Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/326130643a623238373a656230303a3a2f34302d3430203d3e20323133373039.roa
File: 326130643a623238373a656230303a3a2f34302d3430203d3e20323133373039.roa (raw, json)
Hash identifier: Nk6ANHp8DkJz6kDCL9bvYoWgqeyO4UOw/aVOiTsobgk=
Subject key identifier: 9E:B7:3F:51:C6:C5:BE:70:7F:4E:59:C9:B8:13:8A:48:C0:CA:AB:79
Certificate issuer: /CN=88cdd9c193da9185a4ac15b2ade875fe97b6f491
Certificate serial: 682D960EA8472C9ABFD5F3C198F74687F3649353
Authority key identifier: 88:CD:D9:C1:93:DA:91:85:A4:AC:15:B2:AD:E8:75:FE:97:B6:F4:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iM3ZwZPakYWkrBWyreh1_pe29JE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/326130643a623238373a656230303a3a2f34302d3430203d3e20323133373039.roa
Signing time: Mon 19 May 2025 14:04:24 +0000
ROA not before: Mon 19 May 2025 13:59:24 +0000
ROA not after: Mon 18 May 2026 14:04:24 +0000
asID: 213709
IP address blocks: 2a0d:b287:eb00::/40 maxlen: 40
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/88CDD9C193DA9185A4AC15B2ADE875FE97B6F491.crl
rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/88CDD9C193DA9185A4AC15B2ADE875FE97B6F491.mft
rsync://rpki.ripe.net/repository/DEFAULT/iM3ZwZPakYWkrBWyreh1_pe29JE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 08:45:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:2d:96:0e:a8:47:2c:9a:bf:d5:f3:c1:98:f7:46:87:f3:64:93:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88cdd9c193da9185a4ac15b2ade875fe97b6f491
Validity
Not Before: May 19 13:59:24 2025 GMT
Not After : May 18 14:04:24 2026 GMT
Subject: CN=9EB73F51C6C5BE707F4E59C9B8138A48C0CAAB79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:5c:ae:54:67:9b:67:d4:64:d5:35:6b:f9:90:
25:b1:5f:83:9e:99:89:05:56:3a:ea:bc:a3:c0:1c:
85:7b:b4:f9:9d:63:fc:b3:08:0d:de:ad:73:49:b3:
1e:b6:79:9c:7c:05:9d:76:54:29:65:87:f8:0c:72:
df:5c:16:09:2f:0b:a1:fc:46:02:da:21:56:fd:04:
fa:99:7a:c2:b4:e0:ee:a3:51:43:c5:88:52:c9:9c:
4c:69:db:44:e8:f9:c7:5e:6d:6f:ac:94:76:38:b0:
bd:0e:c7:6e:e0:70:87:2c:56:3d:20:18:3f:d2:f4:
b9:9a:a8:3a:e6:aa:59:58:ba:c3:96:82:66:09:b9:
85:da:6c:26:17:8b:ae:0f:05:02:5a:2b:d1:58:2f:
a1:2d:6c:12:58:11:61:d6:a6:70:96:96:15:e6:25:
86:fd:6a:97:17:40:b2:99:46:8f:c4:1d:f2:47:a2:
00:6a:10:0a:50:e3:12:74:29:52:1c:60:ce:70:0f:
02:d6:34:6d:25:3f:39:a0:35:5d:ac:a3:5a:05:8c:
1c:45:44:00:a4:da:96:35:a2:ed:fc:42:08:61:bd:
2b:e5:c7:09:f7:12:40:49:89:8c:06:e7:b8:2f:51:
60:ab:fa:50:e8:6b:31:27:3d:46:51:26:4f:db:56:
28:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:B7:3F:51:C6:C5:BE:70:7F:4E:59:C9:B8:13:8A:48:C0:CA:AB:79
X509v3 Authority Key Identifier:
keyid:88:CD:D9:C1:93:DA:91:85:A4:AC:15:B2:AD:E8:75:FE:97:B6:F4:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/88CDD9C193DA9185A4AC15B2ADE875FE97B6F491.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iM3ZwZPakYWkrBWyreh1_pe29JE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/326130643a623238373a656230303a3a2f34302d3430203d3e20323133373039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:b287:eb00::/40
Signature Algorithm: sha256WithRSAEncryption
36:28:18:a2:ef:0b:28:b0:cb:72:a8:8f:92:e8:f0:c3:3b:fa:
bf:97:83:75:e1:37:a4:00:37:e1:54:70:57:0a:03:c9:f4:2d:
ff:ad:3f:74:1e:94:c9:9d:37:e4:9e:52:0f:42:d3:79:0e:d4:
20:3a:60:ca:e3:27:01:a9:d4:51:37:c0:bf:bd:8b:03:99:15:
17:2f:04:c4:ae:54:71:d5:18:30:6a:34:d2:44:81:15:ed:37:
cf:45:be:44:5f:62:03:6f:12:a6:71:1d:33:28:a0:cf:5a:44:
29:17:ae:a7:71:1c:d5:18:de:9e:8d:f1:a4:cc:ce:fb:0a:cb:
2d:a0:e1:20:5f:61:ff:21:b1:c2:2e:ff:92:fd:0f:4a:5e:02:
8a:8a:f7:08:d2:59:ba:2a:fc:85:15:c6:38:11:a5:eb:c8:23:
9a:bb:17:de:20:0a:54:af:ee:7c:45:f0:ab:e7:cc:73:f0:97:
2a:3d:e6:cd:d2:7c:f9:59:5c:f7:d4:23:07:c6:ef:a0:72:f3:
ad:03:af:98:36:74:38:e2:8c:01:c1:e6:a9:a2:8d:02:75:ee:
4b:3e:c5:11:61:62:8b:bf:98:c8:f3:50:6e:b4:06:a5:1f:cb:
37:64:de:a5:fb:ec:21:81:36:bc:2b:9a:5a:0d:38:31:41:ae:
4d:6e:4e:ca
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIUaC2WDqhHLJq/1fPBmPdGh/Nkk1MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjZGQ5YzE5M2RhOTE4NWE0YWMxNWIyYWRlODc1ZmU5
N2I2ZjQ5MTAeFw0yNTA1MTkxMzU5MjRaFw0yNjA1MTgxNDA0MjRaMDMxMTAvBgNV
BAMTKDlFQjczRjUxQzZDNUJFNzA3RjRFNTlDOUI4MTM4QTQ4QzBDQUFCNzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6XK5UZ5tn1GTVNWv5kCWxX4Oe
mYkFVjrqvKPAHIV7tPmdY/yzCA3erXNJsx62eZx8BZ12VCllh/gMct9cFgkvC6H8
RgLaIVb9BPqZesK04O6jUUPFiFLJnExp20To+cdebW+slHY4sL0Ox27gcIcsVj0g
GD/S9LmaqDrmqllYusOWgmYJuYXabCYXi64PBQJaK9FYL6EtbBJYEWHWpnCWlhXm
JYb9apcXQLKZRo/EHfJHogBqEApQ4xJ0KVIcYM5wDwLWNG0lPzmgNV2so1oFjBxF
RACk2pY1ou38QghhvSvlxwn3EkBJiYwG57gvUWCr+lDoazEnPUZRJk/bVigNAgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQUnrc/UcbFvnB/TlnJuBOKSMDKq3kwHwYDVR0j
BBgwFoAUiM3ZwZPakYWkrBWyreh1/pe29JEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTZhZmYyMzQtNjFjNS00MjkwLThhNmQtNWYyYjkwMjcz
MjJmLzAvODhDREQ5QzE5M0RBOTE4NUE0QUMxNUIyQURFODc1RkU5N0I2RjQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNM1p3WlBha1lXa3JCV3lyZWgxX3Bl
MjlKRS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTZhZmYyMzQt
NjFjNS00MjkwLThhNmQtNWYyYjkwMjczMjJmLzAvMzI2MTMwNjQzYTYyMzIzODM3
M2E2NTYyMzAzMDNhM2EyZjM0MzAyZDM0MzAyMDNkM2UyMDMyMzEzMzM3MzAzOS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw
DgQCAAIwCAMGACoNsofrMA0GCSqGSIb3DQEBCwUAA4IBAQA2KBii7wsosMtyqI+S
6PDDO/q/l4N14TekADfhVHBXCgPJ9C3/rT90HpTJnTfknlIPQtN5DtQgOmDK4ycB
qdRRN8C/vYsDmRUXLwTErlRx1RgwajTSRIEV7TfPRb5EX2IDbxKmcR0zKKDPWkQp
F66ncRzVGN6ejfGkzM77CsstoOEgX2H/IbHCLv+S/Q9KXgKKivcI0lm6KvyFFcY4
EaXryCOauxfeIApUr+58RfCr58xz8JcqPebN0nz5WVz31CMHxu+gcvOtA6+YNnQ4
4owBweapoo0Cde5LPsURYWKLv5jI81ButAalH8s3ZN6l++whgTa8K5paDTgxQa5N
bk7K
-----END CERTIFICATE-----
Generated at Fri Jun 6 23:14:52 2025 by rpki-client