Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/323030313a3637633a3333633a3a2f34382d3438203d3e2035343634.roa
File: 323030313a3637633a3333633a3a2f34382d3438203d3e2035343634.roa (raw, json)
Hash identifier: DuCHe81tO8TVOKBTNFQCS5fRuYDjbGZfxshPpJZXNzc=
Subject key identifier: E0:6D:40:1C:80:74:4C:FC:EA:45:F2:26:54:1D:A6:CF:8C:54:26:7C
Certificate issuer: /CN=9f0d24c855eee00fe4abf3903c6e8fcc7083ed4d
Certificate serial: 31F5E2FBFCA4F0FB588062F133779A314DA68B83
Authority key identifier: 9F:0D:24:C8:55:EE:E0:0F:E4:AB:F3:90:3C:6E:8F:CC:70:83:ED:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nw0kyFXu4A_kq_OQPG6PzHCD7U0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/323030313a3637633a3333633a3a2f34382d3438203d3e2035343634.roa
Signing time: Wed 23 Apr 2025 16:54:04 +0000
ROA not before: Wed 23 Apr 2025 16:49:04 +0000
ROA not after: Wed 22 Apr 2026 16:54:04 +0000
asID: 5464
IP address blocks: 2001:67c:33c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/9F0D24C855EEE00FE4ABF3903C6E8FCC7083ED4D.crl
rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/9F0D24C855EEE00FE4ABF3903C6E8FCC7083ED4D.mft
rsync://rpki.ripe.net/repository/DEFAULT/nw0kyFXu4A_kq_OQPG6PzHCD7U0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 07 May 2025 18:43:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:f5:e2:fb:fc:a4:f0:fb:58:80:62:f1:33:77:9a:31:4d:a6:8b:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f0d24c855eee00fe4abf3903c6e8fcc7083ed4d
Validity
Not Before: Apr 23 16:49:04 2025 GMT
Not After : Apr 22 16:54:04 2026 GMT
Subject: CN=E06D401C80744CFCEA45F226541DA6CF8C54267C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:72:56:f4:33:4b:7f:85:d6:f2:66:be:5c:51:
e5:98:9d:8b:ee:d6:55:9d:61:f4:3d:7c:e5:e8:82:
52:5f:33:32:aa:8d:68:5e:ab:c9:98:1b:1d:da:3c:
5c:83:fd:ae:8f:46:5a:1f:2d:da:95:fd:aa:04:a7:
55:4c:1d:32:ac:7e:04:e1:e7:29:da:55:53:bd:e7:
63:07:f5:7a:10:2c:43:a0:74:90:0d:69:d7:67:8c:
a7:8e:20:a3:fe:6d:8b:2e:1c:e7:ec:1a:e8:27:90:
20:26:8d:97:33:ca:ce:f3:db:21:c9:0c:55:74:bf:
d4:1c:0e:84:90:f2:ca:ac:e0:3d:08:e4:3b:c2:25:
c6:00:40:26:05:b5:ed:b1:5e:59:bd:e1:97:7a:61:
ce:66:e9:c2:ca:de:59:6d:13:24:6f:78:04:2f:ca:
94:ef:54:53:98:00:4f:bb:a4:48:a4:87:89:72:75:
f2:06:33:58:17:ef:9c:5c:59:90:4c:9f:98:6e:54:
80:93:8f:24:23:aa:2c:6c:8e:ab:06:41:8f:9f:fc:
cd:cb:67:b4:12:bd:34:7e:63:2d:11:d2:1a:3b:34:
6a:1b:b6:b3:bc:81:41:1a:1f:a9:0b:14:f1:2d:3c:
d4:ed:72:79:9e:91:52:bd:35:bd:f0:99:7e:74:2e:
ef:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:6D:40:1C:80:74:4C:FC:EA:45:F2:26:54:1D:A6:CF:8C:54:26:7C
X509v3 Authority Key Identifier:
keyid:9F:0D:24:C8:55:EE:E0:0F:E4:AB:F3:90:3C:6E:8F:CC:70:83:ED:4D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/9F0D24C855EEE00FE4ABF3903C6E8FCC7083ED4D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nw0kyFXu4A_kq_OQPG6PzHCD7U0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/323030313a3637633a3333633a3a2f34382d3438203d3e2035343634.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:33c::/48
Signature Algorithm: sha256WithRSAEncryption
70:b7:81:e6:78:41:d3:0b:6b:66:ab:6d:46:1c:d9:bd:32:68:
22:50:df:27:17:23:e7:8d:17:64:51:c0:ac:42:85:3f:9c:8c:
a5:ac:9c:10:2a:ae:30:24:ec:51:28:20:fa:03:d3:c7:57:d1:
f7:43:13:12:f5:be:dd:86:03:26:ca:c4:0b:14:0a:9d:a4:bc:
6c:a0:3a:77:a4:1b:a0:e2:58:43:a3:32:63:84:d3:81:64:08:
97:87:ad:03:76:67:a2:55:6d:67:c1:27:67:f7:82:e9:31:1e:
b2:16:e8:0e:be:5e:4b:fd:8f:91:6c:9c:75:cb:7c:6f:f1:01:
63:36:77:3a:ca:e7:3f:2c:78:e2:76:78:b9:f7:1e:ec:68:76:
0e:b3:4a:ea:2f:36:1f:3f:40:88:d8:86:eb:4c:ec:ef:90:0c:
94:c7:39:ea:04:59:b1:0b:13:2c:f7:d5:71:8c:9b:53:a5:c0:
77:0f:a8:fe:5f:59:e3:a2:c1:59:f3:ee:1c:8b:69:7f:1c:99:
44:40:f5:4c:ca:20:84:d1:30:5b:d9:db:45:80:03:fe:5e:e6:
28:c9:a0:a4:03:5a:db:11:a1:8d:7b:92:20:e1:f2:1a:84:7f:
ba:34:95:67:3a:69:7a:4e:ed:fd:4e:01:d7:02:95:bf:92:ca:
0e:78:e2:2c
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUMfXi+/yk8PtYgGLxM3eaMU2mi4MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWYwZDI0Yzg1NWVlZTAwZmU0YWJmMzkwM2M2ZThmY2M3
MDgzZWQ0ZDAeFw0yNTA0MjMxNjQ5MDRaFw0yNjA0MjIxNjU0MDRaMDMxMTAvBgNV
BAMTKEUwNkQ0MDFDODA3NDRDRkNFQTQ1RjIyNjU0MURBNkNGOEM1NDI2N0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzclb0M0t/hdbyZr5cUeWYnYvu
1lWdYfQ9fOXoglJfMzKqjWheq8mYGx3aPFyD/a6PRlofLdqV/aoEp1VMHTKsfgTh
5ynaVVO952MH9XoQLEOgdJANaddnjKeOIKP+bYsuHOfsGugnkCAmjZczys7z2yHJ
DFV0v9QcDoSQ8sqs4D0I5DvCJcYAQCYFte2xXlm94Zd6Yc5m6cLK3lltEyRveAQv
ypTvVFOYAE+7pEikh4lydfIGM1gX75xcWZBMn5huVICTjyQjqixsjqsGQY+f/M3L
Z7QSvTR+Yy0R0ho7NGobtrO8gUEaH6kLFPEtPNTtcnmekVK9Nb3wmX50Lu9TAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQU4G1AHIB0TPzqRfImVB2mz4xUJnwwHwYDVR0j
BBgwFoAUnw0kyFXu4A/kq/OQPG6PzHCD7U0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWYzMTc2OGQtNDJiMS00ZTkyLWI4M2YtYmVmN2VlMDE3
ODEzLzAvOUYwRDI0Qzg1NUVFRTAwRkU0QUJGMzkwM0M2RThGQ0M3MDgzRUQ0RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL253MGt5Rlh1NEFfa3FfT1FQRzZQekhD
RDdVMC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWYzMTc2OGQt
NDJiMS00ZTkyLWI4M2YtYmVmN2VlMDE3ODEzLzAvMzIzMDMwMzEzYTM2Mzc2MzNh
MzMzMzYzM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzUzNDM2MzQucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkD
BwAgAQZ8AzwwDQYJKoZIhvcNAQELBQADggEBAHC3geZ4QdMLa2arbUYc2b0yaCJQ
3ycXI+eNF2RRwKxChT+cjKWsnBAqrjAk7FEoIPoD08dX0fdDExL1vt2GAybKxAsU
Cp2kvGygOnekG6DiWEOjMmOE04FkCJeHrQN2Z6JVbWfBJ2f3gukxHrIW6A6+Xkv9
j5FsnHXLfG/xAWM2dzrK5z8seOJ2eLn3Huxodg6zSuovNh8/QIjYhutM7O+QDJTH
OeoEWbELEyz31XGMm1OlwHcPqP5fWeOiwVnz7hyLaX8cmURA9UzKIITRMFvZ20WA
A/5e5ijJoKQDWtsRoY17kiDh8hqEf7o0lWc6aXpO7f1OAdcClb+Syg544iw=
-----END CERTIFICATE-----
Generated at Wed May 7 05:21:56 2025 by rpki-client