Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336535303a3a2f34342d3438203d3e20323039363030.roa
File: 326131313a323963303a336535303a3a2f34342d3438203d3e20323039363030.roa (raw, json)
Hash identifier: 6Lq2FRERp41UpEzkU+/UooYzNvuXG1T2wdshPrcZqT8=
Subject key identifier: 03:17:8F:95:23:D6:DD:B2:43:02:A4:99:95:F6:A5:83:BA:44:C9:01
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 23C230D05D706EFF55CCF9654872725D0A5CDD9F
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336535303a3a2f34342d3438203d3e20323039363030.roa
Signing time: Thu 12 Jun 2025 15:36:31 +0000
ROA not before: Thu 12 Jun 2025 15:31:31 +0000
ROA not after: Thu 11 Jun 2026 15:36:31 +0000
asID: 209600
IP address blocks: 2a11:29c0:3e50::/44 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 16 Jun 2025 13:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:c2:30:d0:5d:70:6e:ff:55:cc:f9:65:48:72:72:5d:0a:5c:dd:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: Jun 12 15:31:31 2025 GMT
Not After : Jun 11 15:36:31 2026 GMT
Subject: CN=03178F9523D6DDB24302A49995F6A583BA44C901
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:c0:19:1b:3e:3e:8d:f1:ba:05:23:a4:1f:63:
66:85:57:d9:5a:76:15:67:6f:72:8c:79:83:33:d4:
4d:a1:37:87:1d:50:ce:55:de:49:46:02:0a:78:aa:
ff:ee:84:6a:3f:4d:a3:3c:76:29:0b:d7:6e:6a:44:
8a:7c:cc:29:f5:ad:e9:fa:00:a2:b4:3e:40:27:1d:
fb:71:66:8d:02:e5:b7:58:15:68:c1:d2:2e:cc:a6:
f7:57:e5:d7:de:34:65:f7:89:ae:c1:8e:d1:43:5b:
5c:12:c6:82:f3:5a:e2:3b:42:00:f3:28:d3:53:dc:
ae:04:93:2d:20:50:fb:35:81:3c:8f:2e:fe:6e:20:
48:68:cb:ce:b7:5b:07:09:07:60:43:18:cf:59:8b:
4b:99:83:9e:c0:b2:8c:7d:31:b1:37:d7:61:9e:a4:
45:74:3d:a0:f1:4b:d3:a2:07:06:17:7e:82:7d:ab:
74:52:50:fc:26:6b:73:09:f0:2e:f0:fa:f4:84:ac:
66:88:71:a5:7f:a8:34:9a:08:f4:83:a0:56:1b:3c:
97:dc:66:4e:49:6d:21:3c:7a:12:a2:39:93:a5:5b:
d4:1a:be:38:ae:fe:cb:ea:c6:1e:32:24:cc:2b:8f:
85:6e:2b:9d:6a:ed:19:ec:7b:bd:c3:56:ae:a0:35:
0f:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:17:8F:95:23:D6:DD:B2:43:02:A4:99:95:F6:A5:83:BA:44:C9:01
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336535303a3a2f34342d3438203d3e20323039363030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:3e50::/44
Signature Algorithm: sha256WithRSAEncryption
91:ec:ab:ea:3a:2f:a5:63:f4:ac:c9:e3:db:70:77:26:82:8b:
6f:e3:76:0b:6c:ea:ca:c9:12:4f:e1:02:c8:ad:f3:cf:db:95:
88:80:cf:8f:38:ff:65:b1:be:f0:45:48:ee:11:a1:c8:1c:94:
34:eb:ec:e8:11:38:c4:69:b6:3d:93:94:b1:7f:0b:d9:7f:98:
0c:34:23:07:a6:3f:e4:ee:0d:66:c5:75:7a:2b:fb:b8:5f:90:
3a:55:52:23:53:04:be:20:60:60:11:23:54:38:4b:40:b7:83:
67:ca:e8:6f:ae:45:ad:fe:51:de:97:b9:0b:3c:4c:ae:eb:9a:
03:ec:d8:d2:4d:46:f3:c0:0e:62:c9:0a:9f:c1:52:5b:80:bf:
cd:a7:94:85:c5:4c:ff:68:05:0a:d1:4b:4b:10:a9:6b:4c:ec:
90:1e:28:97:2f:96:06:6d:55:fc:60:9e:ad:c1:8f:77:4f:e2:
d9:5c:39:7e:75:b8:1d:a2:04:b6:62:a6:5a:ce:63:e2:8a:0b:
58:8d:40:26:a7:ee:a9:1c:b4:a0:30:75:ab:c6:fe:9d:e0:28:
4d:f1:73:f4:e9:63:98:95:8e:3e:96:cc:cc:0f:8c:d0:61:41:
a5:9b:25:76:b7:c5:67:25:80:58:24:29:e8:79:58:cd:05:de:
fe:83:1a:92
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUI8Iw0F1wbv9VzPllSHJyXQpc3Z8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNTA2MTIxNTMxMzFaFw0yNjA2MTExNTM2MzFaMDMxMTAvBgNV
BAMTKDAzMTc4Rjk1MjNENkREQjI0MzAyQTQ5OTk1RjZBNTgzQkE0NEM5MDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCowBkbPj6N8boFI6QfY2aFV9la
dhVnb3KMeYMz1E2hN4cdUM5V3klGAgp4qv/uhGo/TaM8dikL125qRIp8zCn1ren6
AKK0PkAnHftxZo0C5bdYFWjB0i7MpvdX5dfeNGX3ia7BjtFDW1wSxoLzWuI7QgDz
KNNT3K4Eky0gUPs1gTyPLv5uIEhoy863WwcJB2BDGM9Zi0uZg57Asox9MbE312Ge
pEV0PaDxS9OiBwYXfoJ9q3RSUPwma3MJ8C7w+vSErGaIcaV/qDSaCPSDoFYbPJfc
Zk5JbSE8ehKiOZOlW9Qavjiu/svqxh4yJMwrj4VuK51q7Rnse73DVq6gNQ85AgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUAxePlSPW3bJDAqSZlfalg7pEyQEwHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzMzY1MzUzMDNhM2EyZjM0MzQyZDM0MzgyMDNkM2UyMDMyMzAzOTM2MzAzMC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHBCoRKcA+UDANBgkqhkiG9w0BAQsFAAOCAQEAkeyr6jovpWP0rMnj
23B3JoKLb+N2C2zqyskST+ECyK3zz9uViIDPjzj/ZbG+8EVI7hGhyByUNOvs6BE4
xGm2PZOUsX8L2X+YDDQjB6Y/5O4NZsV1eiv7uF+QOlVSI1MEviBgYBEjVDhLQLeD
Z8rob65Frf5R3pe5CzxMruuaA+zY0k1G88AOYskKn8FSW4C/zaeUhcVM/2gFCtFL
SxCpa0zskB4oly+WBm1V/GCercGPd0/i2Vw5fnW4HaIEtmKmWs5j4ooLWI1AJqfu
qRy0oDB1q8b+neAoTfFz9OljmJWOPpbMzA+M0GFBpZsldrfFZyWAWCQp6HlYzQXe
/oMakg==
-----END CERTIFICATE-----
Generated at Sun Jun 15 18:51:05 2025 by rpki-client