Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/69bbfdcf-35cd-4524-8ffa-3005b0b69a29/0/326131343a313463303a313a3a2f34382d3438203d3e20323037343837.roa
File: 326131343a313463303a313a3a2f34382d3438203d3e20323037343837.roa (raw, json)
Hash identifier: nCuZ5ADJB2e8lGpTQQDYT3/JtyMvU82Myd2okt8I23s=
Subject key identifier: 3D:E6:15:A8:63:BA:72:50:43:0B:A0:14:27:5D:BB:92:15:33:F4:A3
Certificate issuer: /CN=25827d84056b8444cc2a7842759035354b8416bc
Certificate serial: 63B734701FF659A014724024AA005F16457B79E1
Authority key identifier: 25:82:7D:84:05:6B:84:44:CC:2A:78:42:75:90:35:35:4B:84:16:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JYJ9hAVrhETMKnhCdZA1NUuEFrw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/69bbfdcf-35cd-4524-8ffa-3005b0b69a29/0/326131343a313463303a313a3a2f34382d3438203d3e20323037343837.roa
Signing time: Thu 01 May 2025 19:43:17 +0000
ROA not before: Thu 01 May 2025 19:38:17 +0000
ROA not after: Thu 30 Apr 2026 19:43:17 +0000
asID: 207487
IP address blocks: 2a14:14c0:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/69bbfdcf-35cd-4524-8ffa-3005b0b69a29/0/25827D84056B8444CC2A7842759035354B8416BC.crl
rsync://rsync.paas.rpki.ripe.net/repository/69bbfdcf-35cd-4524-8ffa-3005b0b69a29/0/25827D84056B8444CC2A7842759035354B8416BC.mft
rsync://rpki.ripe.net/repository/DEFAULT/JYJ9hAVrhETMKnhCdZA1NUuEFrw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 16 Jun 2025 00:25:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:b7:34:70:1f:f6:59:a0:14:72:40:24:aa:00:5f:16:45:7b:79:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25827d84056b8444cc2a7842759035354b8416bc
Validity
Not Before: May 1 19:38:17 2025 GMT
Not After : Apr 30 19:43:17 2026 GMT
Subject: CN=3DE615A863BA7250430BA014275DBB921533F4A3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:34:12:18:26:ce:39:e6:2e:74:0e:73:d0:77:
e9:a9:34:2f:fb:61:b7:d2:02:e8:e1:29:58:8b:b7:
9c:ca:ad:31:27:7b:be:30:bb:d1:bd:35:ed:dd:7b:
be:73:5b:01:47:b1:a5:ad:52:96:41:20:9a:32:c7:
59:5b:a7:b7:d1:e3:20:02:99:04:e4:97:5c:8d:b0:
ac:50:4f:33:9c:58:73:36:3a:a6:de:0b:67:9c:37:
4b:10:46:04:7f:17:41:3c:bc:2e:3f:63:a9:b5:f3:
9a:11:db:42:e3:41:42:2a:d8:64:1a:54:95:0e:a8:
65:02:52:44:ba:ba:d3:2f:65:23:4d:67:3a:0a:d0:
96:d9:ed:30:96:03:58:f7:5d:52:e9:d1:21:77:90:
eb:27:1c:a2:2a:4d:93:59:7f:cd:ae:86:59:65:74:
6f:e1:4d:60:0a:57:4c:3f:94:db:78:65:fe:04:8f:
4c:89:87:f7:90:46:6d:2a:62:81:91:17:c3:d7:b0:
c6:1a:d9:70:69:17:ea:04:f1:38:59:5f:15:1a:82:
94:2c:1e:55:30:ae:22:35:89:46:3a:3a:91:ef:06:
97:21:1b:fc:01:59:e5:0f:71:57:bc:85:f8:06:a1:
f9:f3:38:60:9b:10:18:c1:4b:e0:dd:98:97:42:cc:
23:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:E6:15:A8:63:BA:72:50:43:0B:A0:14:27:5D:BB:92:15:33:F4:A3
X509v3 Authority Key Identifier:
keyid:25:82:7D:84:05:6B:84:44:CC:2A:78:42:75:90:35:35:4B:84:16:BC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/69bbfdcf-35cd-4524-8ffa-3005b0b69a29/0/25827D84056B8444CC2A7842759035354B8416BC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JYJ9hAVrhETMKnhCdZA1NUuEFrw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/69bbfdcf-35cd-4524-8ffa-3005b0b69a29/0/326131343a313463303a313a3a2f34382d3438203d3e20323037343837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:14c0:1::/48
Signature Algorithm: sha256WithRSAEncryption
4b:f4:07:c2:15:9e:01:4d:ce:bf:ce:c5:e8:b1:58:dc:97:36:
1d:86:cd:f0:eb:44:ea:a0:9d:ea:2d:e9:87:69:df:b5:40:be:
1d:e7:1e:90:5b:d0:07:eb:a0:43:6b:0c:67:4a:c8:ec:99:a7:
ec:34:99:36:0a:88:ce:cc:84:24:d2:6b:96:4e:cc:69:0a:d4:
ea:d3:f6:7b:43:01:58:f4:1d:f7:ca:47:75:40:4c:0c:78:14:
9c:e1:47:b1:e2:83:5f:63:53:93:d5:c1:db:e2:85:ea:b3:e5:
6a:22:24:4a:ae:3b:ff:5c:a5:0b:ef:56:9f:ac:e2:35:a7:72:
ed:bf:35:e1:72:7b:e0:a9:8a:e6:58:8b:23:d5:6f:5a:0f:1f:
02:ce:15:19:4d:56:f8:42:f9:5c:92:63:0f:82:48:21:f0:fc:
97:22:79:94:fd:f4:9f:44:22:a8:ae:29:f1:a0:68:66:b9:06:
bd:3a:79:58:07:84:84:d1:96:29:1f:c7:aa:4b:73:26:82:59:
a2:3b:2d:6e:42:1a:ee:5c:c1:24:33:b9:25:88:ca:d3:be:ef:
28:a1:48:7b:cf:68:b8:3f:c8:8a:9c:63:8c:1f:2b:dc:78:17:
0d:f0:32:66:21:72:8a:13:5f:aa:1a:cd:5d:23:e7:79:41:5b:
6f:96:5f:49
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUY7c0cB/2WaAUckAkqgBfFkV7eeEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjU4MjdkODQwNTZiODQ0NGNjMmE3ODQyNzU5MDM1MzU0
Yjg0MTZiYzAeFw0yNTA1MDExOTM4MTdaFw0yNjA0MzAxOTQzMTdaMDMxMTAvBgNV
BAMTKDNERTYxNUE4NjNCQTcyNTA0MzBCQTAxNDI3NURCQjkyMTUzM0Y0QTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxNBIYJs455i50DnPQd+mpNC/7
YbfSAujhKViLt5zKrTEne74wu9G9Ne3de75zWwFHsaWtUpZBIJoyx1lbp7fR4yAC
mQTkl1yNsKxQTzOcWHM2OqbeC2ecN0sQRgR/F0E8vC4/Y6m185oR20LjQUIq2GQa
VJUOqGUCUkS6utMvZSNNZzoK0JbZ7TCWA1j3XVLp0SF3kOsnHKIqTZNZf82uhlll
dG/hTWAKV0w/lNt4Zf4Ej0yJh/eQRm0qYoGRF8PXsMYa2XBpF+oE8ThZXxUagpQs
HlUwriI1iUY6OpHvBpchG/wBWeUPcVe8hfgGofnzOGCbEBjBS+DdmJdCzCNvAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUPeYVqGO6clBDC6AUJ127khUz9KMwHwYDVR0j
BBgwFoAUJYJ9hAVrhETMKnhCdZA1NUuEFrwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNjliYmZkY2YtMzVjZC00NTI0LThmZmEtMzAwNWIwYjY5
YTI5LzAvMjU4MjdEODQwNTZCODQ0NENDMkE3ODQyNzU5MDM1MzU0Qjg0MTZCQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0pZSjloQVZyaEVUTUtuaENkWkExTlV1
RUZydy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNjliYmZkY2Yt
MzVjZC00NTI0LThmZmEtMzAwNWIwYjY5YTI5LzAvMzI2MTMxMzQzYTMxMzQ2MzMw
M2EzMTNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAzNzM0MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHACoUFMAAATANBgkqhkiG9w0BAQsFAAOCAQEAS/QHwhWeAU3Ov87F6LFY3Jc2
HYbN8OtE6qCd6i3ph2nftUC+HecekFvQB+ugQ2sMZ0rI7Jmn7DSZNgqIzsyEJNJr
lk7MaQrU6tP2e0MBWPQd98pHdUBMDHgUnOFHseKDX2NTk9XB2+KF6rPlaiIkSq47
/1ylC+9Wn6ziNady7b814XJ74KmK5liLI9VvWg8fAs4VGU1W+EL5XJJjD4JIIfD8
lyJ5lP30n0QiqK4p8aBoZrkGvTp5WAeEhNGWKR/HqktzJoJZojstbkIa7lzBJDO5
JYjK077vKKFIe89ouD/IipxjjB8r3HgXDfAyZiFyihNfqhrNXSPneUFbb5ZfSQ==
-----END CERTIFICATE-----
Generated at Sun Jun 15 17:32:23 2025 by rpki-client