Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/326130643a623238373a646164303a3a2f34342d3434203d3e20323038343337.roa
File: 326130643a623238373a646164303a3a2f34342d3434203d3e20323038343337.roa (raw, json)
Hash identifier: Lh+NThTArglnDdFNJgAbksxydedvZ3VhoYilxW6dgHQ=
Subject key identifier: 9C:02:D8:AE:38:DA:37:E2:21:C5:78:65:77:EF:DD:F2:85:B2:E8:F1
Certificate issuer: /CN=88cdd9c193da9185a4ac15b2ade875fe97b6f491
Certificate serial: 2069E05D9ED29CE480D62AD032B570501675A09F
Authority key identifier: 88:CD:D9:C1:93:DA:91:85:A4:AC:15:B2:AD:E8:75:FE:97:B6:F4:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iM3ZwZPakYWkrBWyreh1_pe29JE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/326130643a623238373a646164303a3a2f34342d3434203d3e20323038343337.roa
Signing time: Sat 17 May 2025 17:00:04 +0000
ROA not before: Sat 17 May 2025 16:55:04 +0000
ROA not after: Sat 16 May 2026 17:00:04 +0000
asID: 208437
IP address blocks: 2a0d:b287:dad0::/44 maxlen: 44
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/88CDD9C193DA9185A4AC15B2ADE875FE97B6F491.crl
rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/88CDD9C193DA9185A4AC15B2ADE875FE97B6F491.mft
rsync://rpki.ripe.net/repository/DEFAULT/iM3ZwZPakYWkrBWyreh1_pe29JE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 08:45:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:69:e0:5d:9e:d2:9c:e4:80:d6:2a:d0:32:b5:70:50:16:75:a0:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88cdd9c193da9185a4ac15b2ade875fe97b6f491
Validity
Not Before: May 17 16:55:04 2025 GMT
Not After : May 16 17:00:04 2026 GMT
Subject: CN=9C02D8AE38DA37E221C5786577EFDDF285B2E8F1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:0c:3c:e9:f6:15:29:9d:8f:87:f8:af:d9:f0:
dd:2e:33:11:fe:84:ce:c9:85:08:3e:a9:50:89:aa:
a4:ba:c3:7c:4f:90:a5:ed:11:6c:7f:c1:69:3b:9e:
2d:3f:7e:2c:59:78:a5:71:34:88:32:2f:cc:a7:ae:
02:82:d4:1b:56:f9:1f:6c:56:c1:d1:81:95:99:9a:
2f:4d:c3:a0:3a:a2:e9:7c:7a:7e:5e:74:b6:63:45:
e9:28:69:49:d8:95:10:cc:82:e0:17:68:4b:08:67:
e0:6c:93:cb:a7:35:d2:fe:18:d9:be:03:55:fe:a3:
76:34:03:7c:f1:a1:31:72:cb:59:cb:d7:a3:44:42:
6a:b5:b1:2f:83:2b:ca:12:54:f9:4b:e6:1b:0a:a0:
54:69:ea:41:c7:ed:21:53:e9:20:53:68:00:13:15:
dc:aa:87:9a:ad:0e:92:db:92:5b:59:07:5f:38:ba:
57:af:d8:2e:30:11:d1:4e:d5:17:a4:26:3e:42:79:
7a:ed:f9:ce:72:ee:d0:39:82:42:c3:a0:1b:25:bd:
f3:4c:e7:d6:3a:27:70:07:ac:91:5b:70:bd:93:be:
1a:9b:60:0c:95:36:6b:91:6f:ae:28:ce:26:fc:d8:
1f:b7:16:99:69:a3:8d:03:12:d3:89:3f:39:16:16:
b4:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:02:D8:AE:38:DA:37:E2:21:C5:78:65:77:EF:DD:F2:85:B2:E8:F1
X509v3 Authority Key Identifier:
keyid:88:CD:D9:C1:93:DA:91:85:A4:AC:15:B2:AD:E8:75:FE:97:B6:F4:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/88CDD9C193DA9185A4AC15B2ADE875FE97B6F491.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iM3ZwZPakYWkrBWyreh1_pe29JE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/326130643a623238373a646164303a3a2f34342d3434203d3e20323038343337.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:b287:dad0::/44
Signature Algorithm: sha256WithRSAEncryption
03:1e:69:2b:ae:56:7e:7d:80:f3:aa:82:20:c6:fc:30:4f:c3:
80:fc:7f:69:b4:97:0a:7d:10:dc:71:93:d7:60:9f:94:c4:96:
85:91:8f:e5:58:31:4b:5c:5a:78:ca:4c:cd:74:a2:fa:16:4f:
c7:2d:70:7c:94:ef:f2:79:cd:d6:c8:d6:94:11:49:8d:1f:d7:
45:59:40:4c:b3:25:fb:4d:80:16:8f:85:cd:4d:61:97:e5:74:
60:bf:4d:b4:33:ad:fd:83:19:1e:76:fc:7a:f3:7f:94:5e:22:
37:69:ec:7a:c9:58:7c:6a:49:ac:b2:f1:e8:42:dd:5e:21:4b:
3a:45:21:bf:a8:16:d0:29:8a:9c:bc:7e:c4:f1:2f:d5:82:dc:
39:ac:fe:a3:87:25:21:cd:c7:a6:0c:e3:da:35:6d:c7:33:d8:
17:7e:5d:1f:a2:e3:da:91:fa:9e:be:18:10:26:7e:8d:fb:db:
40:f2:c3:a2:09:fe:5f:08:87:41:df:52:43:35:bb:65:44:26:
3b:c3:24:e6:a8:90:f5:cc:98:88:bd:01:9b:0c:fc:b3:d7:06:
32:b8:65:8d:7b:8a:85:d8:3a:db:b3:4a:60:e6:be:7a:ae:a5:
92:b2:67:60:c8:aa:17:e4:17:65:da:ad:30:3f:1b:ec:c8:eb:
6f:30:11:46
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUIGngXZ7SnOSA1irQMrVwUBZ1oJ8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjZGQ5YzE5M2RhOTE4NWE0YWMxNWIyYWRlODc1ZmU5
N2I2ZjQ5MTAeFw0yNTA1MTcxNjU1MDRaFw0yNjA1MTYxNzAwMDRaMDMxMTAvBgNV
BAMTKDlDMDJEOEFFMzhEQTM3RTIyMUM1Nzg2NTc3RUZEREYyODVCMkU4RjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDlDDzp9hUpnY+H+K/Z8N0uMxH+
hM7JhQg+qVCJqqS6w3xPkKXtEWx/wWk7ni0/fixZeKVxNIgyL8ynrgKC1BtW+R9s
VsHRgZWZmi9Nw6A6oul8en5edLZjRekoaUnYlRDMguAXaEsIZ+Bsk8unNdL+GNm+
A1X+o3Y0A3zxoTFyy1nL16NEQmq1sS+DK8oSVPlL5hsKoFRp6kHH7SFT6SBTaAAT
Fdyqh5qtDpLbkltZB184ulev2C4wEdFO1RekJj5CeXrt+c5y7tA5gkLDoBslvfNM
59Y6J3AHrJFbcL2TvhqbYAyVNmuRb64ozib82B+3Fplpo40DEtOJPzkWFrQBAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUnALYrjjaN+IhxXhld+/d8oWy6PEwHwYDVR0j
BBgwFoAUiM3ZwZPakYWkrBWyreh1/pe29JEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTZhZmYyMzQtNjFjNS00MjkwLThhNmQtNWYyYjkwMjcz
MjJmLzAvODhDREQ5QzE5M0RBOTE4NUE0QUMxNUIyQURFODc1RkU5N0I2RjQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNM1p3WlBha1lXa3JCV3lyZWgxX3Bl
MjlKRS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTZhZmYyMzQt
NjFjNS00MjkwLThhNmQtNWYyYjkwMjczMjJmLzAvMzI2MTMwNjQzYTYyMzIzODM3
M2E2NDYxNjQzMDNhM2EyZjM0MzQyZDM0MzQyMDNkM2UyMDMyMzAzODM0MzMzNy5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHBCoNsofa0DANBgkqhkiG9w0BAQsFAAOCAQEAAx5pK65Wfn2A86qC
IMb8ME/DgPx/abSXCn0Q3HGT12CflMSWhZGP5VgxS1xaeMpMzXSi+hZPxy1wfJTv
8nnN1sjWlBFJjR/XRVlATLMl+02AFo+FzU1hl+V0YL9NtDOt/YMZHnb8evN/lF4i
N2nseslYfGpJrLLx6ELdXiFLOkUhv6gW0CmKnLx+xPEv1YLcOaz+o4clIc3Hpgzj
2jVtxzPYF35dH6Lj2pH6nr4YECZ+jfvbQPLDogn+XwiHQd9SQzW7ZUQmO8Mk5qiQ
9cyYiL0Bmwz8s9cGMrhljXuKhdg627NKYOa+eq6lkrJnYMiqF+QXZdqtMD8b7Mjr
bzARRg==
-----END CERTIFICATE-----
Generated at Fri Jun 6 23:14:48 2025 by rpki-client