Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/326131313a663263303a666630303a3a2f34382d3438203d3e20323037393630.roa
File: 326131313a663263303a666630303a3a2f34382d3438203d3e20323037393630.roa (raw, json)
Hash identifier: 6+o/SVChTjHbiYUJ03zyc6Ju+ZkXcW4hDy3lbeRRz+k=
Subject key identifier: F9:11:1C:6B:5E:84:B5:1E:5A:83:0F:77:9D:A8:D4:3D:0D:DE:65:E8
Certificate issuer: /CN=0839a93dab544c296ffa143456844a8b2818b1d0
Certificate serial: 080D183814C08ECBA40DF7F8387D132B29B443B6
Authority key identifier: 08:39:A9:3D:AB:54:4C:29:6F:FA:14:34:56:84:4A:8B:28:18:B1:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CDmpPatUTClv-hQ0VoRKiygYsdA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/326131313a663263303a666630303a3a2f34382d3438203d3e20323037393630.roa
Signing time: Tue 25 Feb 2025 07:47:48 +0000
ROA not before: Tue 25 Feb 2025 07:42:48 +0000
ROA not after: Tue 24 Feb 2026 07:47:48 +0000
asID: 207960
IP address blocks: 2a11:f2c0:ff00::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/0839A93DAB544C296FFA143456844A8B2818B1D0.crl
rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/0839A93DAB544C296FFA143456844A8B2818B1D0.mft
rsync://rpki.ripe.net/repository/DEFAULT/CDmpPatUTClv-hQ0VoRKiygYsdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 04 Apr 2025 01:13:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:0d:18:38:14:c0:8e:cb:a4:0d:f7:f8:38:7d:13:2b:29:b4:43:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0839a93dab544c296ffa143456844a8b2818b1d0
Validity
Not Before: Feb 25 07:42:48 2025 GMT
Not After : Feb 24 07:47:48 2026 GMT
Subject: CN=F9111C6B5E84B51E5A830F779DA8D43D0DDE65E8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:bf:c6:49:43:cf:bf:42:3e:68:e0:5b:a6:b1:
dd:f9:c1:39:45:da:2b:9d:9e:fc:8c:5e:54:ec:59:
48:2e:3c:6e:2b:11:b2:44:5e:9b:42:ae:7a:ed:09:
db:cb:f9:8c:63:51:d2:02:40:da:c4:bc:bc:49:1d:
e6:f2:69:ab:cc:49:c1:92:25:e5:51:f9:15:6e:32:
43:e8:5b:9b:6c:b6:b4:63:7c:96:fd:50:de:6f:36:
f5:22:d7:08:42:39:c9:1e:5d:8f:73:85:85:c6:34:
b3:80:6d:70:5c:d0:90:75:4f:20:1e:12:be:af:a4:
69:64:88:05:15:31:6a:9a:13:f4:4b:4c:b5:b7:33:
56:b4:26:0a:10:a4:8b:01:d5:91:16:0a:2d:e1:f5:
f1:31:a2:50:da:29:2a:75:51:bc:70:1c:d3:65:63:
54:53:d2:75:9e:5b:39:fb:a2:d0:f7:e9:bb:cb:e9:
a0:d8:d3:8f:19:f7:ee:7f:87:d2:f2:97:f5:b0:0f:
23:1e:44:02:f6:78:fb:94:4a:6c:3b:84:ec:84:74:
0e:67:e0:36:ab:d8:44:c8:d7:d3:5b:b7:2b:35:0b:
62:f8:2e:9e:35:4e:da:e9:33:89:fb:d9:9d:d1:11:
38:17:af:b8:fb:a0:e7:34:7f:a1:93:ef:e0:87:cd:
4e:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:11:1C:6B:5E:84:B5:1E:5A:83:0F:77:9D:A8:D4:3D:0D:DE:65:E8
X509v3 Authority Key Identifier:
keyid:08:39:A9:3D:AB:54:4C:29:6F:FA:14:34:56:84:4A:8B:28:18:B1:D0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/0839A93DAB544C296FFA143456844A8B2818B1D0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CDmpPatUTClv-hQ0VoRKiygYsdA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/326131313a663263303a666630303a3a2f34382d3438203d3e20323037393630.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:f2c0:ff00::/48
Signature Algorithm: sha256WithRSAEncryption
3d:86:50:9b:7f:92:f7:30:19:17:99:e5:78:c5:e9:40:95:d4:
6a:4c:19:fa:a0:80:8b:64:4a:12:cb:ce:37:b2:98:16:8d:05:
46:b4:89:f2:1c:4b:16:f5:7f:1c:f6:65:69:0e:ab:27:af:a7:
5c:57:4f:65:43:44:f0:60:e5:49:43:83:2f:3d:47:91:47:f9:
66:82:b2:37:b1:17:0b:de:56:e9:f4:b7:9c:de:9a:6e:67:ac:
ca:e0:6e:c5:17:ff:a1:01:f9:fc:ef:4a:3a:72:66:49:d5:75:
81:eb:bb:34:1e:29:b8:e6:d6:f7:a6:fa:70:5c:7f:e2:e6:93:
b0:9a:de:5d:7a:cb:49:82:d0:f3:83:7c:e4:22:c9:71:63:8a:
e9:02:2b:3a:b8:00:80:ab:29:7e:19:4f:c9:d8:34:07:fe:f6:
40:bc:23:20:2e:93:43:28:8b:29:35:21:de:c7:c0:dd:3b:42:
90:23:12:80:12:d4:5a:93:b3:9b:7a:fb:85:f7:7b:57:73:30:
9d:c5:a0:a4:e3:7e:3c:7b:b9:68:36:62:6d:39:8a:3e:1c:f0:
44:31:10:57:94:8d:cc:df:d5:7c:9a:79:34:3c:78:81:c0:39:
a3:1d:55:47:3d:e9:0c:cc:af:65:47:d4:8e:74:e0:b6:7e:cb:
2e:b8:c8:f6
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUCA0YOBTAjsukDff4OH0TKym0Q7YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDgzOWE5M2RhYjU0NGMyOTZmZmExNDM0NTY4NDRhOGIy
ODE4YjFkMDAeFw0yNTAyMjUwNzQyNDhaFw0yNjAyMjQwNzQ3NDhaMDMxMTAvBgNV
BAMTKEY5MTExQzZCNUU4NEI1MUU1QTgzMEY3NzlEQThENDNEMERERTY1RTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfv8ZJQ8+/Qj5o4Fumsd35wTlF
2iudnvyMXlTsWUguPG4rEbJEXptCrnrtCdvL+YxjUdICQNrEvLxJHebyaavMScGS
JeVR+RVuMkPoW5tstrRjfJb9UN5vNvUi1whCOckeXY9zhYXGNLOAbXBc0JB1TyAe
Er6vpGlkiAUVMWqaE/RLTLW3M1a0JgoQpIsB1ZEWCi3h9fExolDaKSp1UbxwHNNl
Y1RT0nWeWzn7otD36bvL6aDY048Z9+5/h9Lyl/WwDyMeRAL2ePuUSmw7hOyEdA5n
4Dar2ETI19Nbtys1C2L4Lp41TtrpM4n72Z3RETgXr7j7oOc0f6GT7+CHzU7TAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQU+REca16EtR5agw93najUPQ3eZegwHwYDVR0j
BBgwFoAUCDmpPatUTClv+hQ0VoRKiygYsdAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZGRlODM3ZmItNjM5MC00MWI1LTgyYTAtZjBkMDJjMDNh
MmM2LzcvMDgzOUE5M0RBQjU0NEMyOTZGRkExNDM0NTY4NDRBOEIyODE4QjFEMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NEbXBQYXRVVENsdi1oUTBWb1JLaXln
WXNkQS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZGRlODM3ZmIt
NjM5MC00MWI1LTgyYTAtZjBkMDJjMDNhMmM2LzcvMzI2MTMxMzEzYTY2MzI2MzMw
M2E2NjY2MzAzMDNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAzNzM5MzYzMC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoR8sD/ADANBgkqhkiG9w0BAQsFAAOCAQEAPYZQm3+S9zAZF5nl
eMXpQJXUakwZ+qCAi2RKEsvON7KYFo0FRrSJ8hxLFvV/HPZlaQ6rJ6+nXFdPZUNE
8GDlSUODLz1HkUf5ZoKyN7EXC95W6fS3nN6abmesyuBuxRf/oQH5/O9KOnJmSdV1
geu7NB4puObW96b6cFx/4uaTsJreXXrLSYLQ84N85CLJcWOK6QIrOrgAgKspfhlP
ydg0B/72QLwjIC6TQyiLKTUh3sfA3TtCkCMSgBLUWpOzm3r7hfd7V3MwncWgpON+
PHu5aDZibTmKPhzwRDEQV5SNzN/VfJp5NDx4gcA5ox1VRz3pDMyvZUfUjnTgtn7L
LrjI9g==
-----END CERTIFICATE-----
Generated at Thu Apr 3 11:02:20 2025 by rpki-client