Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/326130623a346530343a3a2f34382d3438203d3e203236393534.roa
File: 326130623a346530343a3a2f34382d3438203d3e203236393534.roa (raw, json)
Hash identifier: kjCVplBQIQWTrk/MT/vsXbIMmP0BY/AuB2NZAKC1i00=
Subject key identifier: 2D:52:71:5A:19:87:B0:C2:C9:ED:2D:40:76:9E:6A:90:3E:2D:46:BE
Certificate issuer: /CN=42e508fba8960f48071b119accbf57bdbf3a8057
Certificate serial: 2D13E5871AF3BD02297C5EBF6734B7247B867072
Authority key identifier: 42:E5:08:FB:A8:96:0F:48:07:1B:11:9A:CC:BF:57:BD:BF:3A:80:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QuUI-6iWD0gHGxGazL9Xvb86gFc.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/326130623a346530343a3a2f34382d3438203d3e203236393534.roa
Signing time: Thu 31 Jul 2025 20:23:49 +0000
ROA not before: Thu 31 Jul 2025 20:18:49 +0000
ROA not after: Thu 30 Jul 2026 20:23:49 +0000
asID: 26954
IP address blocks: 2a0b:4e04::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/42E508FBA8960F48071B119ACCBF57BDBF3A8057.crl
rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/42E508FBA8960F48071B119ACCBF57BDBF3A8057.mft
rsync://rpki.ripe.net/repository/DEFAULT/QuUI-6iWD0gHGxGazL9Xvb86gFc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 04 Aug 2025 21:56:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:13:e5:87:1a:f3:bd:02:29:7c:5e:bf:67:34:b7:24:7b:86:70:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42e508fba8960f48071b119accbf57bdbf3a8057
Validity
Not Before: Jul 31 20:18:49 2025 GMT
Not After : Jul 30 20:23:49 2026 GMT
Subject: CN=2D52715A1987B0C2C9ED2D40769E6A903E2D46BE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:5f:66:d2:ff:28:2d:b2:51:11:33:c2:3c:03:
5e:63:5c:40:11:b8:aa:f5:fe:97:c4:7a:4c:e0:7b:
12:52:7d:7d:09:24:87:00:c7:7c:57:5b:e7:9e:26:
10:69:c8:34:cc:a0:d7:67:f2:d3:3a:00:28:aa:d9:
16:13:3c:5e:c3:0f:53:87:c3:75:13:f2:7e:2c:d7:
47:8a:e0:ca:a5:a5:4c:e1:76:87:e3:5f:46:af:03:
bd:8a:7e:97:b9:b4:ab:87:80:90:32:94:37:1e:8b:
3e:a9:4b:8c:32:dc:37:37:e6:f3:d8:ff:ee:3f:d0:
bd:e4:1b:17:89:e1:98:71:0b:e8:d7:c7:c3:0a:31:
4d:a6:41:bc:28:ee:73:5f:79:de:30:5c:54:e1:6d:
f3:00:21:6c:ee:e2:62:db:70:74:b3:72:ad:c4:23:
5e:1b:c4:ec:1a:89:32:31:90:76:97:1d:02:0c:6d:
f9:23:12:21:4b:5f:cd:16:21:06:c4:b8:22:87:c5:
13:d6:6c:64:43:da:0f:e8:03:80:d0:37:82:6c:32:
ad:81:b4:2f:2f:a9:6c:a4:72:0c:b2:85:54:d3:eb:
07:52:29:8e:7e:8a:eb:c9:8c:1d:7c:29:3f:33:7e:
47:2f:78:05:52:e4:74:e6:32:92:93:08:a4:59:e5:
5b:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:52:71:5A:19:87:B0:C2:C9:ED:2D:40:76:9E:6A:90:3E:2D:46:BE
X509v3 Authority Key Identifier:
keyid:42:E5:08:FB:A8:96:0F:48:07:1B:11:9A:CC:BF:57:BD:BF:3A:80:57
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/42E508FBA8960F48071B119ACCBF57BDBF3A8057.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QuUI-6iWD0gHGxGazL9Xvb86gFc.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/326130623a346530343a3a2f34382d3438203d3e203236393534.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:4e04::/48
Signature Algorithm: sha256WithRSAEncryption
98:33:e5:e4:42:e7:25:ae:97:75:9d:bd:09:19:69:34:63:d6:
8c:d4:09:21:98:79:fa:f4:b3:84:41:09:88:96:a1:92:ac:4c:
c9:b9:bb:c1:b6:0c:12:3e:11:cb:50:35:69:e4:5c:1c:f2:5d:
60:6a:2f:58:b0:10:57:13:84:64:6c:80:3e:77:9c:2d:a6:d2:
65:9a:c0:a1:05:63:2b:5b:26:06:b2:25:27:99:ce:13:1f:a2:
0e:fb:ea:f1:0e:1f:33:d4:9a:d0:5e:0f:5f:88:77:34:3a:f6:
6b:e4:96:e7:b4:33:d7:57:53:a0:50:82:13:bd:f1:e7:7f:f8:
21:d4:00:eb:f9:8f:ec:0b:5a:6e:19:0f:16:0e:dd:be:38:4f:
e6:14:9f:cd:dd:0d:50:1c:e2:c9:09:a6:30:fa:fb:51:f4:fb:
a4:f5:c8:b6:b7:44:96:31:cf:8f:e6:4c:2a:13:db:f9:17:55:
63:28:a1:1a:d5:f3:02:eb:bc:06:fd:71:e2:69:56:b7:1d:3e:
e3:9e:be:a0:ce:0e:df:6a:ee:66:1b:57:f0:99:a6:7e:e6:34:
6d:b3:14:d4:c9:14:6b:a9:aa:d7:f8:f3:7f:72:53:75:c3:50:
cf:67:28:68:62:30:d2:28:cc:f3:ef:eb:af:71:8d:30:df:06:
37:c3:8c:a3
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIULRPlhxrzvQIpfF6/ZzS3JHuGcHIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDJlNTA4ZmJhODk2MGY0ODA3MWIxMTlhY2NiZjU3YmRi
ZjNhODA1NzAeFw0yNTA3MzEyMDE4NDlaFw0yNjA3MzAyMDIzNDlaMDMxMTAvBgNV
BAMTKDJENTI3MTVBMTk4N0IwQzJDOUVEMkQ0MDc2OUU2QTkwM0UyRDQ2QkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8X2bS/ygtslERM8I8A15jXEAR
uKr1/pfEekzgexJSfX0JJIcAx3xXW+eeJhBpyDTMoNdn8tM6ACiq2RYTPF7DD1OH
w3UT8n4s10eK4MqlpUzhdofjX0avA72Kfpe5tKuHgJAylDceiz6pS4wy3Dc35vPY
/+4/0L3kGxeJ4ZhxC+jXx8MKMU2mQbwo7nNfed4wXFThbfMAIWzu4mLbcHSzcq3E
I14bxOwaiTIxkHaXHQIMbfkjEiFLX80WIQbEuCKHxRPWbGRD2g/oA4DQN4JsMq2B
tC8vqWykcgyyhVTT6wdSKY5+iuvJjB18KT8zfkcveAVS5HTmMpKTCKRZ5VtBAgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQULVJxWhmHsMLJ7S1Adp5qkD4tRr4wHwYDVR0j
BBgwFoAUQuUI+6iWD0gHGxGazL9Xvb86gFcwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzNiOGVjMDEtOGJhNS00NzlmLWEyMjktMGFiNzBlNDgx
NWJiLzAvNDJFNTA4RkJBODk2MEY0ODA3MUIxMTlBQ0NCRjU3QkRCRjNBODA1Ny5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1F1VUktNmlXRDBnSEd4R2F6TDlYdmI4
NmdGYy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNzNiOGVjMDEt
OGJhNS00NzlmLWEyMjktMGFiNzBlNDgxNWJiLzAvMzI2MTMwNjIzYTM0NjUzMDM0
M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzNjM5MzUzNC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoL
TgQAADANBgkqhkiG9w0BAQsFAAOCAQEAmDPl5ELnJa6XdZ29CRlpNGPWjNQJIZh5
+vSzhEEJiJahkqxMybm7wbYMEj4Ry1A1aeRcHPJdYGovWLAQVxOEZGyAPnecLabS
ZZrAoQVjK1smBrIlJ5nOEx+iDvvq8Q4fM9Sa0F4PX4h3NDr2a+SW57Qz11dToFCC
E73x53/4IdQA6/mP7AtabhkPFg7dvjhP5hSfzd0NUBziyQmmMPr7UfT7pPXItrdE
ljHPj+ZMKhPb+RdVYyihGtXzAuu8Bv1x4mlWtx0+456+oM4O32ruZhtX8JmmfuY0
bbMU1MkUa6mq1/jzf3JTdcNQz2coaGIw0ijM8+/rr3GNMN8GN8OMow==
-----END CERTIFICATE-----
Generated at Mon Aug 4 15:29:25 2025 by rpki-client