Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563373a663733303a3a2f34342d3438203d3e20313336353537.roa
File: 326131343a316563373a663733303a3a2f34342d3438203d3e20313336353537.roa (raw, json)
Hash identifier: EjYVXtoGI4pKSiTLS0VJX0KMS0fHh7kyk5vR1WUohgI=
Subject key identifier: 01:EC:AC:D3:7F:99:B8:B9:97:AC:FE:30:AF:66:3D:2B:3A:97:42:6F
Certificate issuer: /CN=3134ee987e08d8b5583feef621a03150c4f35434
Certificate serial: 4594A09E55112EF3204B27202696F40F1A22E87E
Authority key identifier: 31:34:EE:98:7E:08:D8:B5:58:3F:EE:F6:21:A0:31:50:C4:F3:54:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563373a663733303a3a2f34342d3438203d3e20313336353537.roa
Signing time: Sat 25 Oct 2025 07:51:47 +0000
ROA not before: Sat 25 Oct 2025 07:46:47 +0000
ROA not after: Sat 24 Oct 2026 07:51:47 +0000
asID: 136557
IP address blocks: 2a14:1ec7:f730::/44 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.crl
rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.mft
rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 22:37:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:94:a0:9e:55:11:2e:f3:20:4b:27:20:26:96:f4:0f:1a:22:e8:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3134ee987e08d8b5583feef621a03150c4f35434
Validity
Not Before: Oct 25 07:46:47 2025 GMT
Not After : Oct 24 07:51:47 2026 GMT
Subject: CN=01ECACD37F99B8B997ACFE30AF663D2B3A97426F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:65:11:25:fb:11:a7:1e:f0:91:25:79:bc:90:
e8:e6:e4:13:bc:5c:0e:ae:ff:b1:37:4d:7a:b9:bd:
56:c3:09:15:c7:15:34:a4:43:22:e2:00:9b:1a:f0:
9d:ae:0d:7c:d3:44:30:29:11:dd:68:f4:10:dd:e5:
f8:3d:0e:6d:45:1f:1b:b5:a9:5f:96:18:3e:70:2b:
69:1d:25:d8:72:11:07:37:e0:b7:d0:72:6c:9f:ac:
f6:8a:f6:0a:c5:63:8d:a6:ba:03:85:44:35:ac:6d:
f6:17:74:ff:77:83:54:da:74:b2:5e:de:08:41:e8:
9a:f5:6c:b9:9c:0a:8b:34:5a:ec:9f:7f:a5:f0:eb:
f7:57:da:6b:45:4b:67:2e:f5:12:30:bc:e3:e3:dd:
37:3b:58:90:83:99:9f:49:58:a6:bf:99:8a:0c:4b:
27:7d:51:91:7f:97:ea:72:ea:d1:45:ff:c7:3f:27:
9b:74:38:3e:32:4f:04:f7:4e:af:b2:bf:0e:1d:c3:
d7:ae:a3:3e:39:1a:e9:af:61:16:cf:0b:59:41:c7:
b7:dd:be:27:34:49:bc:95:94:4c:c1:08:52:e4:86:
8e:5a:e9:dd:ac:fc:39:72:6c:ee:c6:e3:d5:5a:a1:
c4:5f:3c:31:2d:57:da:a4:fb:a1:4e:37:7f:96:69:
98:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:EC:AC:D3:7F:99:B8:B9:97:AC:FE:30:AF:66:3D:2B:3A:97:42:6F
X509v3 Authority Key Identifier:
keyid:31:34:EE:98:7E:08:D8:B5:58:3F:EE:F6:21:A0:31:50:C4:F3:54:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563373a663733303a3a2f34342d3438203d3e20313336353537.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:1ec7:f730::/44
Signature Algorithm: sha256WithRSAEncryption
8d:14:e6:13:e3:44:7c:2a:a2:13:b1:7d:6d:38:91:05:68:2e:
ad:ed:16:47:a6:ef:a1:13:c6:aa:18:cc:0d:84:52:48:96:89:
c1:0e:a5:89:34:0a:ac:fd:57:97:f2:b9:cd:73:87:8a:21:e2:
8a:df:fb:ab:42:ab:0f:87:36:a8:79:b6:d1:c1:66:0e:6a:d8:
4f:a6:4e:4e:23:d3:45:84:8c:43:47:3d:b8:3a:e9:48:e5:de:
2b:2c:87:0b:fb:2e:0c:2e:12:a4:f3:86:50:c8:10:bc:09:bd:
00:31:e7:15:9c:cb:05:2e:a8:c8:3f:d9:f9:2a:6e:93:53:d5:
4a:ae:8e:1c:27:92:ac:09:ba:76:69:19:10:bf:da:74:59:dc:
3e:be:2f:9c:2c:75:73:bf:83:4b:3d:2e:ea:3d:17:0e:6f:2d:
a7:72:51:07:ff:2a:41:c8:98:1f:fe:ae:0b:a7:3b:fa:9d:85:
19:f7:c0:94:63:04:39:1e:bd:45:c7:d5:b9:3f:9d:c9:25:43:
5a:be:96:fd:b6:87:20:fb:d8:ba:3e:8c:47:d2:3b:68:cd:ab:
65:89:9c:22:3c:b6:f0:c4:80:ef:84:5b:9b:0c:7b:07:3a:ae:
b6:7d:e3:ed:61:59:4d:a6:34:15:59:06:c9:a7:38:71:97:69:
5c:68:29:c0
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIURZSgnlURLvMgSycgJpb0Dxoi6H4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzEzNGVlOTg3ZTA4ZDhiNTU4M2ZlZWY2MjFhMDMxNTBj
NGYzNTQzNDAeFw0yNTEwMjUwNzQ2NDdaFw0yNjEwMjQwNzUxNDdaMDMxMTAvBgNV
BAMTKDAxRUNBQ0QzN0Y5OUI4Qjk5N0FDRkUzMEFGNjYzRDJCM0E5NzQyNkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5ZREl+xGnHvCRJXm8kOjm5BO8
XA6u/7E3TXq5vVbDCRXHFTSkQyLiAJsa8J2uDXzTRDApEd1o9BDd5fg9Dm1FHxu1
qV+WGD5wK2kdJdhyEQc34LfQcmyfrPaK9grFY42mugOFRDWsbfYXdP93g1TadLJe
3ghB6Jr1bLmcCos0Wuyff6Xw6/dX2mtFS2cu9RIwvOPj3Tc7WJCDmZ9JWKa/mYoM
Syd9UZF/l+py6tFF/8c/J5t0OD4yTwT3Tq+yvw4dw9euoz45GumvYRbPC1lBx7fd
vic0SbyVlEzBCFLkho5a6d2s/DlybO7G49VaocRfPDEtV9qk+6FON3+WaZizAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUAeys03+ZuLmXrP4wr2Y9KzqXQm8wHwYDVR0j
BBgwFoAUMTTumH4I2LVYP+72IaAxUMTzVDQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWEzYmI5M2YtOThhNC00YzdlLWEwZTEtODA1N2E0ZjA4
NmM5LzAvMzEzNEVFOTg3RTA4RDhCNTU4M0ZFRUY2MjFBMDMxNTBDNEYzNTQzNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL01UVHVtSDRJMkxWWVAtNzJJYUF4VU1U
elZEUS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWEzYmI5M2Yt
OThhNC00YzdlLWEwZTEtODA1N2E0ZjA4NmM5LzAvMzI2MTMxMzQzYTMxNjU2MzM3
M2E2NjM3MzMzMDNhM2EyZjM0MzQyZDM0MzgyMDNkM2UyMDMxMzMzNjM1MzUzNy5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHBCoUHsf3MDANBgkqhkiG9w0BAQsFAAOCAQEAjRTmE+NEfCqiE7F9
bTiRBWgure0WR6bvoRPGqhjMDYRSSJaJwQ6liTQKrP1Xl/K5zXOHiiHiit/7q0Kr
D4c2qHm20cFmDmrYT6ZOTiPTRYSMQ0c9uDrpSOXeKyyHC/suDC4SpPOGUMgQvAm9
ADHnFZzLBS6oyD/Z+Spuk1PVSq6OHCeSrAm6dmkZEL/adFncPr4vnCx1c7+DSz0u
6j0XDm8tp3JRB/8qQciYH/6uC6c7+p2FGffAlGMEOR69RcfVuT+dySVDWr6W/baH
IPvYuj6MR9I7aM2rZYmcIjy28MSA74Rbmwx7Bzqutn3j7WFZTaY0FVkGyac4cZdp
XGgpwA==
-----END CERTIFICATE-----
Generated at Wed Nov 5 05:34:01 2025 by rpki-client