Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466353a3a2f34382d3438203d3e20323038333333.roa
File: 326131313a323963303a336466353a3a2f34382d3438203d3e20323038333333.roa (raw, json)
Hash identifier: hOFf0WUztKatRB6oRX+9kEvqWNFA4fBQxwu3fcFfSBs=
Subject key identifier: DE:39:65:7A:75:16:BF:3A:32:3F:2D:8E:C5:C7:12:56:2E:85:41:D8
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 07773B37601BB059CC24F1D00809ABB905EC67CC
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466353a3a2f34382d3438203d3e20323038333333.roa
Signing time: Wed 21 May 2025 14:05:56 +0000
ROA not before: Wed 21 May 2025 14:00:56 +0000
ROA not after: Wed 20 May 2026 14:05:56 +0000
asID: 208333
IP address blocks: 2a11:29c0:3df5::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 01:28:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:77:3b:37:60:1b:b0:59:cc:24:f1:d0:08:09:ab:b9:05:ec:67:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: May 21 14:00:56 2025 GMT
Not After : May 20 14:05:56 2026 GMT
Subject: CN=DE39657A7516BF3A323F2D8EC5C712562E8541D8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:9b:10:90:2d:ce:92:44:2d:56:ea:a3:24:77:
4b:b3:5d:ea:8f:63:87:23:30:1e:ee:28:d9:3c:78:
0b:db:d1:25:1a:ba:9e:dc:9a:3d:f6:fc:47:57:6c:
3d:2b:88:1b:8f:12:f4:df:b0:29:64:c0:cc:52:33:
b6:13:d3:15:27:68:6e:a8:55:1c:52:4f:6e:cc:35:
ee:5d:92:74:f1:21:49:78:3e:61:99:4c:5d:56:27:
d4:f6:77:79:0a:cd:dd:9a:99:78:67:64:a9:ff:8f:
95:db:24:67:5b:9a:0c:2e:bb:a3:14:73:77:3d:cd:
b8:81:f4:27:49:69:77:87:7c:ec:f9:48:d7:fc:03:
27:9b:85:ac:83:7a:6e:a4:f2:ff:1d:21:c5:88:3e:
7a:90:11:bd:62:01:97:4b:ff:5f:8d:f3:3e:2c:a8:
1e:63:25:58:2a:d6:7f:bd:65:ab:1d:b6:81:33:49:
a6:4c:bf:51:7b:8f:8e:92:d9:97:63:69:0e:80:12:
61:16:d7:13:88:91:3c:16:cd:ba:34:7d:59:6b:e7:
6e:89:1d:04:8c:e6:87:55:96:eb:75:72:49:9d:68:
2f:c0:61:12:1f:f8:29:40:80:4a:9c:08:b4:57:68:
bb:31:e9:b1:2f:c3:83:2c:57:c5:d0:a5:21:0e:37:
a7:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:39:65:7A:75:16:BF:3A:32:3F:2D:8E:C5:C7:12:56:2E:85:41:D8
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466353a3a2f34382d3438203d3e20323038333333.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:3df5::/48
Signature Algorithm: sha256WithRSAEncryption
7b:41:54:b5:93:7d:93:8c:89:2f:58:fd:1d:45:1c:c6:7c:69:
51:d7:0a:3a:99:82:01:a9:9b:69:b8:47:d8:e5:6a:1e:40:dd:
43:1f:73:79:94:aa:66:aa:c9:ff:00:06:f0:14:a2:ab:38:a2:
6b:f4:13:7f:6c:3b:6a:65:35:83:89:d1:5f:15:10:b7:70:86:
67:cd:c7:8d:7c:47:84:5a:13:83:64:47:f3:98:d8:9b:a4:8f:
d1:3c:ae:c9:0a:08:5e:a3:1b:7d:08:a1:8a:02:97:8f:53:3c:
fb:7f:4d:3c:39:dc:58:0d:72:e7:8d:30:5c:25:3a:e7:af:f4:
54:0f:78:0b:3c:f6:d0:73:3b:aa:d9:cc:85:4e:65:4a:e9:90:
53:bb:50:36:bf:8d:05:6f:65:ec:48:c7:a8:cd:f5:3f:5b:e7:
2b:1a:a4:e6:82:ec:52:3b:3f:c0:81:ba:c1:f6:0c:2e:13:17:
0a:45:58:9e:12:8d:63:3b:20:ea:43:41:fb:f4:7d:f5:f5:b9:
6a:1e:b2:00:ff:7f:c5:58:c6:96:81:a8:6e:0a:0a:86:0d:28:
c6:11:9f:45:d4:b0:c5:ef:a9:55:fd:8c:8e:55:d1:d6:8c:54:
63:c2:09:f7:24:11:c9:a6:fe:e7:0e:fd:b5:ed:2d:cb:c6:21:
0e:48:c2:c6
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUB3c7N2AbsFnMJPHQCAmruQXsZ8wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNTA1MjExNDAwNTZaFw0yNjA1MjAxNDA1NTZaMDMxMTAvBgNV
BAMTKERFMzk2NTdBNzUxNkJGM0EzMjNGMkQ4RUM1QzcxMjU2MkU4NTQxRDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPmxCQLc6SRC1W6qMkd0uzXeqP
Y4cjMB7uKNk8eAvb0SUaup7cmj32/EdXbD0riBuPEvTfsClkwMxSM7YT0xUnaG6o
VRxST27MNe5dknTxIUl4PmGZTF1WJ9T2d3kKzd2amXhnZKn/j5XbJGdbmgwuu6MU
c3c9zbiB9CdJaXeHfOz5SNf8AyebhayDem6k8v8dIcWIPnqQEb1iAZdL/1+N8z4s
qB5jJVgq1n+9ZasdtoEzSaZMv1F7j46S2ZdjaQ6AEmEW1xOIkTwWzbo0fVlr526J
HQSM5odVlut1ckmdaC/AYRIf+ClAgEqcCLRXaLsx6bEvw4MsV8XQpSEON6dHAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQU3jllenUWvzoyPy2OxccSVi6FQdgwHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzMzY0NjYzNTNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAzODMzMzMzMy5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoRKcA99TANBgkqhkiG9w0BAQsFAAOCAQEAe0FUtZN9k4yJL1j9
HUUcxnxpUdcKOpmCAambabhH2OVqHkDdQx9zeZSqZqrJ/wAG8BSiqziia/QTf2w7
amU1g4nRXxUQt3CGZ83HjXxHhFoTg2RH85jYm6SP0TyuyQoIXqMbfQihigKXj1M8
+39NPDncWA1y540wXCU656/0VA94Czz20HM7qtnMhU5lSumQU7tQNr+NBW9l7EjH
qM31P1vnKxqk5oLsUjs/wIG6wfYMLhMXCkVYnhKNYzsg6kNB+/R99fW5ah6yAP9/
xVjGloGobgoKhg0oxhGfRdSwxe+pVf2MjlXR1oxUY8IJ9yQRyab+5w79te0ty8Yh
DkjCxg==
-----END CERTIFICATE-----
Generated at Sun Jun 29 09:07:27 2025 by rpki-client