Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/326130663a356663303a626162613a3a2f34382d3438203d3e20323035303336.roa
File: 326130663a356663303a626162613a3a2f34382d3438203d3e20323035303336.roa (raw, json)
Hash identifier: kdDGBWrURu4f0ClnA4SfgsI29M2UtK1sJ9ldbUvOvNc=
Subject key identifier: 2D:87:A4:7E:EF:8F:9D:78:2E:A9:13:53:C2:4D:F9:0A:D4:C1:21:40
Certificate issuer: /CN=e205ebf065fc4929f1802662ae62d7f9762600e6
Certificate serial: 28EBD4F8DAC6D4C59FD1E1ED27FDF0B581ED836B
Authority key identifier: E2:05:EB:F0:65:FC:49:29:F1:80:26:62:AE:62:D7:F9:76:26:00:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4gXr8GX8SSnxgCZirmLX-XYmAOY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/326130663a356663303a626162613a3a2f34382d3438203d3e20323035303336.roa
Signing time: Wed 05 Nov 2025 11:03:52 +0000
ROA not before: Wed 05 Nov 2025 10:58:52 +0000
ROA not after: Wed 04 Nov 2026 11:03:52 +0000
asID: 205036
IP address blocks: 2a0f:5fc0:baba::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/E205EBF065FC4929F1802662AE62D7F9762600E6.crl
rsync://rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/E205EBF065FC4929F1802662AE62D7F9762600E6.mft
rsync://rpki.ripe.net/repository/DEFAULT/4gXr8GX8SSnxgCZirmLX-XYmAOY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 21:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:eb:d4:f8:da:c6:d4:c5:9f:d1:e1:ed:27:fd:f0:b5:81:ed:83:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e205ebf065fc4929f1802662ae62d7f9762600e6
Validity
Not Before: Nov 5 10:58:52 2025 GMT
Not After : Nov 4 11:03:52 2026 GMT
Subject: CN=2D87A47EEF8F9D782EA91353C24DF90AD4C12140
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:21:97:91:45:f6:7a:b9:99:a5:85:b1:7b:7d:
db:86:9f:2a:79:9c:d5:50:3d:59:58:1b:23:a3:d7:
be:37:62:e0:49:83:97:e0:45:bd:91:9c:21:ad:29:
a5:29:cd:da:22:08:bd:ad:ac:7c:fe:4f:c0:cb:d4:
d6:36:4d:d6:d6:4c:bf:47:4d:08:12:94:20:62:cd:
e6:c4:38:1e:7c:f1:d5:68:d4:7c:dc:ee:94:4b:c5:
e8:5f:d0:b1:d9:41:09:f4:b1:3f:1f:e7:57:3e:ac:
a7:9c:1b:12:88:2b:3a:bb:68:02:28:10:fe:47:b3:
28:ee:bb:4e:36:4f:ad:6b:7c:eb:fb:e8:12:0a:6a:
8c:74:f5:78:a7:c8:5d:9f:61:e3:27:29:cb:33:d4:
97:f2:e0:89:16:20:1c:c4:43:9d:08:0f:91:4e:2e:
cd:62:e7:3d:56:20:a7:5d:34:18:fd:44:2f:d9:54:
8c:f1:2e:26:17:cd:93:e1:ed:62:91:71:2b:48:be:
7c:1b:41:52:39:a6:6b:5a:b0:fc:66:1b:71:34:56:
a8:4b:28:66:27:0d:9f:44:07:76:db:7e:69:3b:58:
d8:5b:aa:d5:46:44:cc:b2:25:ea:bb:88:fd:24:27:
31:54:ff:0e:f0:bd:20:f5:26:32:b0:ce:fa:e8:2a:
c2:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:87:A4:7E:EF:8F:9D:78:2E:A9:13:53:C2:4D:F9:0A:D4:C1:21:40
X509v3 Authority Key Identifier:
keyid:E2:05:EB:F0:65:FC:49:29:F1:80:26:62:AE:62:D7:F9:76:26:00:E6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/E205EBF065FC4929F1802662AE62D7F9762600E6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4gXr8GX8SSnxgCZirmLX-XYmAOY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/326130663a356663303a626162613a3a2f34382d3438203d3e20323035303336.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:5fc0:baba::/48
Signature Algorithm: sha256WithRSAEncryption
2a:81:8b:f4:74:74:68:18:95:34:2d:6f:06:e8:3e:f2:88:46:
7b:05:f1:f0:10:6b:c7:55:58:ca:28:a6:18:43:5d:a5:27:10:
e7:90:19:ed:e0:e6:b6:20:a8:a9:9d:f1:d6:ed:9f:14:c1:b1:
d5:53:a7:4b:99:5b:44:cf:6c:41:10:fb:24:5c:f6:bf:d8:e3:
39:3f:9d:34:c8:2a:b2:dd:e9:6d:da:88:9c:a3:41:96:ed:d8:
ff:78:26:76:05:72:91:97:47:f4:60:3f:36:58:e1:be:a7:17:
77:31:bb:0f:6b:4b:d3:3a:b0:3a:e5:0b:01:4a:50:29:3e:bb:
45:91:54:8b:56:38:ff:bc:95:45:04:06:c1:a9:22:c2:fd:a6:
20:67:10:6a:47:0b:9c:ed:46:54:10:04:1d:d7:b6:09:4b:77:
bc:b7:98:7c:b5:2a:c3:c2:b7:f5:31:13:2c:9c:07:6f:e4:9a:
9d:4e:b8:8e:bb:c6:f7:30:70:15:c9:8e:5d:89:a6:3a:c9:72:
dc:85:22:39:57:3e:bd:2c:5d:71:d5:63:e7:21:70:b5:7a:67:
e6:be:c9:6d:a7:0d:62:dd:f9:aa:a5:eb:33:48:e0:ae:d6:d7:
e2:97:9d:61:1d:50:bf:a1:16:45:3f:22:fc:c1:3a:b3:f3:f6:
0d:4d:6d:be
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUKOvU+NrG1MWf0eHtJ/3wtYHtg2swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTIwNWViZjA2NWZjNDkyOWYxODAyNjYyYWU2MmQ3Zjk3
NjI2MDBlNjAeFw0yNTExMDUxMDU4NTJaFw0yNjExMDQxMTAzNTJaMDMxMTAvBgNV
BAMTKDJEODdBNDdFRUY4RjlENzgyRUE5MTM1M0MyNERGOTBBRDRDMTIxNDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1IZeRRfZ6uZmlhbF7fduGnyp5
nNVQPVlYGyOj1743YuBJg5fgRb2RnCGtKaUpzdoiCL2trHz+T8DL1NY2TdbWTL9H
TQgSlCBizebEOB588dVo1Hzc7pRLxehf0LHZQQn0sT8f51c+rKecGxKIKzq7aAIo
EP5Hsyjuu042T61rfOv76BIKaox09XinyF2fYeMnKcsz1Jfy4IkWIBzEQ50ID5FO
Ls1i5z1WIKddNBj9RC/ZVIzxLiYXzZPh7WKRcStIvnwbQVI5pmtasPxmG3E0VqhL
KGYnDZ9EB3bbfmk7WNhbqtVGRMyyJeq7iP0kJzFU/w7wvSD1JjKwzvroKsLxAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQULYekfu+PnXguqRNTwk35CtTBIUAwHwYDVR0j
BBgwFoAU4gXr8GX8SSnxgCZirmLX+XYmAOYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYmYwYmUzZTEtODU0ZS00NjYyLTkyZTgtMDI4OTUwZmY1
N2ZlLzAvRTIwNUVCRjA2NUZDNDkyOUYxODAyNjYyQUU2MkQ3Rjk3NjI2MDBFNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzRnWHI4R1g4U1NueGdDWmlybUxYLVhZ
bUFPWS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYmYwYmUzZTEt
ODU0ZS00NjYyLTkyZTgtMDI4OTUwZmY1N2ZlLzAvMzI2MTMwNjYzYTM1NjY2MzMw
M2E2MjYxNjI2MTNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAzNTMwMzMzNi5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoPX8C6ujANBgkqhkiG9w0BAQsFAAOCAQEAKoGL9HR0aBiVNC1v
Bug+8ohGewXx8BBrx1VYyiimGENdpScQ55AZ7eDmtiCoqZ3x1u2fFMGx1VOnS5lb
RM9sQRD7JFz2v9jjOT+dNMgqst3pbdqInKNBlu3Y/3gmdgVykZdH9GA/NljhvqcX
dzG7D2tL0zqwOuULAUpQKT67RZFUi1Y4/7yVRQQGwakiwv2mIGcQakcLnO1GVBAE
Hde2CUt3vLeYfLUqw8K39TETLJwHb+SanU64jrvG9zBwFcmOXYmmOsly3IUiOVc+
vSxdcdVj5yFwtXpn5r7JbacNYt35qqXrM0jgrtbX4pedYR1Qv6EWRT8i/ME6s/P2
DU1tvg==
-----END CERTIFICATE-----
Generated at Thu Nov 6 01:46:50 2025 by rpki-client