Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963363a623030623a3a2f34382d3438203d3e20323132313439.roa
File: 326131313a323963363a623030623a3a2f34382d3438203d3e20323132313439.roa (raw, json)
Hash identifier: OPz+mW4/+Elr53o96CHAlUun2339jHpD7Z25+SlU2rU=
Subject key identifier: 86:BF:B1:BA:BF:F3:42:C3:B3:1B:6A:79:33:40:B5:C8:66:2F:C0:DF
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 2F0991F0494278FD917C98F1339DE60E1DA23703
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963363a623030623a3a2f34382d3438203d3e20323132313439.roa
Signing time: Wed 21 May 2025 14:05:54 +0000
ROA not before: Wed 21 May 2025 14:00:54 +0000
ROA not after: Wed 20 May 2026 14:05:54 +0000
asID: 212149
IP address blocks: 2a11:29c6:b00b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 05 Jun 2025 18:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:09:91:f0:49:42:78:fd:91:7c:98:f1:33:9d:e6:0e:1d:a2:37:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: May 21 14:00:54 2025 GMT
Not After : May 20 14:05:54 2026 GMT
Subject: CN=86BFB1BABFF342C3B31B6A793340B5C8662FC0DF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:82:f4:f2:8a:1c:d6:aa:6f:02:24:83:82:33:
c2:65:d9:8d:f1:e1:04:e2:1d:82:70:2d:2d:22:dd:
a6:a9:2e:ed:c5:cf:9d:09:a1:48:f4:7b:55:b3:de:
1e:2a:3e:46:38:dd:ac:ed:aa:34:46:8f:08:b1:1e:
9c:bd:0c:4e:fc:a8:dd:33:7a:65:c4:9e:da:dc:a4:
33:00:0a:5d:04:dd:17:af:6a:2e:ed:87:3e:ff:84:
b4:1d:08:bd:5f:76:bc:75:f9:07:5e:e9:ad:26:30:
45:26:0f:f7:4f:2c:a6:1b:70:c8:b5:cb:5e:41:84:
05:65:87:01:49:d5:63:1d:ad:75:15:da:cd:fb:1c:
cd:a5:92:61:f1:dd:a0:0e:1b:ec:74:a5:c3:6d:9c:
ec:be:82:81:c8:ec:e2:8b:95:18:5a:ac:c9:33:74:
33:fc:fe:c0:48:a3:80:73:77:ec:a4:f8:0e:69:31:
08:d1:17:30:a9:b2:5b:73:a7:70:6a:ae:05:54:54:
a4:c1:ef:d8:0c:bb:da:04:4d:ef:24:05:cf:4b:ff:
99:29:92:0e:fb:be:ae:07:06:d7:07:46:ad:e9:a1:
af:24:bd:5d:76:ba:b9:77:d2:fa:9b:4a:ba:ee:db:
3e:3a:f8:cd:46:c0:1e:c1:94:50:77:d2:a7:0f:8c:
41:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:BF:B1:BA:BF:F3:42:C3:B3:1B:6A:79:33:40:B5:C8:66:2F:C0:DF
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963363a623030623a3a2f34382d3438203d3e20323132313439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c6:b00b::/48
Signature Algorithm: sha256WithRSAEncryption
67:fc:17:90:aa:f2:d5:1d:70:b9:10:70:b1:54:d2:84:ee:c1:
e6:ee:15:a5:ec:32:a4:7c:72:2f:2e:ac:63:7f:98:f5:03:98:
47:4d:b3:39:73:0b:25:c5:0f:15:06:0a:b5:52:d5:ce:28:da:
ea:d9:3c:35:6f:5b:09:79:00:c4:d1:da:c3:8f:ad:7f:4e:fd:
b8:b7:de:a0:e9:03:f6:7a:04:d1:34:a1:e8:a2:9d:d1:9c:82:
a6:39:cb:e0:41:6f:58:98:f1:65:df:96:00:81:e9:2e:af:20:
c4:56:ac:ba:eb:ce:85:9d:59:c8:1e:a5:ff:b5:b5:59:01:f7:
12:7d:43:8d:97:75:ff:1f:3e:e0:fa:59:6c:c9:b2:72:60:c9:
72:1e:b9:bc:76:e1:d7:c9:b4:2a:6f:c0:4d:2d:9a:b3:bc:2c:
c7:a6:d6:af:13:f9:a8:33:f7:fd:0e:41:45:10:64:6d:26:42:
41:bb:da:d3:4f:06:b7:77:0b:a3:b7:e0:88:88:24:74:e6:85:
70:7f:9a:d7:45:d2:7f:9a:ac:eb:7b:e1:3d:a4:15:af:58:18:
ea:a6:31:b4:53:58:2b:90:e8:f8:61:a1:95:9f:e0:03:51:05:
ea:ec:41:bd:63:db:c2:c1:98:20:97:ec:a9:4a:73:4e:16:bf:
56:fd:56:de
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIULwmR8ElCeP2RfJjxM53mDh2iNwMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNTA1MjExNDAwNTRaFw0yNjA1MjAxNDA1NTRaMDMxMTAvBgNV
BAMTKDg2QkZCMUJBQkZGMzQyQzNCMzFCNkE3OTMzNDBCNUM4NjYyRkMwREYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDggvTyihzWqm8CJIOCM8Jl2Y3x
4QTiHYJwLS0i3aapLu3Fz50JoUj0e1Wz3h4qPkY43aztqjRGjwixHpy9DE78qN0z
emXEntrcpDMACl0E3Revai7thz7/hLQdCL1fdrx1+Qde6a0mMEUmD/dPLKYbcMi1
y15BhAVlhwFJ1WMdrXUV2s37HM2lkmHx3aAOG+x0pcNtnOy+goHI7OKLlRharMkz
dDP8/sBIo4Bzd+yk+A5pMQjRFzCpsltzp3BqrgVUVKTB79gMu9oETe8kBc9L/5kp
kg77vq4HBtcHRq3poa8kvV12url30vqbSrru2z46+M1GwB7BlFB30qcPjEH1AgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUhr+xur/zQsOzG2p5M0C1yGYvwN8wHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzM2
M2E2MjMwMzA2MjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzMjMxMzQzOS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoRKcawCzANBgkqhkiG9w0BAQsFAAOCAQEAZ/wXkKry1R1wuRBw
sVTShO7B5u4VpewypHxyLy6sY3+Y9QOYR02zOXMLJcUPFQYKtVLVzija6tk8NW9b
CXkAxNHaw4+tf079uLfeoOkD9noE0TSh6KKd0ZyCpjnL4EFvWJjxZd+WAIHpLq8g
xFasuuvOhZ1ZyB6l/7W1WQH3En1DjZd1/x8+4PpZbMmycmDJch65vHbh18m0Km/A
TS2as7wsx6bWrxP5qDP3/Q5BRRBkbSZCQbva008Gt3cLo7fgiIgkdOaFcH+a10XS
f5qs63vhPaQVr1gY6qYxtFNYK5Do+GGhlZ/gA1EF6uxBvWPbwsGYIJfsqUpzTha/
Vv1W3g==
-----END CERTIFICATE-----
Generated at Wed Jun 4 22:00:05 2025 by rpki-client