Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/326131313a663263303a333a3a2f34382d3438203d3e20323032333539.roa
File: 326131313a663263303a333a3a2f34382d3438203d3e20323032333539.roa (raw, json)
Hash identifier: XIj+fw+vRgYTpRxwvO3XvTkfLsFczQo4AujMyz3iud4=
Subject key identifier: 93:0C:34:25:FB:EE:DD:96:60:62:3D:9B:C4:44:AB:2D:F3:E9:47:2C
Certificate issuer: /CN=0839a93dab544c296ffa143456844a8b2818b1d0
Certificate serial: 444341A288616BF7C8E6320FC28136AF1177066D
Authority key identifier: 08:39:A9:3D:AB:54:4C:29:6F:FA:14:34:56:84:4A:8B:28:18:B1:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CDmpPatUTClv-hQ0VoRKiygYsdA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/326131313a663263303a333a3a2f34382d3438203d3e20323032333539.roa
Signing time: Sun 01 Jun 2025 12:18:53 +0000
ROA not before: Sun 01 Jun 2025 12:13:53 +0000
ROA not after: Sun 31 May 2026 12:18:53 +0000
asID: 202359
IP address blocks: 2a11:f2c0:3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/0839A93DAB544C296FFA143456844A8B2818B1D0.crl
rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/0839A93DAB544C296FFA143456844A8B2818B1D0.mft
rsync://rpki.ripe.net/repository/DEFAULT/CDmpPatUTClv-hQ0VoRKiygYsdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Jun 2025 22:41:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:43:41:a2:88:61:6b:f7:c8:e6:32:0f:c2:81:36:af:11:77:06:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0839a93dab544c296ffa143456844a8b2818b1d0
Validity
Not Before: Jun 1 12:13:53 2025 GMT
Not After : May 31 12:18:53 2026 GMT
Subject: CN=930C3425FBEEDD9660623D9BC444AB2DF3E9472C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:1e:86:c7:e7:0f:da:04:4e:f9:cb:29:0b:84:
01:2c:4b:e5:13:36:e5:3a:d0:4b:5a:f2:9b:c1:35:
bd:6e:60:1f:f9:d5:2a:18:6c:b7:18:e9:19:86:5c:
91:bc:c1:34:a3:cc:ed:ec:14:44:44:c2:ce:4e:cb:
60:97:11:c9:ed:d5:80:6f:3d:63:aa:1b:a6:1b:eb:
37:b6:9c:78:3f:9e:5e:b2:50:26:ab:79:d2:dd:93:
93:5b:37:f4:66:cf:a5:b8:5b:fe:0e:a8:21:26:ac:
96:44:6e:1d:63:f4:1e:35:bf:5e:32:01:8b:2e:3c:
6f:e5:eb:29:b4:28:de:e3:85:7e:eb:dd:66:9a:4b:
e8:a6:e6:08:f3:5b:d7:0c:27:b6:fe:86:f4:b5:f6:
51:13:dd:3c:22:d1:d5:75:9a:8b:ae:d3:92:7b:cf:
e5:27:90:41:18:60:92:bf:18:8c:dc:c6:fe:e9:af:
06:29:5a:fb:a0:ad:08:7e:fe:82:f7:2e:e6:86:5e:
90:e9:b3:32:0a:ff:6b:e8:b4:66:66:4d:e9:78:19:
51:74:26:30:e7:71:62:d0:82:81:da:58:d2:b9:88:
b0:f6:4f:b6:4f:a4:10:dd:8d:5a:a4:5b:da:02:5f:
3a:cd:c9:34:51:cd:02:22:d1:05:e4:bf:a1:7a:9f:
2f:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:0C:34:25:FB:EE:DD:96:60:62:3D:9B:C4:44:AB:2D:F3:E9:47:2C
X509v3 Authority Key Identifier:
keyid:08:39:A9:3D:AB:54:4C:29:6F:FA:14:34:56:84:4A:8B:28:18:B1:D0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/0839A93DAB544C296FFA143456844A8B2818B1D0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CDmpPatUTClv-hQ0VoRKiygYsdA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/326131313a663263303a333a3a2f34382d3438203d3e20323032333539.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:f2c0:3::/48
Signature Algorithm: sha256WithRSAEncryption
9f:ca:e6:11:48:52:ae:63:cb:fe:46:71:63:fe:66:5a:54:d9:
af:17:a9:db:0d:fe:18:e6:78:cf:5e:0e:39:d1:53:03:69:3d:
13:25:db:5f:1e:ff:72:dd:d6:eb:2f:57:4e:fc:20:65:f3:f0:
53:b4:a5:0d:94:c2:47:86:f0:c8:76:28:11:92:7a:70:f4:04:
07:05:6c:94:46:8a:2e:ed:3a:f8:14:ba:bb:54:38:89:7e:33:
5f:d3:e4:91:47:4f:a2:c6:a7:dd:c9:7c:f8:46:db:02:39:62:
99:b2:a7:7c:64:8a:25:34:cc:f4:b3:d9:46:43:e4:8b:b6:74:
d5:e8:cd:74:a0:17:17:a6:0c:bf:9b:08:01:c5:e3:29:cd:3f:
a1:c8:a5:94:c3:1d:40:95:07:e6:e8:63:0b:69:e9:4a:94:5b:
5e:cd:f1:cc:6d:e0:2a:48:3b:99:64:49:ab:05:f9:03:a1:51:
b5:27:d0:c8:a7:d9:d8:15:2f:aa:fb:b3:29:3d:7f:5a:b0:2f:
d6:6a:26:72:e0:f9:62:40:7d:c1:31:c3:88:ef:ad:1b:4f:a0:
e3:f3:07:c4:d1:64:8c:b8:9c:2d:30:ad:f7:22:c4:13:f0:e8:
56:f4:b0:27:70:1c:d3:31:3a:a3:69:bb:1c:e0:f5:f5:7a:5b:
7c:fe:b0:ec
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIURENBoohha/fI5jIPwoE2rxF3Bm0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDgzOWE5M2RhYjU0NGMyOTZmZmExNDM0NTY4NDRhOGIy
ODE4YjFkMDAeFw0yNTA2MDExMjEzNTNaFw0yNjA1MzExMjE4NTNaMDMxMTAvBgNV
BAMTKDkzMEMzNDI1RkJFRUREOTY2MDYyM0Q5QkM0NDRBQjJERjNFOTQ3MkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvHobH5w/aBE75yykLhAEsS+UT
NuU60Eta8pvBNb1uYB/51SoYbLcY6RmGXJG8wTSjzO3sFEREws5Oy2CXEcnt1YBv
PWOqG6Yb6ze2nHg/nl6yUCaredLdk5NbN/Rmz6W4W/4OqCEmrJZEbh1j9B41v14y
AYsuPG/l6ym0KN7jhX7r3WaaS+im5gjzW9cMJ7b+hvS19lET3Twi0dV1mouu05J7
z+UnkEEYYJK/GIzcxv7prwYpWvugrQh+/oL3LuaGXpDpszIK/2votGZmTel4GVF0
JjDncWLQgoHaWNK5iLD2T7ZPpBDdjVqkW9oCXzrNyTRRzQIi0QXkv6F6ny+/AgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUkww0Jfvu3ZZgYj2bxESrLfPpRywwHwYDVR0j
BBgwFoAUCDmpPatUTClv+hQ0VoRKiygYsdAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZGRlODM3ZmItNjM5MC00MWI1LTgyYTAtZjBkMDJjMDNh
MmM2LzcvMDgzOUE5M0RBQjU0NEMyOTZGRkExNDM0NTY4NDRBOEIyODE4QjFEMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NEbXBQYXRVVENsdi1oUTBWb1JLaXln
WXNkQS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZGRlODM3ZmIt
NjM5MC00MWI1LTgyYTAtZjBkMDJjMDNhMmM2LzcvMzI2MTMxMzEzYTY2MzI2MzMw
M2EzMzNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAzMjMzMzUzOS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHACoR8sAAAzANBgkqhkiG9w0BAQsFAAOCAQEAn8rmEUhSrmPL/kZxY/5mWlTZ
rxep2w3+GOZ4z14OOdFTA2k9EyXbXx7/ct3W6y9XTvwgZfPwU7SlDZTCR4bwyHYo
EZJ6cPQEBwVslEaKLu06+BS6u1Q4iX4zX9PkkUdPosan3cl8+EbbAjlimbKnfGSK
JTTM9LPZRkPki7Z01ejNdKAXF6YMv5sIAcXjKc0/ocillMMdQJUH5uhjC2npSpRb
Xs3xzG3gKkg7mWRJqwX5A6FRtSfQyKfZ2BUvqvuzKT1/WrAv1momcuD5YkB9wTHD
iO+tG0+g4/MHxNFkjLicLTCt9yLEE/DoVvSwJ3Ac0zE6o2m7HOD19XpbfP6w7A==
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:09:40 2025 by rpki-client