Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b6421908-75dc-430b-8fb9-748c75bb02c2/0/323030313a3637633a6535633a3a2f34382d3438203d3e20323135313331.roa
File: 323030313a3637633a6535633a3a2f34382d3438203d3e20323135313331.roa (raw, json)
Hash identifier: /8lHhKIuzTcsmBKH0ioYgR3QJ/GmZe2e/TKZ5GWlTv0=
Subject key identifier: 71:A8:89:AE:FB:61:9C:A6:9F:CA:3A:F9:30:12:EA:61:EA:D0:64:A6
Certificate issuer: /CN=e4ba98fc3ebe806c782e589faf5295c3259212a8
Certificate serial: 70540502B05EF60D423FDCDCE668C263B300FFC7
Authority key identifier: E4:BA:98:FC:3E:BE:80:6C:78:2E:58:9F:AF:52:95:C3:25:92:12:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5LqY_D6-gGx4Llifr1KVwyWSEqg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b6421908-75dc-430b-8fb9-748c75bb02c2/0/323030313a3637633a6535633a3a2f34382d3438203d3e20323135313331.roa
Signing time: Mon 28 Apr 2025 17:04:22 +0000
ROA not before: Mon 28 Apr 2025 16:59:22 +0000
ROA not after: Mon 27 Apr 2026 17:04:22 +0000
asID: 215131
IP address blocks: 2001:67c:e5c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b6421908-75dc-430b-8fb9-748c75bb02c2/0/E4BA98FC3EBE806C782E589FAF5295C3259212A8.crl
rsync://rsync.paas.rpki.ripe.net/repository/b6421908-75dc-430b-8fb9-748c75bb02c2/0/E4BA98FC3EBE806C782E589FAF5295C3259212A8.mft
rsync://rpki.ripe.net/repository/DEFAULT/5LqY_D6-gGx4Llifr1KVwyWSEqg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 07 May 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:54:05:02:b0:5e:f6:0d:42:3f:dc:dc:e6:68:c2:63:b3:00:ff:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4ba98fc3ebe806c782e589faf5295c3259212a8
Validity
Not Before: Apr 28 16:59:22 2025 GMT
Not After : Apr 27 17:04:22 2026 GMT
Subject: CN=71A889AEFB619CA69FCA3AF93012EA61EAD064A6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:36:1d:54:f4:08:03:c6:bc:a8:47:e4:f4:c0:
ac:29:01:44:6a:06:42:7c:1b:36:92:22:57:5a:76:
ec:d3:22:98:87:3c:8f:0b:d7:66:9d:b2:bb:bb:e4:
da:2c:63:0f:85:b2:ec:52:74:2e:97:f7:98:80:f3:
4a:d3:80:2e:ba:4a:ca:0a:0d:e5:ee:c3:b6:95:55:
6c:d3:96:97:2a:a3:32:d9:50:13:11:98:fc:a3:7f:
52:4a:c4:ca:72:ca:2c:9c:2c:a9:42:1f:dd:11:a2:
a5:de:7d:16:1a:de:4e:52:08:f5:93:15:be:35:ba:
82:e6:cb:9d:47:89:e8:78:f5:cb:10:7f:b3:15:f7:
ee:d6:ad:17:b8:93:6d:97:d5:0b:ff:bd:40:43:0d:
d1:a8:09:e4:f5:5f:e5:95:2c:31:60:f8:8a:57:19:
6e:8c:9c:af:d6:67:00:f1:b8:95:7a:18:87:74:56:
2d:8f:37:77:0d:67:c7:f8:d2:02:a9:fa:42:2e:d2:
be:41:c6:3a:79:ae:92:f9:71:e4:a5:3f:e8:75:e5:
7c:60:ba:06:52:d7:41:4b:65:cd:1f:8c:18:13:46:
5f:3c:7e:a9:94:fb:71:aa:d2:ca:f5:15:e4:14:d2:
d6:16:d7:27:57:ed:22:80:e4:e4:89:a5:90:e4:ee:
12:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:A8:89:AE:FB:61:9C:A6:9F:CA:3A:F9:30:12:EA:61:EA:D0:64:A6
X509v3 Authority Key Identifier:
keyid:E4:BA:98:FC:3E:BE:80:6C:78:2E:58:9F:AF:52:95:C3:25:92:12:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b6421908-75dc-430b-8fb9-748c75bb02c2/0/E4BA98FC3EBE806C782E589FAF5295C3259212A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5LqY_D6-gGx4Llifr1KVwyWSEqg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b6421908-75dc-430b-8fb9-748c75bb02c2/0/323030313a3637633a6535633a3a2f34382d3438203d3e20323135313331.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:e5c::/48
Signature Algorithm: sha256WithRSAEncryption
4e:7d:4b:36:36:c5:76:d3:00:89:c3:43:15:c8:81:68:76:a5:
7b:62:b9:68:8f:f7:fa:81:cf:79:90:b9:3b:81:da:f8:83:95:
3b:de:1d:b6:e2:23:39:1c:6f:c5:cb:c9:a3:7f:ab:97:c1:2b:
e3:74:f2:50:c2:2f:e6:17:b4:51:54:c9:fa:62:64:e1:99:c2:
07:9e:8a:8c:0f:be:bb:78:80:5e:4b:a3:e9:33:f0:d1:8e:c1:
42:9e:b6:a6:16:46:cc:f6:84:ef:b0:60:1d:d2:12:e9:44:bc:
2c:d3:c7:81:b0:b2:ba:89:79:64:c6:c8:ae:ae:d7:06:5e:e0:
1c:df:04:ec:c9:21:be:3a:80:f3:c5:50:ab:c0:4b:a0:b9:14:
82:fb:a0:3b:8d:01:d2:3e:a1:79:00:06:ba:3d:88:c7:c9:ca:
09:5e:7c:3b:17:cc:92:56:7e:c1:ab:f0:5b:69:52:1b:93:c4:
22:6b:cb:43:7d:da:d7:47:0f:68:e7:20:c6:35:c7:0c:0b:a5:
c8:5e:0d:ee:b0:16:32:0a:cd:23:0d:00:a2:7e:b4:f4:6c:76:
c2:9b:1f:2b:dd:57:a2:c1:be:f0:d5:98:01:cf:a1:55:00:67:
52:b5:dd:c3:dc:77:40:df:48:d9:b5:b1:db:e3:c8:97:fc:9f:
04:76:45:f6
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUcFQFArBe9g1CP9zc5mjCY7MA/8cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTRiYTk4ZmMzZWJlODA2Yzc4MmU1ODlmYWY1Mjk1YzMy
NTkyMTJhODAeFw0yNTA0MjgxNjU5MjJaFw0yNjA0MjcxNzA0MjJaMDMxMTAvBgNV
BAMTKDcxQTg4OUFFRkI2MTlDQTY5RkNBM0FGOTMwMTJFQTYxRUFEMDY0QTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClNh1U9AgDxryoR+T0wKwpAURq
BkJ8GzaSIldaduzTIpiHPI8L12adsru75NosYw+FsuxSdC6X95iA80rTgC66SsoK
DeXuw7aVVWzTlpcqozLZUBMRmPyjf1JKxMpyyiycLKlCH90RoqXefRYa3k5SCPWT
Fb41uoLmy51Hieh49csQf7MV9+7WrRe4k22X1Qv/vUBDDdGoCeT1X+WVLDFg+IpX
GW6MnK/WZwDxuJV6GId0Vi2PN3cNZ8f40gKp+kIu0r5Bxjp5rpL5ceSlP+h15Xxg
ugZS10FLZc0fjBgTRl88fqmU+3Gq0sr1FeQU0tYW1ydX7SKA5OSJpZDk7hITAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUcaiJrvthnKafyjr5MBLqYerQZKYwHwYDVR0j
BBgwFoAU5LqY/D6+gGx4Llifr1KVwyWSEqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjY0MjE5MDgtNzVkYy00MzBiLThmYjktNzQ4Yzc1YmIw
MmMyLzAvRTRCQTk4RkMzRUJFODA2Qzc4MkU1ODlGQUY1Mjk1QzMyNTkyMTJBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVMcVlfRDYtZ0d4NExsaWZyMUtWd3lX
U0VxZy5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjY0MjE5MDgt
NzVkYy00MzBiLThmYjktNzQ4Yzc1YmIwMmMyLzAvMzIzMDMwMzEzYTM2Mzc2MzNh
NjUzNTYzM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzMTM1MzEzMzMxLnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAIAEGfA5cMA0GCSqGSIb3DQEBCwUAA4IBAQBOfUs2NsV20wCJw0MVyIFo
dqV7Yrloj/f6gc95kLk7gdr4g5U73h224iM5HG/Fy8mjf6uXwSvjdPJQwi/mF7RR
VMn6YmThmcIHnoqMD767eIBeS6PpM/DRjsFCnramFkbM9oTvsGAd0hLpRLws08eB
sLK6iXlkxsiurtcGXuAc3wTsySG+OoDzxVCrwEuguRSC+6A7jQHSPqF5AAa6PYjH
ycoJXnw7F8ySVn7Bq/BbaVIbk8Qia8tDfdrXRw9o5yDGNccMC6XIXg3usBYyCs0j
DQCifrT0bHbCmx8r3Veiwb7w1ZgBz6FVAGdStd3D3HdA30jZtbHb48iX/J8EdkX2
-----END CERTIFICATE-----
Generated at Tue May 6 12:13:33 2025 by rpki-client