Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466663a3a2f34382d3438203d3e20323133393433.roa
File: 326131313a323963303a336466663a3a2f34382d3438203d3e20323133393433.roa (raw, json)
Hash identifier: NQDopMhQGSor687jfcIj69NpHTnuWeANFaNSYpLn52Y=
Subject key identifier: 3A:9A:D1:96:4E:0B:91:1E:7A:72:11:D5:AF:4B:4C:C1:BE:1D:E1:86
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 1B4520D70C84F91DE1B1E0B60FAE795F8D0FF74B
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466663a3a2f34382d3438203d3e20323133393433.roa
Signing time: Mon 14 Apr 2025 21:09:31 +0000
ROA not before: Mon 14 Apr 2025 21:04:31 +0000
ROA not after: Mon 13 Apr 2026 21:09:31 +0000
asID: 213943
IP address blocks: 2a11:29c0:3dff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 08 May 2025 01:42:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:45:20:d7:0c:84:f9:1d:e1:b1:e0:b6:0f:ae:79:5f:8d:0f:f7:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: Apr 14 21:04:31 2025 GMT
Not After : Apr 13 21:09:31 2026 GMT
Subject: CN=3A9AD1964E0B911E7A7211D5AF4B4CC1BE1DE186
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:a7:55:63:02:c5:66:bf:bf:61:31:fb:68:57:
ba:f4:d0:fa:f2:5c:3b:0b:2f:49:ba:8a:80:13:7c:
c3:39:13:a8:8c:ea:b5:a4:b5:66:a4:82:99:98:60:
e5:80:95:d0:2c:3a:e8:07:07:ae:bf:37:7f:1b:f3:
6a:aa:a0:fb:f5:54:01:22:af:1c:8a:b4:d0:ac:08:
75:c4:ef:79:6c:93:b3:c5:9f:63:c9:5f:49:9e:af:
58:d7:a0:19:94:7c:5a:72:50:ca:af:5c:bc:43:9b:
44:7f:4f:0d:ca:f0:52:11:04:8d:10:3d:66:75:2d:
6d:dd:4b:62:cb:3a:29:eb:44:41:a2:d2:b4:28:78:
cc:83:45:16:5c:d3:e8:b4:ad:f0:1f:0f:14:06:40:
36:ab:be:bc:90:69:56:4c:42:37:7f:62:cb:02:c2:
5e:ab:aa:d0:39:fb:15:2a:1d:75:96:a0:3d:29:ac:
5b:bc:86:48:4d:5b:71:ea:0e:e9:0e:42:ad:75:db:
c8:e2:d0:34:ff:0e:12:36:c9:39:ff:f3:5b:7c:7d:
31:9f:5f:37:c5:c3:a0:9e:05:5d:00:59:c1:04:5c:
7f:99:24:d5:54:16:a6:5c:b8:75:78:4b:80:1c:fc:
4a:a1:28:7a:d5:12:de:81:05:a5:d7:42:bd:7a:53:
e9:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:9A:D1:96:4E:0B:91:1E:7A:72:11:D5:AF:4B:4C:C1:BE:1D:E1:86
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466663a3a2f34382d3438203d3e20323133393433.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:3dff::/48
Signature Algorithm: sha256WithRSAEncryption
37:f6:7c:36:e3:d3:85:96:91:b1:96:81:e5:c7:f2:88:ff:63:
3b:ed:8e:20:3a:e3:3a:90:65:f2:70:d4:4d:1f:aa:78:6c:fb:
d1:a6:ea:14:c1:fa:43:30:1e:da:a6:3e:50:67:64:d8:77:f4:
68:9a:6c:d8:58:1b:31:dd:69:6c:5e:f3:68:23:07:e7:5f:28:
a5:4a:2d:97:5b:ce:9e:0a:3e:19:ba:3b:c7:d1:d6:2d:b2:ba:
02:d9:de:b3:99:6c:36:fe:04:de:65:bd:9d:a5:e5:63:66:1e:
73:9f:02:03:7d:4e:6e:fa:f6:38:9a:7f:63:42:10:ea:91:50:
cb:15:c6:9e:a9:a8:d3:f3:cc:79:95:95:62:87:69:d0:fa:42:
30:42:c0:4f:de:ca:88:7e:bd:a0:67:9b:45:15:b7:2c:5a:dc:
12:ba:03:80:3d:cd:e0:09:52:7c:c7:c7:fd:d8:a9:2e:63:43:
96:19:0f:d4:68:36:bc:01:2a:8c:55:74:ae:8d:c7:fc:28:4a:
74:49:db:e8:aa:fd:0c:bb:14:a8:49:0f:ea:6f:35:83:ae:f4:
de:12:d7:ea:7c:1c:fb:50:ba:2f:8e:73:46:9d:4d:03:ed:55:
3f:f8:aa:fd:a8:35:42:d9:c7:c1:36:f1:6a:26:04:a5:db:f1:
fa:cb:1e:d6
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUG0Ug1wyE+R3hseC2D655X40P90swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNTA0MTQyMTA0MzFaFw0yNjA0MTMyMTA5MzFaMDMxMTAvBgNV
BAMTKDNBOUFEMTk2NEUwQjkxMUU3QTcyMTFENUFGNEI0Q0MxQkUxREUxODYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBp1VjAsVmv79hMftoV7r00Pry
XDsLL0m6ioATfMM5E6iM6rWktWakgpmYYOWAldAsOugHB66/N38b82qqoPv1VAEi
rxyKtNCsCHXE73lsk7PFn2PJX0mer1jXoBmUfFpyUMqvXLxDm0R/Tw3K8FIRBI0Q
PWZ1LW3dS2LLOinrREGi0rQoeMyDRRZc0+i0rfAfDxQGQDarvryQaVZMQjd/YssC
wl6rqtA5+xUqHXWWoD0prFu8hkhNW3HqDukOQq1128ji0DT/DhI2yTn/81t8fTGf
XzfFw6CeBV0AWcEEXH+ZJNVUFqZcuHV4S4Ac/EqhKHrVEt6BBaXXQr16U+mVAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUOprRlk4LkR56chHVr0tMwb4d4YYwHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzMzY0NjY2NjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzMzM5MzQzMy5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoRKcA9/zANBgkqhkiG9w0BAQsFAAOCAQEAN/Z8NuPThZaRsZaB
5cfyiP9jO+2OIDrjOpBl8nDUTR+qeGz70abqFMH6QzAe2qY+UGdk2Hf0aJps2Fgb
Md1pbF7zaCMH518opUotl1vOngo+Gbo7x9HWLbK6Atnes5lsNv4E3mW9naXlY2Ye
c58CA31Obvr2OJp/Y0IQ6pFQyxXGnqmo0/PMeZWVYodp0PpCMELAT97KiH69oGeb
RRW3LFrcEroDgD3N4AlSfMfH/dipLmNDlhkP1Gg2vAEqjFV0ro3H/ChKdEnb6Kr9
DLsUqEkP6m81g6703hLX6nwc+1C6L45zRp1NA+1VP/iq/ag1QtnHwTbxaiYEpdvx
+sse1g==
-----END CERTIFICATE-----
Generated at Wed May 7 17:01:46 2025 by rpki-client