Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/326130323a323633303a3a2f32392d3239203d3e203135343139.roa
File: 326130323a323633303a3a2f32392d3239203d3e203135343139.roa (raw, json)
Hash identifier: 8htEN27nXC1XFUYvScmaKLGazPRUUosEipnSlN6XgBk=
Subject key identifier: 96:D1:74:16:51:5E:B5:FE:B5:BD:10:C7:A1:24:CE:7A:12:AF:AE:5C
Certificate issuer: /CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Certificate serial: 36DD0A8C99E11DD9262B2A5ABC345F0F463EDC5E
Authority key identifier: 9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/326130323a323633303a3a2f32392d3239203d3e203135343139.roa
Signing time: Fri 09 May 2025 09:37:54 +0000
ROA not before: Fri 09 May 2025 09:32:54 +0000
ROA not after: Fri 08 May 2026 09:37:54 +0000
asID: 15419
IP address blocks: 2a02:2630::/29 maxlen: 29
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 12 May 2025 20:38:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:dd:0a:8c:99:e1:1d:d9:26:2b:2a:5a:bc:34:5f:0f:46:3e:dc:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Validity
Not Before: May 9 09:32:54 2025 GMT
Not After : May 8 09:37:54 2026 GMT
Subject: CN=96D17416515EB5FEB5BD10C7A124CE7A12AFAE5C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:b1:27:96:bc:69:be:c8:4f:f1:41:03:48:5b:
45:f5:53:13:34:6e:4a:51:46:0f:b6:04:b3:40:03:
4d:b2:50:7c:20:8c:f2:4a:34:a7:bd:49:d3:09:4e:
19:83:36:50:df:67:05:08:32:32:ae:07:15:ac:b6:
c2:b1:44:77:99:30:1e:e2:3a:16:7a:d0:7a:05:81:
e2:fe:91:90:ca:e5:3c:e8:7e:37:42:04:f2:77:df:
0f:64:3b:82:c7:4d:86:fe:f8:9b:9e:4b:ba:b1:7b:
9b:b5:e4:e8:e8:35:38:65:05:0d:ed:b8:6a:95:0c:
8c:da:a3:e0:86:b0:54:8a:49:e2:c7:b8:23:a2:ca:
dd:f0:5e:44:be:81:6c:dc:86:62:17:e2:4b:68:0b:
16:d8:b7:a1:b4:33:93:8e:fd:65:e7:c0:13:69:af:
82:40:0b:4d:bf:7c:f1:37:b3:aa:18:2a:a7:6c:fb:
d9:d4:1b:f8:85:d5:5c:11:28:e0:a1:fd:bc:c5:0b:
9f:cd:08:b7:32:41:5c:94:b8:61:55:00:66:18:1b:
b3:ec:3f:72:05:c3:60:0a:61:c9:94:f6:74:e0:47:
26:1a:50:52:5e:64:33:6e:e8:d4:17:9c:5c:be:1a:
8f:45:fa:15:7d:4a:cf:20:7e:62:f5:65:70:6a:cb:
45:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:D1:74:16:51:5E:B5:FE:B5:BD:10:C7:A1:24:CE:7A:12:AF:AE:5C
X509v3 Authority Key Identifier:
keyid:9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/326130323a323633303a3a2f32392d3239203d3e203135343139.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2630::/29
Signature Algorithm: sha256WithRSAEncryption
93:ce:8a:bc:0d:ed:49:f0:c1:15:7b:f6:a9:59:26:d5:ea:77:
ce:92:f1:78:f2:90:ca:01:f9:96:99:a1:a3:4c:d4:f9:84:ad:
47:02:10:34:ca:68:c4:7e:ce:09:4e:6a:35:d9:f0:84:04:0b:
03:2a:c5:ff:63:9d:74:45:be:69:a0:ed:c1:2c:a3:a2:79:75:
ff:41:af:6e:8f:be:9e:cb:57:96:9e:f4:3c:1f:87:47:ca:fd:
16:c5:82:21:7e:9c:4f:82:51:13:1c:85:2c:38:25:87:d4:3a:
b2:e1:cb:98:1e:ef:f3:c8:e7:c3:4d:fc:ce:b8:91:38:4e:00:
30:db:12:2a:f7:43:bb:b9:ae:ee:6b:98:3c:98:7e:34:22:07:
5d:1d:cc:13:99:a4:c5:d1:9c:64:cf:e7:48:af:df:7f:a7:2c:
0b:dc:1f:4a:ff:2a:98:a9:b7:b9:3b:cd:49:89:64:17:21:3b:
1c:2e:5e:36:1d:29:8c:9a:45:29:99:db:d3:3d:c8:32:d2:d4:
65:e1:f7:81:27:46:34:cc:3b:0b:5a:8c:24:1c:95:3f:bd:e4:
90:72:40:5d:65:f7:d9:ab:7c:01:c4:73:61:14:84:f8:ff:07:
f6:6f:e4:93:63:63:20:7d:78:22:bc:e0:9e:cd:d0:d9:84:f5:
5c:f8:6d:07
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIUNt0KjJnhHdkmKypavDRfD0Y+3F4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmODU5OTdiMWI5YjM1OGUxYzQzZjM2NzY1YWEwYTRh
MDIxNDRhZTAeFw0yNTA1MDkwOTMyNTRaFw0yNjA1MDgwOTM3NTRaMDMxMTAvBgNV
BAMTKDk2RDE3NDE2NTE1RUI1RkVCNUJEMTBDN0ExMjRDRTdBMTJBRkFFNUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCNsSeWvGm+yE/xQQNIW0X1UxM0
bkpRRg+2BLNAA02yUHwgjPJKNKe9SdMJThmDNlDfZwUIMjKuBxWstsKxRHeZMB7i
OhZ60HoFgeL+kZDK5TzofjdCBPJ33w9kO4LHTYb++JueS7qxe5u15OjoNThlBQ3t
uGqVDIzao+CGsFSKSeLHuCOiyt3wXkS+gWzchmIX4ktoCxbYt6G0M5OO/WXnwBNp
r4JAC02/fPE3s6oYKqds+9nUG/iF1VwRKOCh/bzFC5/NCLcyQVyUuGFVAGYYG7Ps
P3IFw2AKYcmU9nTgRyYaUFJeZDNu6NQXnFy+Go9F+hV9Ss8gfmL1ZXBqy0XVAgMB
AAGjggI8MIICODAdBgNVHQ4EFgQUltF0FlFetf61vRDHoSTOehKvrlwwHwYDVR0j
BBgwFoAUnfhZl7G5s1jhxD82dlqgpKAhRK4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMtZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0
M2IxLzMvOURGODU5OTdCMUI5QjM1OEUxQzQzRjM2NzY1QUEwQTRBMDIxNDRBRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25maFpsN0c1czFqaHhEODJkbHFncEtB
aFJLNC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMt
ZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0M2IxLzMvMzI2MTMwMzIzYTMyMzYzMzMw
M2EzYTJmMzIzOTJkMzIzOTIwM2QzZTIwMzEzNTM0MzEzOS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoC
JjAwDQYJKoZIhvcNAQELBQADggEBAJPOirwN7UnwwRV79qlZJtXqd86S8XjykMoB
+ZaZoaNM1PmErUcCEDTKaMR+zglOajXZ8IQECwMqxf9jnXRFvmmg7cEso6J5df9B
r26Pvp7LV5ae9Dwfh0fK/RbFgiF+nE+CURMchSw4JYfUOrLhy5ge7/PI58NN/M64
kThOADDbEir3Q7u5ru5rmDyYfjQiB10dzBOZpMXRnGTP50iv33+nLAvcH0r/Kpip
t7k7zUmJZBchOxwuXjYdKYyaRSmZ29M9yDLS1GXh94EnRjTMOwtajCQclT+95JBy
QF1l99mrfAHEc2EUhPj/B/Zv5JNjYyB9eCK84J7N0NmE9Vz4bQc=
-----END CERTIFICATE-----
Generated at Mon May 12 11:20:44 2025 by rpki-client