:9c:f0:76:8e:f1:0c:8c:e5:
93:b9:c7:d5:21:84:28:e0:ea:8d:e8:80:45:00:ce:
ae:74:e6:a0:de:3a:d6:a9:28:b8:87:5d:19:c7:de:
83:fc:a9:49:e4:06:ff:d4:30:45:13:f5:f7:8c:72:
2e:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:59:30:1F:0C:E9:9C:2B:E5:2B:17:E6:D3:02:7D:74:F1:C9:EB:84
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963353a623030623a3a2f34382d3438203d3e20323132313439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c5:b00b::/48
Signature Algorithm: sha256WithRSAEncryption
12:30:09:7c:84:69:1e:11:34:e2:49:c0:6b:e2:19:7f:67:1c:
15:fe:d6:4b:3d:1b:18:ed:06:89:f8:cf:9e:17:b3:0c:07:8e:
ce:05:3a:5e:88:92:f4:e1:1a:47:06:a8:07:53:47:ac:94:75:
e1:32:55:4b:35:aa:ae:b9:22:7b:f6:8a:d8:45:b7:d4:15:7a:
76:4a:0e:7b:1e:71:41:0f:d8:6a:5f:3e:c3:00:f8:34:83:81:
18:b0:de:ce:2a:88:82:e8:0f:1f:9c:9d:a1:01:b5:87:57:bd:
ce:a2:6b:12:c8:09:87:ba:62:2e:97:29:1e:80:83:05:2e:2d:
7f:69:c5:f2:86:8f:e7:c6:48:4a:ba:42:d5:6a:74:8b:9e:c8:
27:22:56:6b:62:04:8b:49:82:41:30:18:1a:88:e0:80:e2:1e:
eb:e0:ca:56:38:73:3e:56:a7:ef:a2:df:e0:96:96:d9:4e:52:
0e:db:3b:9d:63:7e:37:90:f1:1a:75:de:64:8e:b7:9c:42:a2:
a4:bb:f6:0b:14:ca:a2:2c:14:68:58:cb:10:70:66:34:91:7d:
40:49:94:2d:65:61:23:84:69:76:3e:d0:6d:0a:62:ed:02:3d:
ef:e9:25:79:7f:a2:38:8f:21:10:24:b4:51:95:8e:3d:fb:b6:
ad:93:8d:b2
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUW5X2Bik6Xmd97JaZ6Lu2E7TcG4wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNTA1MjExNDAwNTNaFw0yNjA1MjAxNDA1NTNaMDMxMTAvBgNV
BAMTKDQzNTkzMDFGMENFOTlDMkJFNTJCMTdFNkQzMDI3RDc0RjFDOUVCODQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnGPD+SikWS3NKRgD2PxtAKU1o
CIz2dwxwXKT8aNlYyNXNo2RoaBQYOrJ+JOhNT35zSD7FscsPsw2cBqq1WjFGtvWH
8MYbomTOCbxbQgwiEt3ocLpzg5uW3/ph/MnrrllG7bPqicZVLfatSb0pRRwuDvOf
x+qWCysurXTvX5uKZv49bAv/DKx2elPWYRmHs0dB/EOrzMKnm3m1C+MYuBQFw6q+
jTjOl1PFEFbrUz2FGDKOF3lB2hUyMG35HhaIVTGTRBH+BA3DI0Gc8HaO8QyM5ZO5
x9UhhCjg6o3ogEUAzq505qDeOtapKLiHXRnH3oP8qUnkBv/UMEUT9feMci7FAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUQ1kwHwzpnCvlKxfm0wJ9dPHJ64QwHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzM1
M2E2MjMwMzA2MjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzMjMxMzQzOS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoRKcWwCzANBgkqhkiG9w0BAQsFAAOCAQEAEjAJfIRpHhE04knA
a+IZf2ccFf7WSz0bGO0GifjPnhezDAeOzgU6XoiS9OEaRwaoB1NHrJR14TJVSzWq
rrkie/aK2EW31BV6dkoOex5xQQ/Yal8+wwD4NIOBGLDeziqIgugPH5ydoQG1h1e9
zqJrEsgJh7piLpcpHoCDBS4tf2nF8oaP58ZISrpC1Wp0i57IJyJWa2IEi0mCQTAY
GojggOIe6+DKVjhzPlan76Lf4JaW2U5SDts7nWN+N5DxGnXeZI63nEKipLv2CxTK
oiwUaFjLEHBmNJF9QEmULWVhI4Rpdj7QbQpi7QI97+kleX+iOI8hECS0UZWOPfu2
rZONsg==
-----END CERTIFICATE-----
Generated at Wed Jun 4 22:05:05 2025 by rpki-client