Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/326131313a663263303a313a3a2f34382d3438203d3e20323032333539.roa
File: 326131313a663263303a313a3a2f34382d3438203d3e20323032333539.roa (raw, json)
Hash identifier: ZivrOJ7iiOCUg/HqF4j2xuXr75dIBf1hdqQTAxY+xwU=
Subject key identifier: 76:54:56:4D:17:68:E7:05:43:23:DB:3A:4D:FF:4D:76:F2:95:CF:04
Certificate issuer: /CN=0839a93dab544c296ffa143456844a8b2818b1d0
Certificate serial: 0ABAEC23133392A487F0F305C3E0E5352BF2E453
Authority key identifier: 08:39:A9:3D:AB:54:4C:29:6F:FA:14:34:56:84:4A:8B:28:18:B1:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CDmpPatUTClv-hQ0VoRKiygYsdA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/326131313a663263303a313a3a2f34382d3438203d3e20323032333539.roa
Signing time: Sun 01 Jun 2025 12:18:49 +0000
ROA not before: Sun 01 Jun 2025 12:13:49 +0000
ROA not after: Sun 31 May 2026 12:18:49 +0000
asID: 202359
IP address blocks: 2a11:f2c0:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/0839A93DAB544C296FFA143456844A8B2818B1D0.crl
rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/0839A93DAB544C296FFA143456844A8B2818B1D0.mft
rsync://rpki.ripe.net/repository/DEFAULT/CDmpPatUTClv-hQ0VoRKiygYsdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Jun 2025 22:41:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:ba:ec:23:13:33:92:a4:87:f0:f3:05:c3:e0:e5:35:2b:f2:e4:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0839a93dab544c296ffa143456844a8b2818b1d0
Validity
Not Before: Jun 1 12:13:49 2025 GMT
Not After : May 31 12:18:49 2026 GMT
Subject: CN=7654564D1768E7054323DB3A4DFF4D76F295CF04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:e9:4f:d2:d1:58:04:53:79:e7:c3:14:71:0a:
85:25:62:0b:2f:3a:91:6a:ac:68:12:41:6e:d7:a4:
66:71:14:02:72:c0:f4:c0:7c:31:89:9c:6b:a4:76:
d1:8f:bc:27:ca:1d:3d:1e:ce:75:60:3a:65:06:a9:
6b:e2:86:1e:d0:7c:52:48:4f:d0:f5:d9:96:73:db:
d4:54:f7:fd:ef:84:c8:e1:54:2c:62:c0:21:22:94:
d2:f6:ad:6a:83:1a:62:90:2e:fe:36:64:6f:e6:aa:
b4:0f:80:df:a4:b2:43:70:bb:16:61:a7:d1:d2:05:
95:bd:28:4a:d6:10:52:f7:f3:4b:e3:5d:db:17:c3:
c9:f0:ac:69:76:a4:31:e4:66:a7:8c:d2:02:f4:7b:
7b:62:28:5d:ed:8a:97:aa:ce:01:3b:91:9b:3e:35:
f6:f9:8f:5f:92:00:32:48:a7:a2:96:cf:62:92:10:
7f:f3:4e:e9:52:4b:46:36:3e:9a:7e:77:4e:0e:45:
12:5a:4d:c0:31:e1:e5:9f:ea:a5:dc:6a:ef:70:8c:
cc:21:8e:59:80:42:53:2a:55:cb:95:27:ee:e8:12:
2d:c0:1c:66:75:b4:f0:22:36:70:a7:d8:96:48:13:
29:f7:a1:d4:82:d8:26:4d:e5:76:ab:a1:26:79:d4:
b4:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:54:56:4D:17:68:E7:05:43:23:DB:3A:4D:FF:4D:76:F2:95:CF:04
X509v3 Authority Key Identifier:
keyid:08:39:A9:3D:AB:54:4C:29:6F:FA:14:34:56:84:4A:8B:28:18:B1:D0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/0839A93DAB544C296FFA143456844A8B2818B1D0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CDmpPatUTClv-hQ0VoRKiygYsdA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/326131313a663263303a313a3a2f34382d3438203d3e20323032333539.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:f2c0:1::/48
Signature Algorithm: sha256WithRSAEncryption
67:f2:a2:16:6b:48:bc:45:e8:3a:21:cd:79:cb:4a:4c:88:40:
b6:19:50:69:81:91:b4:d8:95:68:a0:57:13:a2:5f:99:59:22:
a6:31:f9:0e:50:dd:07:40:0d:fe:61:98:13:d3:50:87:ee:5c:
eb:45:77:2d:46:75:38:30:ff:53:4a:29:df:22:5d:41:78:30:
d6:5d:4d:a5:2d:95:c8:26:3f:be:62:c2:a7:d3:ea:5d:8c:8d:
83:7d:46:87:bc:0b:bc:41:2b:56:02:f5:5f:75:b2:45:5f:de:
8f:1a:99:37:92:07:09:44:e0:7f:73:08:84:ce:70:c6:f8:d1:
63:e7:44:2d:4d:cd:0b:ad:7a:b7:85:15:f0:db:19:e2:b3:68:
06:40:81:e1:ea:6a:15:72:03:b6:5c:fa:f6:d8:d8:4b:a0:b6:
4e:bb:eb:42:38:a3:03:68:a8:60:5c:73:bb:c1:e2:e7:b1:65:
c9:ca:90:91:97:f6:42:e2:38:70:fc:f5:a1:f6:4d:dd:3b:c0:
c8:67:d4:54:48:94:88:86:3a:1e:a9:e7:de:28:e9:e9:d6:88:
3a:34:9d:73:f5:19:a0:d7:e9:84:0c:7e:a5:a3:bd:e7:c0:03:
7a:95:ef:1b:f6:72:85:17:c1:1c:43:d9:d6:75:d4:00:5f:f1:
01:4e:5d:97
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUCrrsIxMzkqSH8PMFw+DlNSvy5FMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDgzOWE5M2RhYjU0NGMyOTZmZmExNDM0NTY4NDRhOGIy
ODE4YjFkMDAeFw0yNTA2MDExMjEzNDlaFw0yNjA1MzExMjE4NDlaMDMxMTAvBgNV
BAMTKDc2NTQ1NjREMTc2OEU3MDU0MzIzREIzQTRERkY0RDc2RjI5NUNGMDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDd6U/S0VgEU3nnwxRxCoUlYgsv
OpFqrGgSQW7XpGZxFAJywPTAfDGJnGukdtGPvCfKHT0eznVgOmUGqWvihh7QfFJI
T9D12ZZz29RU9/3vhMjhVCxiwCEilNL2rWqDGmKQLv42ZG/mqrQPgN+kskNwuxZh
p9HSBZW9KErWEFL380vjXdsXw8nwrGl2pDHkZqeM0gL0e3tiKF3tipeqzgE7kZs+
Nfb5j1+SADJIp6KWz2KSEH/zTulSS0Y2Ppp+d04ORRJaTcAx4eWf6qXcau9wjMwh
jlmAQlMqVcuVJ+7oEi3AHGZ1tPAiNnCn2JZIEyn3odSC2CZN5XaroSZ51LTTAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUdlRWTRdo5wVDI9s6Tf9NdvKVzwQwHwYDVR0j
BBgwFoAUCDmpPatUTClv+hQ0VoRKiygYsdAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZGRlODM3ZmItNjM5MC00MWI1LTgyYTAtZjBkMDJjMDNh
MmM2LzcvMDgzOUE5M0RBQjU0NEMyOTZGRkExNDM0NTY4NDRBOEIyODE4QjFEMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NEbXBQYXRVVENsdi1oUTBWb1JLaXln
WXNkQS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZGRlODM3ZmIt
NjM5MC00MWI1LTgyYTAtZjBkMDJjMDNhMmM2LzcvMzI2MTMxMzEzYTY2MzI2MzMw
M2EzMTNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAzMjMzMzUzOS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHACoR8sAAATANBgkqhkiG9w0BAQsFAAOCAQEAZ/KiFmtIvEXoOiHNectKTIhA
thlQaYGRtNiVaKBXE6JfmVkipjH5DlDdB0AN/mGYE9NQh+5c60V3LUZ1ODD/U0op
3yJdQXgw1l1NpS2VyCY/vmLCp9PqXYyNg31Gh7wLvEErVgL1X3WyRV/ejxqZN5IH
CUTgf3MIhM5wxvjRY+dELU3NC616t4UV8NsZ4rNoBkCB4epqFXIDtlz69tjYS6C2
TrvrQjijA2ioYFxzu8Hi57FlycqQkZf2QuI4cPz1ofZN3TvAyGfUVEiUiIY6Hqnn
3ijp6daIOjSdc/UZoNfphAx+paO958ADepXvG/ZyhRfBHEPZ1nXUAF/xAU5dlw==
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:07:35 2025 by rpki-client