Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/326131313a663263303a323a3a2f34382d3438203d3e20323032333539.roa
File: 326131313a663263303a323a3a2f34382d3438203d3e20323032333539.roa (raw, json)
Hash identifier: SlyimbxFLoCHsFWWpUZjHgmLHKv7rmMtitzOtZT7wdo=
Subject key identifier: 59:A2:5A:50:A7:DC:A9:E6:FD:7F:B5:AE:A8:34:DB:58:C0:F1:53:F2
Certificate issuer: /CN=0839a93dab544c296ffa143456844a8b2818b1d0
Certificate serial: 297BCE28377986B51495A73F990BC763FE42284A
Authority key identifier: 08:39:A9:3D:AB:54:4C:29:6F:FA:14:34:56:84:4A:8B:28:18:B1:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CDmpPatUTClv-hQ0VoRKiygYsdA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/326131313a663263303a323a3a2f34382d3438203d3e20323032333539.roa
Signing time: Sun 01 Jun 2025 12:18:44 +0000
ROA not before: Sun 01 Jun 2025 12:13:44 +0000
ROA not after: Sun 31 May 2026 12:18:44 +0000
asID: 202359
IP address blocks: 2a11:f2c0:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/0839A93DAB544C296FFA143456844A8B2818B1D0.crl
rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/0839A93DAB544C296FFA143456844A8B2818B1D0.mft
rsync://rpki.ripe.net/repository/DEFAULT/CDmpPatUTClv-hQ0VoRKiygYsdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Jun 2025 22:41:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:7b:ce:28:37:79:86:b5:14:95:a7:3f:99:0b:c7:63:fe:42:28:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0839a93dab544c296ffa143456844a8b2818b1d0
Validity
Not Before: Jun 1 12:13:44 2025 GMT
Not After : May 31 12:18:44 2026 GMT
Subject: CN=59A25A50A7DCA9E6FD7FB5AEA834DB58C0F153F2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:0e:38:aa:e6:44:b3:cb:95:f5:b6:25:c1:d1:
14:ae:38:7d:d5:c6:b5:cb:79:57:9b:07:32:ba:1d:
8f:36:8f:86:47:fa:95:09:68:44:91:6c:77:22:a8:
f8:be:96:ec:99:ca:df:8b:ef:4d:ef:68:18:f6:31:
52:0d:10:c4:89:04:f6:e6:52:06:09:bd:b9:84:57:
b2:4a:03:c7:4d:0d:48:31:0d:2a:c1:17:d0:82:b6:
4c:d1:df:8a:76:44:07:a3:9d:04:79:29:c1:8d:66:
78:96:f4:31:40:78:5d:e0:cb:d0:ce:bb:14:e8:f3:
94:29:21:61:b1:44:00:e9:69:22:ca:7a:fa:07:fa:
23:08:2d:c4:2c:d6:05:be:68:12:32:94:d2:88:2a:
f8:29:2f:85:c0:33:87:ba:98:bf:b4:cd:60:ce:e2:
79:b5:12:5f:3b:b7:45:9c:ee:26:e2:15:1e:56:6c:
21:27:c1:d3:e0:d7:1b:64:13:4a:1d:c0:69:16:2e:
3f:ad:71:ec:c4:83:2e:f8:47:8b:c9:79:82:1c:2f:
9b:bf:43:d1:7a:2c:d5:5a:bf:7f:cd:34:f5:c7:2a:
39:66:ef:0c:0a:75:54:db:b4:8b:c3:38:84:04:c1:
4a:70:ea:b6:e1:7f:c6:6c:8c:0b:b6:c4:03:b7:19:
15:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:A2:5A:50:A7:DC:A9:E6:FD:7F:B5:AE:A8:34:DB:58:C0:F1:53:F2
X509v3 Authority Key Identifier:
keyid:08:39:A9:3D:AB:54:4C:29:6F:FA:14:34:56:84:4A:8B:28:18:B1:D0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/0839A93DAB544C296FFA143456844A8B2818B1D0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CDmpPatUTClv-hQ0VoRKiygYsdA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/326131313a663263303a323a3a2f34382d3438203d3e20323032333539.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:f2c0:2::/48
Signature Algorithm: sha256WithRSAEncryption
12:10:46:67:ca:55:25:7e:e5:40:4f:cb:f0:2f:34:d3:02:e2:
93:97:c0:57:16:30:65:b2:32:60:5f:1a:51:6b:e3:7b:14:71:
73:ac:aa:ef:88:20:97:da:12:4e:76:16:d4:fb:c8:0f:d6:58:
4c:2f:a2:78:b8:85:d5:0b:e7:84:a4:a6:e7:40:bb:d7:cf:1e:
6d:4a:e7:60:31:86:e4:e0:03:b5:f0:7c:35:9c:2a:46:a4:40:
11:15:3f:01:b0:d4:56:01:eb:69:98:34:99:91:d1:4b:b8:fa:
85:bb:db:fc:87:e5:d4:a9:66:98:99:08:54:32:56:61:5b:f3:
59:3a:39:17:2f:29:7c:71:c6:00:d1:cb:08:70:f2:5d:59:c6:
47:91:17:e0:0d:84:5c:1c:0b:b1:6d:03:57:a3:34:83:08:82:
18:06:7d:38:16:3f:30:ea:18:de:9c:df:1c:29:bf:88:da:35:
82:ae:07:07:37:64:10:bd:38:fc:3a:e2:79:1f:44:a2:3e:5b:
cc:0f:a6:9b:f1:f5:e3:36:05:02:a1:75:1c:18:ca:a9:be:eb:
2f:8c:77:6f:e0:fe:92:63:0a:0a:22:03:8c:17:49:39:57:e6:
76:2f:0b:74:4e:d7:e6:2f:81:ea:53:9a:40:95:09:20:c7:fd:
2b:3f:f8:ba
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUKXvOKDd5hrUUlac/mQvHY/5CKEowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDgzOWE5M2RhYjU0NGMyOTZmZmExNDM0NTY4NDRhOGIy
ODE4YjFkMDAeFw0yNTA2MDExMjEzNDRaFw0yNjA1MzExMjE4NDRaMDMxMTAvBgNV
BAMTKDU5QTI1QTUwQTdEQ0E5RTZGRDdGQjVBRUE4MzREQjU4QzBGMTUzRjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5Djiq5kSzy5X1tiXB0RSuOH3V
xrXLeVebBzK6HY82j4ZH+pUJaESRbHciqPi+luyZyt+L703vaBj2MVINEMSJBPbm
UgYJvbmEV7JKA8dNDUgxDSrBF9CCtkzR34p2RAejnQR5KcGNZniW9DFAeF3gy9DO
uxTo85QpIWGxRADpaSLKevoH+iMILcQs1gW+aBIylNKIKvgpL4XAM4e6mL+0zWDO
4nm1El87t0Wc7ibiFR5WbCEnwdPg1xtkE0odwGkWLj+tcezEgy74R4vJeYIcL5u/
Q9F6LNVav3/NNPXHKjlm7wwKdVTbtIvDOIQEwUpw6rbhf8ZsjAu2xAO3GRVbAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUWaJaUKfcqeb9f7WuqDTbWMDxU/IwHwYDVR0j
BBgwFoAUCDmpPatUTClv+hQ0VoRKiygYsdAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZGRlODM3ZmItNjM5MC00MWI1LTgyYTAtZjBkMDJjMDNh
MmM2LzcvMDgzOUE5M0RBQjU0NEMyOTZGRkExNDM0NTY4NDRBOEIyODE4QjFEMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NEbXBQYXRVVENsdi1oUTBWb1JLaXln
WXNkQS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZGRlODM3ZmIt
NjM5MC00MWI1LTgyYTAtZjBkMDJjMDNhMmM2LzcvMzI2MTMxMzEzYTY2MzI2MzMw
M2EzMjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAzMjMzMzUzOS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHACoR8sAAAjANBgkqhkiG9w0BAQsFAAOCAQEAEhBGZ8pVJX7lQE/L8C800wLi
k5fAVxYwZbIyYF8aUWvjexRxc6yq74ggl9oSTnYW1PvID9ZYTC+ieLiF1QvnhKSm
50C7188ebUrnYDGG5OADtfB8NZwqRqRAERU/AbDUVgHraZg0mZHRS7j6hbvb/Ifl
1KlmmJkIVDJWYVvzWTo5Fy8pfHHGANHLCHDyXVnGR5EX4A2EXBwLsW0DV6M0gwiC
GAZ9OBY/MOoY3pzfHCm/iNo1gq4HBzdkEL04/DrieR9Eoj5bzA+mm/H14zYFAqF1
HBjKqb7rL4x3b+D+kmMKCiIDjBdJOVfmdi8LdE7X5i+B6lOaQJUJIMf9Kz/4ug==
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:10:18 2025 by rpki-client