Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/326131333a393634343a34303a3a2f34342d3438203d3e20323136333336.roa
File: 326131333a393634343a34303a3a2f34342d3438203d3e20323136333336.roa (raw, json)
Hash identifier: lNHaIlVxi/lYCx53I3+MfwePjUfRoiP0WtejKnMjprU=
Subject key identifier: A8:6C:AC:42:4D:FF:36:1F:97:C7:9A:B5:3C:BF:4C:A2:FB:2E:96:32
Certificate issuer: /CN=f1d0572fe72991bd32854bac716676ebdad22ace
Certificate serial: 4CAF4FAE08487A77F54818BE32B7F063F0F16616
Authority key identifier: F1:D0:57:2F:E7:29:91:BD:32:85:4B:AC:71:66:76:EB:DA:D2:2A:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/326131333a393634343a34303a3a2f34342d3438203d3e20323136333336.roa
Signing time: Fri 27 Jun 2025 09:09:39 +0000
ROA not before: Fri 27 Jun 2025 09:04:39 +0000
ROA not after: Fri 26 Jun 2026 09:09:39 +0000
asID: 216336
IP address blocks: 2a13:9644:40::/44 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.crl
rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.mft
rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:af:4f:ae:08:48:7a:77:f5:48:18:be:32:b7:f0:63:f0:f1:66:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d0572fe72991bd32854bac716676ebdad22ace
Validity
Not Before: Jun 27 09:04:39 2025 GMT
Not After : Jun 26 09:09:39 2026 GMT
Subject: CN=A86CAC424DFF361F97C79AB53CBF4CA2FB2E9632
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:27:c9:45:b5:6e:dc:94:5d:6f:a6:94:ce:f9:
9d:15:11:31:69:69:5c:73:b0:d6:07:b6:96:30:e7:
da:64:90:ef:a6:c2:b8:b6:62:17:c3:e6:32:d1:01:
f2:4e:7e:58:a4:8c:ed:e6:af:7c:06:45:ee:37:77:
6b:48:24:51:54:75:3b:92:7b:8b:b3:b7:91:04:6c:
9b:3f:c4:ea:df:f3:9f:4b:14:12:9f:0d:df:e4:b8:
61:5a:1f:c3:88:60:47:ed:c9:a6:4f:08:ff:e1:27:
5d:73:10:dd:66:86:91:dc:1b:1b:a1:a7:47:fa:70:
f3:7e:70:ef:0d:7a:8f:17:25:ac:77:c3:ed:96:ac:
b8:3a:79:20:60:6f:f2:2c:12:04:c1:21:be:c2:45:
9c:bc:0c:94:ae:31:4e:7e:90:e4:2d:27:c9:3e:8b:
c4:f5:72:14:f0:3c:45:ee:5a:97:59:49:a3:a3:b0:
cd:f1:1a:83:a0:83:5e:4d:ef:53:ea:b2:e9:a8:0d:
ff:85:e1:00:03:4e:9c:f7:9d:25:ca:c7:b5:8b:16:
12:8b:7b:80:58:c6:34:bc:ef:4c:2b:2e:e4:39:d7:
0c:0f:2c:ee:22:8e:5f:b2:c7:e1:0f:2d:49:88:4b:
53:56:01:7c:50:8a:99:b6:00:75:ee:f2:72:7b:1a:
3d:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:6C:AC:42:4D:FF:36:1F:97:C7:9A:B5:3C:BF:4C:A2:FB:2E:96:32
X509v3 Authority Key Identifier:
keyid:F1:D0:57:2F:E7:29:91:BD:32:85:4B:AC:71:66:76:EB:DA:D2:2A:CE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/326131333a393634343a34303a3a2f34342d3438203d3e20323136333336.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9644:40::/44
Signature Algorithm: sha256WithRSAEncryption
0e:fd:8a:34:cd:a9:25:e9:d1:4f:4e:f0:c9:15:57:1a:e7:06:
f1:4d:aa:2d:e1:24:ae:b9:d1:d9:81:6b:b5:3b:46:a3:77:0a:
4b:18:a9:6b:a0:87:22:30:fc:32:4f:d5:4b:59:1a:5c:a6:1c:
73:8e:fb:63:d3:2a:07:ae:85:3c:5f:4e:6d:1b:95:e4:a9:b8:
21:32:bd:5a:8b:47:e5:ae:9c:dc:7a:54:7f:d7:5d:bc:82:d7:
9f:d6:72:8e:4c:fb:0f:28:56:0f:9c:a8:bc:23:02:2a:75:a3:
4b:7a:87:71:61:0b:02:a8:2f:21:62:a5:dd:80:9f:fa:e4:46:
9c:ee:5c:81:31:07:78:7c:73:91:00:4d:20:d2:2d:a6:e1:68:
fa:0f:21:62:16:91:20:f6:40:b7:03:e6:13:9f:cd:77:b8:be:
32:d1:57:4a:d8:e5:fb:04:38:11:0f:bc:0c:12:5e:5e:b2:38:
68:5e:41:3f:92:36:4a:58:95:c1:6f:d5:f7:40:a5:ab:42:70:
6a:95:ff:9f:16:e0:40:e5:ef:d4:8a:c7:9a:f8:40:1c:2a:67:
ed:50:c1:1d:3b:d2:81:b1:aa:a4:0e:96:54:5b:5b:0c:0c:d4:
db:f2:3d:3f:d5:f2:d3:0b:af:2f:05:fd:1d:de:86:06:45:8e:
5d:45:01:2f
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUTK9PrghIenf1SBi+MrfwY/DxZhYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZjFkMDU3MmZlNzI5OTFiZDMyODU0YmFjNzE2Njc2ZWJk
YWQyMmFjZTAeFw0yNTA2MjcwOTA0MzlaFw0yNjA2MjYwOTA5MzlaMDMxMTAvBgNV
BAMTKEE4NkNBQzQyNERGRjM2MUY5N0M3OUFCNTNDQkY0Q0EyRkIyRTk2MzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgJ8lFtW7clF1vppTO+Z0VETFp
aVxzsNYHtpYw59pkkO+mwri2YhfD5jLRAfJOflikjO3mr3wGRe43d2tIJFFUdTuS
e4uzt5EEbJs/xOrf859LFBKfDd/kuGFaH8OIYEftyaZPCP/hJ11zEN1mhpHcGxuh
p0f6cPN+cO8Neo8XJax3w+2WrLg6eSBgb/IsEgTBIb7CRZy8DJSuMU5+kOQtJ8k+
i8T1chTwPEXuWpdZSaOjsM3xGoOgg15N71PqsumoDf+F4QADTpz3nSXKx7WLFhKL
e4BYxjS870wrLuQ51wwPLO4ijl+yx+EPLUmIS1NWAXxQipm2AHXu8nJ7Gj0PAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUqGysQk3/Nh+Xx5q1PL9MovsuljIwHwYDVR0j
BBgwFoAU8dBXL+cpkb0yhUuscWZ269rSKs4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTMwZGU4NGItNDAwYS00ZmQxLWFiOGEtZTc2MTZlMjQ1
YjQ5LzAvRjFEMDU3MkZFNzI5OTFCRDMyODU0QkFDNzE2Njc2RUJEQUQyMkFDRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzhkQlhMLWNwa2IweWhVdXNjV1oyNjly
U0tzNC5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTMwZGU4NGIt
NDAwYS00ZmQxLWFiOGEtZTc2MTZlMjQ1YjQ5LzAvMzI2MTMxMzMzYTM5MzYzNDM0
M2EzNDMwM2EzYTJmMzQzNDJkMzQzODIwM2QzZTIwMzIzMTM2MzMzMzM2LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcEKhOWRABAMA0GCSqGSIb3DQEBCwUAA4IBAQAO/Yo0zakl6dFPTvDJFVca
5wbxTaot4SSuudHZgWu1O0ajdwpLGKlroIciMPwyT9VLWRpcphxzjvtj0yoHroU8
X05tG5XkqbghMr1ai0flrpzcelR/1128gtef1nKOTPsPKFYPnKi8IwIqdaNLeodx
YQsCqC8hYqXdgJ/65Eac7lyBMQd4fHORAE0g0i2m4Wj6DyFiFpEg9kC3A+YTn813
uL4y0VdK2OX7BDgRD7wMEl5esjhoXkE/kjZKWJXBb9X3QKWrQnBqlf+fFuBA5e/U
isea+EAcKmftUMEdO9KBsaqkDpZUW1sMDNTb8j0/1fLTC68vBf0d3oYGRY5dRQEv
-----END CERTIFICATE-----
Generated at Sun Jun 29 01:08:16 2025 by rpki-client