Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/326131313a353730323a623030623a3a2f34382d3438203d3e20323132313439.roa
File: 326131313a353730323a623030623a3a2f34382d3438203d3e20323132313439.roa (raw, json)
Hash identifier: zY7Phzmd75TKCthkmSaY4oyTFaKkCEl/y4pnJz6mHMw=
Subject key identifier: B7:DB:BF:75:6B:79:13:66:6E:34:F3:31:D4:28:F2:D2:83:39:00:0E
Certificate issuer: /CN=98a87cad5b710890a9528f166f4202393824e6b8
Certificate serial: 12C83DF099CB38C6ECA89AED3BEEFE897FE4238A
Authority key identifier: 98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/326131313a353730323a623030623a3a2f34382d3438203d3e20323132313439.roa
Signing time: Tue 27 May 2025 15:50:37 +0000
ROA not before: Tue 27 May 2025 15:45:37 +0000
ROA not after: Tue 26 May 2026 15:50:37 +0000
asID: 212149
IP address blocks: 2a11:5702:b00b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl
rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.mft
rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 05 Jun 2025 14:57:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:c8:3d:f0:99:cb:38:c6:ec:a8:9a:ed:3b:ee:fe:89:7f:e4:23:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98a87cad5b710890a9528f166f4202393824e6b8
Validity
Not Before: May 27 15:45:37 2025 GMT
Not After : May 26 15:50:37 2026 GMT
Subject: CN=B7DBBF756B7913666E34F331D428F2D28339000E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:f8:44:77:d2:28:b0:49:e0:6c:ee:ad:c5:3d:
35:54:6e:11:2e:26:b5:37:e1:b5:67:75:91:8a:b1:
22:4f:4e:8e:7f:cb:f4:f9:32:8a:d7:67:64:51:41:
05:37:fa:fe:7f:0e:44:8e:5e:b3:df:94:4f:3a:7b:
90:cb:4c:a5:e8:e6:dc:ee:70:17:28:eb:58:bd:24:
4a:51:49:02:c7:16:51:00:ff:50:2e:ea:00:54:9c:
d2:30:77:51:35:db:62:b3:e9:1a:0a:72:a6:34:e0:
a9:3a:4e:b6:6c:4d:ce:5d:91:79:43:c0:57:4d:9f:
0a:60:fc:9e:f6:4c:c8:90:ce:07:70:41:a5:3a:45:
de:c9:93:a7:a4:29:2e:ec:4c:0b:bd:c3:e9:1b:85:
9e:e7:3a:54:2a:88:1d:02:d0:f0:2c:37:a5:56:bb:
9e:3a:eb:fc:fa:ef:9c:69:3d:b3:ec:5e:33:01:2e:
88:82:02:47:2a:c6:86:fc:a1:7a:9f:91:c8:0a:28:
3c:2e:59:71:52:31:6c:a2:0b:61:06:c2:70:99:37:
88:bf:c5:97:43:48:48:55:4d:5d:5d:7a:c7:77:d2:
13:c0:00:1d:b2:cb:28:ed:2e:19:e8:11:f4:b6:f3:
d1:33:3f:7e:fe:97:b9:e7:67:62:0f:6d:ef:5a:38:
82:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:DB:BF:75:6B:79:13:66:6E:34:F3:31:D4:28:F2:D2:83:39:00:0E
X509v3 Authority Key Identifier:
keyid:98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/326131313a353730323a623030623a3a2f34382d3438203d3e20323132313439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:5702:b00b::/48
Signature Algorithm: sha256WithRSAEncryption
5d:a3:82:9b:90:2a:f0:01:43:ea:07:69:87:af:7f:f2:68:7d:
45:5e:4f:e3:67:ba:18:c0:f0:41:c4:32:38:a6:c7:81:ea:6b:
a6:4a:62:27:0e:1f:b9:fe:65:50:7b:9e:54:2f:9e:cf:62:cd:
78:4e:6c:bf:e0:5d:ef:f4:cf:d7:71:27:3a:73:56:d4:bf:13:
7b:c7:8b:fc:15:03:dc:70:27:2c:d5:ff:60:d3:3c:f0:2a:9f:
4e:f7:b0:49:e3:b4:98:8d:22:63:44:60:2b:25:f6:67:3a:f0:
cb:1a:c7:c3:12:80:79:07:0d:b0:c5:d6:0f:24:dc:23:52:81:
e2:23:be:88:80:b3:16:f1:a1:71:17:17:70:7d:b7:8e:e9:3a:
ed:de:1f:97:30:58:7a:e8:74:31:34:f2:cd:ba:dd:7e:98:cd:
7f:04:c4:2c:0c:12:92:a6:04:85:b5:04:2a:9d:64:24:81:f8:
5b:34:e7:8a:8c:d5:60:19:11:62:e1:ca:d8:5c:95:ce:92:69:
84:d9:15:cb:3d:1a:07:bc:96:ba:7d:12:90:24:f1:cc:b2:bc:
b7:29:b1:5d:6f:48:a2:e6:9d:02:02:03:e9:fd:de:79:60:d7:
77:e8:42:88:93:02:bd:ed:35:ce:27:52:22:f3:a5:ed:da:1f:
df:b8:de:f2
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUEsg98JnLOMbsqJrtO+7+iX/kI4owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOThhODdjYWQ1YjcxMDg5MGE5NTI4ZjE2NmY0MjAyMzkz
ODI0ZTZiODAeFw0yNTA1MjcxNTQ1MzdaFw0yNjA1MjYxNTUwMzdaMDMxMTAvBgNV
BAMTKEI3REJCRjc1NkI3OTEzNjY2RTM0RjMzMUQ0MjhGMkQyODMzOTAwMEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2+ER30iiwSeBs7q3FPTVUbhEu
JrU34bVndZGKsSJPTo5/y/T5MorXZ2RRQQU3+v5/DkSOXrPflE86e5DLTKXo5tzu
cBco61i9JEpRSQLHFlEA/1Au6gBUnNIwd1E122Kz6RoKcqY04Kk6TrZsTc5dkXlD
wFdNnwpg/J72TMiQzgdwQaU6Rd7Jk6ekKS7sTAu9w+kbhZ7nOlQqiB0C0PAsN6VW
u5466/z675xpPbPsXjMBLoiCAkcqxob8oXqfkcgKKDwuWXFSMWyiC2EGwnCZN4i/
xZdDSEhVTV1desd30hPAAB2yyyjtLhnoEfS289EzP37+l7nnZ2IPbe9aOIIVAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUt9u/dWt5E2ZuNPMx1Cjy0oM5AA4wHwYDVR0j
BBgwFoAUmKh8rVtxCJCpUo8Wb0ICOTgk5rgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZGNlMTk2ZmUtNGIxYS00NmVhLTljOTUtNGFmMTI5NjRh
NDlkLzAvOThBODdDQUQ1QjcxMDg5MEE5NTI4RjE2NkY0MjAyMzkzODI0RTZCOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL21LaDhyVnR4Q0pDcFVvOFdiMElDT1Rn
azVyZy5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZGNlMTk2ZmUt
NGIxYS00NmVhLTljOTUtNGFmMTI5NjRhNDlkLzAvMzI2MTMxMzEzYTM1MzczMDMy
M2E2MjMwMzA2MjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzMjMxMzQzOS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoRVwKwCzANBgkqhkiG9w0BAQsFAAOCAQEAXaOCm5Aq8AFD6gdp
h69/8mh9RV5P42e6GMDwQcQyOKbHgeprpkpiJw4fuf5lUHueVC+ez2LNeE5sv+Bd
7/TP13EnOnNW1L8Te8eL/BUD3HAnLNX/YNM88CqfTvewSeO0mI0iY0RgKyX2Zzrw
yxrHwxKAeQcNsMXWDyTcI1KB4iO+iICzFvGhcRcXcH23juk67d4flzBYeuh0MTTy
zbrdfpjNfwTELAwSkqYEhbUEKp1kJIH4WzTniozVYBkRYuHK2FyVzpJphNkVyz0a
B7yWun0SkCTxzLK8tymxXW9IouadAgID6f3eeWDXd+hCiJMCve01zidSIvOl7dof
37je8g==
-----END CERTIFICATE-----
Generated at Wed Jun 4 22:00:05 2025 by rpki-client