Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/87ae25f3-706b-47ed-bb74-46684ae0ef2b/0/326130623a366338303a3a2f33322d3332203d3e20323135383338.roa
File: 326130623a366338303a3a2f33322d3332203d3e20323135383338.roa (raw, json)
Hash identifier: kEt2cGR+/Q700kchrRZoRuY0FKyYF1rSAaCa413pKew=
Subject key identifier: D3:A8:BC:C1:61:0A:95:4F:EA:D3:9D:6A:E0:08:B4:84:69:7B:B1:A5
Certificate issuer: /CN=b3d0280f500695a43204251c9830454ca8a2e7ac
Certificate serial: 69EC360FF825CC65A73F89EF5086A701917195E4
Authority key identifier: B3:D0:28:0F:50:06:95:A4:32:04:25:1C:98:30:45:4C:A8:A2:E7:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s9AoD1AGlaQyBCUcmDBFTKii56w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/87ae25f3-706b-47ed-bb74-46684ae0ef2b/0/326130623a366338303a3a2f33322d3332203d3e20323135383338.roa
Signing time: Tue 15 Apr 2025 09:54:01 +0000
ROA not before: Tue 15 Apr 2025 09:49:01 +0000
ROA not after: Tue 14 Apr 2026 09:54:01 +0000
asID: 215838
IP address blocks: 2a0b:6c80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/87ae25f3-706b-47ed-bb74-46684ae0ef2b/0/B3D0280F500695A43204251C9830454CA8A2E7AC.crl
rsync://rsync.paas.rpki.ripe.net/repository/87ae25f3-706b-47ed-bb74-46684ae0ef2b/0/B3D0280F500695A43204251C9830454CA8A2E7AC.mft
rsync://rpki.ripe.net/repository/DEFAULT/s9AoD1AGlaQyBCUcmDBFTKii56w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 12 May 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:ec:36:0f:f8:25:cc:65:a7:3f:89:ef:50:86:a7:01:91:71:95:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3d0280f500695a43204251c9830454ca8a2e7ac
Validity
Not Before: Apr 15 09:49:01 2025 GMT
Not After : Apr 14 09:54:01 2026 GMT
Subject: CN=D3A8BCC1610A954FEAD39D6AE008B484697BB1A5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:79:bc:41:d6:e8:c1:ff:72:ef:18:b7:4b:7d:
dd:23:e9:58:f8:6c:01:57:2a:1e:69:4e:03:36:96:
d5:86:46:20:d4:03:2b:db:b7:44:8b:b5:73:44:56:
b7:46:cf:55:b6:9a:ab:27:14:b3:1b:64:01:b4:df:
34:63:8b:b7:25:f0:e0:80:0b:2c:58:58:85:7d:96:
0b:23:44:d3:8f:5f:f8:02:ad:9d:9c:e8:97:c7:b1:
f9:2d:71:a5:ce:71:df:31:ef:07:2f:77:56:b9:99:
88:dd:5b:db:08:fd:7e:00:d7:91:3a:1c:e5:b7:f2:
77:27:05:9f:f3:de:aa:4f:78:0d:ef:f6:83:dc:60:
8b:22:58:f4:b0:5b:c1:f4:93:8f:c7:bd:e5:94:ca:
26:e1:2e:1e:e4:38:f3:66:70:ac:5a:00:75:a6:8f:
26:b9:06:59:98:2d:7f:36:d7:76:f2:b8:08:22:8b:
c7:aa:77:ff:a9:27:f4:1e:d5:bf:4e:56:ee:71:45:
a1:1e:25:85:5b:eb:8b:60:c4:86:38:0f:cd:83:d5:
16:04:da:de:56:5b:21:92:1e:78:3e:48:75:19:ee:
2c:1c:bb:c1:a1:56:29:23:5e:6e:61:52:cb:1d:e2:
db:c3:e3:e1:7a:b5:e5:ea:b0:00:db:a0:ed:cf:53:
2d:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:A8:BC:C1:61:0A:95:4F:EA:D3:9D:6A:E0:08:B4:84:69:7B:B1:A5
X509v3 Authority Key Identifier:
keyid:B3:D0:28:0F:50:06:95:A4:32:04:25:1C:98:30:45:4C:A8:A2:E7:AC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/87ae25f3-706b-47ed-bb74-46684ae0ef2b/0/B3D0280F500695A43204251C9830454CA8A2E7AC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s9AoD1AGlaQyBCUcmDBFTKii56w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/87ae25f3-706b-47ed-bb74-46684ae0ef2b/0/326130623a366338303a3a2f33322d3332203d3e20323135383338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:6c80::/32
Signature Algorithm: sha256WithRSAEncryption
98:14:97:9d:94:12:a9:a4:2e:ff:6f:a4:27:14:d4:e7:54:22:
fc:44:96:f5:dd:37:10:10:fc:6c:77:a5:2c:8c:9e:ee:7a:25:
3e:02:36:cc:7d:bb:0b:29:e1:91:7b:34:1f:39:6a:fa:10:3c:
ba:15:1e:3a:11:ed:1f:08:fc:eb:98:51:98:41:fd:5c:08:d6:
65:e6:a2:c5:b2:47:f2:a0:ad:63:b4:7f:49:5a:1e:71:30:79:
4a:e5:6b:f8:b6:e5:5c:8f:c6:01:63:bb:6f:9f:4b:4b:18:52:
e5:2a:03:76:89:bd:f2:1c:99:ec:1b:b7:bd:34:98:0d:d1:08:
06:09:27:72:37:83:e2:f4:d6:38:9d:4e:4c:f4:ed:61:a9:90:
7d:df:82:53:85:d2:8e:dd:9e:dd:22:36:d2:33:a5:31:ea:08:
dc:15:51:bc:4b:0f:57:38:f2:31:96:c7:56:f3:12:47:d6:f1:
5e:a8:9f:28:26:0c:8e:69:05:48:b9:c0:f5:e5:de:60:19:57:
5b:ed:32:c9:b6:9d:a7:9b:99:77:16:9a:04:81:15:c5:1d:fd:
dd:2d:30:96:03:33:bb:6b:29:54:58:76:e9:9f:42:95:bd:c8:
29:62:78:d1:85:83:a8:21:58:cd:7f:fd:dd:61:01:08:49:c7:
ec:f3:ec:62
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIUaew2D/glzGWnP4nvUIanAZFxleQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjNkMDI4MGY1MDA2OTVhNDMyMDQyNTFjOTgzMDQ1NGNh
OGEyZTdhYzAeFw0yNTA0MTUwOTQ5MDFaFw0yNjA0MTQwOTU0MDFaMDMxMTAvBgNV
BAMTKEQzQThCQ0MxNjEwQTk1NEZFQUQzOUQ2QUUwMDhCNDg0Njk3QkIxQTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZebxB1ujB/3LvGLdLfd0j6Vj4
bAFXKh5pTgM2ltWGRiDUAyvbt0SLtXNEVrdGz1W2mqsnFLMbZAG03zRji7cl8OCA
CyxYWIV9lgsjRNOPX/gCrZ2c6JfHsfktcaXOcd8x7wcvd1a5mYjdW9sI/X4A15E6
HOW38ncnBZ/z3qpPeA3v9oPcYIsiWPSwW8H0k4/HveWUyibhLh7kOPNmcKxaAHWm
jya5BlmYLX8213byuAgii8eqd/+pJ/Qe1b9OVu5xRaEeJYVb64tgxIY4D82D1RYE
2t5WWyGSHng+SHUZ7iwcu8GhVikjXm5hUssd4tvD4+F6teXqsADboO3PUy11AgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQU06i8wWEKlU/q051q4Ai0hGl7saUwHwYDVR0j
BBgwFoAUs9AoD1AGlaQyBCUcmDBFTKii56wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODdhZTI1ZjMtNzA2Yi00N2VkLWJiNzQtNDY2ODRhZTBl
ZjJiLzAvQjNEMDI4MEY1MDA2OTVBNDMyMDQyNTFDOTgzMDQ1NENBOEEyRTdBQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3M5QW9EMUFHbGFReUJDVWNtREJGVEtp
aTU2dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODdhZTI1ZjMt
NzA2Yi00N2VkLWJiNzQtNDY2ODRhZTBlZjJiLzAvMzI2MTMwNjIzYTM2NjMzODMw
M2EzYTJmMzMzMjJkMzMzMjIwM2QzZTIwMzIzMTM1MzgzMzM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUA
KgtsgDANBgkqhkiG9w0BAQsFAAOCAQEAmBSXnZQSqaQu/2+kJxTU51Qi/ESW9d03
EBD8bHelLIye7nolPgI2zH27CynhkXs0Hzlq+hA8uhUeOhHtHwj865hRmEH9XAjW
ZeaixbJH8qCtY7R/SVoecTB5SuVr+LblXI/GAWO7b59LSxhS5SoDdom98hyZ7Bu3
vTSYDdEIBgkncjeD4vTWOJ1OTPTtYamQfd+CU4XSjt2e3SI20jOlMeoI3BVRvEsP
VzjyMZbHVvMSR9bxXqifKCYMjmkFSLnA9eXeYBlXW+0yybadp5uZdxaaBIEVxR39
3S0wlgMzu2spVFh26Z9Clb3IKWJ40YWDqCFYzX/93WEBCEnH7PPsYg==
-----END CERTIFICATE-----
Generated at Sun May 11 22:21:57 2025 by rpki-client