Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/bf24567b-7a74-4c1f-aa85-dd24af73ccbb/0/326130393a643634303a3a2f32392d3239203d3e20313938333435.roa
File: 326130393a643634303a3a2f32392d3239203d3e20313938333435.roa (raw, json)
Hash identifier: LaBCcb8mjeERCC5tHKO7thlovLIwutTtPGiGYEZVPF8=
Subject key identifier: B6:35:0F:50:48:01:AA:9E:9F:25:24:DC:59:10:43:F2:01:D3:68:CC
Certificate issuer: /CN=5da3215abfa4621d57709f838a92801f2e90ddfe
Certificate serial: 4AEEB24B0578B811964DB592C76D9326D030B636
Authority key identifier: 5D:A3:21:5A:BF:A4:62:1D:57:70:9F:83:8A:92:80:1F:2E:90:DD:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaMhWr-kYh1XcJ-DipKAHy6Q3f4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/bf24567b-7a74-4c1f-aa85-dd24af73ccbb/0/326130393a643634303a3a2f32392d3239203d3e20313938333435.roa
Signing time: Thu 02 Jan 2025 13:53:51 +0000
ROA not before: Thu 02 Jan 2025 13:48:51 +0000
ROA not after: Thu 01 Jan 2026 13:53:51 +0000
asID: 198345
IP address blocks: 2a09:d640::/29 maxlen: 29
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/bf24567b-7a74-4c1f-aa85-dd24af73ccbb/0/5DA3215ABFA4621D57709F838A92801F2E90DDFE.crl
rsync://rsync.paas.rpki.ripe.net/repository/bf24567b-7a74-4c1f-aa85-dd24af73ccbb/0/5DA3215ABFA4621D57709F838A92801F2E90DDFE.mft
rsync://rpki.ripe.net/repository/DEFAULT/XaMhWr-kYh1XcJ-DipKAHy6Q3f4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:ee:b2:4b:05:78:b8:11:96:4d:b5:92:c7:6d:93:26:d0:30:b6:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3215abfa4621d57709f838a92801f2e90ddfe
Validity
Not Before: Jan 2 13:48:51 2025 GMT
Not After : Jan 1 13:53:51 2026 GMT
Subject: CN=B6350F504801AA9E9F2524DC591043F201D368CC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:55:63:fa:cd:35:35:72:ad:21:f9:81:62:e5:
a4:c9:e2:f8:00:6b:10:0f:85:91:81:78:99:d2:96:
f1:f1:78:e0:22:bc:d5:a3:69:72:3d:8b:f6:c4:6c:
1e:c6:dc:83:4d:4b:ad:b5:1b:25:1c:0b:41:dd:e7:
96:0b:23:58:6c:2b:67:00:9f:23:7e:ee:e9:0a:2e:
f5:5c:37:d0:98:cd:14:aa:51:50:90:9f:1d:3b:15:
e2:d1:3a:ea:eb:96:ea:cb:b5:7e:67:44:5c:d4:7e:
dc:75:35:a9:a1:be:32:17:9a:75:7a:7f:fe:07:4d:
92:2f:e3:d3:96:1b:71:69:82:66:46:e0:cc:d2:da:
2f:ec:0e:b8:a7:f8:0c:74:84:5a:87:fa:52:49:ca:
e2:dc:f6:c5:92:cb:4f:b7:6d:d1:d5:a8:7a:90:e7:
e8:49:e9:e5:2f:b0:da:5b:93:95:b4:ba:41:55:24:
ad:e8:e5:fe:8f:f7:88:8a:22:58:d2:56:6f:4b:29:
08:39:ea:49:53:9b:59:55:1b:70:52:34:73:0b:52:
e3:7f:3b:23:ab:54:20:39:f1:18:a6:7e:61:f6:56:
60:f3:9e:fa:ec:ff:74:a0:de:1c:82:bc:2f:64:c8:
3d:05:dd:6f:6e:79:27:7e:82:2c:27:53:a3:cf:ea:
fc:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:35:0F:50:48:01:AA:9E:9F:25:24:DC:59:10:43:F2:01:D3:68:CC
X509v3 Authority Key Identifier:
keyid:5D:A3:21:5A:BF:A4:62:1D:57:70:9F:83:8A:92:80:1F:2E:90:DD:FE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/bf24567b-7a74-4c1f-aa85-dd24af73ccbb/0/5DA3215ABFA4621D57709F838A92801F2E90DDFE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaMhWr-kYh1XcJ-DipKAHy6Q3f4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/bf24567b-7a74-4c1f-aa85-dd24af73ccbb/0/326130393a643634303a3a2f32392d3239203d3e20313938333435.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:d640::/29
Signature Algorithm: sha256WithRSAEncryption
64:04:33:8d:e8:e3:ae:86:4b:ab:40:63:10:b3:87:62:52:d7:
92:df:32:e5:3d:40:6a:41:a1:3c:12:55:50:7f:bc:1e:2b:9b:
3f:80:fc:04:db:23:5b:0f:c4:22:c3:84:eb:72:01:3f:19:4e:
9f:ac:77:e8:7d:01:a0:3b:35:90:0d:fe:bd:02:5b:9f:b1:0b:
01:cc:0f:32:48:eb:e0:43:1d:54:e2:79:91:e7:3c:fd:c9:e9:
6e:29:07:94:17:3c:46:6b:56:0b:27:67:06:da:5f:c7:ca:f8:
7f:42:eb:56:bc:39:87:3f:10:10:7f:6b:3c:85:14:ba:28:60:
4d:40:b9:e4:da:35:8a:fb:92:e9:54:b3:1a:91:e2:55:7f:ab:
a8:ef:7d:9b:9a:e0:fe:64:68:17:ca:1c:11:e9:e5:6a:f5:b5:
f2:56:29:74:95:6b:e8:29:2f:cb:fa:9b:81:ec:6e:10:01:eb:
ee:16:82:bb:89:ab:52:35:cb:e4:91:e8:e3:2d:d9:d4:41:3a:
70:83:87:79:7e:85:2d:54:d9:7f:d3:60:3f:f7:7d:e1:fb:ad:
65:7d:b0:49:d8:73:8f:df:62:d2:fa:a1:32:55:8a:41:3e:f8:
a5:19:9a:b8:99:64:1f:98:06:2e:ee:16:b5:43:94:d4:e3:0a:
d7:b6:09:fe
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIUSu6ySwV4uBGWTbWSx22TJtAwtjYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWRhMzIxNWFiZmE0NjIxZDU3NzA5ZjgzOGE5MjgwMWYy
ZTkwZGRmZTAeFw0yNTAxMDIxMzQ4NTFaFw0yNjAxMDExMzUzNTFaMDMxMTAvBgNV
BAMTKEI2MzUwRjUwNDgwMUFBOUU5RjI1MjREQzU5MTA0M0YyMDFEMzY4Q0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOVWP6zTU1cq0h+YFi5aTJ4vgA
axAPhZGBeJnSlvHxeOAivNWjaXI9i/bEbB7G3INNS621GyUcC0Hd55YLI1hsK2cA
nyN+7ukKLvVcN9CYzRSqUVCQnx07FeLROurrlurLtX5nRFzUftx1NamhvjIXmnV6
f/4HTZIv49OWG3FpgmZG4MzS2i/sDrin+Ax0hFqH+lJJyuLc9sWSy0+3bdHVqHqQ
5+hJ6eUvsNpbk5W0ukFVJK3o5f6P94iKIljSVm9LKQg56klTm1lVG3BSNHMLUuN/
OyOrVCA58RimfmH2VmDznvrs/3Sg3hyCvC9kyD0F3W9ueSd+giwnU6PP6vwtAgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQUtjUPUEgBqp6fJSTcWRBD8gHTaMwwHwYDVR0j
BBgwFoAUXaMhWr+kYh1XcJ+DipKAHy6Q3f4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYmYyNDU2N2ItN2E3NC00YzFmLWFhODUtZGQyNGFmNzNj
Y2JiLzAvNURBMzIxNUFCRkE0NjIxRDU3NzA5RjgzOEE5MjgwMUYyRTkwRERGRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hhTWhXci1rWWgxWGNKLURpcEtBSHk2
UTNmNC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYmYyNDU2N2It
N2E3NC00YzFmLWFhODUtZGQyNGFmNzNjY2JiLzAvMzI2MTMwMzkzYTY0MzYzNDMw
M2EzYTJmMzIzOTJkMzIzOTIwM2QzZTIwMzEzOTM4MzMzNDM1LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUD
KgnWQDANBgkqhkiG9w0BAQsFAAOCAQEAZAQzjejjroZLq0BjELOHYlLXkt8y5T1A
akGhPBJVUH+8HiubP4D8BNsjWw/EIsOE63IBPxlOn6x36H0BoDs1kA3+vQJbn7EL
AcwPMkjr4EMdVOJ5kec8/cnpbikHlBc8RmtWCydnBtpfx8r4f0LrVrw5hz8QEH9r
PIUUuihgTUC55No1ivuS6VSzGpHiVX+rqO99m5rg/mRoF8ocEenlavW18lYpdJVr
6Ckvy/qbgexuEAHr7haCu4mrUjXL5JHo4y3Z1EE6cIOHeX6FLVTZf9NgP/d94fut
ZX2wSdhzj99i0vqhMlWKQT74pRmauJlkH5gGLu4WtUOU1OMK17YJ/g==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:47:29 2025 by rpki-client