Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/322e35392e36302e302f32342d3234203d3e20323132323338.roa
File: 322e35392e36302e302f32342d3234203d3e20323132323338.roa (raw, json)
Hash identifier: hZ11O4/GfIQ3ZyUgAuxIn+0GkFLCBYYNN1OfZIqVDJk=
Subject key identifier: 6D:17:B6:F0:3C:35:06:40:0B:70:7D:08:61:8A:D0:78:27:57:72:52
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 255CC8D343470B100BE25FE2510F690FA29719C8
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/322e35392e36302e302f32342d3234203d3e20323132323338.roa
Signing time: Mon 19 May 2025 12:54:08 +0000
ROA not before: Mon 19 May 2025 12:49:08 +0000
ROA not after: Mon 18 May 2026 12:54:08 +0000
asID: 212238
IP address blocks: 2.59.60.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.mft
rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Jun 2025 15:29:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:5c:c8:d3:43:47:0b:10:0b:e2:5f:e2:51:0f:69:0f:a2:97:19:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: May 19 12:49:08 2025 GMT
Not After : May 18 12:54:08 2026 GMT
Subject: CN=6D17B6F03C3506400B707D08618AD07827577252
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:06:9a:24:31:ae:7b:8b:ee:fe:47:ed:5b:37:
83:94:f6:56:02:f5:2d:7c:81:09:1b:aa:c3:40:c1:
ac:16:9c:55:5b:c6:16:e7:3a:4b:cf:de:8b:5a:19:
26:f5:fa:8e:4f:c4:4b:32:63:02:f9:9c:7f:b4:58:
08:5a:e6:70:de:63:b7:0c:f4:bb:42:c9:dd:57:76:
5c:42:0a:66:14:11:18:cc:cc:29:3e:9d:40:07:1d:
fc:a5:c9:98:55:a4:b8:53:85:0f:97:b0:6f:e5:73:
c9:62:96:2f:4d:28:06:36:70:5b:cf:7c:2b:2e:03:
8c:1b:2f:f0:6d:c3:c7:d6:77:ae:77:72:98:89:33:
78:2f:b2:58:ae:f5:33:4f:4b:7e:44:fb:d1:29:1d:
d3:3b:7c:8e:b7:c9:dc:ac:e9:d1:7b:f8:8f:7c:f2:
b0:dc:6b:fc:ed:ae:bb:9e:e4:b1:d5:08:3d:c5:43:
98:11:4d:70:19:44:0c:f9:ff:60:12:5c:26:e1:cf:
d5:e2:8a:82:80:a1:7d:d9:e5:3d:f9:3b:6a:94:68:
b8:23:d7:4d:1b:87:a9:a5:2c:ea:60:98:64:7b:b2:
fc:e3:1a:2b:e0:79:c4:5f:0f:65:52:ff:59:d7:95:
83:e4:dc:87:b8:96:62:4b:ce:11:88:4b:9e:f4:1f:
e3:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:17:B6:F0:3C:35:06:40:0B:70:7D:08:61:8A:D0:78:27:57:72:52
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/322e35392e36302e302f32342d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.60.0/24
Signature Algorithm: sha256WithRSAEncryption
79:f4:10:59:07:ed:1d:fd:22:a9:29:72:8e:ae:8f:5b:89:b5:
f6:85:9b:b5:5e:62:fb:cd:52:6c:0c:e0:58:da:76:bd:b7:70:
e4:02:93:1c:da:d1:ce:56:e9:74:67:5c:48:fd:b7:8c:6a:4c:
78:84:55:5f:29:dd:01:f4:39:48:9d:59:fe:ad:cf:76:fa:50:
3a:c4:6a:0f:54:bd:8c:82:a9:f0:87:30:6d:06:0a:9b:86:43:
04:bf:59:06:32:e0:c9:d3:b1:8f:aa:e0:83:45:76:f4:fe:17:
e5:13:8b:fd:50:6e:02:89:ab:dc:14:82:16:e9:8d:d2:d7:14:
cf:7d:98:4e:4c:d4:7a:15:25:d5:02:a4:2e:be:0c:07:13:4e:
97:89:fd:c0:25:ad:f7:ec:76:8b:56:53:2a:c2:87:48:0f:f5:
95:e4:64:29:80:98:33:4f:5e:46:da:b8:74:eb:d2:ea:a3:d7:
8d:f0:25:7f:62:24:a1:4d:69:83:91:b9:95:cc:5f:f6:1f:8d:
ba:17:f2:28:55:91:c7:2a:17:89:5e:68:6e:af:bd:bc:c7:57:
fe:3c:e0:b8:bd:a3:5a:5a:71:98:63:4c:e4:b8:7d:4d:0f:d9:
5e:40:31:44:ed:ad:85:91:22:f8:14:3c:1a:2d:ee:27:51:5c:
ea:34:88:ad
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUJVzI00NHCxAL4l/iUQ9pD6KXGcgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yNTA1MTkxMjQ5MDhaFw0yNjA1MTgxMjU0MDhaMDMxMTAvBgNV
BAMTKDZEMTdCNkYwM0MzNTA2NDAwQjcwN0QwODYxOEFEMDc4Mjc1NzcyNTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnBpokMa57i+7+R+1bN4OU9lYC
9S18gQkbqsNAwawWnFVbxhbnOkvP3otaGSb1+o5PxEsyYwL5nH+0WAha5nDeY7cM
9LtCyd1XdlxCCmYUERjMzCk+nUAHHfylyZhVpLhThQ+XsG/lc8lili9NKAY2cFvP
fCsuA4wbL/Btw8fWd653cpiJM3gvsliu9TNPS35E+9EpHdM7fI63ydys6dF7+I98
8rDca/ztrrue5LHVCD3FQ5gRTXAZRAz5/2ASXCbhz9XiioKAoX3Z5T35O2qUaLgj
100bh6mlLOpgmGR7svzjGivgecRfD2VS/1nXlYPk3Ie4lmJLzhGIS570H+MlAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUbRe28Dw1BkALcH0IYYrQeCdXclIwHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzIyZTM1MzkyZTM2MzAyZTMw
MmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzIzMjMzMzgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAACOzww
DQYJKoZIhvcNAQELBQADggEBAHn0EFkH7R39Iqkpco6uj1uJtfaFm7VeYvvNUmwM
4Fjadr23cOQCkxza0c5W6XRnXEj9t4xqTHiEVV8p3QH0OUidWf6tz3b6UDrEag9U
vYyCqfCHMG0GCpuGQwS/WQYy4MnTsY+q4INFdvT+F+UTi/1QbgKJq9wUghbpjdLX
FM99mE5M1HoVJdUCpC6+DAcTTpeJ/cAlrffsdotWUyrCh0gP9ZXkZCmAmDNPXkba
uHTr0uqj143wJX9iJKFNaYORuZXMX/YfjboX8ihVkccqF4leaG6vvbzHV/484Li9
o1pacZhjTOS4fU0P2V5AMUTtrYWRIvgUPBot7idRXOo0iK0=
-----END CERTIFICATE-----
Generated at Sat Jun 14 04:16:47 2025 by rpki-client