Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/326130663a356663303a646561643a3a2f34382d3438203d3e203339363733.roa
File: 326130663a356663303a646561643a3a2f34382d3438203d3e203339363733.roa (raw, json)
Hash identifier: gO+lPcmBJ3b3FFlaD55CICvRL4LDSg56OGDANGd62H4=
Subject key identifier: D9:D2:12:D5:F6:DF:2B:AE:19:22:C9:8B:DB:10:2A:10:FB:B3:43:2C
Certificate issuer: /CN=e205ebf065fc4929f1802662ae62d7f9762600e6
Certificate serial: 191B9D778F2EA0AF4144AF4B6EF45F5310FDFA4A
Authority key identifier: E2:05:EB:F0:65:FC:49:29:F1:80:26:62:AE:62:D7:F9:76:26:00:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4gXr8GX8SSnxgCZirmLX-XYmAOY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/326130663a356663303a646561643a3a2f34382d3438203d3e203339363733.roa
Signing time: Fri 07 Mar 2025 09:36:58 +0000
ROA not before: Fri 07 Mar 2025 09:31:58 +0000
ROA not after: Fri 06 Mar 2026 09:36:58 +0000
asID: 39673
IP address blocks: 2a0f:5fc0:dead::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/E205EBF065FC4929F1802662AE62D7F9762600E6.crl
rsync://rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/E205EBF065FC4929F1802662AE62D7F9762600E6.mft
rsync://rpki.ripe.net/repository/DEFAULT/4gXr8GX8SSnxgCZirmLX-XYmAOY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 22:33:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:1b:9d:77:8f:2e:a0:af:41:44:af:4b:6e:f4:5f:53:10:fd:fa:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e205ebf065fc4929f1802662ae62d7f9762600e6
Validity
Not Before: Mar 7 09:31:58 2025 GMT
Not After : Mar 6 09:36:58 2026 GMT
Subject: CN=D9D212D5F6DF2BAE1922C98BDB102A10FBB3432C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:d6:c2:ec:84:e7:2a:7a:79:e2:a0:c3:f7:b0:
54:62:1b:10:aa:cf:04:73:4c:98:78:8a:1c:27:1f:
e3:89:f8:4c:64:f0:97:ea:d1:34:b4:b4:2d:3e:94:
c9:bf:91:0f:cd:9c:b1:52:93:af:37:03:34:ec:11:
16:18:71:1d:c6:dd:41:6f:ae:5e:5c:82:2b:2e:71:
34:d9:33:d4:fc:9e:94:db:3c:10:85:ea:02:48:3f:
2a:b9:66:e4:3a:09:1c:49:b6:49:13:26:96:76:73:
bb:e1:bf:c3:3c:0c:84:e6:18:d8:ba:fe:cf:fd:b4:
61:bf:ba:2b:9a:4e:36:dc:0c:b7:47:96:32:5a:1c:
5c:21:dc:5b:8d:83:4a:f0:16:55:3a:6c:da:ed:a1:
7a:20:a8:f5:b3:5f:58:31:bc:ef:25:f0:ce:d0:12:
50:36:8d:1a:55:ab:fd:f6:59:dd:bf:85:29:68:05:
ae:cc:9a:47:cc:6a:46:78:7d:50:28:04:6a:17:a7:
15:b2:01:50:74:ee:b9:cd:c2:16:30:f8:41:af:4d:
aa:1c:d3:22:c1:c9:6c:79:7c:b9:d0:17:a5:bc:50:
f0:c7:aa:7a:f2:4b:62:8c:a5:a0:35:fd:a4:fe:a4:
cc:64:e5:c5:b0:53:95:3a:f7:73:5c:e2:e7:37:0d:
04:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:D2:12:D5:F6:DF:2B:AE:19:22:C9:8B:DB:10:2A:10:FB:B3:43:2C
X509v3 Authority Key Identifier:
keyid:E2:05:EB:F0:65:FC:49:29:F1:80:26:62:AE:62:D7:F9:76:26:00:E6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/E205EBF065FC4929F1802662AE62D7F9762600E6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4gXr8GX8SSnxgCZirmLX-XYmAOY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/326130663a356663303a646561643a3a2f34382d3438203d3e203339363733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:5fc0:dead::/48
Signature Algorithm: sha256WithRSAEncryption
85:aa:ea:95:97:45:ce:1b:8c:2d:85:0f:cb:64:8c:42:08:08:
8b:de:6f:82:4f:cb:14:3a:a7:2b:cb:bc:1a:5b:00:d3:0e:9d:
80:db:f0:74:20:eb:9d:d2:77:6b:bd:1e:30:95:ae:b9:76:e5:
04:11:a4:6f:17:fa:94:85:a8:4b:cf:cf:f8:31:34:e0:d6:ca:
3d:0d:71:74:37:50:6e:20:b5:2e:31:14:f1:1a:ea:d0:f5:33:
74:9c:22:2c:35:88:7c:b4:f3:fb:b1:9c:15:53:59:eb:2a:c8:
25:04:bf:fa:45:ac:49:e9:10:19:50:a5:ff:91:92:24:58:5e:
19:fe:e5:a4:05:9b:9e:59:fc:d3:30:89:46:64:0f:55:e9:89:
2e:91:eb:f8:9b:0a:ed:e4:f3:85:df:f6:5f:e2:56:0c:d1:b1:
5e:56:58:43:6d:86:49:aa:a3:04:4b:12:d4:ee:40:a0:cf:b3:
60:de:d2:ef:9f:96:6b:13:6a:8e:26:b5:e1:95:79:9f:05:ba:
30:5f:82:f7:71:5e:0a:96:ba:2a:7b:4a:b0:31:08:04:aa:fc:
6b:da:c7:aa:d3:46:8f:96:e1:1b:0d:f5:ca:d5:5b:82:43:d8:
d0:b7:93:11:c9:09:d2:48:65:56:ac:50:5c:73:f6:50:1b:d4:
dd:92:61:9a
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgIUGRudd48uoK9BRK9LbvRfUxD9+kowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTIwNWViZjA2NWZjNDkyOWYxODAyNjYyYWU2MmQ3Zjk3
NjI2MDBlNjAeFw0yNTAzMDcwOTMxNThaFw0yNjAzMDYwOTM2NThaMDMxMTAvBgNV
BAMTKEQ5RDIxMkQ1RjZERjJCQUUxOTIyQzk4QkRCMTAyQTEwRkJCMzQzMkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDL1sLshOcqennioMP3sFRiGxCq
zwRzTJh4ihwnH+OJ+Exk8Jfq0TS0tC0+lMm/kQ/NnLFSk683AzTsERYYcR3G3UFv
rl5cgisucTTZM9T8npTbPBCF6gJIPyq5ZuQ6CRxJtkkTJpZ2c7vhv8M8DITmGNi6
/s/9tGG/uiuaTjbcDLdHljJaHFwh3FuNg0rwFlU6bNrtoXogqPWzX1gxvO8l8M7Q
ElA2jRpVq/32Wd2/hSloBa7MmkfMakZ4fVAoBGoXpxWyAVB07rnNwhYw+EGvTaoc
0yLByWx5fLnQF6W8UPDHqnryS2KMpaA1/aT+pMxk5cWwU5U693Nc4uc3DQSbAgMB
AAGjggJIMIICRDAdBgNVHQ4EFgQU2dIS1fbfK64ZIsmL2xAqEPuzQywwHwYDVR0j
BBgwFoAU4gXr8GX8SSnxgCZirmLX+XYmAOYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYmYwYmUzZTEtODU0ZS00NjYyLTkyZTgtMDI4OTUwZmY1
N2ZlLzAvRTIwNUVCRjA2NUZDNDkyOUYxODAyNjYyQUU2MkQ3Rjk3NjI2MDBFNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzRnWHI4R1g4U1NueGdDWmlybUxYLVhZ
bUFPWS5jZXIwgbUGCCsGAQUFBwELBIGoMIGlMIGiBggrBgEFBQcwC4aBlXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYmYwYmUzZTEt
ODU0ZS00NjYyLTkyZTgtMDI4OTUwZmY1N2ZlLzAvMzI2MTMwNjYzYTM1NjY2MzMw
M2E2NDY1NjE2NDNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMzMzkzNjM3MzMucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8E
AgACMAkDBwAqD1/A3q0wDQYJKoZIhvcNAQELBQADggEBAIWq6pWXRc4bjC2FD8tk
jEIICIveb4JPyxQ6pyvLvBpbANMOnYDb8HQg653Sd2u9HjCVrrl25QQRpG8X+pSF
qEvPz/gxNODWyj0NcXQ3UG4gtS4xFPEa6tD1M3ScIiw1iHy08/uxnBVTWesqyCUE
v/pFrEnpEBlQpf+RkiRYXhn+5aQFm55Z/NMwiUZkD1XpiS6R6/ibCu3k84Xf9l/i
VgzRsV5WWENthkmqowRLEtTuQKDPs2De0u+flmsTao4mteGVeZ8FujBfgvdxXgqW
uip7SrAxCASq/Gvax6rTRo+W4RsN9crVW4JD2NC3kxHJCdJIZVasUFxz9lAb1N2S
YZo=
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:41:36 2025 by rpki-client