Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466303a3a2f34382d3438203d3e20323133383736.roa
File: 326131313a323963303a336466303a3a2f34382d3438203d3e20323133383736.roa (raw, json)
Hash identifier: cg953wLdUgZmwB6RiRXcVdBe241TZatK8fAyoRVF7SQ=
Subject key identifier: A7:6E:19:F8:F4:F6:D0:13:B0:30:E4:5C:B8:C3:5E:6A:9C:29:80:44
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 0958777EE291282DE4A27F917DEDE0C42109F2DF
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466303a3a2f34382d3438203d3e20323133383736.roa
Signing time: Mon 14 Apr 2025 21:09:24 +0000
ROA not before: Mon 14 Apr 2025 21:04:24 +0000
ROA not after: Mon 13 Apr 2026 21:09:24 +0000
asID: 213876
IP address blocks: 2a11:29c0:3df0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 18:01:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:58:77:7e:e2:91:28:2d:e4:a2:7f:91:7d:ed:e0:c4:21:09:f2:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: Apr 14 21:04:24 2025 GMT
Not After : Apr 13 21:09:24 2026 GMT
Subject: CN=A76E19F8F4F6D013B030E45CB8C35E6A9C298044
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:7d:b6:3a:ff:0a:95:22:02:d8:df:f9:93:fb:
18:42:86:a3:e1:27:cf:eb:ee:4c:96:cd:ea:3a:dc:
9e:3b:0a:0a:14:94:81:43:69:28:9e:de:fc:33:02:
6a:24:2c:de:29:9c:5b:cd:9b:6a:1a:9c:54:1b:6c:
cd:f1:d4:db:75:77:44:fc:b7:74:4b:fe:e1:46:b3:
84:46:e5:35:5b:3e:e1:de:ed:79:dc:a3:05:80:91:
0a:dd:fe:48:e8:9c:82:3e:28:7c:75:ff:51:50:88:
7e:83:d9:cc:b6:54:d5:80:90:0a:c2:ed:52:4c:1d:
e8:9f:a8:6b:7d:37:e8:1e:52:a2:50:5f:5a:c8:bc:
f1:90:7f:9f:5c:48:7e:45:c7:c7:d7:f5:7a:61:7b:
0d:c1:34:8d:36:29:44:1c:a2:cd:2d:16:84:56:f7:
e9:60:a2:5d:1b:10:c4:ed:db:05:66:bd:76:66:3c:
f1:c1:52:4f:fc:dc:b8:36:23:0a:15:e2:1f:d9:58:
a0:20:e0:03:ca:83:df:b9:9a:f9:30:56:dc:4a:63:
36:50:4d:f1:8e:f7:e7:c6:db:ec:f6:69:c1:19:d4:
74:1e:1a:cf:ad:e3:6b:cb:40:f6:36:7c:63:01:4b:
22:64:7b:9f:f9:a0:ad:6f:90:62:40:99:7a:4e:63:
80:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:6E:19:F8:F4:F6:D0:13:B0:30:E4:5C:B8:C3:5E:6A:9C:29:80:44
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466303a3a2f34382d3438203d3e20323133383736.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:3df0::/48
Signature Algorithm: sha256WithRSAEncryption
a2:4b:0d:6b:12:0d:3b:83:c4:99:30:51:86:a3:44:23:f5:8c:
64:2c:42:21:2c:1c:36:29:c0:e8:2c:de:3c:44:f3:fb:a7:1d:
b8:6d:9a:15:f3:47:1a:fb:8b:96:67:3c:dc:5a:22:8d:6d:b7:
c4:5d:67:48:75:e4:f7:2a:b2:3a:5c:02:c1:0c:37:41:96:35:
d9:5c:68:4e:90:a4:4f:76:17:dd:51:8b:e5:33:8a:f6:e0:02:
c1:35:a0:75:e4:0e:db:23:0f:98:a0:d8:9e:8e:e5:20:cb:fb:
a0:27:c6:cb:95:33:5d:84:46:69:5c:a9:56:29:be:0c:ce:f9:
c8:9c:9d:fb:3d:89:c0:70:92:e5:34:1d:b7:75:d1:98:5f:16:
9b:57:50:1d:64:12:62:ac:14:fb:8d:8e:90:c2:77:dd:fe:f7:
4c:6e:3d:71:77:9f:01:84:e1:aa:0d:e8:a1:04:97:ee:59:98:
21:95:5f:1b:3d:b4:0b:98:6f:9a:ad:0b:e4:27:33:14:b4:7f:
2b:3a:5b:6a:ad:ca:64:0d:03:83:c3:0e:11:9b:09:81:47:07:
2f:20:74:21:39:89:aa:d6:ce:a2:25:cc:1a:42:6b:c3:9a:c4:
fd:35:4e:bf:50:c1:fb:06:f8:12:d2:54:e2:cf:39:c9:e9:f6:
f3:2e:9d:36
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUCVh3fuKRKC3kon+Rfe3gxCEJ8t8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNTA0MTQyMTA0MjRaFw0yNjA0MTMyMTA5MjRaMDMxMTAvBgNV
BAMTKEE3NkUxOUY4RjRGNkQwMTNCMDMwRTQ1Q0I4QzM1RTZBOUMyOTgwNDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWfbY6/wqVIgLY3/mT+xhChqPh
J8/r7kyWzeo63J47CgoUlIFDaSie3vwzAmokLN4pnFvNm2oanFQbbM3x1Nt1d0T8
t3RL/uFGs4RG5TVbPuHe7XncowWAkQrd/kjonII+KHx1/1FQiH6D2cy2VNWAkArC
7VJMHeifqGt9N+geUqJQX1rIvPGQf59cSH5Fx8fX9Xphew3BNI02KUQcos0tFoRW
9+lgol0bEMTt2wVmvXZmPPHBUk/83Lg2IwoV4h/ZWKAg4APKg9+5mvkwVtxKYzZQ
TfGO9+fG2+z2acEZ1HQeGs+t42vLQPY2fGMBSyJke5/5oK1vkGJAmXpOY4ANAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUp24Z+PT20BOwMORcuMNeapwpgEQwHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzMzY0NjYzMDNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzMzM4MzczNi5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoRKcA98DANBgkqhkiG9w0BAQsFAAOCAQEAoksNaxINO4PEmTBR
hqNEI/WMZCxCISwcNinA6CzePETz+6cduG2aFfNHGvuLlmc83FoijW23xF1nSHXk
9yqyOlwCwQw3QZY12VxoTpCkT3YX3VGL5TOK9uACwTWgdeQO2yMPmKDYno7lIMv7
oCfGy5UzXYRGaVypVim+DM75yJyd+z2JwHCS5TQdt3XRmF8Wm1dQHWQSYqwU+42O
kMJ33f73TG49cXefAYThqg3ooQSX7lmYIZVfGz20C5hvmq0L5CczFLR/Kzpbaq3K
ZA0Dg8MOEZsJgUcHLyB0ITmJqtbOoiXMGkJrw5rE/TVOv1DB+wb4EtJU4s85yen2
8y6dNg==
-----END CERTIFICATE-----
Generated at Sun Apr 27 10:30:46 2025 by rpki-client