Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/69bbfdcf-35cd-4524-8ffa-3005b0b69a29/0/326131343a313463303a323a3a2f34382d3438203d3e20323037343837.roa
File: 326131343a313463303a323a3a2f34382d3438203d3e20323037343837.roa (raw, json)
Hash identifier: lVUTv9ePxFs76NYMpRch/wm8DFit0p7cLkwe+1lgWxI=
Subject key identifier: C0:8A:4D:DA:47:D1:C0:49:50:68:CA:3C:25:EF:BC:56:7B:03:7E:B9
Certificate issuer: /CN=25827d84056b8444cc2a7842759035354b8416bc
Certificate serial: 4F0C44FE7163DFB868A1F24FCCC4E151053E70FC
Authority key identifier: 25:82:7D:84:05:6B:84:44:CC:2A:78:42:75:90:35:35:4B:84:16:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JYJ9hAVrhETMKnhCdZA1NUuEFrw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/69bbfdcf-35cd-4524-8ffa-3005b0b69a29/0/326131343a313463303a323a3a2f34382d3438203d3e20323037343837.roa
Signing time: Thu 01 May 2025 19:43:34 +0000
ROA not before: Thu 01 May 2025 19:38:34 +0000
ROA not after: Thu 30 Apr 2026 19:43:34 +0000
asID: 207487
IP address blocks: 2a14:14c0:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/69bbfdcf-35cd-4524-8ffa-3005b0b69a29/0/25827D84056B8444CC2A7842759035354B8416BC.crl
rsync://rsync.paas.rpki.ripe.net/repository/69bbfdcf-35cd-4524-8ffa-3005b0b69a29/0/25827D84056B8444CC2A7842759035354B8416BC.mft
rsync://rpki.ripe.net/repository/DEFAULT/JYJ9hAVrhETMKnhCdZA1NUuEFrw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 16 Jun 2025 00:25:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:0c:44:fe:71:63:df:b8:68:a1:f2:4f:cc:c4:e1:51:05:3e:70:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25827d84056b8444cc2a7842759035354b8416bc
Validity
Not Before: May 1 19:38:34 2025 GMT
Not After : Apr 30 19:43:34 2026 GMT
Subject: CN=C08A4DDA47D1C0495068CA3C25EFBC567B037EB9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:f1:83:a3:87:f5:2a:50:91:8e:da:d2:6a:76:
67:09:92:28:a6:c3:6e:e3:b3:5d:0f:bb:41:9b:ea:
36:8c:bb:eb:06:1f:b9:bc:76:8b:67:7b:70:f0:ba:
21:78:75:7a:c6:8b:1a:53:5c:82:8f:54:53:94:63:
c3:f9:5a:3c:6a:48:b6:2f:48:fb:c6:f6:b6:e5:27:
7b:50:4b:ee:97:0c:e7:12:3c:0a:d2:8f:b5:e5:08:
25:db:e0:0b:a3:09:03:4b:3a:b0:3a:e9:71:12:60:
2c:73:5f:54:a2:61:bb:ca:3d:a3:4d:6d:0f:51:7c:
74:12:5a:67:44:f8:a6:86:ca:d1:24:ba:26:18:87:
75:7d:e5:75:c9:5c:63:09:19:12:04:20:9d:f0:ba:
dc:3e:48:aa:60:94:f6:64:4f:f6:a1:3f:dc:e2:3c:
b0:d3:34:b6:41:d2:7e:4f:75:89:3c:37:5d:0c:07:
1e:63:3b:56:a3:f9:cb:b7:0e:52:4d:86:16:75:e8:
61:c3:81:68:ea:b6:9a:1a:bc:36:0a:70:7d:f2:39:
1a:72:59:04:8e:54:c8:05:ee:2e:0b:81:6e:0c:e0:
12:89:39:fa:b8:ff:f8:c9:ca:92:44:0d:98:ce:aa:
32:c8:62:4c:05:54:6c:d9:54:60:34:57:8c:93:41:
47:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:8A:4D:DA:47:D1:C0:49:50:68:CA:3C:25:EF:BC:56:7B:03:7E:B9
X509v3 Authority Key Identifier:
keyid:25:82:7D:84:05:6B:84:44:CC:2A:78:42:75:90:35:35:4B:84:16:BC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/69bbfdcf-35cd-4524-8ffa-3005b0b69a29/0/25827D84056B8444CC2A7842759035354B8416BC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JYJ9hAVrhETMKnhCdZA1NUuEFrw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/69bbfdcf-35cd-4524-8ffa-3005b0b69a29/0/326131343a313463303a323a3a2f34382d3438203d3e20323037343837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:14c0:2::/48
Signature Algorithm: sha256WithRSAEncryption
91:26:85:a6:98:c2:e8:d4:36:1e:35:d8:2c:42:bf:d3:5f:c8:
a7:48:cb:cf:25:62:b5:7d:45:94:98:f9:2c:39:92:1d:20:6e:
d3:75:92:0a:20:2d:05:4e:84:a5:cd:70:9a:e9:c2:3a:f4:0b:
eb:2d:67:18:c9:25:83:1e:1a:62:c0:ad:c1:7c:32:e7:06:43:
27:b6:0d:12:90:4b:d6:37:6c:59:81:1d:7f:b7:08:24:bb:75:
bd:7a:00:7b:5e:12:69:db:96:51:34:4f:ec:d5:72:ea:01:6a:
c6:fc:27:9e:7b:61:5b:bc:18:3a:54:4e:bb:d4:ef:7d:f6:94:
d8:57:4a:86:e0:9b:86:cf:4a:c6:0a:db:f5:18:d5:41:e8:45:
c0:26:72:3a:1b:19:14:7b:9f:bb:74:32:0a:2c:e8:31:fc:8a:
87:91:5f:f7:88:6e:35:79:90:d5:b0:6f:b5:a0:6c:b1:fb:b7:
1d:3a:ca:b1:11:fa:89:80:a2:d8:82:b9:ca:4b:9d:40:03:96:
58:2f:0b:90:be:98:c0:d0:2f:c8:15:3d:eb:f3:af:90:85:44:
fb:bf:b9:e2:64:f1:b9:be:a3:3f:04:65:13:80:d8:a8:37:39:
a8:b5:a8:dc:71:72:7d:1a:fb:b2:97:ef:7c:2e:77:a4:94:13:
52:b6:ae:18
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUTwxE/nFj37hoofJPzMThUQU+cPwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjU4MjdkODQwNTZiODQ0NGNjMmE3ODQyNzU5MDM1MzU0
Yjg0MTZiYzAeFw0yNTA1MDExOTM4MzRaFw0yNjA0MzAxOTQzMzRaMDMxMTAvBgNV
BAMTKEMwOEE0RERBNDdEMUMwNDk1MDY4Q0EzQzI1RUZCQzU2N0IwMzdFQjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD58YOjh/UqUJGO2tJqdmcJkiim
w27js10Pu0Gb6jaMu+sGH7m8dotne3DwuiF4dXrGixpTXIKPVFOUY8P5WjxqSLYv
SPvG9rblJ3tQS+6XDOcSPArSj7XlCCXb4AujCQNLOrA66XESYCxzX1SiYbvKPaNN
bQ9RfHQSWmdE+KaGytEkuiYYh3V95XXJXGMJGRIEIJ3wutw+SKpglPZkT/ahP9zi
PLDTNLZB0n5PdYk8N10MBx5jO1aj+cu3DlJNhhZ16GHDgWjqtpoavDYKcH3yORpy
WQSOVMgF7i4LgW4M4BKJOfq4//jJypJEDZjOqjLIYkwFVGzZVGA0V4yTQUeVAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUwIpN2kfRwElQaMo8Je+8VnsDfrkwHwYDVR0j
BBgwFoAUJYJ9hAVrhETMKnhCdZA1NUuEFrwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNjliYmZkY2YtMzVjZC00NTI0LThmZmEtMzAwNWIwYjY5
YTI5LzAvMjU4MjdEODQwNTZCODQ0NENDMkE3ODQyNzU5MDM1MzU0Qjg0MTZCQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0pZSjloQVZyaEVUTUtuaENkWkExTlV1
RUZydy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNjliYmZkY2Yt
MzVjZC00NTI0LThmZmEtMzAwNWIwYjY5YTI5LzAvMzI2MTMxMzQzYTMxMzQ2MzMw
M2EzMjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAzNzM0MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHACoUFMAAAjANBgkqhkiG9w0BAQsFAAOCAQEAkSaFppjC6NQ2HjXYLEK/01/I
p0jLzyVitX1FlJj5LDmSHSBu03WSCiAtBU6Epc1wmunCOvQL6y1nGMklgx4aYsCt
wXwy5wZDJ7YNEpBL1jdsWYEdf7cIJLt1vXoAe14SaduWUTRP7NVy6gFqxvwnnnth
W7wYOlROu9TvffaU2FdKhuCbhs9Kxgrb9RjVQehFwCZyOhsZFHufu3QyCizoMfyK
h5Ff94huNXmQ1bBvtaBssfu3HTrKsRH6iYCi2IK5ykudQAOWWC8LkL6YwNAvyBU9
6/OvkIVE+7+54mTxub6jPwRlE4DYqDc5qLWo3HFyfRr7spfvfC53pJQTUrauGA==
-----END CERTIFICATE-----
Generated at Sun Jun 15 18:02:34 2025 by rpki-client