Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/326130663a356663303a666565643a3a2f34382d3438203d3e20323035303336.roa
File: 326130663a356663303a666565643a3a2f34382d3438203d3e20323035303336.roa (raw, json)
Hash identifier: Qj8pflv8KszWoeUIqOpeKQUtZrsbyJDTmnxefpUjjlo=
Subject key identifier: 0F:26:02:59:AE:C5:14:DE:5B:DE:A7:DD:57:98:18:85:38:B2:A8:9E
Certificate issuer: /CN=e205ebf065fc4929f1802662ae62d7f9762600e6
Certificate serial: 32AA055E09EB3A19A241F45594EB7E3482F626A0
Authority key identifier: E2:05:EB:F0:65:FC:49:29:F1:80:26:62:AE:62:D7:F9:76:26:00:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4gXr8GX8SSnxgCZirmLX-XYmAOY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/326130663a356663303a666565643a3a2f34382d3438203d3e20323035303336.roa
Signing time: Mon 05 May 2025 18:13:14 +0000
ROA not before: Mon 05 May 2025 18:08:14 +0000
ROA not after: Mon 04 May 2026 18:13:14 +0000
asID: 205036
IP address blocks: 2a0f:5fc0:feed::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/E205EBF065FC4929F1802662AE62D7F9762600E6.crl
rsync://rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/E205EBF065FC4929F1802662AE62D7F9762600E6.mft
rsync://rpki.ripe.net/repository/DEFAULT/4gXr8GX8SSnxgCZirmLX-XYmAOY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 22:50:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:aa:05:5e:09:eb:3a:19:a2:41:f4:55:94:eb:7e:34:82:f6:26:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e205ebf065fc4929f1802662ae62d7f9762600e6
Validity
Not Before: May 5 18:08:14 2025 GMT
Not After : May 4 18:13:14 2026 GMT
Subject: CN=0F260259AEC514DE5BDEA7DD5798188538B2A89E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:2b:a2:a2:17:d5:c3:36:26:db:7b:8c:a6:a1:
c2:a9:8a:6b:b1:26:57:06:7e:1f:40:a1:8b:b8:1f:
cd:24:7f:a2:42:2b:df:98:ca:dd:d5:b5:a3:cd:5a:
b7:23:3d:b8:41:0e:d1:2b:be:d0:1b:12:bf:18:d9:
5d:11:61:d4:68:bd:be:36:2d:c1:82:29:c1:a4:5d:
2a:70:34:e2:35:ca:ff:65:b0:fd:c7:bc:84:6d:30:
7a:7b:6e:60:de:5b:a3:57:a2:a4:85:3d:8a:de:9a:
ec:7e:12:ee:63:98:1a:e0:9a:a3:94:b6:e3:ea:fd:
69:ad:ce:b1:0e:5e:b5:2a:fd:44:72:43:6f:b2:4c:
f4:58:12:0b:ad:2a:38:99:4a:9e:35:ad:d1:1e:2f:
90:93:4a:8f:71:c0:bc:53:b3:9c:cf:19:73:bb:e0:
5d:4b:2c:ba:67:ff:6b:01:40:fc:7a:b7:9a:a5:88:
04:3f:8d:c2:d3:84:d7:b5:e4:bb:97:28:46:93:85:
4c:88:21:83:af:f8:41:f2:07:d0:a0:9a:44:cc:1c:
56:c1:5f:14:5a:40:45:5d:5c:07:69:06:99:76:75:
2b:80:d3:9c:5b:06:a8:c4:35:ad:d2:49:b0:8c:36:
0f:4c:26:85:95:c3:19:5a:b1:3e:9b:63:53:c4:77:
ed:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:26:02:59:AE:C5:14:DE:5B:DE:A7:DD:57:98:18:85:38:B2:A8:9E
X509v3 Authority Key Identifier:
keyid:E2:05:EB:F0:65:FC:49:29:F1:80:26:62:AE:62:D7:F9:76:26:00:E6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/E205EBF065FC4929F1802662AE62D7F9762600E6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4gXr8GX8SSnxgCZirmLX-XYmAOY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/326130663a356663303a666565643a3a2f34382d3438203d3e20323035303336.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:5fc0:feed::/48
Signature Algorithm: sha256WithRSAEncryption
b7:67:47:08:d7:7c:14:2b:41:9f:8c:b0:19:32:b8:8e:e0:e2:
a7:f3:f2:81:7b:61:63:f7:c5:99:c3:d6:15:3f:e2:9c:bc:f2:
12:12:43:a8:3c:82:33:10:35:bd:e2:56:05:14:9f:a3:eb:3d:
0c:56:d3:78:5e:0c:f0:52:b0:4f:be:4b:28:a1:97:4b:b3:19:
b9:3b:41:ba:7a:25:cf:4f:a5:0b:d3:e1:d5:67:6d:0b:85:4c:
5a:75:5d:a4:db:99:77:76:12:b1:c7:f5:3c:a0:fa:17:31:f7:
5a:d2:f9:52:e5:ca:11:d6:87:3a:95:d9:ef:11:b5:3e:db:82:
be:59:df:91:83:44:1b:82:48:5f:fb:88:d4:c2:7b:ad:0d:65:
19:2b:53:de:30:6e:cb:44:d3:2e:f7:4b:c4:7e:22:4d:35:34:
1e:17:e6:72:25:cf:52:c0:00:a8:e1:93:cc:f2:f4:a5:c0:ef:
cc:6a:c6:0b:75:78:55:f4:a8:e0:e7:e4:f5:01:02:21:69:5b:
37:ac:a0:78:de:bf:fa:d4:e5:4d:5e:e1:c3:e2:f5:ec:f2:2b:
e4:6b:0d:6e:94:35:f8:2d:11:14:66:ea:ef:c6:ee:a6:44:8e:
15:16:fe:4b:a8:6d:44:a5:82:6d:6b:05:0e:d3:fc:c4:5d:0f:
80:a3:bc:b8
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUMqoFXgnrOhmiQfRVlOt+NIL2JqAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTIwNWViZjA2NWZjNDkyOWYxODAyNjYyYWU2MmQ3Zjk3
NjI2MDBlNjAeFw0yNTA1MDUxODA4MTRaFw0yNjA1MDQxODEzMTRaMDMxMTAvBgNV
BAMTKDBGMjYwMjU5QUVDNTE0REU1QkRFQTdERDU3OTgxODg1MzhCMkE4OUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjK6KiF9XDNibbe4ymocKpimux
JlcGfh9AoYu4H80kf6JCK9+Yyt3VtaPNWrcjPbhBDtErvtAbEr8Y2V0RYdRovb42
LcGCKcGkXSpwNOI1yv9lsP3HvIRtMHp7bmDeW6NXoqSFPYremux+Eu5jmBrgmqOU
tuPq/WmtzrEOXrUq/URyQ2+yTPRYEgutKjiZSp41rdEeL5CTSo9xwLxTs5zPGXO7
4F1LLLpn/2sBQPx6t5qliAQ/jcLThNe15LuXKEaThUyIIYOv+EHyB9CgmkTMHFbB
XxRaQEVdXAdpBpl2dSuA05xbBqjENa3SSbCMNg9MJoWVwxlasT6bY1PEd+1DAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUDyYCWa7FFN5b3qfdV5gYhTiyqJ4wHwYDVR0j
BBgwFoAU4gXr8GX8SSnxgCZirmLX+XYmAOYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYmYwYmUzZTEtODU0ZS00NjYyLTkyZTgtMDI4OTUwZmY1
N2ZlLzAvRTIwNUVCRjA2NUZDNDkyOUYxODAyNjYyQUU2MkQ3Rjk3NjI2MDBFNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzRnWHI4R1g4U1NueGdDWmlybUxYLVhZ
bUFPWS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYmYwYmUzZTEt
ODU0ZS00NjYyLTkyZTgtMDI4OTUwZmY1N2ZlLzAvMzI2MTMwNjYzYTM1NjY2MzMw
M2E2NjY1NjU2NDNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAzNTMwMzMzNi5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoPX8D+7TANBgkqhkiG9w0BAQsFAAOCAQEAt2dHCNd8FCtBn4yw
GTK4juDip/PygXthY/fFmcPWFT/inLzyEhJDqDyCMxA1veJWBRSfo+s9DFbTeF4M
8FKwT75LKKGXS7MZuTtBunolz0+lC9Ph1WdtC4VMWnVdpNuZd3YSscf1PKD6FzH3
WtL5UuXKEdaHOpXZ7xG1PtuCvlnfkYNEG4JIX/uI1MJ7rQ1lGStT3jBuy0TTLvdL
xH4iTTU0HhfmciXPUsAAqOGTzPL0pcDvzGrGC3V4VfSo4Ofk9QECIWlbN6ygeN6/
+tTlTV7hw+L17PIr5GsNbpQ1+C0RFGbq78bupkSOFRb+S6htRKWCbWsFDtP8xF0P
gKO8uA==
-----END CERTIFICATE-----
Generated at Sat Jun 7 08:04:48 2025 by rpki-client