Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/326130323a323633303a3a2f33322d3332203d3e203135343139.roa
File: 326130323a323633303a3a2f33322d3332203d3e203135343139.roa (raw, json)
Hash identifier: qWp9paAJXWyG6T4NlWTD/O+mrcUKf+wb2OOSJ/RUTQM=
Subject key identifier: 33:A8:FF:B2:25:BD:00:12:63:AE:0C:B8:51:74:FE:B8:AE:1E:AD:7B
Certificate issuer: /CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Certificate serial: 6FCD30596D9B50B206963C91353DF695298C148B
Authority key identifier: 9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/326130323a323633303a3a2f33322d3332203d3e203135343139.roa
Signing time: Fri 09 May 2025 09:37:57 +0000
ROA not before: Fri 09 May 2025 09:32:57 +0000
ROA not after: Fri 08 May 2026 09:37:57 +0000
asID: 15419
IP address blocks: 2a02:2630::/32 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 12 May 2025 20:38:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:cd:30:59:6d:9b:50:b2:06:96:3c:91:35:3d:f6:95:29:8c:14:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Validity
Not Before: May 9 09:32:57 2025 GMT
Not After : May 8 09:37:57 2026 GMT
Subject: CN=33A8FFB225BD001263AE0CB85174FEB8AE1EAD7B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:ea:a4:3b:9b:f3:81:41:56:ca:8d:b7:01:eb:
58:dd:f6:ca:bf:4e:5f:10:e2:c2:91:3a:a9:39:81:
23:1f:4c:27:f3:c2:a3:42:86:4f:02:1e:75:7b:cc:
d8:cc:14:cf:a1:a7:a4:ac:92:fe:05:67:3c:c7:fc:
7a:15:1f:ea:bc:e0:68:74:11:5e:c7:b0:0e:0c:60:
7d:2e:69:c4:4c:af:78:c7:62:c9:a4:82:79:07:d2:
d3:6d:37:7b:9e:03:90:7e:40:a4:50:8d:7b:7d:68:
4b:e0:01:09:a7:a0:f7:9a:90:55:9c:2e:80:92:37:
c5:e7:d1:38:a1:e6:09:42:1d:21:54:a1:13:61:5b:
b0:e4:ec:f2:92:49:26:40:82:6c:b4:66:a6:a3:31:
05:6b:b6:9b:5e:4f:0a:e2:8b:2f:99:74:bc:0e:f4:
5b:9d:f7:79:f4:39:3b:bf:27:8d:4b:d8:98:7e:68:
ee:48:9f:87:2b:68:50:39:f8:df:44:d7:e2:ba:33:
5d:c2:51:fe:77:4e:84:82:54:5e:c0:f9:34:a2:f0:
e4:ec:d7:bb:1b:6a:f6:58:b6:e8:a5:76:a2:68:79:
60:97:92:01:a7:9f:36:e7:b3:58:af:33:7c:f5:2a:
33:68:1a:2d:26:d2:15:b8:80:94:2f:df:5e:df:5e:
00:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:A8:FF:B2:25:BD:00:12:63:AE:0C:B8:51:74:FE:B8:AE:1E:AD:7B
X509v3 Authority Key Identifier:
keyid:9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/326130323a323633303a3a2f33322d3332203d3e203135343139.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2630::/32
Signature Algorithm: sha256WithRSAEncryption
3a:fd:ab:b6:b3:ef:df:db:9a:38:9c:df:a3:d2:9b:bb:13:c0:
e2:3b:e0:ed:4f:6a:51:12:9b:9d:08:75:90:dc:96:c9:5a:db:
23:d9:71:53:7d:79:94:47:91:02:4e:bd:e0:4d:f3:6e:ef:7c:
cb:1f:0b:a7:10:1c:12:03:9e:4b:b2:33:3e:1c:21:f3:2d:f3:
fe:8e:64:08:e7:8c:ba:28:93:40:d1:08:d3:a2:29:40:98:35:
20:32:e5:56:f9:e1:3d:26:e4:d6:1d:72:26:35:54:65:39:4d:
4f:f3:ef:1c:bd:f5:c8:da:fc:70:90:14:08:f7:38:b0:5e:2f:
04:c4:05:f5:85:93:19:c7:24:db:77:2a:10:64:57:dc:ba:a7:
7a:6e:ed:ab:17:03:0e:9f:24:78:c5:d1:02:84:84:a8:1b:c2:
77:da:44:4a:00:25:4e:9e:5a:3b:be:55:bb:8e:f0:e4:31:6a:
ef:22:5a:3e:fa:33:a9:86:b0:05:30:03:85:db:db:95:83:31:
23:97:6c:02:2a:c2:15:c4:06:35:e9:2f:07:90:e2:5b:55:41:
d8:46:77:7e:8b:4d:c1:2c:f6:99:ed:28:2d:22:c9:9a:29:40:
ea:d7:f6:f2:2f:2a:3c:8d:d6:90:f7:b4:e8:3e:d8:d2:7c:d9:
20:65:af:ae
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIUb80wWW2bULIGljyRNT32lSmMFIswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmODU5OTdiMWI5YjM1OGUxYzQzZjM2NzY1YWEwYTRh
MDIxNDRhZTAeFw0yNTA1MDkwOTMyNTdaFw0yNjA1MDgwOTM3NTdaMDMxMTAvBgNV
BAMTKDMzQThGRkIyMjVCRDAwMTI2M0FFMENCODUxNzRGRUI4QUUxRUFEN0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC46qQ7m/OBQVbKjbcB61jd9sq/
Tl8Q4sKROqk5gSMfTCfzwqNChk8CHnV7zNjMFM+hp6Sskv4FZzzH/HoVH+q84Gh0
EV7HsA4MYH0uacRMr3jHYsmkgnkH0tNtN3ueA5B+QKRQjXt9aEvgAQmnoPeakFWc
LoCSN8Xn0Tih5glCHSFUoRNhW7Dk7PKSSSZAgmy0ZqajMQVrtpteTwriiy+ZdLwO
9Fud93n0OTu/J41L2Jh+aO5In4craFA5+N9E1+K6M13CUf53ToSCVF7A+TSi8OTs
17sbavZYtuildqJoeWCXkgGnnzbns1ivM3z1KjNoGi0m0hW4gJQv317fXgDzAgMB
AAGjggI8MIICODAdBgNVHQ4EFgQUM6j/siW9ABJjrgy4UXT+uK4erXswHwYDVR0j
BBgwFoAUnfhZl7G5s1jhxD82dlqgpKAhRK4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMtZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0
M2IxLzMvOURGODU5OTdCMUI5QjM1OEUxQzQzRjM2NzY1QUEwQTRBMDIxNDRBRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25maFpsN0c1czFqaHhEODJkbHFncEtB
aFJLNC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMt
ZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0M2IxLzMvMzI2MTMwMzIzYTMyMzYzMzMw
M2EzYTJmMzMzMjJkMzMzMjIwM2QzZTIwMzEzNTM0MzEzOS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoC
JjAwDQYJKoZIhvcNAQELBQADggEBADr9q7az79/bmjic36PSm7sTwOI74O1PalES
m50IdZDclsla2yPZcVN9eZRHkQJOveBN827vfMsfC6cQHBIDnkuyMz4cIfMt8/6O
ZAjnjLook0DRCNOiKUCYNSAy5Vb54T0m5NYdciY1VGU5TU/z7xy99cja/HCQFAj3
OLBeLwTEBfWFkxnHJNt3KhBkV9y6p3pu7asXAw6fJHjF0QKEhKgbwnfaREoAJU6e
Wju+VbuO8OQxau8iWj76M6mGsAUwA4Xb25WDMSOXbAIqwhXEBjXpLweQ4ltVQdhG
d36LTcEs9pntKC0iyZopQOrX9vIvKjyN1pD3tOg+2NJ82SBlr64=
-----END CERTIFICATE-----
Generated at Mon May 12 11:20:54 2025 by rpki-client