Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/326130623a346530343a626565663a3a2f34382d3438203d3e203236393534.roa
File: 326130623a346530343a626565663a3a2f34382d3438203d3e203236393534.roa (raw, json)
Hash identifier: dXSnrOSsmksjfaruQTR4onccvLxLXawLPmHLDP+0pZ0=
Subject key identifier: 18:E7:C7:8F:23:FA:9C:E1:22:CD:6F:F8:F7:6E:1B:B7:8B:D9:82:CF
Certificate issuer: /CN=42e508fba8960f48071b119accbf57bdbf3a8057
Certificate serial: 24E5FEF83A837CAFEC332BCD4575CFA409E39FAB
Authority key identifier: 42:E5:08:FB:A8:96:0F:48:07:1B:11:9A:CC:BF:57:BD:BF:3A:80:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QuUI-6iWD0gHGxGazL9Xvb86gFc.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/326130623a346530343a626565663a3a2f34382d3438203d3e203236393534.roa
Signing time: Thu 31 Jul 2025 20:24:10 +0000
ROA not before: Thu 31 Jul 2025 20:19:10 +0000
ROA not after: Thu 30 Jul 2026 20:24:10 +0000
asID: 26954
IP address blocks: 2a0b:4e04:beef::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/42E508FBA8960F48071B119ACCBF57BDBF3A8057.crl
rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/42E508FBA8960F48071B119ACCBF57BDBF3A8057.mft
rsync://rpki.ripe.net/repository/DEFAULT/QuUI-6iWD0gHGxGazL9Xvb86gFc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 08:53:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:e5:fe:f8:3a:83:7c:af:ec:33:2b:cd:45:75:cf:a4:09:e3:9f:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42e508fba8960f48071b119accbf57bdbf3a8057
Validity
Not Before: Jul 31 20:19:10 2025 GMT
Not After : Jul 30 20:24:10 2026 GMT
Subject: CN=18E7C78F23FA9CE122CD6FF8F76E1BB78BD982CF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:bc:d0:c1:d4:4f:51:4d:6e:52:e1:2a:88:7b:
d0:44:80:00:4e:b1:58:ae:44:44:45:f5:c2:ae:3b:
8b:f5:a7:05:56:4b:b9:12:51:d0:6f:4e:10:fe:b8:
b3:2a:38:81:b2:0a:ea:de:5b:f0:ae:61:9b:f2:ac:
f9:d4:d1:0c:c6:72:22:3c:27:71:c9:5a:26:99:ac:
31:82:75:7f:bf:e4:01:cd:62:8f:62:94:3a:4f:f3:
2e:91:ce:8d:42:45:dd:83:0d:1c:6b:84:e4:51:2b:
d0:99:aa:d4:1c:fc:93:53:30:89:b7:52:4f:9f:d9:
5c:ff:44:ce:62:a6:d4:2d:2b:16:bc:fa:25:c8:d2:
6d:44:81:df:ce:05:c1:52:20:35:48:62:7d:39:64:
db:78:35:99:74:fd:1a:f2:20:3c:49:d5:ef:1a:1c:
ad:cc:26:bd:b2:57:f7:a4:96:e9:6a:f2:6e:c4:c5:
c3:21:09:fc:81:c6:78:8b:81:42:ea:3e:75:91:65:
ff:11:21:3e:61:2b:dd:53:40:ea:8d:a7:c3:01:24:
92:89:13:51:58:06:68:0c:aa:77:74:9d:1a:8b:f6:
cc:70:43:71:7e:9b:31:2d:74:42:b7:8d:c4:f1:f5:
28:74:4f:90:fb:4e:6a:1a:98:f6:39:30:11:57:47:
85:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:E7:C7:8F:23:FA:9C:E1:22:CD:6F:F8:F7:6E:1B:B7:8B:D9:82:CF
X509v3 Authority Key Identifier:
keyid:42:E5:08:FB:A8:96:0F:48:07:1B:11:9A:CC:BF:57:BD:BF:3A:80:57
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/42E508FBA8960F48071B119ACCBF57BDBF3A8057.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QuUI-6iWD0gHGxGazL9Xvb86gFc.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/326130623a346530343a626565663a3a2f34382d3438203d3e203236393534.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:4e04:beef::/48
Signature Algorithm: sha256WithRSAEncryption
44:9e:96:0b:3d:c8:a3:cb:e2:b9:94:ea:da:57:2a:aa:e2:16:
10:63:ef:aa:9e:cb:57:c6:a1:1b:26:51:d9:20:3d:cc:a8:ca:
c6:a6:06:32:d7:16:fb:43:53:18:b8:29:55:4e:8c:dd:c0:2f:
63:78:5d:f0:02:ae:aa:4b:3e:38:6e:0b:5c:1c:7d:04:05:11:
42:1e:38:57:20:45:b4:35:f4:97:31:51:c7:8b:98:f4:10:2f:
3e:5d:b0:7a:8d:c5:b4:b4:00:6c:21:cd:c1:7d:9d:9f:7c:b8:
cf:75:8a:b3:a7:fb:d9:ef:71:84:3f:cd:1b:89:5d:99:df:63:
a3:4d:d3:fc:17:f8:90:7b:f8:da:83:13:37:74:d8:c2:f8:cf:
62:f9:fa:1f:7b:da:b0:e5:77:b7:8f:8b:3b:fd:4f:3d:4b:09:
e5:60:66:97:28:27:3f:52:25:77:77:43:d6:a3:00:70:fb:f1:
48:9c:93:6e:eb:19:de:56:d5:dc:f6:38:2d:6e:26:2f:be:cf:
71:d5:e7:ef:d0:f8:00:49:ab:2a:c9:b3:0b:1c:06:40:e5:37:
f1:0f:54:74:0b:09:0f:73:e6:a6:52:55:d7:0d:47:0a:eb:5c:
87:c5:a3:80:f0:3a:af:09:35:2c:aa:04:1f:98:ec:17:bb:61:
4d:21:d6:97
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgIUJOX++DqDfK/sMyvNRXXPpAnjn6swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDJlNTA4ZmJhODk2MGY0ODA3MWIxMTlhY2NiZjU3YmRi
ZjNhODA1NzAeFw0yNTA3MzEyMDE5MTBaFw0yNjA3MzAyMDI0MTBaMDMxMTAvBgNV
BAMTKDE4RTdDNzhGMjNGQTlDRTEyMkNENkZGOEY3NkUxQkI3OEJEOTgyQ0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFvNDB1E9RTW5S4SqIe9BEgABO
sViuRERF9cKuO4v1pwVWS7kSUdBvThD+uLMqOIGyCureW/CuYZvyrPnU0QzGciI8
J3HJWiaZrDGCdX+/5AHNYo9ilDpP8y6Rzo1CRd2DDRxrhORRK9CZqtQc/JNTMIm3
Uk+f2Vz/RM5iptQtKxa8+iXI0m1Egd/OBcFSIDVIYn05ZNt4NZl0/RryIDxJ1e8a
HK3MJr2yV/eklulq8m7ExcMhCfyBxniLgULqPnWRZf8RIT5hK91TQOqNp8MBJJKJ
E1FYBmgMqnd0nRqL9sxwQ3F+mzEtdEK3jcTx9Sh0T5D7TmoamPY5MBFXR4X1AgMB
AAGjggJIMIICRDAdBgNVHQ4EFgQUGOfHjyP6nOEizW/4924bt4vZgs8wHwYDVR0j
BBgwFoAUQuUI+6iWD0gHGxGazL9Xvb86gFcwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzNiOGVjMDEtOGJhNS00NzlmLWEyMjktMGFiNzBlNDgx
NWJiLzAvNDJFNTA4RkJBODk2MEY0ODA3MUIxMTlBQ0NCRjU3QkRCRjNBODA1Ny5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1F1VUktNmlXRDBnSEd4R2F6TDlYdmI4
NmdGYy5jZXIwgbUGCCsGAQUFBwELBIGoMIGlMIGiBggrBgEFBQcwC4aBlXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNzNiOGVjMDEt
OGJhNS00NzlmLWEyMjktMGFiNzBlNDgxNWJiLzAvMzI2MTMwNjIzYTM0NjUzMDM0
M2E2MjY1NjU2NjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzYzOTM1MzQucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8E
AgACMAkDBwAqC04Evu8wDQYJKoZIhvcNAQELBQADggEBAESelgs9yKPL4rmU6tpX
KqriFhBj76qey1fGoRsmUdkgPcyoysamBjLXFvtDUxi4KVVOjN3AL2N4XfACrqpL
PjhuC1wcfQQFEUIeOFcgRbQ19JcxUceLmPQQLz5dsHqNxbS0AGwhzcF9nZ98uM91
irOn+9nvcYQ/zRuJXZnfY6NN0/wX+JB7+NqDEzd02ML4z2L5+h972rDld7ePizv9
Tz1LCeVgZpcoJz9SJXd3Q9ajAHD78Uick27rGd5W1dz2OC1uJi++z3HV5+/Q+ABJ
qyrJswscBkDlN/EPVHQLCQ9z5qZSVdcNRwrrXIfFo4DwOq8JNSyqBB+Y7Be7YU0h
1pc=
-----END CERTIFICATE-----
Generated at Tue Aug 5 17:14:29 2025 by rpki-client