Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8acfa318-2a5c-4241-afbb-387d71e8c596/0/326131343a373538313a366664303a3a2f34342d3434203d3e20323135393334.roa
File: 326131343a373538313a366664303a3a2f34342d3434203d3e20323135393334.roa (raw, json)
Hash identifier: DW9x/Ypi7+2R2UY9/K8dZ/0qnoPd2+cxPJg/Of/mWSc=
Subject key identifier: 04:3C:FB:89:36:14:B0:81:1D:2D:CD:FD:12:80:E0:46:19:9C:24:AA
Certificate issuer: /CN=3509F37A88DA7D8DF5D8355261259C1D418E541C
Certificate serial: 5AB56C8923E00AA212D0F281653EAD58C4FEE956
Authority key identifier: 35:09:F3:7A:88:DA:7D:8D:F5:D8:35:52:61:25:9C:1D:41:8E:54:1C
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/3509F37A88DA7D8DF5D8355261259C1D418E541C.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8acfa318-2a5c-4241-afbb-387d71e8c596/0/326131343a373538313a366664303a3a2f34342d3434203d3e20323135393334.roa
Signing time: Thu 20 Mar 2025 09:06:11 +0000
ROA not before: Thu 20 Mar 2025 09:01:11 +0000
ROA not after: Thu 19 Mar 2026 09:06:11 +0000
asID: 215934
IP address blocks: 2a14:7581:6fd0::/44 maxlen: 44
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8acfa318-2a5c-4241-afbb-387d71e8c596/0/3509F37A88DA7D8DF5D8355261259C1D418E541C.crl
rsync://rsync.paas.rpki.ripe.net/repository/8acfa318-2a5c-4241-afbb-387d71e8c596/0/3509F37A88DA7D8DF5D8355261259C1D418E541C.mft
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/3509F37A88DA7D8DF5D8355261259C1D418E541C.cer
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 03:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:b5:6c:89:23:e0:0a:a2:12:d0:f2:81:65:3e:ad:58:c4:fe:e9:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3509F37A88DA7D8DF5D8355261259C1D418E541C
Validity
Not Before: Mar 20 09:01:11 2025 GMT
Not After : Mar 19 09:06:11 2026 GMT
Subject: CN=043CFB893614B0811D2DCDFD1280E046199C24AA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:96:21:44:1e:df:01:ad:e1:ac:8c:86:3d:f4:
1f:4e:1a:d6:30:70:09:9a:6a:18:64:91:0b:1a:3a:
ed:a4:16:dd:2b:01:f1:6c:7e:71:2e:1c:08:73:d0:
fd:ea:98:c1:f3:d5:40:b2:d3:2e:c8:74:c7:ac:a6:
a0:02:a0:b7:f6:ac:1c:74:e3:30:2a:47:85:7c:60:
c7:e2:55:58:33:aa:16:a3:56:43:86:44:61:b5:72:
76:a7:97:ea:36:72:f0:58:85:62:08:a4:6f:e7:90:
04:82:33:09:6d:78:f5:bd:96:d9:e9:5b:9b:d2:03:
a0:91:4f:b7:94:75:59:7c:9b:42:df:d4:df:8c:d8:
91:0b:1d:6e:8e:e1:52:93:80:9a:55:3e:34:55:a2:
4c:22:39:cf:ae:ce:5c:3c:72:ca:0f:68:ae:ca:0f:
0e:9d:5d:70:76:15:bc:e2:f7:c6:84:31:ef:f3:52:
de:10:57:02:20:9d:ba:9d:12:86:25:4d:9d:8b:b9:
8b:e3:ab:c2:73:84:dc:b6:ee:6b:e5:89:25:9d:c7:
3c:61:89:05:1a:44:c4:e5:d4:90:50:74:84:35:c1:
58:c6:aa:7d:5e:6b:9e:ed:0b:45:d3:48:ff:89:8c:
84:f9:f3:03:58:74:40:0c:27:6c:a0:dd:68:f1:60:
7c:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:3C:FB:89:36:14:B0:81:1D:2D:CD:FD:12:80:E0:46:19:9C:24:AA
X509v3 Authority Key Identifier:
keyid:35:09:F3:7A:88:DA:7D:8D:F5:D8:35:52:61:25:9C:1D:41:8E:54:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8acfa318-2a5c-4241-afbb-387d71e8c596/0/3509F37A88DA7D8DF5D8355261259C1D418E541C.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/3509F37A88DA7D8DF5D8355261259C1D418E541C.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8acfa318-2a5c-4241-afbb-387d71e8c596/0/326131343a373538313a366664303a3a2f34342d3434203d3e20323135393334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:6fd0::/44
Signature Algorithm: sha256WithRSAEncryption
51:a1:47:5c:51:a5:25:3c:41:9c:c2:de:4c:a7:c4:ba:d7:39:
20:41:1c:21:2b:bd:a5:ec:aa:0d:30:f6:df:a2:93:e2:98:6c:
34:ec:e7:ac:dc:1b:52:5d:be:1b:b2:59:23:b3:6e:f6:91:3c:
b3:aa:fb:bc:e1:2a:38:1e:2f:52:9c:6d:88:07:33:16:68:8b:
16:5c:bc:0b:d3:e4:9b:93:23:a0:2f:06:ff:04:0a:fe:8a:dd:
05:54:ac:a2:fd:68:40:fa:1f:19:37:ef:0d:c7:52:cd:1e:7c:
15:7d:ea:07:c8:b9:01:a6:5f:9a:75:c8:b8:32:04:c1:73:89:
74:3e:4b:3f:7b:f5:70:d3:57:f8:39:c1:f1:27:c1:d2:52:22:
11:61:66:2e:b2:b5:d4:ab:04:db:9b:e9:c9:d3:29:e4:ee:00:
33:95:75:e7:08:7c:19:e8:4d:1d:17:76:e8:df:f7:73:fb:e6:
f5:03:2c:ad:f4:0a:c0:f4:32:b1:91:f0:e1:84:8a:de:00:15:
5b:92:fe:f2:5b:82:c7:96:24:39:a4:5d:85:72:77:38:b6:a0:
51:37:38:ca:f9:55:ba:0f:a9:75:03:ee:51:b1:b8:7d:34:ad:
3a:80:1e:13:25:c8:8c:08:1a:c4:47:65:d2:cf:a7:52:43:9d:
c0:0a:2a:4c
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUWrVsiSPgCqIS0PKBZT6tWMT+6VYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzUwOUYzN0E4OERBN0Q4REY1RDgzNTUyNjEyNTlDMUQ0
MThFNTQxQzAeFw0yNTAzMjAwOTAxMTFaFw0yNjAzMTkwOTA2MTFaMDMxMTAvBgNV
BAMTKDA0M0NGQjg5MzYxNEIwODExRDJEQ0RGRDEyODBFMDQ2MTk5QzI0QUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCUliFEHt8BreGsjIY99B9OGtYw
cAmaahhkkQsaOu2kFt0rAfFsfnEuHAhz0P3qmMHz1UCy0y7IdMespqACoLf2rBx0
4zAqR4V8YMfiVVgzqhajVkOGRGG1cnanl+o2cvBYhWIIpG/nkASCMwltePW9ltnp
W5vSA6CRT7eUdVl8m0Lf1N+M2JELHW6O4VKTgJpVPjRVokwiOc+uzlw8csoPaK7K
Dw6dXXB2Fbzi98aEMe/zUt4QVwIgnbqdEoYlTZ2LuYvjq8JzhNy27mvliSWdxzxh
iQUaRMTl1JBQdIQ1wVjGqn1ea57tC0XTSP+JjIT58wNYdEAMJ2yg3WjxYHyBAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQUBDz7iTYUsIEdLc39EoDgRhmcJKowHwYDVR0j
BBgwFoAUNQnzeojafY312DVSYSWcHUGOVBwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGFjZmEzMTgtMmE1Yy00MjQxLWFmYmItMzg3ZDcxZThj
NTk2LzAvMzUwOUYzN0E4OERBN0Q4REY1RDgzNTUyNjEyNTlDMUQ0MThFNTQxQy5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8zNTA5RjM3QTg4REE3RDhERjVEODM1NTI2
MTI1OUMxRDQxOEU1NDFDLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS84YWNmYTMxOC0yYTVjLTQyNDEtYWZiYi0zODdkNzFlOGM1OTYvMC8zMjYxMzEz
NDNhMzczNTM4MzEzYTM2NjY2NDMwM2EzYTJmMzQzNDJkMzQzNDIwM2QzZTIwMzIz
MTM1MzkzMzM0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcEKhR1gW/QMA0GCSqGSIb3DQEBCwUAA4IBAQBR
oUdcUaUlPEGcwt5Mp8S61zkgQRwhK72l7KoNMPbfopPimGw07Oes3BtSXb4bslkj
s272kTyzqvu84So4Hi9SnG2IBzMWaIsWXLwL0+SbkyOgLwb/BAr+it0FVKyi/WhA
+h8ZN+8Nx1LNHnwVfeoHyLkBpl+adci4MgTBc4l0Pks/e/Vw01f4OcHxJ8HSUiIR
YWYusrXUqwTbm+nJ0ynk7gAzlXXnCHwZ6E0dF3bo3/dz++b1Ayyt9ArA9DKxkfDh
hIreABVbkv7yW4LHliQ5pF2Fcnc4tqBRNzjK+VW6D6l1A+5Rsbh9NK06gB4TJciM
CBrER2XSz6dSQ53ACipM
-----END CERTIFICATE-----
Generated at Wed Apr 9 18:06:29 2025 by rpki-client