Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/f7948738-3255-49f9-9b6c-9c9f3898995d/3/326130613a363034343a373230303a3a2f34302d3430203d3e203437323732.roa
File: 326130613a363034343a373230303a3a2f34302d3430203d3e203437323732.roa (raw, json)
Hash identifier: TWV6mYq8FClCdF8QmaLtHZ8ykPS8SMarZX+4vjhd9Rk=
Subject key identifier: 25:F0:B0:76:5E:39:79:D4:57:3F:BD:90:73:18:E2:DC:60:BB:A2:2A
Certificate issuer: /CN=CCD5D3BE49456F7D48B7321029C886F318C23B36
Certificate serial: 370BD2C539C8BF80EF1DC9C8766409973F3EE794
Authority key identifier: CC:D5:D3:BE:49:45:6F:7D:48:B7:32:10:29:C8:86:F3:18:C2:3B:36
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/CCD5D3BE49456F7D48B7321029C886F318C23B36.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/f7948738-3255-49f9-9b6c-9c9f3898995d/3/326130613a363034343a373230303a3a2f34302d3430203d3e203437323732.roa
Signing time: Fri 07 Feb 2025 19:13:21 +0000
ROA not before: Fri 07 Feb 2025 19:08:21 +0000
ROA not after: Fri 06 Feb 2026 19:13:21 +0000
asID: 47272
IP address blocks: 2a0a:6044:7200::/40 maxlen: 40
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/f7948738-3255-49f9-9b6c-9c9f3898995d/3/CCD5D3BE49456F7D48B7321029C886F318C23B36.crl
rsync://rsync.paas.rpki.ripe.net/repository/f7948738-3255-49f9-9b6c-9c9f3898995d/3/CCD5D3BE49456F7D48B7321029C886F318C23B36.mft
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/CCD5D3BE49456F7D48B7321029C886F318C23B36.cer
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 19:13:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:0b:d2:c5:39:c8:bf:80:ef:1d:c9:c8:76:64:09:97:3f:3e:e7:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=CCD5D3BE49456F7D48B7321029C886F318C23B36
Validity
Not Before: Feb 7 19:08:21 2025 GMT
Not After : Feb 6 19:13:21 2026 GMT
Subject: CN=25F0B0765E3979D4573FBD907318E2DC60BBA22A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:e4:82:91:f9:dc:80:40:af:79:16:99:e7:6a:
69:3c:a6:45:4a:ad:bf:6c:13:9f:e1:c3:0c:3b:54:
37:ac:f6:da:5c:df:d6:b1:df:f5:18:f0:0a:7f:b3:
44:46:c9:73:b2:bd:91:fa:f5:4e:31:3b:3d:31:c3:
b5:23:8d:1b:c1:b8:66:1b:5d:75:9f:7c:a6:f4:84:
3b:02:d0:39:71:ed:98:c3:cb:47:34:c5:5f:9a:70:
1b:3a:ed:8b:34:7f:35:a0:83:d8:9f:5c:ac:80:41:
7f:0d:0f:52:24:15:84:d3:d0:90:3b:35:2a:48:18:
a5:67:98:cc:12:46:f2:b4:d4:3e:dc:82:b8:53:2e:
21:81:5c:2f:24:e9:03:d2:5e:e8:09:3f:f9:48:9b:
4c:25:d2:e7:f8:0a:53:37:4d:d2:b3:2f:82:40:89:
40:23:ed:8b:72:2e:61:99:65:18:2a:b7:c9:23:1f:
75:0a:27:52:6e:96:fe:39:38:a3:c2:33:66:63:a2:
2b:13:c9:09:1d:4d:06:95:26:3f:41:4a:9f:98:99:
cc:b9:2d:c1:44:5a:9d:cf:35:48:37:1e:13:55:5e:
1d:56:cd:32:8a:ee:fb:dd:ec:4c:98:02:9c:cf:ac:
2e:90:20:4d:6d:47:1d:c5:3e:c6:b6:d6:79:81:37:
09:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:F0:B0:76:5E:39:79:D4:57:3F:BD:90:73:18:E2:DC:60:BB:A2:2A
X509v3 Authority Key Identifier:
keyid:CC:D5:D3:BE:49:45:6F:7D:48:B7:32:10:29:C8:86:F3:18:C2:3B:36
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/f7948738-3255-49f9-9b6c-9c9f3898995d/3/CCD5D3BE49456F7D48B7321029C886F318C23B36.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/CCD5D3BE49456F7D48B7321029C886F318C23B36.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/f7948738-3255-49f9-9b6c-9c9f3898995d/3/326130613a363034343a373230303a3a2f34302d3430203d3e203437323732.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:6044:7200::/40
Signature Algorithm: sha256WithRSAEncryption
8b:06:3a:01:d1:93:c2:9b:4d:15:97:8d:09:9c:7e:b8:cc:09:
13:81:48:71:c1:e6:69:bb:20:8b:ad:af:e7:63:17:da:72:1c:
d6:a8:f9:fb:10:89:35:7c:0a:26:55:09:c8:28:2c:92:84:4f:
9c:38:d2:f3:67:80:06:3b:f6:5a:cf:96:d5:a6:fd:e6:8f:f2:
6b:71:84:55:e6:70:a4:4c:68:ec:25:88:82:93:e8:47:88:ba:
99:8d:f2:b6:06:0d:cd:e4:74:ac:6f:c2:e7:7d:5c:42:02:16:
b8:0e:47:92:e6:24:bc:c0:e8:a7:4d:36:3b:ec:11:e7:98:c0:
d6:e6:c6:e0:c2:7b:74:ad:0b:6c:b5:6f:e3:2d:8c:47:34:b9:
e2:28:eb:ec:3c:41:4c:5e:3c:17:ee:9d:07:ba:66:b8:cb:f8:
32:19:76:c3:d2:98:73:b2:ec:cd:e9:22:17:a9:56:e5:fe:f5:
45:74:47:fc:a7:cb:ba:b1:80:b7:8d:07:92:93:52:b1:51:ae:
51:ca:99:10:33:5c:bf:b9:8d:fa:12:9f:44:0f:02:a5:61:38:
58:03:cf:3f:13:a3:31:ec:41:f8:33:93:5d:cc:6d:47:fe:08:
97:8c:4f:4f:ee:eb:e4:a0:03:a7:71:02:ee:40:b6:15:f3:28:
e8:c4:a0:fb
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgIUNwvSxTnIv4DvHcnIdmQJlz8+55QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQ0NENUQzQkU0OTQ1NkY3RDQ4QjczMjEwMjlDODg2RjMx
OEMyM0IzNjAeFw0yNTAyMDcxOTA4MjFaFw0yNjAyMDYxOTEzMjFaMDMxMTAvBgNV
BAMTKDI1RjBCMDc2NUUzOTc5RDQ1NzNGQkQ5MDczMThFMkRDNjBCQkEyMkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDF5IKR+dyAQK95Fpnnamk8pkVK
rb9sE5/hwww7VDes9tpc39ax3/UY8Ap/s0RGyXOyvZH69U4xOz0xw7UjjRvBuGYb
XXWffKb0hDsC0Dlx7ZjDy0c0xV+acBs67Ys0fzWgg9ifXKyAQX8ND1IkFYTT0JA7
NSpIGKVnmMwSRvK01D7cgrhTLiGBXC8k6QPSXugJP/lIm0wl0uf4ClM3TdKzL4JA
iUAj7YtyLmGZZRgqt8kjH3UKJ1Julv45OKPCM2ZjoisTyQkdTQaVJj9BSp+Ymcy5
LcFEWp3PNUg3HhNVXh1WzTKK7vvd7EyYApzPrC6QIE1tRx3FPsa21nmBNwnBAgMB
AAGjggJ3MIICczAdBgNVHQ4EFgQUJfCwdl45edRXP72Qcxji3GC7oiowHwYDVR0j
BBgwFoAUzNXTvklFb31ItzIQKciG8xjCOzYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZjc5NDg3MzgtMzI1NS00OWY5LTliNmMtOWM5ZjM4OTg5
OTVkLzMvQ0NENUQzQkU0OTQ1NkY3RDQ4QjczMjEwMjlDODg2RjMxOEMyM0IzNi5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvQ0NENUQzQkU0OTQ1NkY3RDQ4QjczMjEwMjlDODg2RjMxOEMy
M0IzNi5jZXIwgbUGCCsGAQUFBwELBIGoMIGlMIGiBggrBgEFBQcwC4aBlXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZjc5NDg3Mzgt
MzI1NS00OWY5LTliNmMtOWM5ZjM4OTg5OTVkLzMvMzI2MTMwNjEzYTM2MzAzNDM0
M2EzNzMyMzAzMDNhM2EyZjM0MzAyZDM0MzAyMDNkM2UyMDM0MzczMjM3MzIucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4E
AgACMAgDBgAqCmBEcjANBgkqhkiG9w0BAQsFAAOCAQEAiwY6AdGTwptNFZeNCZx+
uMwJE4FIccHmabsgi62v52MX2nIc1qj5+xCJNXwKJlUJyCgskoRPnDjS82eABjv2
Ws+W1ab95o/ya3GEVeZwpExo7CWIgpPoR4i6mY3ytgYNzeR0rG/C531cQgIWuA5H
kuYkvMDop002O+wR55jA1ubG4MJ7dK0LbLVv4y2MRzS54ijr7DxBTF48F+6dB7pm
uMv4Mhl2w9KYc7LszekiF6lW5f71RXRH/KfLurGAt40HkpNSsVGuUcqZEDNcv7mN
+hKfRA8CpWE4WAPPPxOjMexB+DOTXcxtR/4Il4xPT+7r5KADp3EC7kC2FfMo6MSg
+w==
-----END CERTIFICATE-----
Generated at Sun Apr 6 00:58:40 2025 by rpki-client