Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/326130663a356663303a6163653a3a2f34382d3438203d3e20323035303336.roa
File: 326130663a356663303a6163653a3a2f34382d3438203d3e20323035303336.roa (raw, json)
Hash identifier: s62/iVKVlW2KdVyTR+Xnv457Z0j5+aZNRyV7RtkAKNQ=
Subject key identifier: 48:5E:F0:F5:AC:5B:63:08:A0:B5:9E:C2:EC:D9:8E:CD:24:76:69:B1
Certificate issuer: /CN=e205ebf065fc4929f1802662ae62d7f9762600e6
Certificate serial: 4B1B9711851B98192F7532A33D4B8F68E2D40FC4
Authority key identifier: E2:05:EB:F0:65:FC:49:29:F1:80:26:62:AE:62:D7:F9:76:26:00:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4gXr8GX8SSnxgCZirmLX-XYmAOY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/326130663a356663303a6163653a3a2f34382d3438203d3e20323035303336.roa
Signing time: Wed 05 Nov 2025 11:03:51 +0000
ROA not before: Wed 05 Nov 2025 10:58:51 +0000
ROA not after: Wed 04 Nov 2026 11:03:51 +0000
asID: 205036
IP address blocks: 2a0f:5fc0:ace::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/E205EBF065FC4929F1802662AE62D7F9762600E6.crl
rsync://rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/E205EBF065FC4929F1802662AE62D7F9762600E6.mft
rsync://rpki.ripe.net/repository/DEFAULT/4gXr8GX8SSnxgCZirmLX-XYmAOY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:1b:97:11:85:1b:98:19:2f:75:32:a3:3d:4b:8f:68:e2:d4:0f:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e205ebf065fc4929f1802662ae62d7f9762600e6
Validity
Not Before: Nov 5 10:58:51 2025 GMT
Not After : Nov 4 11:03:51 2026 GMT
Subject: CN=485EF0F5AC5B6308A0B59EC2ECD98ECD247669B1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:50:fc:56:59:11:20:e3:70:41:64:c4:14:7d:
0f:40:ce:3a:d0:fb:5e:69:35:37:e7:82:ae:cb:d7:
f0:52:6c:9c:e7:de:95:ce:f5:e0:54:c4:1e:30:39:
ea:1a:5e:3f:9d:17:53:6a:a6:5f:b8:92:3a:13:ae:
26:51:f7:ae:55:86:69:9c:c3:85:d5:13:7d:09:7b:
ea:18:64:d7:a2:55:ae:83:1d:29:5d:00:81:e8:e9:
ee:f1:6f:1a:15:00:00:b8:4c:07:93:ac:f3:ad:ef:
11:9d:db:3e:fd:58:be:3f:8e:4a:e8:93:57:d6:0a:
85:94:51:4e:60:22:81:1a:af:05:c4:74:07:b6:fa:
ab:5d:13:f7:c0:30:69:36:28:a2:70:fa:d1:f5:f3:
bf:30:3f:e7:49:99:a8:ff:0a:67:84:d2:0d:22:8d:
ce:f4:a2:a8:67:30:40:6c:85:fe:da:c1:e7:e0:05:
48:9d:00:85:14:ce:01:66:2a:39:ab:98:3f:f3:a8:
61:5e:56:82:08:15:0f:c7:55:e9:01:40:7b:10:92:
ba:be:61:3b:e7:01:fe:cf:8a:a7:35:57:3f:ce:ae:
2b:e9:d8:c3:7a:7a:78:15:6f:8f:31:1c:7f:4f:5a:
93:c9:07:5d:1c:84:f9:d5:b3:ea:a9:b8:4f:9a:c1:
ee:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:5E:F0:F5:AC:5B:63:08:A0:B5:9E:C2:EC:D9:8E:CD:24:76:69:B1
X509v3 Authority Key Identifier:
keyid:E2:05:EB:F0:65:FC:49:29:F1:80:26:62:AE:62:D7:F9:76:26:00:E6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/E205EBF065FC4929F1802662AE62D7F9762600E6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4gXr8GX8SSnxgCZirmLX-XYmAOY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/326130663a356663303a6163653a3a2f34382d3438203d3e20323035303336.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:5fc0:ace::/48
Signature Algorithm: sha256WithRSAEncryption
6b:88:23:25:03:92:58:00:ab:3e:65:e0:e1:f9:4c:71:5e:fe:
bf:82:9b:0c:1f:ca:b5:a4:a6:3c:a0:13:ff:db:22:2d:06:68:
2d:32:2b:84:ff:4f:6e:15:84:51:b5:fd:e7:1d:dd:c3:89:32:
34:5b:c4:04:62:77:01:c3:67:a0:ce:cd:6e:3c:e5:0c:3a:25:
56:29:6f:88:9c:ca:70:0a:8a:29:63:b0:64:88:3f:73:50:c8:
7e:e2:aa:5e:b9:e0:f6:9e:1d:39:28:f6:a7:be:d0:69:48:7f:
03:90:7b:f9:09:6e:1d:48:60:a0:62:78:b0:99:c9:22:a2:06:
eb:9d:a9:e5:35:06:1b:07:ae:9a:87:b4:90:71:75:45:3e:11:
7c:0f:d7:8e:88:db:03:11:f7:9a:47:7e:e0:e2:71:26:a4:fb:
9e:2d:2b:6c:6c:e2:98:48:a3:67:79:97:4f:c9:fe:a0:99:58:
6e:43:74:da:dd:84:11:5c:bc:b4:de:0c:ec:23:f0:33:72:56:
aa:ff:2c:9d:cb:20:79:2b:01:c0:e8:0c:fa:07:e1:ea:c5:59:
76:db:dd:ed:6a:70:15:45:84:08:cc:9e:69:c2:18:93:47:f1:
2e:fe:98:9e:bd:ef:85:59:bd:ff:39:f1:a6:9e:27:b2:80:45:
5c:06:0e:56
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgIUSxuXEYUbmBkvdTKjPUuPaOLUD8QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTIwNWViZjA2NWZjNDkyOWYxODAyNjYyYWU2MmQ3Zjk3
NjI2MDBlNjAeFw0yNTExMDUxMDU4NTFaFw0yNjExMDQxMTAzNTFaMDMxMTAvBgNV
BAMTKDQ4NUVGMEY1QUM1QjYzMDhBMEI1OUVDMkVDRDk4RUNEMjQ3NjY5QjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFUPxWWREg43BBZMQUfQ9AzjrQ
+15pNTfngq7L1/BSbJzn3pXO9eBUxB4wOeoaXj+dF1Nqpl+4kjoTriZR965Vhmmc
w4XVE30Je+oYZNeiVa6DHSldAIHo6e7xbxoVAAC4TAeTrPOt7xGd2z79WL4/jkro
k1fWCoWUUU5gIoEarwXEdAe2+qtdE/fAMGk2KKJw+tH1878wP+dJmaj/CmeE0g0i
jc70oqhnMEBshf7awefgBUidAIUUzgFmKjmrmD/zqGFeVoIIFQ/HVekBQHsQkrq+
YTvnAf7Piqc1Vz/Orivp2MN6engVb48xHH9PWpPJB10chPnVs+qpuE+awe59AgMB
AAGjggJIMIICRDAdBgNVHQ4EFgQUSF7w9axbYwigtZ7C7NmOzSR2abEwHwYDVR0j
BBgwFoAU4gXr8GX8SSnxgCZirmLX+XYmAOYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYmYwYmUzZTEtODU0ZS00NjYyLTkyZTgtMDI4OTUwZmY1
N2ZlLzAvRTIwNUVCRjA2NUZDNDkyOUYxODAyNjYyQUU2MkQ3Rjk3NjI2MDBFNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzRnWHI4R1g4U1NueGdDWmlybUxYLVhZ
bUFPWS5jZXIwgbUGCCsGAQUFBwELBIGoMIGlMIGiBggrBgEFBQcwC4aBlXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYmYwYmUzZTEt
ODU0ZS00NjYyLTkyZTgtMDI4OTUwZmY1N2ZlLzAvMzI2MTMwNjYzYTM1NjY2MzMw
M2E2MTYzNjUzYTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMjMwMzUzMDMzMzYucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8E
AgACMAkDBwAqD1/ACs4wDQYJKoZIhvcNAQELBQADggEBAGuIIyUDklgAqz5l4OH5
THFe/r+CmwwfyrWkpjygE//bIi0GaC0yK4T/T24VhFG1/ecd3cOJMjRbxARidwHD
Z6DOzW485Qw6JVYpb4icynAKiiljsGSIP3NQyH7iql654PaeHTko9qe+0GlIfwOQ
e/kJbh1IYKBieLCZySKiBuudqeU1BhsHrpqHtJBxdUU+EXwP146I2wMR95pHfuDi
cSak+54tK2xs4phIo2d5l0/J/qCZWG5DdNrdhBFcvLTeDOwj8DNyVqr/LJ3LIHkr
AcDoDPoH4erFWXbb3e1qcBVFhAjMnmnCGJNH8S7+mJ6974VZvf858aaeJ7KARVwG
DlY=
-----END CERTIFICATE-----
Generated at Wed Nov 5 20:19:54 2025 by rpki-client