Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/326130643a623238373a646430303a3a2f34302d3430203d3e20323136333039.roa
File: 326130643a623238373a646430303a3a2f34302d3430203d3e20323136333039.roa (raw, json)
Hash identifier: mpzPSr1CBW6Ka5Te0DE52rLBHWk7ArDQlInbkbsiPzA=
Subject key identifier: 5E:F6:42:FA:3D:99:62:38:C9:2A:3D:CB:BC:03:DA:E5:B4:1F:CA:58
Certificate issuer: /CN=88cdd9c193da9185a4ac15b2ade875fe97b6f491
Certificate serial: 1A15E6675C0F71D934F8A393CB9A92E426608605
Authority key identifier: 88:CD:D9:C1:93:DA:91:85:A4:AC:15:B2:AD:E8:75:FE:97:B6:F4:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iM3ZwZPakYWkrBWyreh1_pe29JE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/326130643a623238373a646430303a3a2f34302d3430203d3e20323136333039.roa
Signing time: Tue 24 Jun 2025 20:00:14 +0000
ROA not before: Tue 24 Jun 2025 19:55:14 +0000
ROA not after: Tue 23 Jun 2026 20:00:14 +0000
asID: 216309
IP address blocks: 2a0d:b287:dd00::/40 maxlen: 40
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/88CDD9C193DA9185A4AC15B2ADE875FE97B6F491.crl
rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/88CDD9C193DA9185A4AC15B2ADE875FE97B6F491.mft
rsync://rpki.ripe.net/repository/DEFAULT/iM3ZwZPakYWkrBWyreh1_pe29JE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 03:44:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:15:e6:67:5c:0f:71:d9:34:f8:a3:93:cb:9a:92:e4:26:60:86:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88cdd9c193da9185a4ac15b2ade875fe97b6f491
Validity
Not Before: Jun 24 19:55:14 2025 GMT
Not After : Jun 23 20:00:14 2026 GMT
Subject: CN=5EF642FA3D996238C92A3DCBBC03DAE5B41FCA58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:9b:db:4b:10:a2:9c:f9:3a:e7:52:af:db:54:
2c:d8:16:24:06:42:bb:8a:b5:c4:e1:e2:dc:43:b2:
e3:aa:cf:88:bc:22:86:ab:e1:80:cc:cc:7d:da:c3:
9e:63:4d:fb:f5:b0:1d:41:ce:b4:52:ed:a9:00:05:
37:b1:b9:df:8c:44:e2:5f:d6:5d:dd:37:bb:e5:0c:
b6:d9:61:58:b2:f6:82:23:67:24:b2:38:6e:52:fe:
3f:65:29:eb:af:e4:a0:8e:4a:00:17:8f:97:1a:5a:
83:96:60:4b:55:0b:64:44:93:b7:1a:e1:08:97:f2:
d5:c2:26:b1:58:50:28:f1:5d:b8:64:f7:73:df:ea:
25:0d:a1:ca:68:a9:32:fe:23:6e:89:f1:bf:fb:b6:
ea:47:93:04:f0:21:9d:c1:03:df:ac:90:66:72:d3:
99:33:b0:c1:f9:62:cc:82:92:f3:65:71:75:d9:66:
01:5e:a6:b7:ae:87:ff:ae:c3:cc:53:b5:19:d0:4f:
b4:81:ed:61:ca:94:8a:6a:25:50:52:78:3a:c6:d2:
89:a8:7a:4c:e7:19:60:00:40:22:79:d8:4f:f5:f2:
d5:1a:b5:84:53:44:41:24:a0:7b:a5:a7:e7:73:c5:
2c:bd:65:4c:02:e7:7a:7c:36:bb:fe:57:36:09:a1:
30:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:F6:42:FA:3D:99:62:38:C9:2A:3D:CB:BC:03:DA:E5:B4:1F:CA:58
X509v3 Authority Key Identifier:
keyid:88:CD:D9:C1:93:DA:91:85:A4:AC:15:B2:AD:E8:75:FE:97:B6:F4:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/88CDD9C193DA9185A4AC15B2ADE875FE97B6F491.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iM3ZwZPakYWkrBWyreh1_pe29JE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/326130643a623238373a646430303a3a2f34302d3430203d3e20323136333039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:b287:dd00::/40
Signature Algorithm: sha256WithRSAEncryption
80:66:0a:40:46:3a:32:be:d9:05:15:13:db:ee:e8:2c:0e:78:
31:e4:74:7a:22:49:75:6b:87:39:43:b4:ac:09:76:65:34:8b:
6e:10:7b:60:5b:af:ab:2d:a3:88:30:4a:9c:15:2a:be:2e:d3:
99:8a:de:fe:e2:27:4f:62:06:0d:5b:4f:49:52:59:97:5d:90:
66:59:b3:d4:66:1f:80:13:b1:be:a8:47:af:d6:53:35:ae:1f:
e1:3e:80:2c:5f:ba:b2:bd:81:c8:4c:98:e5:d9:ff:a4:9c:43:
b0:1d:f4:a4:96:9a:e0:43:00:14:82:8e:6c:7c:a8:af:65:aa:
73:15:51:45:c8:a7:e1:7f:6a:54:6b:7b:6a:c3:ea:87:13:e2:
e1:ca:40:70:4b:d0:17:f3:bc:57:64:a2:40:37:7c:4e:e1:aa:
5a:6b:27:8a:46:27:40:e9:4d:13:33:14:6c:46:32:36:06:55:
16:c7:4a:44:ba:6a:23:e3:fe:0e:85:10:43:c5:c4:0c:76:d7:
c1:36:5b:1b:d8:c8:04:eb:27:f9:e2:ae:c6:b0:a6:21:a0:18:
9b:cf:67:9e:74:22:ba:47:a6:fb:52:76:bf:62:b8:a4:d8:c8:
fa:f5:b2:8c:91:22:ab:9d:52:2b:43:83:3d:54:ed:a5:09:2e:
3c:94:0e:2d
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIUGhXmZ1wPcdk0+KOTy5qS5CZghgUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjZGQ5YzE5M2RhOTE4NWE0YWMxNWIyYWRlODc1ZmU5
N2I2ZjQ5MTAeFw0yNTA2MjQxOTU1MTRaFw0yNjA2MjMyMDAwMTRaMDMxMTAvBgNV
BAMTKDVFRjY0MkZBM0Q5OTYyMzhDOTJBM0RDQkJDMDNEQUU1QjQxRkNBNTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSm9tLEKKc+TrnUq/bVCzYFiQG
QruKtcTh4txDsuOqz4i8Ioar4YDMzH3aw55jTfv1sB1BzrRS7akABTexud+MROJf
1l3dN7vlDLbZYViy9oIjZySyOG5S/j9lKeuv5KCOSgAXj5caWoOWYEtVC2REk7ca
4QiX8tXCJrFYUCjxXbhk93Pf6iUNocpoqTL+I26J8b/7tupHkwTwIZ3BA9+skGZy
05kzsMH5YsyCkvNlcXXZZgFepreuh/+uw8xTtRnQT7SB7WHKlIpqJVBSeDrG0omo
ekznGWAAQCJ52E/18tUatYRTREEkoHulp+dzxSy9ZUwC53p8Nrv+VzYJoTDBAgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQUXvZC+j2ZYjjJKj3LvAPa5bQfylgwHwYDVR0j
BBgwFoAUiM3ZwZPakYWkrBWyreh1/pe29JEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTZhZmYyMzQtNjFjNS00MjkwLThhNmQtNWYyYjkwMjcz
MjJmLzAvODhDREQ5QzE5M0RBOTE4NUE0QUMxNUIyQURFODc1RkU5N0I2RjQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNM1p3WlBha1lXa3JCV3lyZWgxX3Bl
MjlKRS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTZhZmYyMzQt
NjFjNS00MjkwLThhNmQtNWYyYjkwMjczMjJmLzAvMzI2MTMwNjQzYTYyMzIzODM3
M2E2NDY0MzAzMDNhM2EyZjM0MzAyZDM0MzAyMDNkM2UyMDMyMzEzNjMzMzAzOS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw
DgQCAAIwCAMGACoNsofdMA0GCSqGSIb3DQEBCwUAA4IBAQCAZgpARjoyvtkFFRPb
7ugsDngx5HR6Ikl1a4c5Q7SsCXZlNItuEHtgW6+rLaOIMEqcFSq+LtOZit7+4idP
YgYNW09JUlmXXZBmWbPUZh+AE7G+qEev1lM1rh/hPoAsX7qyvYHITJjl2f+knEOw
HfSklprgQwAUgo5sfKivZapzFVFFyKfhf2pUa3tqw+qHE+LhykBwS9AX87xXZKJA
N3xO4apaayeKRidA6U0TMxRsRjI2BlUWx0pEumoj4/4OhRBDxcQMdtfBNlsb2MgE
6yf54q7GsKYhoBibz2eedCK6R6b7Una/Yrik2Mj69bKMkSKrnVIrQ4M9VO2lCS48
lA4t
-----END CERTIFICATE-----
Generated at Sun Jun 29 09:33:31 2025 by rpki-client