Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/326130643a623238373a653966663a3a2f34382d3438203d3e20323038373533.roa
File: 326130643a623238373a653966663a3a2f34382d3438203d3e20323038373533.roa (raw, json)
Hash identifier: kmFg1Ubyi8msuCXkZq9wTUwo9VmgSHMiCqLO0oSubS4=
Subject key identifier: AD:D8:4F:E2:D9:A4:CD:CA:5D:0A:EA:18:C3:90:FF:C1:00:85:E2:49
Certificate issuer: /CN=88cdd9c193da9185a4ac15b2ade875fe97b6f491
Certificate serial: 4C6FE54F90ED258CAC97F519BD6EBAB0EAFEDAF2
Authority key identifier: 88:CD:D9:C1:93:DA:91:85:A4:AC:15:B2:AD:E8:75:FE:97:B6:F4:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iM3ZwZPakYWkrBWyreh1_pe29JE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/326130643a623238373a653966663a3a2f34382d3438203d3e20323038373533.roa
Signing time: Tue 01 Apr 2025 19:58:33 +0000
ROA not before: Tue 01 Apr 2025 19:53:33 +0000
ROA not after: Tue 31 Mar 2026 19:58:33 +0000
asID: 208753
IP address blocks: 2a0d:b287:e9ff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/88CDD9C193DA9185A4AC15B2ADE875FE97B6F491.crl
rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/88CDD9C193DA9185A4AC15B2ADE875FE97B6F491.mft
rsync://rpki.ripe.net/repository/DEFAULT/iM3ZwZPakYWkrBWyreh1_pe29JE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 19:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:6f:e5:4f:90:ed:25:8c:ac:97:f5:19:bd:6e:ba:b0:ea:fe:da:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88cdd9c193da9185a4ac15b2ade875fe97b6f491
Validity
Not Before: Apr 1 19:53:33 2025 GMT
Not After : Mar 31 19:58:33 2026 GMT
Subject: CN=ADD84FE2D9A4CDCA5D0AEA18C390FFC10085E249
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:5e:33:cd:c0:57:05:be:dc:c2:15:42:61:df:
e0:21:96:7d:47:62:c8:10:93:c2:79:7e:5f:47:0a:
0a:b1:a5:ca:3a:fb:2e:d4:fe:35:e6:0b:cb:37:66:
75:2b:1e:aa:48:9d:8c:fb:d2:b1:95:fe:5d:1e:0a:
84:cd:cd:d2:10:a3:ba:b5:c4:6d:a5:95:5b:63:8e:
48:79:60:a8:1c:d5:a7:5c:1c:f3:67:7c:c1:bf:1b:
c4:ac:d8:66:24:43:43:04:ff:bf:06:3e:96:f1:9f:
20:70:46:93:45:6f:9b:5e:90:2e:db:eb:02:19:31:
13:0d:5f:f3:c4:ce:42:0c:52:c6:b6:0a:1f:a6:85:
14:9f:2d:81:69:6a:c7:64:32:99:d8:f4:97:bd:57:
96:4d:1d:f7:a2:41:45:3c:d6:d8:e2:b7:a1:8c:25:
92:21:6f:a9:69:74:c7:9d:c9:3a:e0:77:29:84:0b:
70:9b:b8:98:91:6a:4e:55:8f:58:2a:d8:9c:82:d2:
cf:34:01:70:c0:a9:a9:fb:55:0a:44:c3:c8:92:d7:
98:59:0e:55:92:2b:a2:a8:25:31:52:2f:d0:81:e5:
db:43:9a:ea:5c:f0:91:3f:f5:c5:9e:6c:c7:09:43:
a3:81:cf:5f:db:60:e0:25:85:75:1e:e6:a4:87:3f:
bd:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:D8:4F:E2:D9:A4:CD:CA:5D:0A:EA:18:C3:90:FF:C1:00:85:E2:49
X509v3 Authority Key Identifier:
keyid:88:CD:D9:C1:93:DA:91:85:A4:AC:15:B2:AD:E8:75:FE:97:B6:F4:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/88CDD9C193DA9185A4AC15B2ADE875FE97B6F491.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iM3ZwZPakYWkrBWyreh1_pe29JE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/326130643a623238373a653966663a3a2f34382d3438203d3e20323038373533.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:b287:e9ff::/48
Signature Algorithm: sha256WithRSAEncryption
7e:fb:46:b8:ee:fe:0e:74:0f:85:7c:4a:a4:ff:51:ac:ec:15:
fc:6c:79:58:d0:4e:9a:2f:7a:90:d3:ed:5a:77:24:26:2d:dd:
24:fc:9f:55:ef:3d:89:5f:ad:51:f9:c3:25:4f:65:22:58:83:
85:52:b3:bd:5b:f7:e4:ae:40:22:99:c0:80:3a:2e:a4:56:77:
59:29:76:8b:ad:a0:69:3c:e9:59:92:b1:6c:a8:f5:97:dc:4c:
88:cd:78:43:66:96:96:9c:b1:de:b5:7a:b0:ea:b6:72:15:84:
52:df:70:5f:59:c7:d5:ca:6b:d1:a8:7d:ba:cd:7c:c9:b9:15:
39:2e:df:e7:96:5f:d8:ef:d0:20:45:2c:90:e6:0d:b9:c6:6d:
0b:25:06:7f:43:12:ac:26:d6:08:3d:65:75:73:f9:d2:b2:39:
48:59:75:b7:bf:ba:0c:f7:d0:d3:a4:f8:23:9b:ff:5b:f6:52:
61:f2:f5:7a:c4:47:bc:2d:09:41:6c:32:08:e9:fd:98:92:8b:
00:b4:0e:2d:77:30:db:31:a3:dc:3b:a1:b6:99:20:1b:ee:03:
b8:02:78:c6:62:fc:44:cd:bd:e8:cc:91:45:79:be:82:c1:b3:
19:59:12:ac:83:fc:4f:19:4f:9a:f8:12:d9:7a:90:28:54:8b:
ae:cd:39:34
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUTG/lT5DtJYysl/UZvW66sOr+2vIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjZGQ5YzE5M2RhOTE4NWE0YWMxNWIyYWRlODc1ZmU5
N2I2ZjQ5MTAeFw0yNTA0MDExOTUzMzNaFw0yNjAzMzExOTU4MzNaMDMxMTAvBgNV
BAMTKEFERDg0RkUyRDlBNENEQ0E1RDBBRUExOEMzOTBGRkMxMDA4NUUyNDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqXjPNwFcFvtzCFUJh3+Ahln1H
YsgQk8J5fl9HCgqxpco6+y7U/jXmC8s3ZnUrHqpInYz70rGV/l0eCoTNzdIQo7q1
xG2llVtjjkh5YKgc1adcHPNnfMG/G8Ss2GYkQ0ME/78GPpbxnyBwRpNFb5tekC7b
6wIZMRMNX/PEzkIMUsa2Ch+mhRSfLYFpasdkMpnY9Je9V5ZNHfeiQUU81tjit6GM
JZIhb6lpdMedyTrgdymEC3CbuJiRak5Vj1gq2JyC0s80AXDAqan7VQpEw8iS15hZ
DlWSK6KoJTFSL9CB5dtDmupc8JE/9cWebMcJQ6OBz1/bYOAlhXUe5qSHP72/AgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUrdhP4tmkzcpdCuoYw5D/wQCF4kkwHwYDVR0j
BBgwFoAUiM3ZwZPakYWkrBWyreh1/pe29JEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTZhZmYyMzQtNjFjNS00MjkwLThhNmQtNWYyYjkwMjcz
MjJmLzAvODhDREQ5QzE5M0RBOTE4NUE0QUMxNUIyQURFODc1RkU5N0I2RjQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNM1p3WlBha1lXa3JCV3lyZWgxX3Bl
MjlKRS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTZhZmYyMzQt
NjFjNS00MjkwLThhNmQtNWYyYjkwMjczMjJmLzAvMzI2MTMwNjQzYTYyMzIzODM3
M2E2NTM5NjY2NjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAzODM3MzUzMy5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoNsofp/zANBgkqhkiG9w0BAQsFAAOCAQEAfvtGuO7+DnQPhXxK
pP9RrOwV/Gx5WNBOmi96kNPtWnckJi3dJPyfVe89iV+tUfnDJU9lIliDhVKzvVv3
5K5AIpnAgDoupFZ3WSl2i62gaTzpWZKxbKj1l9xMiM14Q2aWlpyx3rV6sOq2chWE
Ut9wX1nH1cpr0ah9us18ybkVOS7f55Zf2O/QIEUskOYNucZtCyUGf0MSrCbWCD1l
dXP50rI5SFl1t7+6DPfQ06T4I5v/W/ZSYfL1esRHvC0JQWwyCOn9mJKLALQOLXcw
2zGj3DuhtpkgG+4DuAJ4xmL8RM296MyRRXm+gsGzGVkSrIP8TxlPmvgS2XqQKFSL
rs05NA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:51:48 2025 by rpki-client