Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ff7a989-ecdf-43d6-86e1-f6c3935b9b3d/4/326131343a366634323a3a2f33312d3438203d3e20323030323432.roa
File: 326131343a366634323a3a2f33312d3438203d3e20323030323432.roa (raw, json)
Hash identifier: ITJiuOJiPhL9zGFnR/kFwwhgRvQux+ehMzGBms69CVM=
Subject key identifier: CC:A5:76:CC:04:2F:99:E5:7E:1B:72:33:14:00:E0:FF:B1:A2:9C:B7
Certificate issuer: /CN=3eeebb946a8d21d4083c93dc09cee557bb2ac32e
Certificate serial: 269D1DA37595235FB5750EB6B89B9FECD89A6AB5
Authority key identifier: 3E:EE:BB:94:6A:8D:21:D4:08:3C:93:DC:09:CE:E5:57:BB:2A:C3:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pu67lGqNIdQIPJPcCc7lV7sqwy4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ff7a989-ecdf-43d6-86e1-f6c3935b9b3d/4/326131343a366634323a3a2f33312d3438203d3e20323030323432.roa
Signing time: Mon 02 Jun 2025 14:43:44 +0000
ROA not before: Mon 02 Jun 2025 14:38:44 +0000
ROA not after: Mon 01 Jun 2026 14:43:44 +0000
asID: 200242
IP address blocks: 2a14:6f42::/31 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ff7a989-ecdf-43d6-86e1-f6c3935b9b3d/4/3EEEBB946A8D21D4083C93DC09CEE557BB2AC32E.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ff7a989-ecdf-43d6-86e1-f6c3935b9b3d/4/3EEEBB946A8D21D4083C93DC09CEE557BB2AC32E.mft
rsync://rpki.ripe.net/repository/DEFAULT/Pu67lGqNIdQIPJPcCc7lV7sqwy4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 19:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:9d:1d:a3:75:95:23:5f:b5:75:0e:b6:b8:9b:9f:ec:d8:9a:6a:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3eeebb946a8d21d4083c93dc09cee557bb2ac32e
Validity
Not Before: Jun 2 14:38:44 2025 GMT
Not After : Jun 1 14:43:44 2026 GMT
Subject: CN=CCA576CC042F99E57E1B72331400E0FFB1A29CB7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:bf:3b:85:15:51:79:bc:57:9c:ea:7a:03:bc:
50:11:e5:9f:e6:73:a7:a7:7b:ee:47:95:c4:6a:3d:
8b:27:0d:7f:44:3d:ea:c4:51:9c:8d:3e:17:7d:c5:
b0:63:74:ba:94:62:a8:2d:97:db:1b:e3:88:e4:47:
7c:81:f5:d4:6d:2b:9e:69:42:82:21:ad:48:90:85:
dc:42:ca:c6:5f:8d:74:5d:bb:37:7d:b7:86:6f:a2:
b5:d3:be:3b:5c:c7:be:bc:a5:19:76:1c:f9:e9:d9:
60:03:b1:a3:74:26:4c:6b:b3:cc:f4:8c:39:47:0b:
93:c0:85:6c:ef:90:50:00:f0:4f:4e:80:31:da:45:
33:4f:8c:e0:de:0c:af:6b:64:fb:67:b6:83:54:f6:
63:c7:32:1c:67:29:e4:57:5f:a6:73:ff:fb:5e:3c:
d0:32:3a:64:b0:a2:bd:88:a4:85:a5:1c:99:ad:c4:
8c:c7:05:2a:79:05:68:2d:24:1a:ed:ca:28:a9:98:
39:ce:72:52:f1:1f:64:c5:06:d5:db:36:e9:64:74:
22:41:19:a4:ef:9d:df:bd:ed:9d:90:0f:e1:3d:f7:
0a:58:11:79:91:bf:a5:d0:79:f5:b1:6b:7c:ac:31:
ec:0d:8b:7e:45:ec:50:00:6b:9f:aa:e2:e1:ea:5b:
95:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:A5:76:CC:04:2F:99:E5:7E:1B:72:33:14:00:E0:FF:B1:A2:9C:B7
X509v3 Authority Key Identifier:
keyid:3E:EE:BB:94:6A:8D:21:D4:08:3C:93:DC:09:CE:E5:57:BB:2A:C3:2E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ff7a989-ecdf-43d6-86e1-f6c3935b9b3d/4/3EEEBB946A8D21D4083C93DC09CEE557BB2AC32E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pu67lGqNIdQIPJPcCc7lV7sqwy4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ff7a989-ecdf-43d6-86e1-f6c3935b9b3d/4/326131343a366634323a3a2f33312d3438203d3e20323030323432.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:6f42::/31
Signature Algorithm: sha256WithRSAEncryption
2f:57:35:c9:54:6d:ed:31:e1:a2:9e:8e:de:8c:50:a3:a5:42:
5f:c6:55:65:ea:ef:3a:f0:61:d9:37:60:8d:dd:d7:76:32:85:
2c:5e:60:cf:50:f0:73:f6:cf:55:6e:c0:2a:85:5f:dc:dd:33:
b4:3b:b9:15:f2:a4:6d:94:09:01:cc:17:7d:8d:77:98:7f:e8:
d6:ad:0a:7f:1e:76:4a:aa:36:ac:96:17:4d:12:81:4e:84:22:
5d:d7:92:33:3c:a3:38:45:85:79:c0:b0:b2:5e:24:8f:a3:df:
00:52:d8:c6:97:ff:a4:da:9c:af:86:d4:bc:61:db:98:d6:06:
06:40:3e:a5:94:13:f1:86:23:ad:0f:2c:65:97:a9:99:a1:3d:
c0:16:8f:56:ca:d0:eb:07:3b:7c:78:87:c7:d7:f3:5e:63:cf:
08:90:36:dc:cd:69:2b:97:08:3f:bf:f8:1e:fa:b2:33:77:f0:
ea:5d:90:f8:8f:c8:94:4c:3b:f2:01:a5:04:3e:b2:85:1b:0a:
6d:57:7b:1e:6b:09:8c:29:1e:cf:1f:a9:e6:03:28:7c:62:53:
2b:bf:38:1f:97:69:c8:d2:e8:66:61:03:c2:c5:1d:a2:2b:97:
29:13:b7:8a:52:ad:50:94:04:ac:0d:c2:87:93:7d:b5:48:1a:
4a:84:97:dd
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIUJp0do3WVI1+1dQ62uJuf7NiaarUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2VlZWJiOTQ2YThkMjFkNDA4M2M5M2RjMDljZWU1NTdi
YjJhYzMyZTAeFw0yNTA2MDIxNDM4NDRaFw0yNjA2MDExNDQzNDRaMDMxMTAvBgNV
BAMTKENDQTU3NkNDMDQyRjk5RTU3RTFCNzIzMzE0MDBFMEZGQjFBMjlDQjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAvzuFFVF5vFec6noDvFAR5Z/m
c6ene+5HlcRqPYsnDX9EPerEUZyNPhd9xbBjdLqUYqgtl9sb44jkR3yB9dRtK55p
QoIhrUiQhdxCysZfjXRduzd9t4ZvorXTvjtcx768pRl2HPnp2WADsaN0Jkxrs8z0
jDlHC5PAhWzvkFAA8E9OgDHaRTNPjODeDK9rZPtntoNU9mPHMhxnKeRXX6Zz//te
PNAyOmSwor2IpIWlHJmtxIzHBSp5BWgtJBrtyiipmDnOclLxH2TFBtXbNulkdCJB
GaTvnd+97Z2QD+E99wpYEXmRv6XQefWxa3ysMewNi35F7FAAa5+q4uHqW5VFAgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQUzKV2zAQvmeV+G3IzFADg/7GinLcwHwYDVR0j
BBgwFoAUPu67lGqNIdQIPJPcCc7lV7sqwy4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmZmN2E5ODktZWNkZi00M2Q2LTg2ZTEtZjZjMzkzNWI5
YjNkLzQvM0VFRUJCOTQ2QThEMjFENDA4M0M5M0RDMDlDRUU1NTdCQjJBQzMyRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1B1NjdsR3FOSWRRSVBKUGNDYzdsVjdz
cXd5NC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmZmN2E5ODkt
ZWNkZi00M2Q2LTg2ZTEtZjZjMzkzNWI5YjNkLzQvMzI2MTMxMzQzYTM2NjYzNDMy
M2EzYTJmMzMzMTJkMzQzODIwM2QzZTIwMzIzMDMwMzIzNDMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUB
KhRvQjANBgkqhkiG9w0BAQsFAAOCAQEAL1c1yVRt7THhop6O3oxQo6VCX8ZVZerv
OvBh2Tdgjd3XdjKFLF5gz1Dwc/bPVW7AKoVf3N0ztDu5FfKkbZQJAcwXfY13mH/o
1q0Kfx52Sqo2rJYXTRKBToQiXdeSMzyjOEWFecCwsl4kj6PfAFLYxpf/pNqcr4bU
vGHbmNYGBkA+pZQT8YYjrQ8sZZepmaE9wBaPVsrQ6wc7fHiHx9fzXmPPCJA23M1p
K5cIP7/4HvqyM3fw6l2Q+I/IlEw78gGlBD6yhRsKbVd7HmsJjCkezx+p5gMofGJT
K784H5dpyNLoZmEDwsUdoiuXKRO3ilKtUJQErA3Ch5N9tUgaSoSX3Q==
-----END CERTIFICATE-----
Generated at Sun Jun 15 00:03:16 2025 by rpki-client