Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/326131333a393634343a34303a3a2f34342d3438203d3e20323131343331.roa
File: 326131333a393634343a34303a3a2f34342d3438203d3e20323131343331.roa (raw, json)
Hash identifier: UQpEpactphMaN3i4tpyR5s9Tmz685dUuNs8hSuG0cJQ=
Subject key identifier: 7C:BC:2C:EE:48:EF:5F:37:47:19:1C:22:4D:5A:2C:85:56:63:AA:F5
Certificate issuer: /CN=f1d0572fe72991bd32854bac716676ebdad22ace
Certificate serial: 55B32B9121E68E7CC80BFE55D7430A5D3331F558
Authority key identifier: F1:D0:57:2F:E7:29:91:BD:32:85:4B:AC:71:66:76:EB:DA:D2:2A:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/326131333a393634343a34303a3a2f34342d3438203d3e20323131343331.roa
Signing time: Fri 27 Jun 2025 09:09:39 +0000
ROA not before: Fri 27 Jun 2025 09:04:39 +0000
ROA not after: Fri 26 Jun 2026 09:09:39 +0000
asID: 211431
IP address blocks: 2a13:9644:40::/44 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.crl
rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.mft
rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 22:42:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:b3:2b:91:21:e6:8e:7c:c8:0b:fe:55:d7:43:0a:5d:33:31:f5:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d0572fe72991bd32854bac716676ebdad22ace
Validity
Not Before: Jun 27 09:04:39 2025 GMT
Not After : Jun 26 09:09:39 2026 GMT
Subject: CN=7CBC2CEE48EF5F3747191C224D5A2C855663AAF5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:75:11:fb:89:0b:41:95:72:8f:d8:41:1a:62:
6e:e6:c7:a3:d4:a2:aa:78:56:92:d6:e5:a6:09:15:
28:c3:28:5f:6d:e2:0d:f1:42:95:4e:85:f1:af:44:
3a:16:c4:33:a5:6c:94:c2:85:2d:a1:3d:3c:a6:70:
94:6d:ef:13:f6:d2:11:29:0a:1a:40:96:5c:06:2d:
8d:5d:01:1a:62:c1:c7:2f:09:6b:93:55:2f:a2:4e:
ec:7e:69:a3:2e:c5:91:74:0a:4d:61:48:c5:bb:ef:
d0:20:d5:83:37:1e:e8:cc:8e:c0:e3:9f:a9:95:61:
d6:09:94:fa:f3:83:86:77:9e:be:9a:1d:5c:6b:95:
66:c8:c9:5b:aa:6e:c5:2f:8f:8f:39:27:99:f8:cd:
19:bb:28:75:8f:dd:16:4d:81:6e:8c:77:a5:a2:42:
86:07:e6:33:5c:68:d7:cb:9e:13:cd:15:98:01:92:
02:bc:cb:70:88:c7:2b:20:f1:d0:c0:df:b0:ac:72:
98:95:d8:62:6a:21:1f:b3:67:73:08:ce:37:50:56:
7b:d1:51:1d:9a:a7:34:61:9e:98:7d:b5:af:92:bd:
44:6a:7a:65:8d:8c:18:a1:8a:32:a7:8c:90:3b:56:
da:3b:41:7f:fa:2c:74:aa:8c:20:b7:e5:9c:bf:92:
82:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:BC:2C:EE:48:EF:5F:37:47:19:1C:22:4D:5A:2C:85:56:63:AA:F5
X509v3 Authority Key Identifier:
keyid:F1:D0:57:2F:E7:29:91:BD:32:85:4B:AC:71:66:76:EB:DA:D2:2A:CE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/326131333a393634343a34303a3a2f34342d3438203d3e20323131343331.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9644:40::/44
Signature Algorithm: sha256WithRSAEncryption
2d:08:7a:d3:91:98:ad:1d:fc:8b:92:54:c0:3a:74:c5:05:01:
ce:8c:55:8f:0b:9c:49:c9:51:64:aa:3b:27:7c:cf:c8:22:11:
9e:e0:13:9c:56:49:a2:42:6d:39:31:77:75:f6:e8:d7:3f:87:
c5:25:39:30:dd:f5:df:ba:de:73:06:f5:4b:04:c5:69:07:06:
e8:a4:7b:17:58:7b:32:86:4e:eb:d8:72:0c:58:92:90:36:6e:
77:da:9f:38:c4:67:33:5e:b4:05:95:38:52:c2:45:cc:6a:0b:
fa:d6:48:31:dc:bc:2b:ea:e9:21:1e:a0:f5:82:47:58:87:69:
5f:5a:85:42:ae:ee:af:81:e1:26:d8:5f:c6:2c:39:db:7d:bf:
66:cf:31:70:05:dc:77:cd:10:54:ea:52:13:d6:1c:91:d9:65:
48:9b:d9:d0:a5:59:08:bc:47:df:3b:93:9c:3e:73:33:32:76:
4e:86:ca:a6:c2:a5:4e:d6:48:9a:90:eb:bb:d2:1e:1d:11:eb:
8b:5b:33:af:90:cb:08:52:01:17:fb:67:88:1d:d4:a4:c1:24:
f8:aa:2b:53:43:70:12:ab:a0:e4:9a:62:23:23:8b:39:b4:9c:
83:75:ae:ba:80:c9:3d:0b:37:fc:4a:e4:a0:d4:36:15:8c:17:
c7:73:41:7b
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUVbMrkSHmjnzIC/5V10MKXTMx9VgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZjFkMDU3MmZlNzI5OTFiZDMyODU0YmFjNzE2Njc2ZWJk
YWQyMmFjZTAeFw0yNTA2MjcwOTA0MzlaFw0yNjA2MjYwOTA5MzlaMDMxMTAvBgNV
BAMTKDdDQkMyQ0VFNDhFRjVGMzc0NzE5MUMyMjRENUEyQzg1NTY2M0FBRjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEdRH7iQtBlXKP2EEaYm7mx6PU
oqp4VpLW5aYJFSjDKF9t4g3xQpVOhfGvRDoWxDOlbJTChS2hPTymcJRt7xP20hEp
ChpAllwGLY1dARpiwccvCWuTVS+iTux+aaMuxZF0Ck1hSMW779Ag1YM3HujMjsDj
n6mVYdYJlPrzg4Z3nr6aHVxrlWbIyVuqbsUvj485J5n4zRm7KHWP3RZNgW6Md6Wi
QoYH5jNcaNfLnhPNFZgBkgK8y3CIxysg8dDA37CscpiV2GJqIR+zZ3MIzjdQVnvR
UR2apzRhnph9ta+SvURqemWNjBihijKnjJA7Vto7QX/6LHSqjCC35Zy/koIfAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUfLws7kjvXzdHGRwiTVoshVZjqvUwHwYDVR0j
BBgwFoAU8dBXL+cpkb0yhUuscWZ269rSKs4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTMwZGU4NGItNDAwYS00ZmQxLWFiOGEtZTc2MTZlMjQ1
YjQ5LzAvRjFEMDU3MkZFNzI5OTFCRDMyODU0QkFDNzE2Njc2RUJEQUQyMkFDRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzhkQlhMLWNwa2IweWhVdXNjV1oyNjly
U0tzNC5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTMwZGU4NGIt
NDAwYS00ZmQxLWFiOGEtZTc2MTZlMjQ1YjQ5LzAvMzI2MTMxMzMzYTM5MzYzNDM0
M2EzNDMwM2EzYTJmMzQzNDJkMzQzODIwM2QzZTIwMzIzMTMxMzQzMzMxLnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcEKhOWRABAMA0GCSqGSIb3DQEBCwUAA4IBAQAtCHrTkZitHfyLklTAOnTF
BQHOjFWPC5xJyVFkqjsnfM/IIhGe4BOcVkmiQm05MXd19ujXP4fFJTkw3fXfut5z
BvVLBMVpBwbopHsXWHsyhk7r2HIMWJKQNm532p84xGczXrQFlThSwkXMagv61kgx
3Lwr6ukhHqD1gkdYh2lfWoVCru6vgeEm2F/GLDnbfb9mzzFwBdx3zRBU6lIT1hyR
2WVIm9nQpVkIvEffO5OcPnMzMnZOhsqmwqVO1kiakOu70h4dEeuLWzOvkMsIUgEX
+2eIHdSkwST4qitTQ3ASq6DkmmIjI4s5tJyDda66gMk9Czf8SuSg1DYVjBfHc0F7
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:52:10 2025 by rpki-client