Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/326130663a356663303a6261643a3a2f34382d3438203d3e20323035303336.roa
File: 326130663a356663303a6261643a3a2f34382d3438203d3e20323035303336.roa (raw, json)
Hash identifier: tvkflaFeVW3sd8cXnqPd3goXjSItIqLYbambS6E6g9M=
Subject key identifier: 61:82:25:2F:A7:3F:B0:18:3B:99:A8:00:24:77:8B:76:31:9D:38:8F
Certificate issuer: /CN=e205ebf065fc4929f1802662ae62d7f9762600e6
Certificate serial: 7D3444BDD63D2F1D661360A3552DBE93A633B13A
Authority key identifier: E2:05:EB:F0:65:FC:49:29:F1:80:26:62:AE:62:D7:F9:76:26:00:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4gXr8GX8SSnxgCZirmLX-XYmAOY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/326130663a356663303a6261643a3a2f34382d3438203d3e20323035303336.roa
Signing time: Wed 05 Nov 2025 11:03:53 +0000
ROA not before: Wed 05 Nov 2025 10:58:53 +0000
ROA not after: Wed 04 Nov 2026 11:03:53 +0000
asID: 205036
IP address blocks: 2a0f:5fc0:bad::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/E205EBF065FC4929F1802662AE62D7F9762600E6.crl
rsync://rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/E205EBF065FC4929F1802662AE62D7F9762600E6.mft
rsync://rpki.ripe.net/repository/DEFAULT/4gXr8GX8SSnxgCZirmLX-XYmAOY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 14:04:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:34:44:bd:d6:3d:2f:1d:66:13:60:a3:55:2d:be:93:a6:33:b1:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e205ebf065fc4929f1802662ae62d7f9762600e6
Validity
Not Before: Nov 5 10:58:53 2025 GMT
Not After : Nov 4 11:03:53 2026 GMT
Subject: CN=6182252FA73FB0183B99A80024778B76319D388F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:91:2b:ce:c6:6b:0d:b2:ed:10:2a:79:6d:b2:
f2:bf:dc:04:40:e8:06:dd:06:fe:e3:27:fe:e8:d9:
6b:06:90:64:9d:71:65:b1:6a:63:0d:af:38:c1:25:
ca:7f:fe:d3:a7:06:d1:62:82:9f:6e:3a:19:b4:1b:
2d:52:f6:ab:7e:13:2a:af:29:ed:9e:4c:0d:0e:4f:
bf:69:ba:cd:d6:cd:d0:34:3c:67:9b:67:ab:30:8f:
08:56:a8:0a:40:43:86:1e:35:3a:2b:35:b9:4f:81:
a0:db:ed:dd:23:0d:ec:68:11:ab:e3:5c:fb:25:7c:
72:fe:2a:20:c4:95:76:41:08:e5:34:6c:7e:88:11:
1e:8d:d3:33:d6:3f:d3:b6:53:26:dd:a8:43:5e:cf:
a3:fc:08:e4:38:7c:d0:f5:8c:8c:d0:31:8b:1e:5d:
02:8f:f0:26:ab:df:2c:f1:46:61:31:34:15:8f:63:
f6:71:ff:23:d8:d0:b7:88:bf:7f:6f:fc:f6:eb:1f:
4d:ae:65:6f:cd:ea:83:8e:9e:43:16:c4:cd:8f:07:
3d:b8:d6:d3:15:6f:99:6c:47:65:24:ea:93:aa:73:
90:74:7c:f3:96:a4:77:08:7c:0b:cc:19:d5:35:14:
e1:55:26:d6:5c:05:48:66:b9:2c:ad:66:ac:6a:3e:
12:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:82:25:2F:A7:3F:B0:18:3B:99:A8:00:24:77:8B:76:31:9D:38:8F
X509v3 Authority Key Identifier:
keyid:E2:05:EB:F0:65:FC:49:29:F1:80:26:62:AE:62:D7:F9:76:26:00:E6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/E205EBF065FC4929F1802662AE62D7F9762600E6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4gXr8GX8SSnxgCZirmLX-XYmAOY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/326130663a356663303a6261643a3a2f34382d3438203d3e20323035303336.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:5fc0:bad::/48
Signature Algorithm: sha256WithRSAEncryption
12:55:0d:2a:ae:5e:09:bd:4f:d3:de:61:b4:b7:76:10:54:eb:
29:ef:62:a4:0c:04:6d:d7:8c:d4:bd:6d:12:33:c1:d6:9d:d5:
27:d3:0f:02:20:f9:31:1c:2d:61:ca:88:a6:80:c2:cf:ab:92:
ca:f8:ba:d3:f7:f2:8d:85:ed:2e:e9:5b:41:f7:78:96:2e:40:
86:a0:9f:f1:59:97:9b:98:a0:9d:a9:2b:a6:4f:be:8e:a8:93:
f8:56:fd:78:12:43:fa:d7:a5:e1:0f:05:83:49:7e:0d:e3:1b:
dd:32:3e:47:66:64:c3:66:85:b0:9e:58:87:af:94:4d:ca:5a:
8f:3b:e8:e8:ac:fe:17:6e:fe:fe:d9:5d:3d:b4:c5:ab:60:c8:
33:cf:1e:ee:87:14:9d:46:4f:ee:b4:34:d4:a5:17:b9:17:7a:
f9:82:13:e1:48:e5:bd:30:c7:d6:20:71:96:63:d3:43:01:9b:
57:ca:93:c8:13:96:6d:d0:c2:04:1c:27:e4:d1:62:77:6e:d0:
05:33:3e:f7:e7:69:cc:40:84:9a:42:6f:0e:fe:97:3b:b6:f0:
ec:a3:27:9b:1c:08:1d:cc:ed:e6:20:14:ac:60:fa:3f:58:ec:
34:11:6c:f9:d8:35:56:51:46:c0:c7:4a:b7:ad:a8:bf:88:37:
82:a2:79:f3
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgIUfTREvdY9Lx1mE2CjVS2+k6YzsTowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTIwNWViZjA2NWZjNDkyOWYxODAyNjYyYWU2MmQ3Zjk3
NjI2MDBlNjAeFw0yNTExMDUxMDU4NTNaFw0yNjExMDQxMTAzNTNaMDMxMTAvBgNV
BAMTKDYxODIyNTJGQTczRkIwMTgzQjk5QTgwMDI0Nzc4Qjc2MzE5RDM4OEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZkSvOxmsNsu0QKnltsvK/3ARA
6AbdBv7jJ/7o2WsGkGSdcWWxamMNrzjBJcp//tOnBtFigp9uOhm0Gy1S9qt+Eyqv
Ke2eTA0OT79pus3WzdA0PGebZ6swjwhWqApAQ4YeNTorNblPgaDb7d0jDexoEavj
XPslfHL+KiDElXZBCOU0bH6IER6N0zPWP9O2UybdqENez6P8COQ4fND1jIzQMYse
XQKP8Car3yzxRmExNBWPY/Zx/yPY0LeIv39v/PbrH02uZW/N6oOOnkMWxM2PBz24
1tMVb5lsR2Uk6pOqc5B0fPOWpHcIfAvMGdU1FOFVJtZcBUhmuSytZqxqPhJFAgMB
AAGjggJIMIICRDAdBgNVHQ4EFgQUYYIlL6c/sBg7magAJHeLdjGdOI8wHwYDVR0j
BBgwFoAU4gXr8GX8SSnxgCZirmLX+XYmAOYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYmYwYmUzZTEtODU0ZS00NjYyLTkyZTgtMDI4OTUwZmY1
N2ZlLzAvRTIwNUVCRjA2NUZDNDkyOUYxODAyNjYyQUU2MkQ3Rjk3NjI2MDBFNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzRnWHI4R1g4U1NueGdDWmlybUxYLVhZ
bUFPWS5jZXIwgbUGCCsGAQUFBwELBIGoMIGlMIGiBggrBgEFBQcwC4aBlXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYmYwYmUzZTEt
ODU0ZS00NjYyLTkyZTgtMDI4OTUwZmY1N2ZlLzAvMzI2MTMwNjYzYTM1NjY2MzMw
M2E2MjYxNjQzYTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMjMwMzUzMDMzMzYucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8E
AgACMAkDBwAqD1/AC60wDQYJKoZIhvcNAQELBQADggEBABJVDSquXgm9T9PeYbS3
dhBU6ynvYqQMBG3XjNS9bRIzwdad1SfTDwIg+TEcLWHKiKaAws+rksr4utP38o2F
7S7pW0H3eJYuQIagn/FZl5uYoJ2pK6ZPvo6ok/hW/XgSQ/rXpeEPBYNJfg3jG90y
PkdmZMNmhbCeWIevlE3KWo876Ois/hdu/v7ZXT20xatgyDPPHu6HFJ1GT+60NNSl
F7kXevmCE+FI5b0wx9YgcZZj00MBm1fKk8gTlm3QwgQcJ+TRYndu0AUzPvfnacxA
hJpCbw7+lzu28OyjJ5scCB3M7eYgFKxg+j9Y7DQRbPnYNVZRRsDHSretqL+IN4Ki
efM=
-----END CERTIFICATE-----
Generated at Thu Nov 6 00:20:56 2025 by rpki-client