Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ff7a989-ecdf-43d6-86e1-f6c3935b9b3d/4/326131343a366634343a343430303a3a2f34302d3438203d3e20323133313336.roa
File: 326131343a366634343a343430303a3a2f34302d3438203d3e20323133313336.roa (raw, json)
Hash identifier: HawlF8j6AaLKvNQu2aTpKUa6yLzB5NKlnnf7Xm6b/mk=
Subject key identifier: DF:5B:87:84:4C:37:1F:7B:7F:B7:9C:6A:D8:0E:23:AE:9E:E4:25:16
Certificate issuer: /CN=3eeebb946a8d21d4083c93dc09cee557bb2ac32e
Certificate serial: 3C47AC2FD21ECD81B790C5BA93BC5F2E6D97566D
Authority key identifier: 3E:EE:BB:94:6A:8D:21:D4:08:3C:93:DC:09:CE:E5:57:BB:2A:C3:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pu67lGqNIdQIPJPcCc7lV7sqwy4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ff7a989-ecdf-43d6-86e1-f6c3935b9b3d/4/326131343a366634343a343430303a3a2f34302d3438203d3e20323133313336.roa
Signing time: Tue 04 Nov 2025 12:48:51 +0000
ROA not before: Tue 04 Nov 2025 12:43:51 +0000
ROA not after: Tue 03 Nov 2026 12:48:51 +0000
asID: 213136
IP address blocks: 2a14:6f44:4400::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ff7a989-ecdf-43d6-86e1-f6c3935b9b3d/4/3EEEBB946A8D21D4083C93DC09CEE557BB2AC32E.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ff7a989-ecdf-43d6-86e1-f6c3935b9b3d/4/3EEEBB946A8D21D4083C93DC09CEE557BB2AC32E.mft
rsync://rpki.ripe.net/repository/DEFAULT/Pu67lGqNIdQIPJPcCc7lV7sqwy4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 14:52:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:47:ac:2f:d2:1e:cd:81:b7:90:c5:ba:93:bc:5f:2e:6d:97:56:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3eeebb946a8d21d4083c93dc09cee557bb2ac32e
Validity
Not Before: Nov 4 12:43:51 2025 GMT
Not After : Nov 3 12:48:51 2026 GMT
Subject: CN=DF5B87844C371F7B7FB79C6AD80E23AE9EE42516
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:44:4e:74:f4:bb:18:f9:70:af:4c:14:68:bf:
90:b1:36:8d:5d:ae:86:63:b4:b3:9b:a0:34:47:28:
95:5d:72:75:0a:cd:53:40:b5:dc:10:a9:bc:bf:87:
46:8d:69:78:13:86:8f:7f:fd:9c:e3:02:8e:88:32:
2b:de:3b:cf:c6:26:65:8e:10:64:96:55:f8:a0:52:
f9:2e:3a:15:3d:98:76:51:e5:50:d6:6e:5e:a8:d9:
26:a6:63:a8:7c:50:ea:9a:49:df:a5:95:20:dc:cb:
78:3b:8a:c2:e2:ef:5f:f7:71:0c:e9:e3:ae:b3:23:
19:89:b7:f7:1b:0b:93:6f:51:8c:cf:fa:91:16:4d:
b4:49:e8:ae:24:6a:fa:20:41:ed:a2:db:dc:86:4e:
e9:07:e6:33:2a:2f:eb:b8:f5:6b:09:e2:74:e6:47:
5d:43:a5:f9:30:c6:f3:8b:9a:90:50:bd:6a:be:a7:
12:3e:08:e8:0e:aa:b5:eb:2b:52:a0:91:80:41:f8:
03:05:4e:08:1b:26:cf:07:a2:a4:e4:0f:b7:2c:c6:
ba:f0:e4:4a:b0:9e:f0:33:ac:6f:38:c0:e5:d2:55:
be:61:d6:5e:26:c0:f1:c8:b2:e6:ca:a9:7a:42:69:
2f:62:19:b0:32:6d:fe:43:32:fe:ab:e9:bb:eb:ec:
f1:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:5B:87:84:4C:37:1F:7B:7F:B7:9C:6A:D8:0E:23:AE:9E:E4:25:16
X509v3 Authority Key Identifier:
keyid:3E:EE:BB:94:6A:8D:21:D4:08:3C:93:DC:09:CE:E5:57:BB:2A:C3:2E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ff7a989-ecdf-43d6-86e1-f6c3935b9b3d/4/3EEEBB946A8D21D4083C93DC09CEE557BB2AC32E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pu67lGqNIdQIPJPcCc7lV7sqwy4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ff7a989-ecdf-43d6-86e1-f6c3935b9b3d/4/326131343a366634343a343430303a3a2f34302d3438203d3e20323133313336.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:6f44:4400::/40
Signature Algorithm: sha256WithRSAEncryption
4d:d6:e1:5a:ff:1d:18:47:a7:c9:e7:f0:53:95:46:fd:52:cb:
25:f6:23:c6:00:c1:ff:0d:0a:36:54:8a:ab:4a:29:9b:07:75:
78:11:57:31:f8:9d:cb:56:a0:0c:3b:ca:b9:06:f4:86:bf:6c:
e3:28:26:d5:39:8a:c7:98:20:cf:75:2d:17:eb:b1:ca:a5:c1:
04:1e:fe:a8:0e:b3:25:4c:d1:e5:f9:55:52:6d:6b:d0:d9:fd:
39:b0:67:36:4e:5a:b6:67:ed:a1:ef:fc:20:e9:b2:ac:56:5f:
09:2b:c8:b6:f1:ec:7c:37:4f:0e:19:7f:e1:ef:e9:ad:4e:e5:
1a:85:e2:89:63:f7:49:14:c1:17:ee:dd:a6:b7:f0:d1:bc:52:
9b:09:18:04:9e:8f:32:a8:9c:f8:b3:7e:8b:93:54:c8:71:ec:
b7:bb:c3:77:5f:0c:d1:93:ce:c0:40:bb:9b:2c:c9:f0:38:77:
dc:c4:08:22:67:b8:90:2b:d1:53:49:3d:db:90:bc:47:f9:c3:
a1:a8:e5:f6:ba:b9:09:89:f7:0b:f1:d0:67:e3:1b:2c:c2:9c:
ed:d1:91:97:d3:9c:c5:44:d9:65:c5:1d:0c:ea:da:97:be:4d:
2d:b9:67:1e:94:35:b5:9a:22:26:a2:3b:05:70:d9:2b:10:fa:
bf:4c:3a:d2
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIUPEesL9IezYG3kMW6k7xfLm2XVm0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2VlZWJiOTQ2YThkMjFkNDA4M2M5M2RjMDljZWU1NTdi
YjJhYzMyZTAeFw0yNTExMDQxMjQzNTFaFw0yNjExMDMxMjQ4NTFaMDMxMTAvBgNV
BAMTKERGNUI4Nzg0NEMzNzFGN0I3RkI3OUM2QUQ4MEUyM0FFOUVFNDI1MTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjRE509LsY+XCvTBRov5CxNo1d
roZjtLOboDRHKJVdcnUKzVNAtdwQqby/h0aNaXgTho9//ZzjAo6IMiveO8/GJmWO
EGSWVfigUvkuOhU9mHZR5VDWbl6o2SamY6h8UOqaSd+llSDcy3g7isLi71/3cQzp
466zIxmJt/cbC5NvUYzP+pEWTbRJ6K4kavogQe2i29yGTukH5jMqL+u49WsJ4nTm
R11DpfkwxvOLmpBQvWq+pxI+COgOqrXrK1KgkYBB+AMFTggbJs8HoqTkD7csxrrw
5EqwnvAzrG84wOXSVb5h1l4mwPHIsubKqXpCaS9iGbAybf5DMv6r6bvr7PE/AgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQU31uHhEw3H3t/t5xq2A4jrp7kJRYwHwYDVR0j
BBgwFoAUPu67lGqNIdQIPJPcCc7lV7sqwy4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmZmN2E5ODktZWNkZi00M2Q2LTg2ZTEtZjZjMzkzNWI5
YjNkLzQvM0VFRUJCOTQ2QThEMjFENDA4M0M5M0RDMDlDRUU1NTdCQjJBQzMyRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1B1NjdsR3FOSWRRSVBKUGNDYzdsVjdz
cXd5NC5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmZmN2E5ODkt
ZWNkZi00M2Q2LTg2ZTEtZjZjMzkzNWI5YjNkLzQvMzI2MTMxMzQzYTM2NjYzNDM0
M2EzNDM0MzAzMDNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDMyMzEzMzMxMzMzNi5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw
DgQCAAIwCAMGACoUb0REMA0GCSqGSIb3DQEBCwUAA4IBAQBN1uFa/x0YR6fJ5/BT
lUb9Ussl9iPGAMH/DQo2VIqrSimbB3V4EVcx+J3LVqAMO8q5BvSGv2zjKCbVOYrH
mCDPdS0X67HKpcEEHv6oDrMlTNHl+VVSbWvQ2f05sGc2Tlq2Z+2h7/wg6bKsVl8J
K8i28ex8N08OGX/h7+mtTuUaheKJY/dJFMEX7t2mt/DRvFKbCRgEno8yqJz4s36L
k1TIcey3u8N3XwzRk87AQLubLMnwOHfcxAgiZ7iQK9FTST3bkLxH+cOhqOX2urkJ
ifcL8dBn4xsswpzt0ZGX05zFRNllxR0M6tqXvk0tuWcelDW1miImojsFcNkrEPq/
TDrS
-----END CERTIFICATE-----
Generated at Wed Nov 5 00:35:23 2025 by rpki-client