Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466623a3a2f34382d3438203d3e20323130333335.roa
File: 326131313a323963303a336466623a3a2f34382d3438203d3e20323130333335.roa (raw, json)
Hash identifier: KRMl4DVfox8mLTSVTDZG2Pm2JUhvwWp3iFpT4MEY1nw=
Subject key identifier: 08:EA:82:20:DC:5D:5F:3E:4A:31:6B:E2:97:9C:8D:D7:BD:45:CD:EE
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 06552B0D1141239E28B444AA105B1ED2D4C6503B
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466623a3a2f34382d3438203d3e20323130333335.roa
Signing time: Wed 21 May 2025 14:05:56 +0000
ROA not before: Wed 21 May 2025 14:00:56 +0000
ROA not after: Wed 20 May 2026 14:05:56 +0000
asID: 210335
IP address blocks: 2a11:29c0:3dfb::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 22:52:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:55:2b:0d:11:41:23:9e:28:b4:44:aa:10:5b:1e:d2:d4:c6:50:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: May 21 14:00:56 2025 GMT
Not After : May 20 14:05:56 2026 GMT
Subject: CN=08EA8220DC5D5F3E4A316BE2979C8DD7BD45CDEE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:79:27:d9:84:ac:ca:41:57:78:a8:37:22:87:
0d:36:4a:6b:71:40:82:bd:09:ce:1e:27:3f:03:4c:
ae:a7:4c:ad:63:ac:e9:ed:ee:36:1e:f4:ee:5d:51:
76:01:c9:ee:5a:5c:a6:53:98:74:e2:fc:bd:7a:3a:
d2:e5:2d:07:7e:55:52:2f:36:c3:78:32:f3:2a:5e:
57:8a:1f:53:1b:47:51:c1:bb:3e:28:aa:1c:37:9a:
4e:4f:9b:e6:03:2e:2a:8a:37:7c:0d:83:fe:65:53:
07:a2:c2:ea:44:78:cf:bd:af:2f:b4:16:b4:3b:9d:
eb:1a:01:71:ee:28:64:50:36:a6:7e:8e:59:57:da:
33:e7:e8:ed:f6:dc:b2:33:8d:7d:1c:bc:74:25:5c:
96:b7:7c:0f:40:ce:b4:c0:f2:d1:79:e4:28:e1:99:
14:92:e8:50:e2:49:c2:49:37:93:cb:9e:5b:60:4d:
d2:23:9e:6f:66:9d:f0:a8:49:3e:d6:6c:1f:5d:bb:
1d:7e:18:76:e2:1a:65:95:d7:00:56:73:c9:b7:11:
fb:fe:f5:68:a3:10:d5:40:02:80:f1:a4:4f:0f:3a:
df:31:d8:3f:44:e7:d8:fa:d3:e3:ba:94:b2:04:20:
f3:60:f8:8c:fe:98:7c:f9:42:4d:23:f4:b0:6f:b6:
81:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:EA:82:20:DC:5D:5F:3E:4A:31:6B:E2:97:9C:8D:D7:BD:45:CD:EE
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466623a3a2f34382d3438203d3e20323130333335.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:3dfb::/48
Signature Algorithm: sha256WithRSAEncryption
03:fa:2d:4d:9a:fa:5d:7a:23:d7:03:7d:01:a4:b9:39:ce:e7:
d1:a6:0f:5c:dc:25:08:47:c9:66:4a:55:87:5a:8c:11:4f:4b:
36:85:4b:ef:4b:2b:68:2c:e3:d3:d5:a2:3d:60:d1:ad:d9:78:
e8:72:8d:bc:6f:aa:d1:08:4c:00:a7:aa:36:52:9a:34:19:d7:
b7:33:f6:1f:cf:e9:1f:c6:46:8a:c3:bf:11:16:3f:40:08:d1:
84:4e:14:61:d3:1b:f6:e9:e3:9f:10:fb:1e:6a:21:2c:e3:33:
eb:18:98:7f:c8:31:4d:68:67:3a:3c:20:43:2a:76:7a:a6:95:
b3:30:f8:42:80:72:e6:dd:63:7e:dc:1c:c8:ff:3d:67:df:51:
66:e0:2f:65:f0:f7:ab:c9:b5:d4:dd:ee:1e:e5:a0:4a:f7:29:
03:5d:dc:69:90:5d:5f:f4:82:4f:b7:85:80:a4:4d:a6:a3:7a:
2f:f5:6f:e4:bb:bd:43:bf:30:28:f6:cd:57:e9:8e:35:8d:ab:
e8:68:36:81:6d:1a:d2:42:21:f3:7b:4f:91:ad:ac:36:63:91:
a8:f2:66:56:ff:b5:48:34:38:65:c3:80:ec:08:23:6d:f6:dd:
33:e4:9d:7b:0b:64:85:04:71:80:d4:fe:4a:76:22:d6:9f:2d:
3f:14:3b:f4
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUBlUrDRFBI54otESqEFse0tTGUDswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNTA1MjExNDAwNTZaFw0yNjA1MjAxNDA1NTZaMDMxMTAvBgNV
BAMTKDA4RUE4MjIwREM1RDVGM0U0QTMxNkJFMjk3OUM4REQ3QkQ0NUNERUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDseSfZhKzKQVd4qDcihw02Smtx
QIK9Cc4eJz8DTK6nTK1jrOnt7jYe9O5dUXYBye5aXKZTmHTi/L16OtLlLQd+VVIv
NsN4MvMqXleKH1MbR1HBuz4oqhw3mk5Pm+YDLiqKN3wNg/5lUweiwupEeM+9ry+0
FrQ7nesaAXHuKGRQNqZ+jllX2jPn6O323LIzjX0cvHQlXJa3fA9AzrTA8tF55Cjh
mRSS6FDiScJJN5PLnltgTdIjnm9mnfCoST7WbB9dux1+GHbiGmWV1wBWc8m3Efv+
9WijENVAAoDxpE8POt8x2D9E59j60+O6lLIEIPNg+Iz+mHz5Qk0j9LBvtoHJAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUCOqCINxdXz5KMWvil5yN171Fze4wHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzMzY0NjY2MjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzMDMzMzMzNS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoRKcA9+zANBgkqhkiG9w0BAQsFAAOCAQEAA/otTZr6XXoj1wN9
AaS5Oc7n0aYPXNwlCEfJZkpVh1qMEU9LNoVL70sraCzj09WiPWDRrdl46HKNvG+q
0QhMAKeqNlKaNBnXtzP2H8/pH8ZGisO/ERY/QAjRhE4UYdMb9unjnxD7HmohLOMz
6xiYf8gxTWhnOjwgQyp2eqaVszD4QoBy5t1jftwcyP89Z99RZuAvZfD3q8m11N3u
HuWgSvcpA13caZBdX/SCT7eFgKRNpqN6L/Vv5Lu9Q78wKPbNV+mONY2r6Gg2gW0a
0kIh83tPka2sNmORqPJmVv+1SDQ4ZcOA7AgjbfbdM+SdewtkhQRxgNT+SnYi1p8t
PxQ79A==
-----END CERTIFICATE-----
Generated at Sun Jun 15 11:48:01 2025 by rpki-client