Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/282b5e00-2ac3-49f1-a29b-26a5fdf0fa41/0/326131333a363134303a3a2f32392d3332203d3e203331313834.roa
File: 326131333a363134303a3a2f32392d3332203d3e203331313834.roa (raw, json)
Hash identifier: HEAzsbwZSQMPtZWHDUG9J3+dKm/03SetBs7lrO1nkwI=
Subject key identifier: 5E:57:31:A8:3C:AE:19:30:F5:5D:A0:E2:ED:BD:9E:9C:4B:DD:3A:CD
Certificate issuer: /CN=72f3ee169f9bd71f78a42d1a72fe0f2a824822d1
Certificate serial: 568D240E468FA2D373E0BDBA1E0CF0202F3D7442
Authority key identifier: 72:F3:EE:16:9F:9B:D7:1F:78:A4:2D:1A:72:FE:0F:2A:82:48:22:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cvPuFp-b1x94pC0acv4PKoJIItE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/282b5e00-2ac3-49f1-a29b-26a5fdf0fa41/0/326131333a363134303a3a2f32392d3332203d3e203331313834.roa
Signing time: Wed 30 Apr 2025 09:38:34 +0000
ROA not before: Wed 30 Apr 2025 09:33:34 +0000
ROA not after: Wed 29 Apr 2026 09:38:34 +0000
asID: 31184
IP address blocks: 2a13:6140::/29 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/282b5e00-2ac3-49f1-a29b-26a5fdf0fa41/0/72F3EE169F9BD71F78A42D1A72FE0F2A824822D1.crl
rsync://rsync.paas.rpki.ripe.net/repository/282b5e00-2ac3-49f1-a29b-26a5fdf0fa41/0/72F3EE169F9BD71F78A42D1A72FE0F2A824822D1.mft
rsync://rpki.ripe.net/repository/DEFAULT/cvPuFp-b1x94pC0acv4PKoJIItE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 18:19:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:8d:24:0e:46:8f:a2:d3:73:e0:bd:ba:1e:0c:f0:20:2f:3d:74:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72f3ee169f9bd71f78a42d1a72fe0f2a824822d1
Validity
Not Before: Apr 30 09:33:34 2025 GMT
Not After : Apr 29 09:38:34 2026 GMT
Subject: CN=5E5731A83CAE1930F55DA0E2EDBD9E9C4BDD3ACD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:13:96:95:fd:53:72:a3:f1:57:01:89:d7:75:
44:77:f6:29:d1:df:cb:b9:54:87:21:68:f2:5a:06:
8f:3f:31:f9:d7:e8:c0:a5:17:95:63:18:bd:3c:31:
f9:fc:bc:76:73:d1:ab:30:c7:ef:d1:50:79:5e:38:
cf:bf:05:14:05:c9:14:ae:87:fe:63:30:7d:65:cc:
a4:80:49:e4:34:cd:e1:4e:f1:29:1c:c4:07:ec:b7:
5a:3d:65:d6:36:43:13:b8:c3:c4:47:a5:dd:cf:00:
fe:72:d2:6c:1c:ce:b4:4f:c3:c2:dd:81:32:64:7c:
87:62:60:7d:fa:c8:1d:de:37:a1:75:9b:81:41:87:
81:a1:da:29:1c:56:7a:9d:88:ab:eb:1e:0f:e9:81:
79:0b:e7:e5:bb:f1:b2:77:f6:c6:93:09:49:79:46:
ab:19:ec:50:87:fe:4e:17:ce:c6:69:79:62:0f:ec:
4c:33:59:74:79:5f:a9:c8:3e:cc:c8:e7:b7:ac:fa:
3d:06:c2:3a:96:06:0e:34:83:0f:35:41:d6:a4:c0:
df:c2:c7:6d:00:78:d3:46:3b:3e:5f:14:0f:69:1a:
68:35:66:0c:17:d9:bc:73:b0:72:f6:e6:67:62:1b:
8b:bd:51:2b:a7:13:3a:6c:00:61:b8:4c:e0:87:22:
e4:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:57:31:A8:3C:AE:19:30:F5:5D:A0:E2:ED:BD:9E:9C:4B:DD:3A:CD
X509v3 Authority Key Identifier:
keyid:72:F3:EE:16:9F:9B:D7:1F:78:A4:2D:1A:72:FE:0F:2A:82:48:22:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/282b5e00-2ac3-49f1-a29b-26a5fdf0fa41/0/72F3EE169F9BD71F78A42D1A72FE0F2A824822D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cvPuFp-b1x94pC0acv4PKoJIItE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/282b5e00-2ac3-49f1-a29b-26a5fdf0fa41/0/326131333a363134303a3a2f32392d3332203d3e203331313834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:6140::/29
Signature Algorithm: sha256WithRSAEncryption
8c:0f:1c:c4:66:ce:47:7e:f8:0d:b8:d9:d5:84:d5:eb:01:27:
1c:1e:ca:e0:39:23:74:d6:3e:f1:52:96:97:71:63:35:ec:28:
1f:57:3b:08:1e:79:99:b2:1c:0e:0f:45:32:cc:ff:3e:33:50:
09:85:54:76:04:0b:1c:14:d6:d5:33:5e:f7:b2:ad:1d:84:88:
75:bd:b3:10:9e:5d:6e:22:d9:48:3c:72:4c:94:b6:32:cb:ba:
25:8a:99:d0:25:ac:91:83:06:05:92:b3:d8:e4:74:b8:7a:37:
44:9f:ee:ce:43:c3:a8:44:32:ad:2d:e5:3a:9f:d7:84:3b:a9:
31:f5:50:22:27:c3:5c:ef:60:c2:83:d4:28:b1:6d:dd:c8:48:
21:7c:16:8d:32:10:d3:03:0a:19:9d:26:54:14:1a:e5:b9:4e:
c5:55:5c:ab:e1:7c:79:b8:26:ce:73:81:94:a4:3f:a9:7e:ff:
72:fb:df:a7:db:35:d3:e1:19:57:e2:a4:5a:6f:6c:eb:d7:e8:
87:cb:1f:6f:0b:bc:b3:85:73:4a:da:b5:08:e7:ac:65:44:ad:
a6:12:69:16:16:f6:37:16:dd:32:40:1c:3e:f9:8f:46:ec:d8:
43:b3:06:02:1d:ae:42:c9:a1:27:95:f2:ec:91:e5:5c:11:c6:
38:29:a7:36
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIUVo0kDkaPotNz4L26HgzwIC89dEIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzJmM2VlMTY5ZjliZDcxZjc4YTQyZDFhNzJmZTBmMmE4
MjQ4MjJkMTAeFw0yNTA0MzAwOTMzMzRaFw0yNjA0MjkwOTM4MzRaMDMxMTAvBgNV
BAMTKDVFNTczMUE4M0NBRTE5MzBGNTVEQTBFMkVEQkQ5RTlDNEJERDNBQ0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGE5aV/VNyo/FXAYnXdUR39inR
38u5VIchaPJaBo8/MfnX6MClF5VjGL08Mfn8vHZz0aswx+/RUHleOM+/BRQFyRSu
h/5jMH1lzKSASeQ0zeFO8SkcxAfst1o9ZdY2QxO4w8RHpd3PAP5y0mwczrRPw8Ld
gTJkfIdiYH36yB3eN6F1m4FBh4Gh2ikcVnqdiKvrHg/pgXkL5+W78bJ39saTCUl5
RqsZ7FCH/k4XzsZpeWIP7EwzWXR5X6nIPszI57es+j0GwjqWBg40gw81QdakwN/C
x20AeNNGOz5fFA9pGmg1ZgwX2bxzsHL25mdiG4u9USunEzpsAGG4TOCHIuTjAgMB
AAGjggI8MIICODAdBgNVHQ4EFgQUXlcxqDyuGTD1XaDi7b2enEvdOs0wHwYDVR0j
BBgwFoAUcvPuFp+b1x94pC0acv4PKoJIItEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjgyYjVlMDAtMmFjMy00OWYxLWEyOWItMjZhNWZkZjBm
YTQxLzAvNzJGM0VFMTY5RjlCRDcxRjc4QTQyRDFBNzJGRTBGMkE4MjQ4MjJEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2N2UHVGcC1iMXg5NHBDMGFjdjRQS29K
SUl0RS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMjgyYjVlMDAt
MmFjMy00OWYxLWEyOWItMjZhNWZkZjBmYTQxLzAvMzI2MTMxMzMzYTM2MzEzNDMw
M2EzYTJmMzIzOTJkMzMzMjIwM2QzZTIwMzMzMTMxMzgzNC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoT
YUAwDQYJKoZIhvcNAQELBQADggEBAIwPHMRmzkd++A242dWE1esBJxweyuA5I3TW
PvFSlpdxYzXsKB9XOwgeeZmyHA4PRTLM/z4zUAmFVHYECxwU1tUzXveyrR2EiHW9
sxCeXW4i2Ug8ckyUtjLLuiWKmdAlrJGDBgWSs9jkdLh6N0Sf7s5Dw6hEMq0t5Tqf
14Q7qTH1UCInw1zvYMKD1Cixbd3ISCF8Fo0yENMDChmdJlQUGuW5TsVVXKvhfHm4
Js5zgZSkP6l+/3L736fbNdPhGVfipFpvbOvX6IfLH28LvLOFc0ratQjnrGVEraYS
aRYW9jcW3TJAHD75j0bs2EOzBgIdrkLJoSeV8uyR5VwRxjgppzY=
-----END CERTIFICATE-----
Generated at Mon May 5 20:55:35 2025 by rpki-client