Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/326130663a356663303a636166653a3a2f34382d3438203d3e20323035303336.roa
File: 326130663a356663303a636166653a3a2f34382d3438203d3e20323035303336.roa (raw, json)
Hash identifier: SIzDkF7YYsoaU9vFR/am7daSl1S+0BBZdMp9c5ogCY8=
Subject key identifier: 3F:C1:0F:33:52:69:9A:42:5D:7C:6D:72:87:F0:A0:79:9A:DA:8A:09
Certificate issuer: /CN=e205ebf065fc4929f1802662ae62d7f9762600e6
Certificate serial: 626E1ED15A23B1D817E78A00E006B9ED0CFBBD46
Authority key identifier: E2:05:EB:F0:65:FC:49:29:F1:80:26:62:AE:62:D7:F9:76:26:00:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4gXr8GX8SSnxgCZirmLX-XYmAOY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/326130663a356663303a636166653a3a2f34382d3438203d3e20323035303336.roa
Signing time: Wed 05 Nov 2025 11:03:50 +0000
ROA not before: Wed 05 Nov 2025 10:58:50 +0000
ROA not after: Wed 04 Nov 2026 11:03:50 +0000
asID: 205036
IP address blocks: 2a0f:5fc0:cafe::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/E205EBF065FC4929F1802662AE62D7F9762600E6.crl
rsync://rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/E205EBF065FC4929F1802662AE62D7F9762600E6.mft
rsync://rpki.ripe.net/repository/DEFAULT/4gXr8GX8SSnxgCZirmLX-XYmAOY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 14:04:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:6e:1e:d1:5a:23:b1:d8:17:e7:8a:00:e0:06:b9:ed:0c:fb:bd:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e205ebf065fc4929f1802662ae62d7f9762600e6
Validity
Not Before: Nov 5 10:58:50 2025 GMT
Not After : Nov 4 11:03:50 2026 GMT
Subject: CN=3FC10F3352699A425D7C6D7287F0A0799ADA8A09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:13:bb:d7:8b:97:e5:5a:ee:ef:22:d3:2b:1a:
91:73:30:e9:0d:13:b3:c8:ec:b3:f5:d5:fb:e4:14:
c9:97:39:79:e4:f5:de:c4:ba:b0:8e:df:1d:fa:60:
e3:c3:14:98:e5:9b:7b:de:5f:bb:73:2a:87:12:11:
9a:66:2d:a9:c8:af:aa:73:4e:38:c4:8b:82:24:3f:
4f:d8:a8:60:db:a0:65:0d:29:c3:e1:40:e2:4c:95:
97:bc:ac:5f:ea:ff:0d:1d:49:5a:eb:74:3a:4c:18:
4b:e0:a1:36:c1:8d:36:70:70:a8:b9:62:ae:96:e6:
e0:e7:38:4e:9a:f5:21:d0:3f:bd:62:07:f1:f3:89:
47:89:21:81:22:7a:f4:2c:84:5d:94:cc:2f:d7:a1:
ed:cd:34:0a:1b:5d:dc:91:a5:76:51:f7:aa:c7:e2:
f8:ef:7e:ca:18:2d:f5:5c:64:e9:72:b5:49:12:49:
34:5c:ba:9d:fe:90:c0:66:21:69:ff:1e:12:28:ed:
a1:af:07:d6:26:7d:b7:16:3d:a1:41:e3:ca:2a:f3:
ff:9c:6a:d7:c9:61:7c:cf:eb:88:29:89:80:77:ea:
33:86:21:89:21:18:51:c4:44:a8:57:d5:e4:c5:50:
4a:df:b8:77:21:57:1b:ba:51:89:98:e3:90:73:9b:
2c:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:C1:0F:33:52:69:9A:42:5D:7C:6D:72:87:F0:A0:79:9A:DA:8A:09
X509v3 Authority Key Identifier:
keyid:E2:05:EB:F0:65:FC:49:29:F1:80:26:62:AE:62:D7:F9:76:26:00:E6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/E205EBF065FC4929F1802662AE62D7F9762600E6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4gXr8GX8SSnxgCZirmLX-XYmAOY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/326130663a356663303a636166653a3a2f34382d3438203d3e20323035303336.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:5fc0:cafe::/48
Signature Algorithm: sha256WithRSAEncryption
29:b5:da:6e:aa:ae:28:51:a3:d6:4c:97:3a:7b:07:ca:76:d9:
f4:0b:7f:40:0c:d0:c0:86:0f:f7:84:d8:9f:98:2c:6d:2c:ad:
f2:d2:86:49:2f:17:d1:04:bd:33:8c:47:9c:59:67:41:3c:fb:
e8:ea:5a:4e:75:89:f7:4b:7f:cc:25:be:af:5c:b6:bf:b8:05:
9b:8d:09:b0:76:c3:8f:fb:f9:53:0a:99:69:7e:3e:4e:6c:dd:
86:8c:1f:0c:9e:f7:24:03:d0:ed:53:07:fe:fa:fd:69:61:2f:
95:8c:86:e3:f8:ef:0c:80:5b:86:d8:02:f2:51:6b:e3:d6:6b:
3f:f3:1e:a9:67:81:96:40:99:25:7e:47:90:7a:99:6b:93:8f:
53:88:2c:53:3e:0a:33:cf:30:4b:4d:56:f3:a4:0f:eb:9c:4b:
2a:e9:c7:a0:5d:55:2f:ee:2e:13:b8:02:0b:b1:b5:f0:19:2a:
ba:b3:1c:94:92:84:65:6a:c1:bd:72:94:38:f6:db:91:2b:76:
ea:b6:9f:c7:cc:50:66:d2:15:b0:48:54:41:77:17:6b:8b:9b:
b4:a5:51:bd:05:e5:8e:a7:95:2e:5d:09:97:e2:dd:eb:af:18:
dd:6e:b6:bc:21:9f:cc:49:d2:16:6f:8a:5d:c9:58:9c:f7:7d:
a8:f1:ab:57
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUYm4e0VojsdgX54oA4Aa57Qz7vUYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTIwNWViZjA2NWZjNDkyOWYxODAyNjYyYWU2MmQ3Zjk3
NjI2MDBlNjAeFw0yNTExMDUxMDU4NTBaFw0yNjExMDQxMTAzNTBaMDMxMTAvBgNV
BAMTKDNGQzEwRjMzNTI2OTlBNDI1RDdDNkQ3Mjg3RjBBMDc5OUFEQThBMDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3E7vXi5flWu7vItMrGpFzMOkN
E7PI7LP11fvkFMmXOXnk9d7EurCO3x36YOPDFJjlm3veX7tzKocSEZpmLanIr6pz
TjjEi4IkP0/YqGDboGUNKcPhQOJMlZe8rF/q/w0dSVrrdDpMGEvgoTbBjTZwcKi5
Yq6W5uDnOE6a9SHQP71iB/HziUeJIYEievQshF2UzC/Xoe3NNAobXdyRpXZR96rH
4vjvfsoYLfVcZOlytUkSSTRcup3+kMBmIWn/HhIo7aGvB9YmfbcWPaFB48oq8/+c
atfJYXzP64gpiYB36jOGIYkhGFHERKhX1eTFUErfuHchVxu6UYmY45BzmyxtAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUP8EPM1JpmkJdfG1yh/CgeZraigkwHwYDVR0j
BBgwFoAU4gXr8GX8SSnxgCZirmLX+XYmAOYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYmYwYmUzZTEtODU0ZS00NjYyLTkyZTgtMDI4OTUwZmY1
N2ZlLzAvRTIwNUVCRjA2NUZDNDkyOUYxODAyNjYyQUU2MkQ3Rjk3NjI2MDBFNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzRnWHI4R1g4U1NueGdDWmlybUxYLVhZ
bUFPWS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYmYwYmUzZTEt
ODU0ZS00NjYyLTkyZTgtMDI4OTUwZmY1N2ZlLzAvMzI2MTMwNjYzYTM1NjY2MzMw
M2E2MzYxNjY2NTNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAzNTMwMzMzNi5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoPX8DK/jANBgkqhkiG9w0BAQsFAAOCAQEAKbXabqquKFGj1kyX
OnsHynbZ9At/QAzQwIYP94TYn5gsbSyt8tKGSS8X0QS9M4xHnFlnQTz76OpaTnWJ
90t/zCW+r1y2v7gFm40JsHbDj/v5UwqZaX4+TmzdhowfDJ73JAPQ7VMH/vr9aWEv
lYyG4/jvDIBbhtgC8lFr49ZrP/MeqWeBlkCZJX5HkHqZa5OPU4gsUz4KM88wS01W
86QP65xLKunHoF1VL+4uE7gCC7G18BkqurMclJKEZWrBvXKUOPbbkSt26rafx8xQ
ZtIVsEhUQXcXa4ubtKVRvQXljqeVLl0Jl+Ld668Y3W62vCGfzEnSFm+KXclYnPd9
qPGrVw==
-----END CERTIFICATE-----
Generated at Wed Nov 5 23:01:19 2025 by rpki-client