Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/326131313a663263303a666635303a3a2f34382d3438203d3e20323032333539.roa
File: 326131313a663263303a666635303a3a2f34382d3438203d3e20323032333539.roa (raw, json)
Hash identifier: RTtc7kvQY4mgVpXb0OGaj3d8CGbqE+rrAFaJtMYV3Gw=
Subject key identifier: 52:B1:A7:E2:BD:1F:53:5F:23:A4:AC:34:6C:26:D8:CD:61:77:52:E0
Certificate issuer: /CN=0839a93dab544c296ffa143456844a8b2818b1d0
Certificate serial: 74028683A47A41D065A71B1C580FC7F97A939FAC
Authority key identifier: 08:39:A9:3D:AB:54:4C:29:6F:FA:14:34:56:84:4A:8B:28:18:B1:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CDmpPatUTClv-hQ0VoRKiygYsdA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/326131313a663263303a666635303a3a2f34382d3438203d3e20323032333539.roa
Signing time: Wed 29 Jan 2025 16:22:52 +0000
ROA not before: Wed 29 Jan 2025 16:17:52 +0000
ROA not after: Wed 28 Jan 2026 16:22:52 +0000
asID: 202359
IP address blocks: 2a11:f2c0:ff50::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/0839A93DAB544C296FFA143456844A8B2818B1D0.crl
rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/0839A93DAB544C296FFA143456844A8B2818B1D0.mft
rsync://rpki.ripe.net/repository/DEFAULT/CDmpPatUTClv-hQ0VoRKiygYsdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Apr 2025 22:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:02:86:83:a4:7a:41:d0:65:a7:1b:1c:58:0f:c7:f9:7a:93:9f:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0839a93dab544c296ffa143456844a8b2818b1d0
Validity
Not Before: Jan 29 16:17:52 2025 GMT
Not After : Jan 28 16:22:52 2026 GMT
Subject: CN=52B1A7E2BD1F535F23A4AC346C26D8CD617752E0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:74:f8:09:94:eb:91:8f:5d:66:6a:43:76:01:
dc:52:e0:ab:b5:82:2b:f8:f0:de:10:af:ce:9c:ca:
82:cb:1b:bc:74:19:d1:ce:62:ae:83:99:20:6f:42:
fd:06:0b:39:d0:82:e9:16:42:56:a8:6d:2a:ce:cb:
76:d8:c3:35:01:4b:f6:6c:41:46:4a:7e:3c:3c:c0:
bb:b1:23:62:84:d1:a2:dd:b3:d6:09:a9:3f:88:d8:
51:76:c8:1e:5b:52:70:a6:6e:9b:6b:c5:bb:13:61:
14:de:2b:0a:9d:36:ed:13:02:4b:04:e6:6a:01:61:
51:17:ee:c9:4d:9d:49:08:c6:fd:18:d2:6a:65:70:
08:df:c0:2c:c5:27:ce:9d:2e:b9:85:53:ed:c6:2c:
6e:bd:84:0f:9f:a7:74:10:85:ea:2f:49:a1:5b:ba:
6b:e3:d8:06:05:18:d2:ce:25:fc:58:c2:fb:4f:f7:
e7:85:30:61:9b:8e:78:f4:03:e2:50:58:7a:ba:67:
51:c6:72:04:16:4e:89:1d:36:c9:aa:a0:0f:1c:ea:
f6:4a:5f:f8:6b:da:d4:26:33:6f:66:35:48:0e:b0:
ba:ac:d4:2c:d9:dd:95:48:54:de:64:8d:6c:cb:84:
c0:29:04:5a:17:11:15:f2:fd:51:9b:b9:88:d2:df:
af:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:B1:A7:E2:BD:1F:53:5F:23:A4:AC:34:6C:26:D8:CD:61:77:52:E0
X509v3 Authority Key Identifier:
keyid:08:39:A9:3D:AB:54:4C:29:6F:FA:14:34:56:84:4A:8B:28:18:B1:D0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/0839A93DAB544C296FFA143456844A8B2818B1D0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CDmpPatUTClv-hQ0VoRKiygYsdA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/326131313a663263303a666635303a3a2f34382d3438203d3e20323032333539.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:f2c0:ff50::/48
Signature Algorithm: sha256WithRSAEncryption
0b:76:f2:ad:90:f8:b3:91:8a:5f:08:2f:23:ce:5b:78:34:e2:
7d:44:9f:64:11:af:de:f5:4a:47:31:cb:db:c5:72:86:bc:b5:
e9:37:0b:43:a9:fe:c9:14:3e:b5:1b:b5:38:31:fc:f4:2f:0a:
62:72:ab:3b:1a:97:f1:05:61:ad:73:75:b9:fd:d5:f7:ad:32:
99:e6:7c:10:c0:73:44:a7:a9:f5:18:b9:08:c4:83:86:cb:65:
ff:7b:ec:3e:68:6e:ed:00:30:35:d4:e4:13:5d:d5:77:82:f5:
c8:01:55:b9:80:72:ef:95:b4:fa:2f:d0:cc:4b:ef:bb:03:cc:
e2:ae:3e:7d:fa:aa:10:bb:ce:a6:99:02:e5:86:a1:21:7d:6b:
80:e5:9c:8d:04:5c:3f:1e:e3:23:f6:44:47:b9:71:86:28:c0:
d7:91:22:63:3b:2e:36:5a:a6:86:64:50:49:5c:a2:a3:1b:f2:
5d:2e:7c:dc:88:28:be:8c:ab:5b:fd:37:f7:3f:70:49:95:9e:
96:b7:4f:6e:eb:1c:ad:e1:9f:d9:25:70:e0:67:28:19:e2:68:
f0:1d:1a:50:17:d4:7b:f8:04:cb:df:ed:ce:df:51:f5:23:09:
10:33:da:2f:9b:e1:35:78:fa:60:67:3e:13:41:8a:34:90:d6:
ad:15:b4:b2
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUdAKGg6R6QdBlpxscWA/H+XqTn6wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDgzOWE5M2RhYjU0NGMyOTZmZmExNDM0NTY4NDRhOGIy
ODE4YjFkMDAeFw0yNTAxMjkxNjE3NTJaFw0yNjAxMjgxNjIyNTJaMDMxMTAvBgNV
BAMTKDUyQjFBN0UyQkQxRjUzNUYyM0E0QUMzNDZDMjZEOENENjE3NzUyRTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+dPgJlOuRj11makN2AdxS4Ku1
giv48N4Qr86cyoLLG7x0GdHOYq6DmSBvQv0GCznQgukWQlaobSrOy3bYwzUBS/Zs
QUZKfjw8wLuxI2KE0aLds9YJqT+I2FF2yB5bUnCmbptrxbsTYRTeKwqdNu0TAksE
5moBYVEX7slNnUkIxv0Y0mplcAjfwCzFJ86dLrmFU+3GLG69hA+fp3QQheovSaFb
umvj2AYFGNLOJfxYwvtP9+eFMGGbjnj0A+JQWHq6Z1HGcgQWTokdNsmqoA8c6vZK
X/hr2tQmM29mNUgOsLqs1CzZ3ZVIVN5kjWzLhMApBFoXERXy/VGbuYjS36/DAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUUrGn4r0fU18jpKw0bCbYzWF3UuAwHwYDVR0j
BBgwFoAUCDmpPatUTClv+hQ0VoRKiygYsdAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZGRlODM3ZmItNjM5MC00MWI1LTgyYTAtZjBkMDJjMDNh
MmM2LzcvMDgzOUE5M0RBQjU0NEMyOTZGRkExNDM0NTY4NDRBOEIyODE4QjFEMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NEbXBQYXRVVENsdi1oUTBWb1JLaXln
WXNkQS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZGRlODM3ZmIt
NjM5MC00MWI1LTgyYTAtZjBkMDJjMDNhMmM2LzcvMzI2MTMxMzEzYTY2MzI2MzMw
M2E2NjY2MzUzMDNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAzMjMzMzUzOS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoR8sD/UDANBgkqhkiG9w0BAQsFAAOCAQEAC3byrZD4s5GKXwgv
I85beDTifUSfZBGv3vVKRzHL28Vyhry16TcLQ6n+yRQ+tRu1ODH89C8KYnKrOxqX
8QVhrXN1uf3V960ymeZ8EMBzRKep9Ri5CMSDhstl/3vsPmhu7QAwNdTkE13Vd4L1
yAFVuYBy75W0+i/QzEvvuwPM4q4+ffqqELvOppkC5YahIX1rgOWcjQRcPx7jI/ZE
R7lxhijA15EiYzsuNlqmhmRQSVyioxvyXS583IgovoyrW/039z9wSZWelrdPbusc
reGf2SVw4GcoGeJo8B0aUBfUe/gEy9/tzt9R9SMJEDPaL5vhNXj6YGc+E0GKNJDW
rRW0sg==
-----END CERTIFICATE-----
Generated at Thu Apr 3 07:07:52 2025 by rpki-client