Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/326131313a353730363a623030623a3a2f34382d3438203d3e20323132313439.roa
File: 326131313a353730363a623030623a3a2f34382d3438203d3e20323132313439.roa (raw, json)
Hash identifier: +GiVUNSbcYm0MXNlVgxa6VflGOlRp9hOfbY/aidYY1U=
Subject key identifier: BB:55:B5:0C:89:7F:1F:7E:C5:D0:69:CB:88:15:37:3A:2F:2D:FE:F6
Certificate issuer: /CN=98a87cad5b710890a9528f166f4202393824e6b8
Certificate serial: 017A62929D44C9F04BA21B155AB726281182A4AB
Authority key identifier: 98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/326131313a353730363a623030623a3a2f34382d3438203d3e20323132313439.roa
Signing time: Tue 27 May 2025 15:50:37 +0000
ROA not before: Tue 27 May 2025 15:45:37 +0000
ROA not after: Tue 26 May 2026 15:50:37 +0000
asID: 212149
IP address blocks: 2a11:5706:b00b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl
rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.mft
rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 05 Jun 2025 14:57:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:7a:62:92:9d:44:c9:f0:4b:a2:1b:15:5a:b7:26:28:11:82:a4:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98a87cad5b710890a9528f166f4202393824e6b8
Validity
Not Before: May 27 15:45:37 2025 GMT
Not After : May 26 15:50:37 2026 GMT
Subject: CN=BB55B50C897F1F7EC5D069CB8815373A2F2DFEF6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:aa:38:1e:a6:17:32:28:71:e9:5c:63:05:b2:
d5:8a:b4:20:ad:55:af:a5:78:86:af:db:f3:45:3e:
41:59:4c:0e:38:90:8a:ef:a2:6b:2e:e0:fb:e7:ff:
5d:b9:63:dc:40:ff:b1:72:b1:46:03:ec:ba:05:7e:
54:41:f0:ce:07:7b:5e:ac:07:be:8b:75:3b:f2:e4:
b6:c7:92:a0:fe:ec:50:2e:a2:35:34:14:cb:b2:6f:
6a:23:81:78:fc:07:96:5a:8c:19:c0:50:5e:cf:4b:
fa:75:53:aa:dd:e9:95:e1:c5:8f:94:aa:7e:a7:0b:
10:be:f0:65:f5:7c:f4:f7:f4:44:9e:1f:a2:4e:21:
07:8c:31:2e:50:08:9a:3e:4f:94:8b:ec:1c:46:b5:
65:21:69:fe:6e:dc:9d:25:15:16:17:b8:c2:90:60:
48:4c:fb:16:f8:be:fb:39:bb:fc:dc:d2:e6:8d:2c:
31:e1:6a:4a:4b:65:0f:12:62:c2:17:4f:40:1d:e9:
c9:e1:17:a8:27:9f:f9:26:27:75:ea:ff:47:ce:3f:
08:a6:d0:e1:9f:19:04:eb:c7:09:3e:1e:85:c0:5d:
57:fa:34:44:65:5f:86:40:ca:8b:04:d1:da:d5:66:
e7:cd:d9:65:6b:2e:34:5a:37:84:8b:a8:d5:4a:af:
cb:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:55:B5:0C:89:7F:1F:7E:C5:D0:69:CB:88:15:37:3A:2F:2D:FE:F6
X509v3 Authority Key Identifier:
keyid:98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/326131313a353730363a623030623a3a2f34382d3438203d3e20323132313439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:5706:b00b::/48
Signature Algorithm: sha256WithRSAEncryption
32:d3:b3:47:c6:fb:37:a8:d9:87:98:f3:9b:3b:b0:f0:2d:40:
e0:1a:53:95:36:ab:78:2b:85:f7:65:96:95:e6:fb:df:05:94:
57:d8:d3:d0:da:a9:92:a5:d1:16:33:53:f9:71:dd:ca:fa:5d:
e2:9b:36:bf:a6:a1:38:91:e7:4d:78:45:23:18:e7:ca:d5:12:
06:0e:dd:dd:c0:21:ed:fd:17:1c:9c:19:8f:a8:e2:f7:a1:b9:
64:d7:83:8a:fa:c6:30:e4:71:7a:9c:3d:5a:b4:ee:1c:35:a1:
0a:0c:79:f2:1b:63:fb:f2:8e:80:3f:23:11:dd:99:7d:20:ba:
f1:b0:c1:2e:a2:54:26:a9:17:93:af:63:48:fa:b7:35:6d:dd:
d9:9d:04:16:34:cd:60:2a:78:5b:97:af:4c:62:f4:eb:4d:a1:
73:40:f1:3b:5f:80:84:8a:93:4e:b2:ec:12:71:00:84:14:b4:
35:9f:eb:ee:6b:d0:08:75:30:ef:96:dd:92:96:97:97:6a:ed:
b1:3f:e0:e7:56:b0:d0:03:de:46:ca:71:d5:9c:e1:0d:42:e5:
b7:b0:ef:a2:0d:56:08:6b:09:5a:50:27:f4:73:03:94:d1:82:
41:32:8d:a7:f0:2f:52:f5:27:e6:73:a9:2d:57:e1:40:25:26:
89:39:50:28
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUAXpikp1EyfBLohsVWrcmKBGCpKswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOThhODdjYWQ1YjcxMDg5MGE5NTI4ZjE2NmY0MjAyMzkz
ODI0ZTZiODAeFw0yNTA1MjcxNTQ1MzdaFw0yNjA1MjYxNTUwMzdaMDMxMTAvBgNV
BAMTKEJCNTVCNTBDODk3RjFGN0VDNUQwNjlDQjg4MTUzNzNBMkYyREZFRjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEqjgephcyKHHpXGMFstWKtCCt
Va+leIav2/NFPkFZTA44kIrvomsu4Pvn/125Y9xA/7FysUYD7LoFflRB8M4He16s
B76LdTvy5LbHkqD+7FAuojU0FMuyb2ojgXj8B5ZajBnAUF7PS/p1U6rd6ZXhxY+U
qn6nCxC+8GX1fPT39ESeH6JOIQeMMS5QCJo+T5SL7BxGtWUhaf5u3J0lFRYXuMKQ
YEhM+xb4vvs5u/zc0uaNLDHhakpLZQ8SYsIXT0Ad6cnhF6gnn/kmJ3Xq/0fOPwim
0OGfGQTrxwk+HoXAXVf6NERlX4ZAyosE0drVZufN2WVrLjRaN4SLqNVKr8unAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUu1W1DIl/H37F0GnLiBU3Oi8t/vYwHwYDVR0j
BBgwFoAUmKh8rVtxCJCpUo8Wb0ICOTgk5rgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZGNlMTk2ZmUtNGIxYS00NmVhLTljOTUtNGFmMTI5NjRh
NDlkLzAvOThBODdDQUQ1QjcxMDg5MEE5NTI4RjE2NkY0MjAyMzkzODI0RTZCOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL21LaDhyVnR4Q0pDcFVvOFdiMElDT1Rn
azVyZy5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZGNlMTk2ZmUt
NGIxYS00NmVhLTljOTUtNGFmMTI5NjRhNDlkLzAvMzI2MTMxMzEzYTM1MzczMDM2
M2E2MjMwMzA2MjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzMjMxMzQzOS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoRVwawCzANBgkqhkiG9w0BAQsFAAOCAQEAMtOzR8b7N6jZh5jz
mzuw8C1A4BpTlTareCuF92WWleb73wWUV9jT0NqpkqXRFjNT+XHdyvpd4ps2v6ah
OJHnTXhFIxjnytUSBg7d3cAh7f0XHJwZj6ji96G5ZNeDivrGMORxepw9WrTuHDWh
Cgx58htj+/KOgD8jEd2ZfSC68bDBLqJUJqkXk69jSPq3NW3d2Z0EFjTNYCp4W5ev
TGL0602hc0DxO1+AhIqTTrLsEnEAhBS0NZ/r7mvQCHUw75bdkpaXl2rtsT/g51aw
0APeRspx1ZzhDULlt7Dvog1WCGsJWlAn9HMDlNGCQTKNp/AvUvUn5nOpLVfhQCUm
iTlQKA==
-----END CERTIFICATE-----
Generated at Wed Jun 4 22:03:24 2025 by rpki-client