Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/326130303a316466303a3a2f33322d3332203d3e2035343634.roa
File: 326130303a316466303a3a2f33322d3332203d3e2035343634.roa (raw, json)
Hash identifier: hY/iIpaGanxmxatebFYi3ijTkZjHjUc/Iwjsijc0S+E=
Subject key identifier: 8C:0C:2B:1D:A2:48:55:FA:34:E6:EE:DD:08:16:03:D2:05:7B:45:19
Certificate issuer: /CN=9f0d24c855eee00fe4abf3903c6e8fcc7083ed4d
Certificate serial: 02DAEAE23B6B9369AC8F96180DFD9A125AE18083
Authority key identifier: 9F:0D:24:C8:55:EE:E0:0F:E4:AB:F3:90:3C:6E:8F:CC:70:83:ED:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nw0kyFXu4A_kq_OQPG6PzHCD7U0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/326130303a316466303a3a2f33322d3332203d3e2035343634.roa
Signing time: Wed 23 Apr 2025 16:54:04 +0000
ROA not before: Wed 23 Apr 2025 16:49:04 +0000
ROA not after: Wed 22 Apr 2026 16:54:04 +0000
asID: 5464
IP address blocks: 2a00:1df0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/9F0D24C855EEE00FE4ABF3903C6E8FCC7083ED4D.crl
rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/9F0D24C855EEE00FE4ABF3903C6E8FCC7083ED4D.mft
rsync://rpki.ripe.net/repository/DEFAULT/nw0kyFXu4A_kq_OQPG6PzHCD7U0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 23:49:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:da:ea:e2:3b:6b:93:69:ac:8f:96:18:0d:fd:9a:12:5a:e1:80:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f0d24c855eee00fe4abf3903c6e8fcc7083ed4d
Validity
Not Before: Apr 23 16:49:04 2025 GMT
Not After : Apr 22 16:54:04 2026 GMT
Subject: CN=8C0C2B1DA24855FA34E6EEDD081603D2057B4519
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:2f:4c:55:44:72:34:5e:e2:b3:21:97:21:59:
78:99:05:0f:0d:3e:52:d5:44:9a:d5:29:de:6b:ed:
6d:fa:11:40:d6:38:f7:11:88:8b:bd:fd:d4:a7:a9:
91:0e:de:f8:35:1d:58:7b:b7:5c:88:e0:e1:11:7c:
98:87:be:af:20:c5:01:c8:57:4a:e3:eb:4c:94:97:
fb:be:1a:c4:7d:2e:a5:c2:60:7d:d2:c3:b2:be:ff:
81:6b:d7:7f:88:8d:31:8b:76:56:91:28:aa:40:d9:
16:0a:e4:6d:d5:a5:c2:f6:37:43:02:1e:51:73:6a:
fd:32:2b:36:eb:de:48:d3:e0:fc:e4:2d:82:d2:c1:
83:64:e7:d2:cf:22:ba:7f:fb:03:89:5b:42:2e:45:
4a:08:d4:23:f8:92:d6:e0:49:51:1e:8b:f3:a7:45:
65:56:fc:9e:a1:73:8d:d9:d7:bc:18:80:d2:17:55:
c4:c1:f7:00:5d:1f:5e:09:78:42:00:51:21:9b:4b:
f6:f7:e2:d5:b8:10:43:5f:03:3d:58:09:f4:3f:ec:
d2:ed:e2:a4:32:e9:4a:5f:90:73:ec:72:5b:c0:6a:
95:4f:21:6d:b8:ef:f9:9d:0a:dd:c1:3f:95:5f:3e:
d7:58:6c:cc:19:fc:d9:2d:da:f5:0b:21:98:ea:de:
df:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:0C:2B:1D:A2:48:55:FA:34:E6:EE:DD:08:16:03:D2:05:7B:45:19
X509v3 Authority Key Identifier:
keyid:9F:0D:24:C8:55:EE:E0:0F:E4:AB:F3:90:3C:6E:8F:CC:70:83:ED:4D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/9F0D24C855EEE00FE4ABF3903C6E8FCC7083ED4D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nw0kyFXu4A_kq_OQPG6PzHCD7U0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/326130303a316466303a3a2f33322d3332203d3e2035343634.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:1df0::/32
Signature Algorithm: sha256WithRSAEncryption
7b:c5:a2:5f:ad:b3:d1:86:9d:91:3f:30:ec:a8:c3:b5:17:7e:
10:f0:0b:63:85:b2:fe:66:f4:d1:10:cd:f0:1b:db:f1:bf:67:
c5:4a:62:a1:54:1c:49:c9:00:28:ac:83:03:8d:3e:a5:c0:1b:
4e:1d:79:cc:df:26:60:a8:da:41:bc:f1:2f:d0:b3:00:2f:19:
bf:e6:8f:3e:01:4e:71:e3:90:6a:95:1b:ca:dc:2a:7f:bc:13:
61:79:80:77:18:b6:18:ae:67:9d:b3:d5:63:17:59:b6:d4:70:
a5:2d:e2:9a:f3:fa:ad:22:aa:a0:ac:75:e0:81:ee:3b:94:41:
a1:77:d6:7f:c1:6e:91:dd:f4:91:6f:f9:50:f5:30:2b:ae:68:
fd:c6:5f:e5:f5:10:c9:d9:85:34:3b:92:0d:a8:bf:7e:42:ad:
f2:6f:c0:49:cc:85:95:8f:0d:d0:1b:ab:a7:b6:b6:e5:ce:68:
3b:70:80:51:6e:72:e1:02:b5:da:fc:88:a5:2d:af:f4:5a:5f:
47:fe:77:28:a1:6e:c1:06:37:8f:fc:b9:86:f2:c7:8f:4d:60:
10:6f:ad:6a:db:ca:8c:4d:e0:dd:a4:c4:9d:4d:f2:f9:02:cd:
37:c8:92:7a:44:bf:15:35:5e:3a:06:d2:6c:a0:f9:83:06:9f:
db:97:0d:15
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgIUAtrq4jtrk2msj5YYDf2aElrhgIMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWYwZDI0Yzg1NWVlZTAwZmU0YWJmMzkwM2M2ZThmY2M3
MDgzZWQ0ZDAeFw0yNTA0MjMxNjQ5MDRaFw0yNjA0MjIxNjU0MDRaMDMxMTAvBgNV
BAMTKDhDMEMyQjFEQTI0ODU1RkEzNEU2RUVERDA4MTYwM0QyMDU3QjQ1MTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3L0xVRHI0XuKzIZchWXiZBQ8N
PlLVRJrVKd5r7W36EUDWOPcRiIu9/dSnqZEO3vg1HVh7t1yI4OERfJiHvq8gxQHI
V0rj60yUl/u+GsR9LqXCYH3Sw7K+/4Fr13+IjTGLdlaRKKpA2RYK5G3VpcL2N0MC
HlFzav0yKzbr3kjT4PzkLYLSwYNk59LPIrp/+wOJW0IuRUoI1CP4ktbgSVEei/On
RWVW/J6hc43Z17wYgNIXVcTB9wBdH14JeEIAUSGbS/b34tW4EENfAz1YCfQ/7NLt
4qQy6UpfkHPsclvAapVPIW247/mdCt3BP5VfPtdYbMwZ/Nkt2vULIZjq3t+DAgMB
AAGjggI6MIICNjAdBgNVHQ4EFgQUjAwrHaJIVfo05u7dCBYD0gV7RRkwHwYDVR0j
BBgwFoAUnw0kyFXu4A/kq/OQPG6PzHCD7U0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWYzMTc2OGQtNDJiMS00ZTkyLWI4M2YtYmVmN2VlMDE3
ODEzLzAvOUYwRDI0Qzg1NUVFRTAwRkU0QUJGMzkwM0M2RThGQ0M3MDgzRUQ0RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL253MGt5Rlh1NEFfa3FfT1FQRzZQekhD
RDdVMC5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWYzMTc2OGQt
NDJiMS00ZTkyLWI4M2YtYmVmN2VlMDE3ODEzLzAvMzI2MTMwMzAzYTMxNjQ2NjMw
M2EzYTJmMzMzMjJkMzMzMjIwM2QzZTIwMzUzNDM2MzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAqAB3w
MA0GCSqGSIb3DQEBCwUAA4IBAQB7xaJfrbPRhp2RPzDsqMO1F34Q8AtjhbL+ZvTR
EM3wG9vxv2fFSmKhVBxJyQAorIMDjT6lwBtOHXnM3yZgqNpBvPEv0LMALxm/5o8+
AU5x45BqlRvK3Cp/vBNheYB3GLYYrmeds9VjF1m21HClLeKa8/qtIqqgrHXgge47
lEGhd9Z/wW6R3fSRb/lQ9TArrmj9xl/l9RDJ2YU0O5INqL9+Qq3yb8BJzIWVjw3Q
G6untrblzmg7cIBRbnLhArXa/IilLa/0Wl9H/ncooW7BBjeP/LmG8sePTWAQb61q
28qMTeDdpMSdTfL5As03yJJ6RL8VNV46BtJsoPmDBp/blw0V
-----END CERTIFICATE-----
Generated at Tue May 6 16:09:23 2025 by rpki-client