Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336464303a3a2f34342d3434203d3e203230343733.roa
File: 326131313a323963303a336464303a3a2f34342d3434203d3e203230343733.roa (raw, json)
Hash identifier: 32K0AtWAmPmLtT9mkJQcmypuB1dxGl/BJmc2t9Uz+a4=
Subject key identifier: 91:AE:48:DB:C1:38:2B:DE:32:69:9C:D5:0E:81:A9:AD:C5:B2:D7:A8
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 678C338FD6AB8E8B3E39ECFCCA5C2404FC42EAF3
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336464303a3a2f34342d3434203d3e203230343733.roa
Signing time: Tue 29 Jul 2025 16:02:14 +0000
ROA not before: Tue 29 Jul 2025 15:57:14 +0000
ROA not after: Tue 28 Jul 2026 16:02:14 +0000
asID: 20473
IP address blocks: 2a11:29c0:3dd0::/44 maxlen: 44
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 05:47:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:8c:33:8f:d6:ab:8e:8b:3e:39:ec:fc:ca:5c:24:04:fc:42:ea:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: Jul 29 15:57:14 2025 GMT
Not After : Jul 28 16:02:14 2026 GMT
Subject: CN=91AE48DBC1382BDE32699CD50E81A9ADC5B2D7A8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:5b:e8:ec:7d:70:7d:20:db:0a:64:8e:80:b2:
7f:e2:dd:2b:1f:3d:d4:fa:58:a6:5e:29:a6:e7:28:
7a:5b:44:2a:ea:ea:fb:92:1c:ce:d1:88:d1:18:32:
1f:cd:03:46:fd:b4:02:ab:0f:d1:d1:fd:bc:29:5e:
dd:28:e5:22:e9:55:3c:c9:cc:b9:d9:1e:3e:31:9a:
1a:5b:3f:c0:e4:5e:ed:e0:19:0d:9b:ec:32:48:c8:
a3:42:13:c8:24:f3:44:d5:1d:1f:1e:aa:1c:a0:ef:
03:33:4f:c7:91:ff:94:7f:3f:0d:1d:dc:26:e3:15:
c7:8f:f9:fc:6e:7f:7d:a7:19:a4:b4:26:ff:c3:9f:
b7:97:8f:dc:1c:95:e3:63:40:04:75:d0:8d:e9:ed:
64:03:33:9f:d6:2c:3f:27:cd:88:63:b5:be:48:71:
84:8c:b5:92:67:a3:3f:22:8b:22:5b:b6:86:b7:c4:
4b:28:de:97:ba:16:de:6d:2a:b6:ce:92:9a:3d:bf:
9d:e4:f1:a5:36:3d:9c:66:cd:6e:6f:7e:a5:e6:ec:
ba:5a:78:f6:5c:fd:03:ac:b3:1b:c6:f0:e6:48:48:
46:53:b2:7f:bc:a0:57:19:ab:fc:0f:a3:0e:d1:05:
93:cb:0e:25:99:c0:7d:d8:4d:f9:d9:da:0a:41:6e:
8b:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:AE:48:DB:C1:38:2B:DE:32:69:9C:D5:0E:81:A9:AD:C5:B2:D7:A8
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336464303a3a2f34342d3434203d3e203230343733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:3dd0::/44
Signature Algorithm: sha256WithRSAEncryption
7b:e6:a3:24:ab:4a:8d:e5:b6:93:ba:d8:3d:18:4c:79:8d:07:
83:f3:2c:b9:c3:84:2d:3b:e5:25:31:ab:b2:31:5e:72:31:a8:
82:a5:5a:09:ba:9d:eb:e9:0c:21:d8:55:82:38:65:0d:bb:ac:
05:2c:41:36:3d:c3:35:cd:88:d5:8e:4c:97:a3:54:6c:e0:b7:
30:60:8c:2a:a5:1c:8f:9e:97:6a:93:14:66:2f:28:42:0c:c4:
81:12:47:22:44:fc:04:9c:f7:bd:8d:c4:6b:d9:f4:dd:df:46:
12:a4:a4:e1:54:0f:a6:61:ed:fa:34:40:5a:6e:02:85:6a:44:
49:23:9a:59:8b:c3:4f:8b:b6:3f:62:0e:20:65:2a:f2:e3:0e:
6c:1d:90:33:95:8c:01:9c:72:de:5d:2c:a3:b9:44:c3:89:94:
2f:49:ea:40:87:2c:ca:70:b6:6d:bc:98:9e:9f:19:ca:85:5e:
94:d9:0a:05:26:90:6f:f5:1e:1b:fc:62:96:0d:6f:92:a1:8e:
93:b8:ba:65:51:73:1c:bb:72:00:4c:77:a6:2e:99:48:7e:3f:
0c:b4:7b:cc:fa:24:69:3d:dc:62:22:d1:8a:14:ae:c0:c8:fd:
2f:b8:61:6c:3c:9f:84:01:38:b3:cc:7a:f3:d9:90:bd:9b:85:
43:af:0c:c8
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgIUZ4wzj9arjos+Oez8ylwkBPxC6vMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNTA3MjkxNTU3MTRaFw0yNjA3MjgxNjAyMTRaMDMxMTAvBgNV
BAMTKDkxQUU0OERCQzEzODJCREUzMjY5OUNENTBFODFBOUFEQzVCMkQ3QTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkW+jsfXB9INsKZI6Asn/i3Ssf
PdT6WKZeKabnKHpbRCrq6vuSHM7RiNEYMh/NA0b9tAKrD9HR/bwpXt0o5SLpVTzJ
zLnZHj4xmhpbP8DkXu3gGQ2b7DJIyKNCE8gk80TVHR8eqhyg7wMzT8eR/5R/Pw0d
3CbjFceP+fxuf32nGaS0Jv/Dn7eXj9wcleNjQAR10I3p7WQDM5/WLD8nzYhjtb5I
cYSMtZJnoz8iiyJbtoa3xEso3pe6Ft5tKrbOkpo9v53k8aU2PZxmzW5vfqXm7Lpa
ePZc/QOssxvG8OZISEZTsn+8oFcZq/wPow7RBZPLDiWZwH3YTfnZ2gpBbouhAgMB
AAGjggJIMIICRDAdBgNVHQ4EFgQUka5I28E4K94yaZzVDoGprcWy16gwHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbUGCCsGAQUFBwELBIGoMIGlMIGiBggrBgEFBQcwC4aBlXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzMzY0NjQzMDNhM2EyZjM0MzQyZDM0MzQyMDNkM2UyMDMyMzAzNDM3MzMucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8E
AgACMAkDBwQqESnAPdAwDQYJKoZIhvcNAQELBQADggEBAHvmoySrSo3ltpO62D0Y
THmNB4PzLLnDhC075SUxq7IxXnIxqIKlWgm6nevpDCHYVYI4ZQ27rAUsQTY9wzXN
iNWOTJejVGzgtzBgjCqlHI+el2qTFGYvKEIMxIESRyJE/ASc972NxGvZ9N3fRhKk
pOFUD6Zh7fo0QFpuAoVqREkjmlmLw0+Ltj9iDiBlKvLjDmwdkDOVjAGcct5dLKO5
RMOJlC9J6kCHLMpwtm28mJ6fGcqFXpTZCgUmkG/1Hhv8YpYNb5KhjpO4umVRcxy7
cgBMd6YumUh+Pwy0e8z6JGk93GIi0YoUrsDI/S+4YWw8n4QBOLPMevPZkL2bhUOv
DMg=
-----END CERTIFICATE-----
Generated at Mon Aug 4 15:39:09 2025 by rpki-client