Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/326131313a353730343a623030623a3a2f34382d3438203d3e20323132313439.roa
File: 326131313a353730343a623030623a3a2f34382d3438203d3e20323132313439.roa (raw, json)
Hash identifier: e6pNQA8izdBKRkcuzWtfOOmNK456AAkxlNJ6pMTNpsc=
Subject key identifier: A3:42:97:AD:0D:79:56:A1:9C:43:03:30:45:18:E4:F7:C3:10:4A:7B
Certificate issuer: /CN=98a87cad5b710890a9528f166f4202393824e6b8
Certificate serial: 48E9D571D35CD04DD92043A1AFFAAED7D2A0105D
Authority key identifier: 98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/326131313a353730343a623030623a3a2f34382d3438203d3e20323132313439.roa
Signing time: Tue 27 May 2025 15:50:36 +0000
ROA not before: Tue 27 May 2025 15:45:36 +0000
ROA not after: Tue 26 May 2026 15:50:36 +0000
asID: 212149
IP address blocks: 2a11:5704:b00b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl
rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.mft
rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 05 Jun 2025 14:57:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:e9:d5:71:d3:5c:d0:4d:d9:20:43:a1:af:fa:ae:d7:d2:a0:10:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98a87cad5b710890a9528f166f4202393824e6b8
Validity
Not Before: May 27 15:45:36 2025 GMT
Not After : May 26 15:50:36 2026 GMT
Subject: CN=A34297AD0D7956A19C4303304518E4F7C3104A7B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:5f:dc:a1:a2:b4:75:42:75:45:2d:b0:22:c6:
c6:97:50:08:51:dd:2b:51:d7:ff:c2:98:3f:d5:05:
7b:e0:3b:fc:42:7d:f6:dd:94:6e:29:7e:8a:04:ec:
ea:d2:97:86:07:51:53:6b:bf:e3:ce:7a:36:07:8e:
d7:fe:51:96:f4:4b:6e:82:e0:74:ee:0d:9f:1d:f1:
e4:17:2f:d0:cc:8b:aa:32:24:f3:53:e8:41:03:ba:
e6:e4:07:65:ef:0e:89:1a:55:94:6c:e5:28:55:87:
ce:e8:ac:8b:cf:e1:d8:a5:2f:97:05:8e:91:05:9c:
bd:8f:d9:ec:31:e6:d7:cd:21:13:c2:41:68:88:fa:
54:1b:c3:73:60:b8:68:4c:d0:22:17:b1:e2:d3:5c:
57:6c:d2:f5:29:c7:52:a6:bb:25:78:22:74:25:8a:
01:ac:92:58:d7:ff:9c:15:62:de:b0:c1:0c:76:2b:
50:77:6e:ab:77:ab:24:44:07:ba:76:ab:e0:3a:a0:
24:d0:ad:c0:56:9b:50:15:52:44:d3:50:6f:e2:ee:
48:cd:37:c5:80:f5:b3:39:a8:d6:f9:72:cd:37:cf:
ca:42:40:fb:e7:0a:0e:01:ad:2f:12:22:59:64:ec:
39:fc:72:82:33:0d:1d:22:83:0d:7c:3e:e8:43:11:
ab:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:42:97:AD:0D:79:56:A1:9C:43:03:30:45:18:E4:F7:C3:10:4A:7B
X509v3 Authority Key Identifier:
keyid:98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/326131313a353730343a623030623a3a2f34382d3438203d3e20323132313439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:5704:b00b::/48
Signature Algorithm: sha256WithRSAEncryption
16:a1:62:92:1e:5e:da:ca:e5:5a:80:7b:ad:15:4d:3b:cb:ee:
df:e3:3c:c5:7a:25:50:5a:ba:98:3e:69:74:4f:f1:7f:45:7e:
cf:14:1f:2d:4b:a1:5c:88:d9:64:f2:26:c9:16:e0:63:b1:6b:
74:b3:0a:f6:6b:ae:cb:93:46:dd:68:74:68:89:9e:39:c3:dd:
de:7f:77:e7:3d:3c:fd:a3:4a:1c:3c:42:e9:ee:33:63:ee:57:
a2:55:b0:63:f8:96:9a:1b:a7:a2:12:a6:0b:e7:cf:1b:af:63:
e4:3c:02:5e:ab:27:28:97:1a:de:11:54:e0:01:16:8c:b7:54:
a7:72:cb:95:78:34:9d:81:75:b8:2c:15:dc:8f:44:85:27:8b:
77:af:6d:2f:3c:65:c6:6b:61:c3:db:9d:60:22:2f:99:02:b7:
03:ef:ae:e8:7d:a6:c2:21:40:aa:70:36:3b:d7:48:53:8f:20:
09:26:4d:09:c5:2f:d4:58:11:dd:48:4e:b9:66:ce:3e:10:a2:
3c:9e:5e:29:98:4b:db:c4:6f:0d:0f:26:a1:fe:da:bd:b0:9c:
fe:2c:04:af:d6:b5:15:9b:55:c3:7e:53:f9:30:f8:14:71:16:
b5:3c:40:e3:da:37:a0:a1:62:97:5c:f8:f1:c1:e6:9f:72:5d:
79:e7:23:32
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUSOnVcdNc0E3ZIEOhr/qu19KgEF0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOThhODdjYWQ1YjcxMDg5MGE5NTI4ZjE2NmY0MjAyMzkz
ODI0ZTZiODAeFw0yNTA1MjcxNTQ1MzZaFw0yNjA1MjYxNTUwMzZaMDMxMTAvBgNV
BAMTKEEzNDI5N0FEMEQ3OTU2QTE5QzQzMDMzMDQ1MThFNEY3QzMxMDRBN0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD2X9yhorR1QnVFLbAixsaXUAhR
3StR1//CmD/VBXvgO/xCffbdlG4pfooE7OrSl4YHUVNrv+POejYHjtf+UZb0S26C
4HTuDZ8d8eQXL9DMi6oyJPNT6EEDuubkB2XvDokaVZRs5ShVh87orIvP4dilL5cF
jpEFnL2P2ewx5tfNIRPCQWiI+lQbw3NguGhM0CIXseLTXFds0vUpx1KmuyV4InQl
igGskljX/5wVYt6wwQx2K1B3bqt3qyREB7p2q+A6oCTQrcBWm1AVUkTTUG/i7kjN
N8WA9bM5qNb5cs03z8pCQPvnCg4BrS8SIllk7Dn8coIzDR0igw18PuhDEauVAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUo0KXrQ15VqGcQwMwRRjk98MQSnswHwYDVR0j
BBgwFoAUmKh8rVtxCJCpUo8Wb0ICOTgk5rgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZGNlMTk2ZmUtNGIxYS00NmVhLTljOTUtNGFmMTI5NjRh
NDlkLzAvOThBODdDQUQ1QjcxMDg5MEE5NTI4RjE2NkY0MjAyMzkzODI0RTZCOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL21LaDhyVnR4Q0pDcFVvOFdiMElDT1Rn
azVyZy5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZGNlMTk2ZmUt
NGIxYS00NmVhLTljOTUtNGFmMTI5NjRhNDlkLzAvMzI2MTMxMzEzYTM1MzczMDM0
M2E2MjMwMzA2MjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzMjMxMzQzOS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoRVwSwCzANBgkqhkiG9w0BAQsFAAOCAQEAFqFikh5e2srlWoB7
rRVNO8vu3+M8xXolUFq6mD5pdE/xf0V+zxQfLUuhXIjZZPImyRbgY7FrdLMK9muu
y5NG3Wh0aImeOcPd3n935z08/aNKHDxC6e4zY+5XolWwY/iWmhunohKmC+fPG69j
5DwCXqsnKJca3hFU4AEWjLdUp3LLlXg0nYF1uCwV3I9EhSeLd69tLzxlxmthw9ud
YCIvmQK3A++u6H2mwiFAqnA2O9dIU48gCSZNCcUv1FgR3UhOuWbOPhCiPJ5eKZhL
28RvDQ8mof7avbCc/iwEr9a1FZtVw35T+TD4FHEWtTxA49o3oKFil1z48cHmn3Jd
eecjMg==
-----END CERTIFICATE-----
Generated at Wed Jun 4 22:01:28 2025 by rpki-client