Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/326131343a333863303a3a2f32392d3239203d3e20333936303634.roa
File: 326131343a333863303a3a2f32392d3239203d3e20333936303634.roa (raw, json)
Hash identifier: kUiBrX3+9cuSC9lMhoz9V2p165UrI0C31waBU1/3ZFc=
Subject key identifier: 04:B8:5E:FC:49:E3:4A:70:D3:59:2B:F1:C0:7C:BE:3C:F3:70:69:DE
Certificate issuer: /CN=5cdc04bb23eaa4cecc791dfe04bb028b7e797b68
Certificate serial: 642C59A16DE4B5797EAFC502E6F757BC76A96FE2
Authority key identifier: 5C:DC:04:BB:23:EA:A4:CE:CC:79:1D:FE:04:BB:02:8B:7E:79:7B:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XNwEuyPqpM7MeR3-BLsCi355e2g.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/326131343a333863303a3a2f32392d3239203d3e20333936303634.roa
Signing time: Sun 23 Mar 2025 17:12:53 +0000
ROA not before: Sun 23 Mar 2025 17:07:53 +0000
ROA not after: Sun 22 Mar 2026 17:12:53 +0000
asID: 396064
IP address blocks: 2a14:38c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/5CDC04BB23EAA4CECC791DFE04BB028B7E797B68.crl
rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/5CDC04BB23EAA4CECC791DFE04BB028B7E797B68.mft
rsync://rpki.ripe.net/repository/DEFAULT/XNwEuyPqpM7MeR3-BLsCi355e2g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 04:09:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:2c:59:a1:6d:e4:b5:79:7e:af:c5:02:e6:f7:57:bc:76:a9:6f:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cdc04bb23eaa4cecc791dfe04bb028b7e797b68
Validity
Not Before: Mar 23 17:07:53 2025 GMT
Not After : Mar 22 17:12:53 2026 GMT
Subject: CN=04B85EFC49E34A70D3592BF1C07CBE3CF37069DE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:10:df:ad:17:1a:c8:d6:b1:45:22:cc:be:cc:
af:08:88:21:83:95:95:73:d0:3d:4a:e7:cf:b6:51:
0b:c3:60:99:f7:9a:8d:98:34:ea:5d:7b:60:fd:fe:
3f:b5:03:11:f4:29:46:bc:4c:b1:3b:37:cb:02:62:
4d:d0:4d:da:cf:b7:d5:74:b4:aa:f8:83:b6:ee:8d:
e7:05:06:7b:7e:b4:44:0b:62:72:13:24:a7:5d:86:
60:aa:c5:27:5a:fc:7b:f9:01:9c:e8:17:a3:f9:ff:
8d:3b:5e:5e:78:5f:ea:40:e9:76:55:c4:81:b3:1c:
48:4d:ed:dc:b7:48:9b:24:5b:5a:57:ef:0d:aa:80:
b5:7f:c8:b5:f6:6c:0f:10:d9:d2:21:93:0a:aa:a2:
38:1f:ad:35:a0:6d:e6:51:9f:8d:db:8e:40:71:4e:
7e:1c:a2:fe:c9:29:33:f5:0a:df:e4:36:72:f7:f4:
d8:bc:f2:23:cb:77:ef:0d:cc:1d:7f:da:f6:d8:d4:
2d:69:ae:1a:58:62:76:35:50:ee:34:0a:f3:6c:c6:
9f:84:63:71:c8:dd:da:55:28:dd:f9:42:24:eb:2d:
94:93:b7:ec:d5:0d:c6:d3:5f:95:5e:18:eb:05:ab:
bd:8f:8f:50:fc:06:0b:1b:73:af:4e:04:23:31:27:
a8:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:B8:5E:FC:49:E3:4A:70:D3:59:2B:F1:C0:7C:BE:3C:F3:70:69:DE
X509v3 Authority Key Identifier:
keyid:5C:DC:04:BB:23:EA:A4:CE:CC:79:1D:FE:04:BB:02:8B:7E:79:7B:68
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/5CDC04BB23EAA4CECC791DFE04BB028B7E797B68.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XNwEuyPqpM7MeR3-BLsCi355e2g.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/326131343a333863303a3a2f32392d3239203d3e20333936303634.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:38c0::/29
Signature Algorithm: sha256WithRSAEncryption
5d:83:97:90:55:5f:e5:96:05:b7:79:d1:d7:55:88:64:86:91:
9f:c6:99:8c:40:a4:be:bb:df:e9:4e:f1:e4:e1:44:6a:71:d3:
81:3e:7f:99:3e:1b:c7:00:60:bf:9d:63:43:80:4d:e0:df:64:
25:80:68:31:3a:de:bb:7b:79:11:9a:f4:c3:28:a2:71:f1:cc:
6c:1a:e3:e8:60:2f:e2:13:af:70:35:35:50:9a:d8:f3:f9:89:
03:fa:45:57:a4:35:7d:fe:c0:90:dd:30:e6:85:77:57:8e:d8:
b3:cf:de:29:4b:db:2f:40:a0:c0:72:2e:cb:3f:65:8c:87:43:
a0:3c:87:e3:2a:11:cf:2a:1d:d9:fa:9b:be:bd:9f:6f:99:6e:
ed:e1:ab:21:8e:fd:e2:63:3f:4f:a3:c2:00:0c:b7:7a:59:4a:
11:f0:ea:9a:be:68:36:20:b5:10:11:1f:82:4d:11:ef:cd:24:
9c:6e:be:10:8d:7f:72:a9:fe:d3:d4:e5:8d:aa:98:ad:8d:11:
02:5f:3c:51:26:33:5d:50:e5:1d:6c:bc:d9:da:58:5f:70:83:
d4:03:86:25:45:ec:c5:e0:dd:33:66:0e:f5:3e:4b:df:67:bc:
05:c0:b8:2b:a2:ef:7e:c9:bd:40:b1:c4:47:1f:1e:9c:71:84:
fb:94:fd:09
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIUZCxZoW3ktXl+r8UC5vdXvHapb+IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWNkYzA0YmIyM2VhYTRjZWNjNzkxZGZlMDRiYjAyOGI3
ZTc5N2I2ODAeFw0yNTAzMjMxNzA3NTNaFw0yNjAzMjIxNzEyNTNaMDMxMTAvBgNV
BAMTKDA0Qjg1RUZDNDlFMzRBNzBEMzU5MkJGMUMwN0NCRTNDRjM3MDY5REUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOEN+tFxrI1rFFIsy+zK8IiCGD
lZVz0D1K58+2UQvDYJn3mo2YNOpde2D9/j+1AxH0KUa8TLE7N8sCYk3QTdrPt9V0
tKr4g7bujecFBnt+tEQLYnITJKddhmCqxSda/Hv5AZzoF6P5/407Xl54X+pA6XZV
xIGzHEhN7dy3SJskW1pX7w2qgLV/yLX2bA8Q2dIhkwqqojgfrTWgbeZRn43bjkBx
Tn4cov7JKTP1Ct/kNnL39Ni88iPLd+8NzB1/2vbY1C1prhpYYnY1UO40CvNsxp+E
Y3HI3dpVKN35QiTrLZSTt+zVDcbTX5VeGOsFq72Pj1D8Bgsbc69OBCMxJ6ivAgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQUBLhe/EnjSnDTWSvxwHy+PPNwad4wHwYDVR0j
BBgwFoAUXNwEuyPqpM7MeR3+BLsCi355e2gwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2QxOWRiMjAtNDY1My00OGQ0LThmYzQtNTgwZDEzNjli
N2M0LzAvNUNEQzA0QkIyM0VBQTRDRUNDNzkxREZFMDRCQjAyOEI3RTc5N0I2OC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hOd0V1eVBxcE03TWVSMy1CTHNDaTM1
NWUyZy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2QxOWRiMjAt
NDY1My00OGQ0LThmYzQtNTgwZDEzNjliN2M0LzAvMzI2MTMxMzQzYTMzMzg2MzMw
M2EzYTJmMzIzOTJkMzIzOTIwM2QzZTIwMzMzOTM2MzAzNjM0LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUD
KhQ4wDANBgkqhkiG9w0BAQsFAAOCAQEAXYOXkFVf5ZYFt3nR11WIZIaRn8aZjECk
vrvf6U7x5OFEanHTgT5/mT4bxwBgv51jQ4BN4N9kJYBoMTreu3t5EZr0wyiicfHM
bBrj6GAv4hOvcDU1UJrY8/mJA/pFV6Q1ff7AkN0w5oV3V47Ys8/eKUvbL0CgwHIu
yz9ljIdDoDyH4yoRzyod2fqbvr2fb5lu7eGrIY794mM/T6PCAAy3ellKEfDqmr5o
NiC1EBEfgk0R780knG6+EI1/cqn+09TljaqYrY0RAl88USYzXVDlHWy82dpYX3CD
1AOGJUXsxeDdM2YO9T5L32e8BcC4K6Lvfsm9QLHERx8enHGE+5T9CQ==
-----END CERTIFICATE-----
Generated at Fri Apr 4 17:15:00 2025 by rpki-client