Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a3437383a3a2f34382d3438203d3e20323134363537.roa
File: 326131313a323963303a3437383a3a2f34382d3438203d3e20323134363537.roa (raw, json)
Hash identifier: JzE1IygMCZx9prug0GgfS4jOQCpqomS2vdDzqWk3RzU=
Subject key identifier: B8:02:A9:02:BA:73:EF:1A:89:87:F4:96:D9:3E:33:E9:CB:97:98:BB
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 76711C033EDC95A9C16F13770FD1EB4F7BDCBA84
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a3437383a3a2f34382d3438203d3e20323134363537.roa
Signing time: Mon 14 Apr 2025 21:09:43 +0000
ROA not before: Mon 14 Apr 2025 21:04:43 +0000
ROA not after: Mon 13 Apr 2026 21:09:43 +0000
asID: 214657
IP address blocks: 2a11:29c0:478::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 17:20:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:71:1c:03:3e:dc:95:a9:c1:6f:13:77:0f:d1:eb:4f:7b:dc:ba:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: Apr 14 21:04:43 2025 GMT
Not After : Apr 13 21:09:43 2026 GMT
Subject: CN=B802A902BA73EF1A8987F496D93E33E9CB9798BB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:94:27:9a:0e:24:48:17:f7:64:4c:95:b3:f5:
73:4b:a9:46:05:a6:9c:79:c6:e1:95:77:e9:50:d0:
2d:07:cc:86:7d:13:9a:6b:bd:ed:20:86:61:17:4f:
26:54:31:24:13:e9:92:fb:da:15:9a:64:47:c1:ce:
a5:33:98:d0:30:1d:1f:75:5c:c6:88:01:23:1e:30:
be:7f:c6:92:eb:71:37:a7:e0:0b:9a:d4:df:34:34:
a9:af:ff:cf:85:2d:6e:da:48:79:46:86:c5:94:0e:
e8:51:f3:0c:5f:78:34:4b:20:5d:47:86:83:13:dc:
2d:54:eb:d0:71:53:c0:94:e8:9b:ad:7a:7f:94:0c:
38:8f:77:31:72:76:02:0b:b8:bf:08:65:59:96:f1:
fb:86:e1:f2:60:1f:df:89:2f:8b:9f:6d:cf:1b:95:
1a:a0:fd:be:de:d2:10:36:d7:9a:30:ad:0f:6c:be:
ad:0d:d8:aa:2b:d3:aa:f4:a8:cf:63:7b:37:e4:71:
c4:13:33:64:12:19:8e:b9:a9:e1:25:9e:21:21:cf:
5f:64:6b:40:13:53:16:61:59:c7:57:07:11:1e:e5:
f2:f5:b3:01:ba:6b:8d:fb:47:22:97:90:0a:a0:b5:
bf:7f:c9:b2:49:03:6d:7f:c8:e2:b4:58:49:b1:38:
6a:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:02:A9:02:BA:73:EF:1A:89:87:F4:96:D9:3E:33:E9:CB:97:98:BB
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a3437383a3a2f34382d3438203d3e20323134363537.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:478::/48
Signature Algorithm: sha256WithRSAEncryption
09:c2:84:aa:5d:74:17:c2:28:f9:44:d8:a0:76:bf:d4:f8:e9:
12:03:b9:e5:d6:86:d9:67:b5:fe:05:dc:aa:2a:24:ea:2c:37:
32:ee:c6:45:b4:4f:4c:76:04:54:ff:7f:c9:e2:1b:07:0f:92:
2c:c7:88:7e:6d:39:eb:e4:ee:77:dc:0e:7d:f5:16:9d:e5:87:
ac:89:13:9a:aa:4d:32:12:41:33:a8:33:ef:35:d5:43:49:2b:
4f:40:d7:b1:7f:02:75:c9:c9:4c:ec:54:6d:f8:e2:5b:13:36:
68:fa:d2:48:92:66:19:05:5f:89:71:85:74:9e:3d:32:14:d9:
4a:c7:4d:f7:27:17:30:8d:3b:55:6e:cd:86:3b:f5:1b:e4:60:
ac:fe:63:08:02:a1:35:1b:d0:51:9c:35:72:6c:9d:1e:f1:ad:
12:c0:16:5c:10:fa:e1:0c:be:aa:cd:f9:a2:8b:ed:32:99:93:
9d:03:63:f5:4c:28:4f:84:9a:b5:0a:4b:7d:90:bd:c1:62:32:
cc:95:b2:c6:4a:01:4d:5f:70:ae:93:02:e0:6b:19:a1:4d:ce:
cc:39:0b:d9:8e:c1:88:6a:4d:47:2c:e6:9c:d5:8c:9f:72:37:
6a:a0:36:2f:a2:f0:ec:f9:e6:f3:61:6c:20:91:32:d6:6f:42:
c9:a5:6b:78
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgIUdnEcAz7clanBbxN3D9HrT3vcuoQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNTA0MTQyMTA0NDNaFw0yNjA0MTMyMTA5NDNaMDMxMTAvBgNV
BAMTKEI4MDJBOTAyQkE3M0VGMUE4OTg3RjQ5NkQ5M0UzM0U5Q0I5Nzk4QkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2lCeaDiRIF/dkTJWz9XNLqUYF
ppx5xuGVd+lQ0C0HzIZ9E5prve0ghmEXTyZUMSQT6ZL72hWaZEfBzqUzmNAwHR91
XMaIASMeML5/xpLrcTen4Aua1N80NKmv/8+FLW7aSHlGhsWUDuhR8wxfeDRLIF1H
hoMT3C1U69BxU8CU6Juten+UDDiPdzFydgILuL8IZVmW8fuG4fJgH9+JL4ufbc8b
lRqg/b7e0hA215owrQ9svq0N2Kor06r0qM9jezfkccQTM2QSGY65qeElniEhz19k
a0ATUxZhWcdXBxEe5fL1swG6a437RyKXkAqgtb9/ybJJA21/yOK0WEmxOGpvAgMB
AAGjggJIMIICRDAdBgNVHQ4EFgQUuAKpArpz7xqJh/SW2T4z6cuXmLswHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbUGCCsGAQUFBwELBIGoMIGlMIGiBggrBgEFBQcwC4aBlXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzNDM3MzgzYTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMjMxMzQzNjM1Mzcucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8E
AgACMAkDBwAqESnABHgwDQYJKoZIhvcNAQELBQADggEBAAnChKpddBfCKPlE2KB2
v9T46RIDueXWhtlntf4F3KoqJOosNzLuxkW0T0x2BFT/f8niGwcPkizHiH5tOevk
7nfcDn31Fp3lh6yJE5qqTTISQTOoM+811UNJK09A17F/AnXJyUzsVG344lsTNmj6
0kiSZhkFX4lxhXSePTIU2UrHTfcnFzCNO1VuzYY79RvkYKz+YwgCoTUb0FGcNXJs
nR7xrRLAFlwQ+uEMvqrN+aKL7TKZk50DY/VMKE+EmrUKS32QvcFiMsyVssZKAU1f
cK6TAuBrGaFNzsw5C9mOwYhqTUcs5pzVjJ9yN2qgNi+i8Oz55vNhbCCRMtZvQsml
a3g=
-----END CERTIFICATE-----
Generated at Sun Apr 27 01:01:29 2025 by rpki-client