Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/326131313a353730353a623030623a3a2f34382d3438203d3e20323132313439.roa
File: 326131313a353730353a623030623a3a2f34382d3438203d3e20323132313439.roa (raw, json)
Hash identifier: YvH+3atWqaB4zJsHYK1cEoa4+J3Y8wbDOetaRpGkY9U=
Subject key identifier: 7C:72:AC:87:2E:94:BE:5A:54:DF:57:69:E6:E1:37:48:81:F3:34:0A
Certificate issuer: /CN=98a87cad5b710890a9528f166f4202393824e6b8
Certificate serial: 6AF67C315C2D624CF0973A2EF2F9E9B0484A036B
Authority key identifier: 98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/326131313a353730353a623030623a3a2f34382d3438203d3e20323132313439.roa
Signing time: Tue 27 May 2025 15:50:37 +0000
ROA not before: Tue 27 May 2025 15:45:37 +0000
ROA not after: Tue 26 May 2026 15:50:37 +0000
asID: 212149
IP address blocks: 2a11:5705:b00b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl
rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.mft
rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 05 Jun 2025 14:57:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:f6:7c:31:5c:2d:62:4c:f0:97:3a:2e:f2:f9:e9:b0:48:4a:03:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98a87cad5b710890a9528f166f4202393824e6b8
Validity
Not Before: May 27 15:45:37 2025 GMT
Not After : May 26 15:50:37 2026 GMT
Subject: CN=7C72AC872E94BE5A54DF5769E6E1374881F3340A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:ee:37:a8:44:db:03:29:c8:c9:7a:67:30:13:
d1:2f:64:00:27:36:4c:5e:d2:15:5a:61:30:6c:ea:
55:46:62:1c:31:53:c1:01:99:39:a4:99:21:fc:20:
a9:ff:98:e7:12:35:35:c8:eb:e9:4b:9d:8b:86:e5:
7e:a6:52:5a:37:7b:c9:66:13:60:a2:1e:ba:3f:c8:
66:b8:32:75:15:4b:e7:ad:09:35:09:64:77:0e:23:
15:90:b1:f6:4b:b8:fe:9c:24:28:53:e2:f0:4d:c0:
2a:57:0d:39:d3:55:c9:9d:03:df:ad:70:f2:f7:7e:
d2:3e:76:de:4b:50:08:e0:cf:2d:16:51:16:f6:65:
80:14:c3:6c:4b:d5:60:11:f9:66:85:0c:5e:98:05:
11:2e:09:fe:85:57:3b:90:f6:d9:6d:15:8c:6e:dc:
59:06:23:2f:96:a5:92:50:c7:2a:34:4c:ff:1b:15:
e7:79:69:ac:8e:3b:c3:d6:2e:15:39:23:c5:5d:45:
4d:6b:fb:6d:8b:6a:1a:71:17:9b:51:89:46:a7:6b:
eb:dd:ab:17:00:5b:f9:68:04:18:b6:30:d0:2c:5f:
34:28:c7:7c:68:01:d8:b0:5e:8f:c8:2a:a8:22:7c:
ea:f9:f4:7f:d0:65:93:a4:99:7b:d7:72:5a:aa:39:
70:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:72:AC:87:2E:94:BE:5A:54:DF:57:69:E6:E1:37:48:81:F3:34:0A
X509v3 Authority Key Identifier:
keyid:98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/326131313a353730353a623030623a3a2f34382d3438203d3e20323132313439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:5705:b00b::/48
Signature Algorithm: sha256WithRSAEncryption
ae:6f:2f:a0:6e:3c:5b:d2:c0:00:fc:48:54:71:12:d4:77:bd:
4e:f4:6b:9e:55:83:01:74:26:45:43:24:ef:e5:1b:8c:14:17:
89:02:4d:05:05:0d:6f:4c:b7:40:6a:e8:a9:64:53:81:b8:60:
dc:5f:7c:62:72:38:c1:bc:28:a0:74:4c:5f:0d:f7:ef:6b:d6:
4c:3e:dc:05:90:03:3a:ad:40:14:b7:21:fd:68:04:fa:de:be:
b0:a5:b9:37:d6:ad:6e:f0:82:30:6b:f9:44:75:7e:cd:95:2a:
4e:0a:b7:46:1e:1f:9c:28:ad:fa:c3:ba:0b:bb:5a:95:26:65:
88:bc:f2:e3:ea:f3:96:07:92:69:fe:88:e0:5a:77:12:6e:a9:
43:64:1d:4d:03:ea:12:be:81:4e:b1:f8:39:50:59:dc:36:1e:
f3:de:43:33:86:dc:77:4c:9c:6a:d4:35:a6:9e:19:b6:e5:3b:
3d:44:a2:2f:7f:4c:f0:95:0b:bf:66:15:cf:af:45:86:ac:70:
2b:53:28:40:6a:b0:fb:d0:d4:05:27:4f:ae:6a:32:32:53:c6:
b3:2a:ab:d1:1b:3d:f1:4c:0b:46:7d:88:b5:56:c3:1e:5b:c8:
f6:ed:6e:39:c2:fa:fd:2c:8e:10:bf:58:b1:63:05:ec:d4:56:
df:7c:ae:be
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUavZ8MVwtYkzwlzou8vnpsEhKA2swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOThhODdjYWQ1YjcxMDg5MGE5NTI4ZjE2NmY0MjAyMzkz
ODI0ZTZiODAeFw0yNTA1MjcxNTQ1MzdaFw0yNjA1MjYxNTUwMzdaMDMxMTAvBgNV
BAMTKDdDNzJBQzg3MkU5NEJFNUE1NERGNTc2OUU2RTEzNzQ4ODFGMzM0MEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDz7jeoRNsDKcjJemcwE9EvZAAn
Nkxe0hVaYTBs6lVGYhwxU8EBmTmkmSH8IKn/mOcSNTXI6+lLnYuG5X6mUlo3e8lm
E2CiHro/yGa4MnUVS+etCTUJZHcOIxWQsfZLuP6cJChT4vBNwCpXDTnTVcmdA9+t
cPL3ftI+dt5LUAjgzy0WURb2ZYAUw2xL1WAR+WaFDF6YBREuCf6FVzuQ9tltFYxu
3FkGIy+WpZJQxyo0TP8bFed5aayOO8PWLhU5I8VdRU1r+22LahpxF5tRiUana+vd
qxcAW/loBBi2MNAsXzQox3xoAdiwXo/IKqgifOr59H/QZZOkmXvXclqqOXDtAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUfHKshy6UvlpU31dp5uE3SIHzNAowHwYDVR0j
BBgwFoAUmKh8rVtxCJCpUo8Wb0ICOTgk5rgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZGNlMTk2ZmUtNGIxYS00NmVhLTljOTUtNGFmMTI5NjRh
NDlkLzAvOThBODdDQUQ1QjcxMDg5MEE5NTI4RjE2NkY0MjAyMzkzODI0RTZCOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL21LaDhyVnR4Q0pDcFVvOFdiMElDT1Rn
azVyZy5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZGNlMTk2ZmUt
NGIxYS00NmVhLTljOTUtNGFmMTI5NjRhNDlkLzAvMzI2MTMxMzEzYTM1MzczMDM1
M2E2MjMwMzA2MjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzMjMxMzQzOS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoRVwWwCzANBgkqhkiG9w0BAQsFAAOCAQEArm8voG48W9LAAPxI
VHES1He9TvRrnlWDAXQmRUMk7+UbjBQXiQJNBQUNb0y3QGroqWRTgbhg3F98YnI4
wbwooHRMXw3372vWTD7cBZADOq1AFLch/WgE+t6+sKW5N9atbvCCMGv5RHV+zZUq
Tgq3Rh4fnCit+sO6C7talSZliLzy4+rzlgeSaf6I4Fp3Em6pQ2QdTQPqEr6BTrH4
OVBZ3DYe895DM4bcd0ycatQ1pp4ZtuU7PUSiL39M8JULv2YVz69FhqxwK1MoQGqw
+9DUBSdPrmoyMlPGsyqr0Rs98UwLRn2ItVbDHlvI9u1uOcL6/SyOEL9YsWMF7NRW
33yuvg==
-----END CERTIFICATE-----
Generated at Wed Jun 4 22:00:04 2025 by rpki-client