Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/326131313a353730373a623030623a3a2f34382d3438203d3e20323132313439.roa
File: 326131313a353730373a623030623a3a2f34382d3438203d3e20323132313439.roa (raw, json)
Hash identifier: 11LkJhM5pGNm95iRuza8Ye8pvz7Hby+G2YVPV9KFFMI=
Subject key identifier: 83:A9:67:4C:6F:24:D0:E7:E5:71:69:07:A5:0D:BB:D1:31:90:84:14
Certificate issuer: /CN=98a87cad5b710890a9528f166f4202393824e6b8
Certificate serial: 41E233D220346C239D49997F3F7CA3A1DFA702EE
Authority key identifier: 98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/326131313a353730373a623030623a3a2f34382d3438203d3e20323132313439.roa
Signing time: Tue 27 May 2025 15:50:36 +0000
ROA not before: Tue 27 May 2025 15:45:36 +0000
ROA not after: Tue 26 May 2026 15:50:36 +0000
asID: 212149
IP address blocks: 2a11:5707:b00b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl
rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.mft
rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 05 Jun 2025 14:57:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:e2:33:d2:20:34:6c:23:9d:49:99:7f:3f:7c:a3:a1:df:a7:02:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98a87cad5b710890a9528f166f4202393824e6b8
Validity
Not Before: May 27 15:45:36 2025 GMT
Not After : May 26 15:50:36 2026 GMT
Subject: CN=83A9674C6F24D0E7E5716907A50DBBD131908414
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:e5:7a:57:af:48:0d:a2:e6:2e:b1:dd:ef:db:
a6:53:66:87:31:91:75:58:cd:c1:ea:be:42:9a:fc:
f8:71:91:17:b8:b6:11:c6:b6:c3:2b:9b:c1:f4:2b:
17:11:6f:70:72:6e:f9:46:ca:51:e2:2e:24:a1:2f:
e9:a4:69:49:45:17:4b:48:f7:4e:cf:a2:f1:ff:c7:
b7:76:36:8f:ce:5c:1b:06:b3:51:20:f9:2b:3c:1a:
b2:d5:01:32:97:b9:f2:39:fc:3f:fa:7f:87:9d:e7:
5d:fb:ee:7c:b7:ae:eb:c2:d2:88:b6:48:a3:91:96:
0d:6d:b3:79:2a:04:ce:94:b4:88:1e:bd:f2:39:b4:
1d:e3:33:5c:5c:bf:4b:fe:ac:63:b7:8f:eb:47:07:
42:66:92:da:7d:2c:a7:dc:b3:61:e1:00:3f:61:2b:
b4:c2:f2:89:73:7a:e9:20:1e:5f:41:d6:48:13:d0:
1b:61:17:34:89:fd:07:12:0b:5c:2a:d2:15:92:5f:
22:d5:5b:cc:34:84:1b:bd:cf:7a:9c:29:d1:47:88:
83:e8:53:5c:af:80:36:f1:dc:79:3c:b2:a4:95:ee:
e1:85:f1:c9:61:ca:38:f3:a2:a7:7e:d3:fd:2a:54:
07:31:df:78:cf:c6:f0:dd:bc:c3:b2:81:f4:8c:f7:
2d:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:A9:67:4C:6F:24:D0:E7:E5:71:69:07:A5:0D:BB:D1:31:90:84:14
X509v3 Authority Key Identifier:
keyid:98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/326131313a353730373a623030623a3a2f34382d3438203d3e20323132313439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:5707:b00b::/48
Signature Algorithm: sha256WithRSAEncryption
ba:5a:20:ba:fe:98:eb:30:ac:3d:ff:96:68:08:e8:d7:d2:5e:
6a:d8:50:22:0d:e7:a9:8b:f7:34:05:31:5a:e7:37:7d:02:86:
bc:e4:14:8d:c7:89:1d:5e:89:49:e2:1f:dc:f8:0f:23:4f:d8:
33:a3:8f:bd:e7:36:e1:45:91:d1:38:bb:ce:5e:36:fa:83:9c:
f3:a2:67:6d:bf:50:fe:bb:ba:79:9e:40:9a:ad:47:9f:f2:75:
11:1d:87:c7:b7:06:b3:cc:06:a4:42:29:f1:95:d6:cb:b9:10:
54:82:50:03:3a:09:2d:37:6e:8b:5d:d6:b4:53:91:6d:61:6c:
07:f1:66:c3:04:3d:f4:2a:36:5a:74:01:7a:7c:a1:c7:97:55:
d4:39:c8:e4:b9:63:e6:a5:d2:92:98:69:2b:54:6b:21:c0:24:
25:00:f6:75:be:8c:72:c1:2f:8c:df:f7:d7:46:77:ab:af:4a:
0f:b6:50:e4:c6:0b:48:33:a2:20:80:ee:4f:8c:e4:5a:6e:ea:
fc:06:dd:3a:94:99:35:30:39:81:84:11:f4:db:14:82:33:92:
36:6c:74:9b:ab:3b:8e:18:e7:bf:f5:13:48:a2:19:31:9e:b6:
8b:f7:f1:dd:17:e7:ac:3e:df:44:d4:3d:8c:a3:7b:2c:d6:43:
ed:6f:a6:de
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUQeIz0iA0bCOdSZl/P3yjod+nAu4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOThhODdjYWQ1YjcxMDg5MGE5NTI4ZjE2NmY0MjAyMzkz
ODI0ZTZiODAeFw0yNTA1MjcxNTQ1MzZaFw0yNjA1MjYxNTUwMzZaMDMxMTAvBgNV
BAMTKDgzQTk2NzRDNkYyNEQwRTdFNTcxNjkwN0E1MERCQkQxMzE5MDg0MTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDV5XpXr0gNouYusd3v26ZTZocx
kXVYzcHqvkKa/PhxkRe4thHGtsMrm8H0KxcRb3BybvlGylHiLiShL+mkaUlFF0tI
907PovH/x7d2No/OXBsGs1Eg+Ss8GrLVATKXufI5/D/6f4ed51377ny3ruvC0oi2
SKORlg1ts3kqBM6UtIgevfI5tB3jM1xcv0v+rGO3j+tHB0Jmktp9LKfcs2HhAD9h
K7TC8olzeukgHl9B1kgT0BthFzSJ/QcSC1wq0hWSXyLVW8w0hBu9z3qcKdFHiIPo
U1yvgDbx3Hk8sqSV7uGF8clhyjjzoqd+0/0qVAcx33jPxvDdvMOygfSM9y11AgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUg6lnTG8k0OflcWkHpQ270TGQhBQwHwYDVR0j
BBgwFoAUmKh8rVtxCJCpUo8Wb0ICOTgk5rgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZGNlMTk2ZmUtNGIxYS00NmVhLTljOTUtNGFmMTI5NjRh
NDlkLzAvOThBODdDQUQ1QjcxMDg5MEE5NTI4RjE2NkY0MjAyMzkzODI0RTZCOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL21LaDhyVnR4Q0pDcFVvOFdiMElDT1Rn
azVyZy5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZGNlMTk2ZmUt
NGIxYS00NmVhLTljOTUtNGFmMTI5NjRhNDlkLzAvMzI2MTMxMzEzYTM1MzczMDM3
M2E2MjMwMzA2MjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzMjMxMzQzOS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoRVwewCzANBgkqhkiG9w0BAQsFAAOCAQEAuloguv6Y6zCsPf+W
aAjo19JeathQIg3nqYv3NAUxWuc3fQKGvOQUjceJHV6JSeIf3PgPI0/YM6OPvec2
4UWR0Ti7zl42+oOc86Jnbb9Q/ru6eZ5Amq1Hn/J1ER2Hx7cGs8wGpEIp8ZXWy7kQ
VIJQAzoJLTdui13WtFORbWFsB/FmwwQ99Co2WnQBenyhx5dV1DnI5Llj5qXSkphp
K1RrIcAkJQD2db6McsEvjN/310Z3q69KD7ZQ5MYLSDOiIIDuT4zkWm7q/AbdOpSZ
NTA5gYQR9NsUgjOSNmx0m6s7jhjnv/UTSKIZMZ62i/fx3RfnrD7fRNQ9jKN7LNZD
7W+m3g==
-----END CERTIFICATE-----
Generated at Wed Jun 4 22:01:28 2025 by rpki-client