Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/323030313a3637383a6663383a3a2f34382d3438203d3e20323037393630.roa
File: 323030313a3637383a6663383a3a2f34382d3438203d3e20323037393630.roa (raw, json)
Hash identifier: UNIFWQcfDb9TIYM9mTcmUs06i4tbcfV6n3m2ESGFPVM=
Subject key identifier: E7:90:5B:91:A9:DB:B1:B9:34:FF:CC:17:05:D8:3C:D8:1B:95:52:F6
Certificate issuer: /CN=0839a93dab544c296ffa143456844a8b2818b1d0
Certificate serial: 1C17224BDEB14EB78EA9131DE85D7544F7BB2B47
Authority key identifier: 08:39:A9:3D:AB:54:4C:29:6F:FA:14:34:56:84:4A:8B:28:18:B1:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CDmpPatUTClv-hQ0VoRKiygYsdA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/323030313a3637383a6663383a3a2f34382d3438203d3e20323037393630.roa
Signing time: Sun 01 Jun 2025 12:18:40 +0000
ROA not before: Sun 01 Jun 2025 12:13:40 +0000
ROA not after: Sun 31 May 2026 12:18:40 +0000
asID: 207960
IP address blocks: 2001:678:fc8::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/0839A93DAB544C296FFA143456844A8B2818B1D0.crl
rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/0839A93DAB544C296FFA143456844A8B2818B1D0.mft
rsync://rpki.ripe.net/repository/DEFAULT/CDmpPatUTClv-hQ0VoRKiygYsdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Jun 2025 22:41:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:17:22:4b:de:b1:4e:b7:8e:a9:13:1d:e8:5d:75:44:f7:bb:2b:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0839a93dab544c296ffa143456844a8b2818b1d0
Validity
Not Before: Jun 1 12:13:40 2025 GMT
Not After : May 31 12:18:40 2026 GMT
Subject: CN=E7905B91A9DBB1B934FFCC1705D83CD81B9552F6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:cf:fa:0b:95:e3:9e:51:d3:60:c4:86:94:cb:
70:ed:18:1a:a8:6c:ba:fd:7f:c0:6d:3f:19:f7:82:
6f:9f:fa:a0:9a:c3:55:a5:cf:9c:7b:4d:00:ff:c3:
9c:e1:40:f4:0a:03:e4:95:c7:9c:e0:38:7f:34:14:
94:6c:d4:fb:a5:db:0b:45:cb:6e:07:93:a3:57:3e:
7c:32:2d:52:e3:d3:dd:48:03:22:69:33:6b:07:3a:
44:22:a0:58:c9:b9:3c:72:84:c4:bc:59:b1:96:1b:
da:ff:c0:05:52:ef:cf:e1:00:13:b4:8f:41:28:7d:
91:02:5f:c6:f0:e1:3b:ec:55:fe:e0:fb:06:7f:d5:
dc:3c:ab:5c:88:08:40:12:cd:34:33:85:a7:43:5c:
dd:5b:15:97:de:30:66:1a:fc:0b:d4:74:5e:0b:50:
0c:46:f0:a7:41:f7:52:f0:a4:91:4d:4b:a5:54:db:
7a:92:9f:af:17:33:42:4c:55:df:34:d6:34:67:e0:
d5:c4:00:a7:2d:51:b0:9d:22:f5:57:40:be:73:cc:
46:c2:0f:46:ce:4a:63:f3:b2:18:bb:2c:12:f9:7f:
aa:d7:27:bb:9c:96:93:62:cb:6c:bc:32:32:d4:bc:
46:04:3c:3b:78:00:bd:d9:a1:38:ff:e8:ff:3c:3a:
22:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:90:5B:91:A9:DB:B1:B9:34:FF:CC:17:05:D8:3C:D8:1B:95:52:F6
X509v3 Authority Key Identifier:
keyid:08:39:A9:3D:AB:54:4C:29:6F:FA:14:34:56:84:4A:8B:28:18:B1:D0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/0839A93DAB544C296FFA143456844A8B2818B1D0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CDmpPatUTClv-hQ0VoRKiygYsdA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/323030313a3637383a6663383a3a2f34382d3438203d3e20323037393630.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:fc8::/48
Signature Algorithm: sha256WithRSAEncryption
6e:9a:28:b6:fb:6d:4b:43:1e:18:ef:47:01:fc:6f:8b:06:4f:
64:8c:59:9a:bc:23:06:a3:7a:c9:99:34:62:eb:fb:f1:37:cd:
b0:43:18:d5:be:23:96:06:5e:01:55:dc:4c:fe:e5:79:ef:1d:
d6:9c:a2:be:f2:da:b9:d8:70:58:73:6c:96:03:2e:76:ee:37:
cf:88:81:d8:c7:78:17:32:94:e6:f2:36:b5:b2:65:45:df:5a:
3a:de:33:7b:04:33:1f:37:f1:5a:60:05:de:28:28:b1:09:ee:
90:e3:f7:6e:a2:ab:30:b2:bb:a5:58:ff:71:fc:3a:77:3e:57:
99:09:da:aa:cd:2d:64:ce:c2:a7:3a:61:40:ce:f5:0a:de:f3:
fb:10:22:3b:4c:42:79:a7:e5:b4:65:7a:4d:5f:a8:a6:7b:b0:
e5:43:9f:cb:8d:1e:7d:2f:55:2e:e2:1f:2f:56:00:07:22:40:
27:51:91:e1:b7:9e:a3:d6:9f:1a:b1:a2:08:ed:b2:7d:0f:b4:
fd:5d:ce:49:ee:0e:c2:22:3d:87:05:e9:a9:e1:cc:23:93:62:
53:02:36:2f:33:49:74:ef:6d:17:d1:77:a5:14:50:59:ca:c9:
6a:b0:c6:a8:8b:d0:96:5f:9b:38:5b:4e:15:d9:5b:56:33:2d:
b2:b4:78:f6
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUHBciS96xTreOqRMd6F11RPe7K0cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDgzOWE5M2RhYjU0NGMyOTZmZmExNDM0NTY4NDRhOGIy
ODE4YjFkMDAeFw0yNTA2MDExMjEzNDBaFw0yNjA1MzExMjE4NDBaMDMxMTAvBgNV
BAMTKEU3OTA1QjkxQTlEQkIxQjkzNEZGQ0MxNzA1RDgzQ0Q4MUI5NTUyRjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMz/oLleOeUdNgxIaUy3DtGBqo
bLr9f8BtPxn3gm+f+qCaw1Wlz5x7TQD/w5zhQPQKA+SVx5zgOH80FJRs1Pul2wtF
y24Hk6NXPnwyLVLj091IAyJpM2sHOkQioFjJuTxyhMS8WbGWG9r/wAVS78/hABO0
j0EofZECX8bw4TvsVf7g+wZ/1dw8q1yICEASzTQzhadDXN1bFZfeMGYa/AvUdF4L
UAxG8KdB91LwpJFNS6VU23qSn68XM0JMVd801jRn4NXEAKctUbCdIvVXQL5zzEbC
D0bOSmPzshi7LBL5f6rXJ7uclpNiy2y8MjLUvEYEPDt4AL3ZoTj/6P88OiKFAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQU55Bbkanbsbk0/8wXBdg82BuVUvYwHwYDVR0j
BBgwFoAUCDmpPatUTClv+hQ0VoRKiygYsdAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZGRlODM3ZmItNjM5MC00MWI1LTgyYTAtZjBkMDJjMDNh
MmM2LzcvMDgzOUE5M0RBQjU0NEMyOTZGRkExNDM0NTY4NDRBOEIyODE4QjFEMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NEbXBQYXRVVENsdi1oUTBWb1JLaXln
WXNkQS5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZGRlODM3ZmIt
NjM5MC00MWI1LTgyYTAtZjBkMDJjMDNhMmM2LzcvMzIzMDMwMzEzYTM2MzczODNh
NjY2MzM4M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzMDM3MzkzNjMwLnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAIAEGeA/IMA0GCSqGSIb3DQEBCwUAA4IBAQBumii2+21LQx4Y70cB/G+L
Bk9kjFmavCMGo3rJmTRi6/vxN82wQxjVviOWBl4BVdxM/uV57x3WnKK+8tq52HBY
c2yWAy527jfPiIHYx3gXMpTm8ja1smVF31o63jN7BDMfN/FaYAXeKCixCe6Q4/du
oqswsrulWP9x/Dp3PleZCdqqzS1kzsKnOmFAzvUK3vP7ECI7TEJ5p+W0ZXpNX6im
e7DlQ5/LjR59L1Uu4h8vVgAHIkAnUZHht56j1p8asaII7bJ9D7T9Xc5J7g7CIj2H
Bemp4cwjk2JTAjYvM0l0720X0XelFFBZyslqsMaoi9CWX5s4W04V2VtWMy2ytHj2
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:12:50 2025 by rpki-client