Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/326130663a356663303a633064653a3a2f34382d3438203d3e20323035303336.roa
File: 326130663a356663303a633064653a3a2f34382d3438203d3e20323035303336.roa (raw, json)
Hash identifier: vwuw8BagjBJB+QjPivE2w5i9soU6pwd3DUm4jYukQKs=
Subject key identifier: BD:68:E8:2D:80:D0:11:6A:FE:5E:3F:C3:70:41:67:16:E2:80:11:E3
Certificate issuer: /CN=e205ebf065fc4929f1802662ae62d7f9762600e6
Certificate serial: 2F09D9F4F4C4F02E83E2F5C5240ED7CDA97E03EE
Authority key identifier: E2:05:EB:F0:65:FC:49:29:F1:80:26:62:AE:62:D7:F9:76:26:00:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4gXr8GX8SSnxgCZirmLX-XYmAOY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/326130663a356663303a633064653a3a2f34382d3438203d3e20323035303336.roa
Signing time: Wed 05 Nov 2025 11:04:00 +0000
ROA not before: Wed 05 Nov 2025 10:59:00 +0000
ROA not after: Wed 04 Nov 2026 11:04:00 +0000
asID: 205036
IP address blocks: 2a0f:5fc0:c0de::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/E205EBF065FC4929F1802662AE62D7F9762600E6.crl
rsync://rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/E205EBF065FC4929F1802662AE62D7F9762600E6.mft
rsync://rpki.ripe.net/repository/DEFAULT/4gXr8GX8SSnxgCZirmLX-XYmAOY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 14:04:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:09:d9:f4:f4:c4:f0:2e:83:e2:f5:c5:24:0e:d7:cd:a9:7e:03:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e205ebf065fc4929f1802662ae62d7f9762600e6
Validity
Not Before: Nov 5 10:59:00 2025 GMT
Not After : Nov 4 11:04:00 2026 GMT
Subject: CN=BD68E82D80D0116AFE5E3FC370416716E28011E3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:5a:cf:fd:f5:43:7c:6a:c3:8a:80:b0:e0:32:
66:1c:e1:55:98:3c:23:cc:ed:7e:c6:39:da:82:e5:
47:33:ed:bc:44:9a:eb:81:83:23:2d:98:b3:54:3a:
66:5d:0e:6b:8e:ba:11:3d:72:da:98:e2:b1:e9:b5:
ee:35:42:d2:df:8c:51:09:29:70:4e:df:85:45:eb:
3c:1c:04:9d:6a:e3:55:2b:05:d1:9a:a8:00:f3:c7:
88:43:5d:59:ad:ae:68:35:7a:c1:e2:f8:95:eb:7a:
cd:0f:84:f6:b8:dd:ed:41:44:38:63:45:7b:a6:4b:
09:a4:95:1f:08:db:2f:f8:8f:32:c4:ce:ee:75:9a:
30:c6:6e:bd:90:e4:24:ac:52:fa:1b:63:2e:ee:6c:
1f:c8:8d:bd:87:6c:aa:c9:99:e3:29:e6:22:85:82:
93:7c:8e:c7:f0:fa:9e:19:67:9e:33:42:0e:49:a5:
cf:4b:0c:34:e3:d7:7d:3d:97:01:c4:96:07:ff:e9:
ad:37:c8:c8:8d:5f:53:db:82:d1:3b:d8:44:74:de:
5f:d7:f5:61:2c:03:9a:2f:43:12:8d:e0:78:bf:89:
52:8b:e5:6b:e6:65:24:27:44:1b:d2:89:a8:18:ab:
fe:e3:9e:f9:85:b8:83:da:71:52:67:cf:30:16:69:
d4:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:68:E8:2D:80:D0:11:6A:FE:5E:3F:C3:70:41:67:16:E2:80:11:E3
X509v3 Authority Key Identifier:
keyid:E2:05:EB:F0:65:FC:49:29:F1:80:26:62:AE:62:D7:F9:76:26:00:E6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/E205EBF065FC4929F1802662AE62D7F9762600E6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4gXr8GX8SSnxgCZirmLX-XYmAOY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/326130663a356663303a633064653a3a2f34382d3438203d3e20323035303336.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:5fc0:c0de::/48
Signature Algorithm: sha256WithRSAEncryption
4b:df:46:a7:72:cb:36:b7:82:93:9e:eb:a9:08:ea:60:ac:3d:
2d:98:27:57:55:85:dc:b3:8f:56:2b:c6:2c:10:5d:8f:89:1d:
37:99:8a:2d:ce:18:65:57:22:e6:22:5b:f9:30:84:89:c1:1b:
f0:66:97:99:04:46:15:a4:be:44:8a:52:d5:d4:80:eb:5d:be:
67:1c:1c:f4:7e:dd:16:46:3e:7f:b3:c8:72:b5:3b:e2:9e:c0:
d9:5d:2a:03:16:a4:b5:a8:ff:44:a5:c5:99:ea:e5:a6:3d:63:
32:5e:0b:30:1c:f5:69:93:48:ff:e6:85:aa:1f:a8:2c:f3:ce:
26:e4:28:23:60:59:57:90:6a:97:7e:91:a4:28:8f:a7:03:40:
3c:38:50:e4:36:f0:ae:7a:9a:81:b8:59:ee:6c:c0:d0:be:e5:
b6:c2:90:b2:d0:1c:01:5b:8b:f9:a4:8b:26:91:8b:2c:80:e8:
3d:5a:fd:49:43:ae:c6:80:2f:1a:d6:93:71:d9:64:e3:a7:7c:
bd:5e:4b:af:c4:5e:c8:11:10:7d:e3:9d:2d:d8:dc:b6:4e:95:
c4:21:0a:10:24:d2:02:28:73:93:08:08:0d:23:9f:f8:8e:a1:
20:1f:6b:9f:8a:20:7b:8a:1b:79:37:d3:8f:0f:5e:d0:f6:b5:
67:80:69:77
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIULwnZ9PTE8C6D4vXFJA7Xzal+A+4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTIwNWViZjA2NWZjNDkyOWYxODAyNjYyYWU2MmQ3Zjk3
NjI2MDBlNjAeFw0yNTExMDUxMDU5MDBaFw0yNjExMDQxMTA0MDBaMDMxMTAvBgNV
BAMTKEJENjhFODJEODBEMDExNkFGRTVFM0ZDMzcwNDE2NzE2RTI4MDExRTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjWs/99UN8asOKgLDgMmYc4VWY
PCPM7X7GOdqC5Ucz7bxEmuuBgyMtmLNUOmZdDmuOuhE9ctqY4rHpte41QtLfjFEJ
KXBO34VF6zwcBJ1q41UrBdGaqADzx4hDXVmtrmg1esHi+JXres0PhPa43e1BRDhj
RXumSwmklR8I2y/4jzLEzu51mjDGbr2Q5CSsUvobYy7ubB/Ijb2HbKrJmeMp5iKF
gpN8jsfw+p4ZZ54zQg5Jpc9LDDTj1309lwHElgf/6a03yMiNX1PbgtE72ER03l/X
9WEsA5ovQxKN4Hi/iVKL5WvmZSQnRBvSiagYq/7jnvmFuIPacVJnzzAWadSlAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUvWjoLYDQEWr+Xj/DcEFnFuKAEeMwHwYDVR0j
BBgwFoAU4gXr8GX8SSnxgCZirmLX+XYmAOYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYmYwYmUzZTEtODU0ZS00NjYyLTkyZTgtMDI4OTUwZmY1
N2ZlLzAvRTIwNUVCRjA2NUZDNDkyOUYxODAyNjYyQUU2MkQ3Rjk3NjI2MDBFNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzRnWHI4R1g4U1NueGdDWmlybUxYLVhZ
bUFPWS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYmYwYmUzZTEt
ODU0ZS00NjYyLTkyZTgtMDI4OTUwZmY1N2ZlLzAvMzI2MTMwNjYzYTM1NjY2MzMw
M2E2MzMwNjQ2NTNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAzNTMwMzMzNi5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoPX8DA3jANBgkqhkiG9w0BAQsFAAOCAQEAS99Gp3LLNreCk57r
qQjqYKw9LZgnV1WF3LOPVivGLBBdj4kdN5mKLc4YZVci5iJb+TCEicEb8GaXmQRG
FaS+RIpS1dSA612+Zxwc9H7dFkY+f7PIcrU74p7A2V0qAxaktaj/RKXFmerlpj1j
Ml4LMBz1aZNI/+aFqh+oLPPOJuQoI2BZV5Bql36RpCiPpwNAPDhQ5DbwrnqagbhZ
7mzA0L7ltsKQstAcAVuL+aSLJpGLLIDoPVr9SUOuxoAvGtaTcdlk46d8vV5Lr8Re
yBEQfeOdLdjctk6VxCEKECTSAihzkwgIDSOf+I6hIB9rn4oge4obeTfTjw9e0Pa1
Z4Bpdw==
-----END CERTIFICATE-----
Generated at Thu Nov 6 00:20:57 2025 by rpki-client