Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/87ae25f3-706b-47ed-bb74-46684ae0ef2b/0/326130623a366338313a3a2f33322d3332203d3e20323135383338.roa
File: 326130623a366338313a3a2f33322d3332203d3e20323135383338.roa (raw, json)
Hash identifier: 5mcUsW8Gu/iSzerp0Wwk+smZAmRaAGiznqu01bMcUDg=
Subject key identifier: EA:41:16:D4:12:C1:8F:31:AA:7A:22:AE:B0:DE:FC:D2:13:4F:19:31
Certificate issuer: /CN=b3d0280f500695a43204251c9830454ca8a2e7ac
Certificate serial: 69959F4D7D0E4145AF027274209AC0E96D35BA
Authority key identifier: B3:D0:28:0F:50:06:95:A4:32:04:25:1C:98:30:45:4C:A8:A2:E7:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s9AoD1AGlaQyBCUcmDBFTKii56w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/87ae25f3-706b-47ed-bb74-46684ae0ef2b/0/326130623a366338313a3a2f33322d3332203d3e20323135383338.roa
Signing time: Tue 15 Apr 2025 09:54:01 +0000
ROA not before: Tue 15 Apr 2025 09:49:01 +0000
ROA not after: Tue 14 Apr 2026 09:54:01 +0000
asID: 215838
IP address blocks: 2a0b:6c81::/32 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/87ae25f3-706b-47ed-bb74-46684ae0ef2b/0/B3D0280F500695A43204251C9830454CA8A2E7AC.crl
rsync://rsync.paas.rpki.ripe.net/repository/87ae25f3-706b-47ed-bb74-46684ae0ef2b/0/B3D0280F500695A43204251C9830454CA8A2E7AC.mft
rsync://rpki.ripe.net/repository/DEFAULT/s9AoD1AGlaQyBCUcmDBFTKii56w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 20 Apr 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:95:9f:4d:7d:0e:41:45:af:02:72:74:20:9a:c0:e9:6d:35:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3d0280f500695a43204251c9830454ca8a2e7ac
Validity
Not Before: Apr 15 09:49:01 2025 GMT
Not After : Apr 14 09:54:01 2026 GMT
Subject: CN=EA4116D412C18F31AA7A22AEB0DEFCD2134F1931
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:56:09:15:96:96:fe:e6:60:fb:68:92:a7:52:
eb:f0:98:bf:fd:74:4e:47:d3:09:d3:85:25:69:21:
e2:22:31:39:e1:3a:4e:d1:15:75:c4:7a:83:69:85:
d9:48:cf:eb:7d:46:87:5a:2f:ad:ce:a5:10:4a:1e:
9b:59:92:5a:75:97:9e:74:f1:a7:5b:62:ff:29:cf:
7f:be:dd:4a:44:1d:20:26:e4:f0:99:ec:5d:60:1c:
06:31:3e:e5:86:86:15:5f:8a:1e:7b:cc:56:05:91:
1c:3b:44:e1:60:2f:0e:68:6d:b5:3d:52:4f:7a:a3:
a2:9a:fd:72:e6:6d:d1:b1:b9:a7:c1:ed:4d:f0:1d:
51:f7:8d:55:10:a0:be:e2:f6:be:1d:d4:a4:f5:31:
ce:f4:14:c2:cf:4b:4f:22:dc:e4:91:47:b9:3d:e2:
e3:89:78:d1:80:bf:ef:5b:81:55:8b:56:f1:68:25:
ad:c7:99:ce:3c:85:eb:05:c6:9f:24:31:39:b0:48:
66:7e:4f:36:c4:39:42:3f:9e:43:f7:0e:d0:06:bf:
dd:00:30:30:57:30:ad:36:41:8e:5b:a6:80:95:65:
29:64:2d:d9:e4:55:47:3a:8b:96:1f:de:12:b5:5c:
3b:30:0d:72:0e:77:0d:b8:4e:53:7a:4b:87:35:77:
7a:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:41:16:D4:12:C1:8F:31:AA:7A:22:AE:B0:DE:FC:D2:13:4F:19:31
X509v3 Authority Key Identifier:
keyid:B3:D0:28:0F:50:06:95:A4:32:04:25:1C:98:30:45:4C:A8:A2:E7:AC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/87ae25f3-706b-47ed-bb74-46684ae0ef2b/0/B3D0280F500695A43204251C9830454CA8A2E7AC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s9AoD1AGlaQyBCUcmDBFTKii56w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/87ae25f3-706b-47ed-bb74-46684ae0ef2b/0/326130623a366338313a3a2f33322d3332203d3e20323135383338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:6c81::/32
Signature Algorithm: sha256WithRSAEncryption
9a:72:16:d4:d1:9e:d7:2e:85:af:c2:4d:45:aa:4b:8b:d4:9b:
b4:a1:d4:ac:ff:e4:b6:43:93:5e:a7:ee:3c:72:af:0f:1f:d3:
09:6f:76:cf:3f:03:12:b8:30:fe:d3:c3:1f:5a:81:61:1f:5b:
99:bb:b8:2a:93:02:de:d4:31:2f:14:3e:6e:83:c0:ff:2f:53:
e3:72:4f:1a:b7:83:60:e4:2e:e2:bc:af:f0:49:7e:9b:df:db:
b3:53:01:a2:01:84:aa:f0:66:c6:c6:31:f9:2a:5d:70:73:10:
ec:48:11:57:4f:29:29:62:60:49:ad:bb:8c:c9:cd:ef:8d:ea:
63:9b:93:73:11:e9:47:6f:c4:f7:dd:7a:94:b1:3e:be:0b:8b:
71:19:bf:da:c5:10:37:88:c6:c1:ed:5e:5d:28:bd:99:7c:ae:
da:c8:89:93:79:92:ae:aa:cd:9e:8e:a3:76:26:9d:ca:b5:3e:
a6:a1:3d:d8:73:df:8d:21:a8:8d:1e:1b:28:63:c1:d8:86:f0:
3b:dc:0a:d6:85:ca:d5:df:6d:37:e4:18:3f:75:49:27:8a:5f:
2f:78:08:d0:e9:da:e7:ce:95:2b:87:68:c4:2b:22:90:dd:4e:
43:a3:c0:eb:81:d6:d1:65:63:5d:5b:d0:2f:5d:80:48:1c:42:
8c:0d:b6:72
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgITaZWfTX0OQUWvAnJ0IJrA6W01ujANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEyhiM2QwMjgwZjUwMDY5NWE0MzIwNDI1MWM5ODMwNDU0Y2E4
YTJlN2FjMB4XDTI1MDQxNTA5NDkwMVoXDTI2MDQxNDA5NTQwMVowMzExMC8GA1UE
AxMoRUE0MTE2RDQxMkMxOEYzMUFBN0EyMkFFQjBERUZDRDIxMzRGMTkzMTCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALNWCRWWlv7mYPtokqdS6/CYv/10
TkfTCdOFJWkh4iIxOeE6TtEVdcR6g2mF2UjP631Gh1ovrc6lEEoem1mSWnWXnnTx
p1ti/ynPf77dSkQdICbk8JnsXWAcBjE+5YaGFV+KHnvMVgWRHDtE4WAvDmhttT1S
T3qjopr9cuZt0bG5p8HtTfAdUfeNVRCgvuL2vh3UpPUxzvQUws9LTyLc5JFHuT3i
44l40YC/71uBVYtW8WglrceZzjyF6wXGnyQxObBIZn5PNsQ5Qj+eQ/cO0Aa/3QAw
MFcwrTZBjlumgJVlKWQt2eRVRzqLlh/eErVcOzANcg53DbhOU3pLhzV3encCAwEA
AaOCAj4wggI6MB0GA1UdDgQWBBTqQRbUEsGPMap6Iq6w3vzSE08ZMTAfBgNVHSME
GDAWgBSz0CgPUAaVpDIEJRyYMEVMqKLnrDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5u
ZXQvcmVwb3NpdG9yeS84N2FlMjVmMy03MDZiLTQ3ZWQtYmI3NC00NjY4NGFlMGVm
MmIvMC9CM0QwMjgwRjUwMDY5NUE0MzIwNDI1MUM5ODMwNDU0Q0E4QTJFN0FDLmNy
bDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvczlBb0QxQUdsYVF5QkNVY21EQkZUS2lp
NTZ3LmNlcjCBrQYIKwYBBQUHAQsEgaAwgZ0wgZoGCCsGAQUFBzALhoGNcnN5bmM6
Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84N2FlMjVmMy03
MDZiLTQ3ZWQtYmI3NC00NjY4NGFlMGVmMmIvMC8zMjYxMzA2MjNhMzY2MzM4MzEz
YTNhMmYzMzMyMmQzMzMyMjAzZDNlMjAzMjMxMzUzODMzMzgucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAq
C2yBMA0GCSqGSIb3DQEBCwUAA4IBAQCachbU0Z7XLoWvwk1FqkuL1Ju0odSs/+S2
Q5Nep+48cq8PH9MJb3bPPwMSuDD+08MfWoFhH1uZu7gqkwLe1DEvFD5ug8D/L1Pj
ck8at4Ng5C7ivK/wSX6b39uzUwGiAYSq8GbGxjH5Kl1wcxDsSBFXTykpYmBJrbuM
yc3vjepjm5NzEelHb8T33XqUsT6+C4txGb/axRA3iMbB7V5dKL2ZfK7ayImTeZKu
qs2ejqN2Jp3KtT6moT3Yc9+NIaiNHhsoY8HYhvA73ArWhcrV32035Bg/dUknil8v
eAjQ6drnzpUrh2jEKyKQ3U5Do8DrgdbRZWNdW9AvXYBIHEKMDbZy
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:45:38 2025 by rpki-client