Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/326131313a353730333a623030623a3a2f34382d3438203d3e20323132313439.roa
File: 326131313a353730333a623030623a3a2f34382d3438203d3e20323132313439.roa (raw, json)
Hash identifier: amyhppkunQUKDCiBGMFxQfAHBmd/6ZM1Y2JA6Xv6mjw=
Subject key identifier: C4:18:BA:40:C3:1A:FA:8E:22:7B:08:DF:29:B8:0C:79:66:14:B2:DA
Certificate issuer: /CN=98a87cad5b710890a9528f166f4202393824e6b8
Certificate serial: 0C8E77A436958BF1BB3E1D1B4BBDED057F49EE2F
Authority key identifier: 98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/326131313a353730333a623030623a3a2f34382d3438203d3e20323132313439.roa
Signing time: Tue 27 May 2025 15:50:37 +0000
ROA not before: Tue 27 May 2025 15:45:37 +0000
ROA not after: Tue 26 May 2026 15:50:37 +0000
asID: 212149
IP address blocks: 2a11:5703:b00b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl
rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.mft
rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 05 Jun 2025 14:57:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:8e:77:a4:36:95:8b:f1:bb:3e:1d:1b:4b:bd:ed:05:7f:49:ee:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98a87cad5b710890a9528f166f4202393824e6b8
Validity
Not Before: May 27 15:45:37 2025 GMT
Not After : May 26 15:50:37 2026 GMT
Subject: CN=C418BA40C31AFA8E227B08DF29B80C796614B2DA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:6a:cd:35:d0:8a:ec:3f:4e:db:5f:e4:d3:10:
f7:96:97:4b:b3:64:ba:90:f3:dc:74:35:74:94:2d:
f3:1e:8a:ca:40:71:93:12:73:dd:49:d2:d4:9d:0f:
d1:c4:3e:5a:04:95:5d:96:56:73:0c:04:42:bd:6d:
81:5a:98:bd:d0:9a:c1:fb:f9:1c:1d:39:73:fa:e1:
8e:99:22:6c:ae:e0:d0:be:e7:84:f7:fe:08:9d:ea:
59:0c:83:91:21:d9:ce:ee:01:65:a7:45:64:24:f8:
a8:4b:5d:3d:2e:50:77:2e:66:75:61:28:76:6b:1c:
d9:8a:39:8b:44:01:aa:91:31:d9:4e:9f:ea:37:db:
a8:8f:e3:b4:c0:27:73:9f:fd:43:28:af:d6:d5:c5:
6d:f9:6a:cb:c5:21:0b:ab:88:93:e6:20:0d:5e:20:
00:3a:d2:8f:c2:53:5b:50:cf:ab:eb:17:ac:d4:5e:
d2:39:33:d8:e2:76:db:28:fb:d2:d7:08:52:62:d9:
cd:20:0c:d7:53:77:89:2c:0e:79:32:92:c1:85:90:
64:ec:af:7f:76:c1:f1:d1:a2:02:e8:e3:d1:6e:79:
66:89:a6:4d:3d:b8:ca:9b:fa:f2:f1:80:c1:9b:1d:
4c:6d:28:5b:a9:e0:95:7f:90:e2:8e:84:78:b5:bd:
76:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:18:BA:40:C3:1A:FA:8E:22:7B:08:DF:29:B8:0C:79:66:14:B2:DA
X509v3 Authority Key Identifier:
keyid:98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/326131313a353730333a623030623a3a2f34382d3438203d3e20323132313439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:5703:b00b::/48
Signature Algorithm: sha256WithRSAEncryption
62:ca:ce:6a:64:41:c3:18:7f:7c:70:6b:fd:e0:d4:fd:9e:09:
7c:02:ae:ca:0e:7d:f1:1f:90:cc:f8:ec:e0:1b:1f:b1:39:91:
5e:6a:2d:eb:92:ef:60:d8:e5:c6:2a:a4:1e:c1:94:c1:71:60:
2d:a9:09:12:53:10:0d:4b:b2:88:98:d6:78:09:84:d4:e5:eb:
e1:17:4c:b2:a6:83:49:ce:c5:28:b3:72:a5:00:25:ea:7c:a5:
a5:49:64:ca:cf:c5:36:52:d0:f7:b3:d3:6f:81:22:18:73:d7:
60:85:3d:fd:ef:bd:9b:eb:e1:dc:16:e4:04:40:7c:5a:c0:0b:
67:c8:b4:a0:19:61:cf:2a:e5:ea:3d:51:e9:03:eb:51:e0:cd:
0a:67:81:da:38:65:5a:93:5d:17:9c:ce:10:05:42:7c:b0:3d:
ff:32:38:3e:74:6a:f6:df:04:87:91:f1:37:90:a6:03:1b:64:
42:e6:b5:a8:52:d4:0c:7b:19:93:67:76:26:da:6d:39:ed:9e:
b3:5f:9b:01:4b:af:c2:44:ba:39:01:b5:43:7e:29:87:13:cf:
9a:78:7b:f9:88:56:8b:8e:1a:eb:21:54:2f:45:1f:cb:b9:9b:
39:98:ea:1f:40:6f:57:c9:bb:04:0e:c6:0d:9c:43:de:12:d2:
87:3b:db:d1
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUDI53pDaVi/G7Ph0bS73tBX9J7i8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOThhODdjYWQ1YjcxMDg5MGE5NTI4ZjE2NmY0MjAyMzkz
ODI0ZTZiODAeFw0yNTA1MjcxNTQ1MzdaFw0yNjA1MjYxNTUwMzdaMDMxMTAvBgNV
BAMTKEM0MThCQTQwQzMxQUZBOEUyMjdCMDhERjI5QjgwQzc5NjYxNEIyREEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9as010IrsP07bX+TTEPeWl0uz
ZLqQ89x0NXSULfMeispAcZMSc91J0tSdD9HEPloElV2WVnMMBEK9bYFamL3QmsH7
+RwdOXP64Y6ZImyu4NC+54T3/gid6lkMg5Eh2c7uAWWnRWQk+KhLXT0uUHcuZnVh
KHZrHNmKOYtEAaqRMdlOn+o326iP47TAJ3Of/UMor9bVxW35asvFIQuriJPmIA1e
IAA60o/CU1tQz6vrF6zUXtI5M9jidtso+9LXCFJi2c0gDNdTd4ksDnkyksGFkGTs
r392wfHRogLo49FueWaJpk09uMqb+vLxgMGbHUxtKFup4JV/kOKOhHi1vXY3AgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUxBi6QMMa+o4iewjfKbgMeWYUstowHwYDVR0j
BBgwFoAUmKh8rVtxCJCpUo8Wb0ICOTgk5rgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZGNlMTk2ZmUtNGIxYS00NmVhLTljOTUtNGFmMTI5NjRh
NDlkLzAvOThBODdDQUQ1QjcxMDg5MEE5NTI4RjE2NkY0MjAyMzkzODI0RTZCOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL21LaDhyVnR4Q0pDcFVvOFdiMElDT1Rn
azVyZy5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZGNlMTk2ZmUt
NGIxYS00NmVhLTljOTUtNGFmMTI5NjRhNDlkLzAvMzI2MTMxMzEzYTM1MzczMDMz
M2E2MjMwMzA2MjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzMjMxMzQzOS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoRVwOwCzANBgkqhkiG9w0BAQsFAAOCAQEAYsrOamRBwxh/fHBr
/eDU/Z4JfAKuyg598R+QzPjs4BsfsTmRXmot65LvYNjlxiqkHsGUwXFgLakJElMQ
DUuyiJjWeAmE1OXr4RdMsqaDSc7FKLNypQAl6nylpUlkys/FNlLQ97PTb4EiGHPX
YIU9/e+9m+vh3BbkBEB8WsALZ8i0oBlhzyrl6j1R6QPrUeDNCmeB2jhlWpNdF5zO
EAVCfLA9/zI4PnRq9t8Eh5HxN5CmAxtkQua1qFLUDHsZk2d2JtptOe2es1+bAUuv
wkS6OQG1Q34phxPPmnh7+YhWi44a6yFUL0Ufy7mbOZjqH0BvV8m7BA7GDZxD3hLS
hzvb0Q==
-----END CERTIFICATE-----
Generated at Wed Jun 4 22:01:27 2025 by rpki-client