Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/326130313a3666303a3130303a3a2f34302d3438203d3e203432333636.roa
File: 326130313a3666303a3130303a3a2f34302d3438203d3e203432333636.roa (raw, json)
Hash identifier: /Vch1Vk1flBOzKcRsUeQEAOySG7bSQptg9DL3ISpE+k=
Subject key identifier: 02:8B:F3:88:72:A8:5F:2E:F6:B5:9C:5C:63:B8:3B:EC:D6:93:DD:1F
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 54125564171C68DB51440309C59E30298A38D632
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/326130313a3666303a3130303a3a2f34302d3438203d3e203432333636.roa
Signing time: Mon 27 Jan 2025 09:45:06 +0000
ROA not before: Mon 27 Jan 2025 09:40:06 +0000
ROA not after: Mon 26 Jan 2026 09:45:06 +0000
asID: 42366
IP address blocks: 2a01:6f0:100::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 13:21:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:12:55:64:17:1c:68:db:51:44:03:09:c5:9e:30:29:8a:38:d6:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:40:06 2025 GMT
Not After : Jan 26 09:45:06 2026 GMT
Subject: CN=028BF38872A85F2EF6B59C5C63B83BECD693DD1F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:40:e6:a7:bc:46:a0:f8:21:d7:39:23:b1:94:
dc:76:cb:69:b2:46:a1:2c:a7:af:86:99:09:53:70:
c1:ce:97:15:2c:1f:bc:9c:88:5d:b3:b5:0a:03:23:
4d:d2:d2:20:16:41:eb:78:62:6e:b6:22:19:35:6a:
69:99:4c:8b:d9:5d:c1:02:e6:14:af:b0:75:2a:3d:
4d:ff:e0:4c:dc:3b:23:52:e4:7e:87:73:33:e2:d2:
41:65:84:85:f1:ae:68:31:17:a3:09:fa:18:b8:c7:
eb:10:07:aa:01:07:eb:3d:da:92:6f:d1:c5:f3:72:
45:28:ba:96:dc:a9:23:a4:9d:95:03:2f:9f:5a:47:
d2:4a:dc:71:6d:af:7a:d7:f1:fe:3a:0d:22:ca:43:
71:78:da:7e:94:ca:c3:f5:8e:9a:58:d0:38:69:ab:
31:af:61:90:f6:52:94:7d:b5:cb:f3:d8:ce:f7:bd:
2b:2c:98:64:d0:53:61:06:d7:13:cf:98:4c:8c:6d:
11:c4:6e:38:2a:ce:e3:78:29:53:ff:33:53:a8:c8:
a3:1b:15:a3:f8:4c:e8:9f:b0:b8:b8:2a:98:5a:41:
ec:cd:f4:ae:c6:9c:b7:70:3c:0b:fb:55:bf:fe:07:
0f:b2:d3:1d:15:ec:4d:ae:53:fd:d1:85:9e:8c:fa:
f9:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:8B:F3:88:72:A8:5F:2E:F6:B5:9C:5C:63:B8:3B:EC:D6:93:DD:1F
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/326130313a3666303a3130303a3a2f34302d3438203d3e203432333636.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:6f0:100::/40
Signature Algorithm: sha256WithRSAEncryption
1f:92:35:58:d4:36:d2:f2:79:e8:63:99:00:75:f1:07:2b:cb:
32:72:2c:37:e1:75:f8:38:f3:de:80:8e:6a:b6:4e:73:e6:9b:
e6:e9:44:a2:bc:01:68:de:73:1a:84:a4:af:76:c4:67:c7:22:
2e:0c:a8:59:ed:47:16:76:24:ef:c6:fb:a7:dd:e3:1c:50:87:
ab:a1:f7:60:0f:c3:ba:24:e4:d6:21:0f:49:58:37:bf:70:b5:
0f:61:1d:b5:d2:c6:3c:0d:44:05:83:0a:65:7b:c7:eb:b1:36:
67:4f:ec:3d:66:cf:3b:1d:94:6d:15:b4:4c:63:76:98:f8:7a:
0c:0e:42:fa:9a:59:b8:a8:98:54:d7:5e:b5:7c:a3:48:a0:a7:
37:9a:bf:5c:c3:de:ea:e3:22:ee:70:90:53:18:2d:de:1a:de:
41:af:a8:b5:70:78:66:0d:96:3d:fe:93:07:1d:f7:92:ab:c3:
89:14:56:dc:f0:72:99:0d:46:69:80:fa:53:e1:54:6d:43:9b:
99:ca:60:3c:b9:3d:8d:49:21:14:43:1f:bd:b3:65:7f:20:9c:
12:e6:68:82:7c:c2:f4:03:64:ea:8f:57:69:1a:23:9d:1c:5d:
3a:72:ac:03:65:0b:45:ae:93:01:98:53:a4:1e:19:4f:7a:22:
06:0a:3d:58
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgIUVBJVZBccaNtRRAMJxZ4wKYo41jIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTQwMDZaFw0yNjAxMjYwOTQ1MDZaMDMxMTAvBgNV
BAMTKDAyOEJGMzg4NzJBODVGMkVGNkI1OUM1QzYzQjgzQkVDRDY5M0REMUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBQOanvEag+CHXOSOxlNx2y2my
RqEsp6+GmQlTcMHOlxUsH7yciF2ztQoDI03S0iAWQet4Ym62Ihk1ammZTIvZXcEC
5hSvsHUqPU3/4EzcOyNS5H6HczPi0kFlhIXxrmgxF6MJ+hi4x+sQB6oBB+s92pJv
0cXzckUoupbcqSOknZUDL59aR9JK3HFtr3rX8f46DSLKQ3F42n6UysP1jppY0Dhp
qzGvYZD2UpR9tcvz2M73vSssmGTQU2EG1xPPmEyMbRHEbjgqzuN4KVP/M1OoyKMb
FaP4TOifsLi4KphaQezN9K7GnLdwPAv7Vb/+Bw+y0x0V7E2uU/3RhZ6M+vnjAgMB
AAGjggJDMIICPzAdBgNVHQ4EFgQUAovziHKoXy72tZxcY7g77NaT3R8wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzI2MTMwMzEzYTM2NjYzMDNh
MzEzMDMwM2EzYTJmMzQzMDJkMzQzODIwM2QzZTIwMzQzMjMzMzYzNi5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIw
CAMGACoBBvABMA0GCSqGSIb3DQEBCwUAA4IBAQAfkjVY1DbS8nnoY5kAdfEHK8sy
ciw34XX4OPPegI5qtk5z5pvm6USivAFo3nMahKSvdsRnxyIuDKhZ7UcWdiTvxvun
3eMcUIerofdgD8O6JOTWIQ9JWDe/cLUPYR210sY8DUQFgwple8frsTZnT+w9Zs87
HZRtFbRMY3aY+HoMDkL6mlm4qJhU1161fKNIoKc3mr9cw97q4yLucJBTGC3eGt5B
r6i1cHhmDZY9/pMHHfeSq8OJFFbc8HKZDUZpgPpT4VRtQ5uZymA8uT2NSSEUQx+9
s2V/IJwS5miCfML0A2Tqj1dpGiOdHF06cqwDZQtFrpMBmFOkHhlPeiIGCj1Y
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:26:23 2025 by rpki-client