Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/326130663a356663303a6461643a3a2f34382d3438203d3e20323035303336.roa
File: 326130663a356663303a6461643a3a2f34382d3438203d3e20323035303336.roa (raw, json)
Hash identifier: FjMn5kgc0Y1vdPNQCAd4cKVxUcNaP4msdjwOhjOI4iE=
Subject key identifier: 0B:75:8A:83:FD:7A:FA:AC:A0:61:25:DA:40:57:2E:E1:B6:E4:C0:FA
Certificate issuer: /CN=e205ebf065fc4929f1802662ae62d7f9762600e6
Certificate serial: 2704BBEAB240FF6ECAF2CDB0600DDFE4E996A746
Authority key identifier: E2:05:EB:F0:65:FC:49:29:F1:80:26:62:AE:62:D7:F9:76:26:00:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4gXr8GX8SSnxgCZirmLX-XYmAOY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/326130663a356663303a6461643a3a2f34382d3438203d3e20323035303336.roa
Signing time: Wed 05 Nov 2025 11:03:55 +0000
ROA not before: Wed 05 Nov 2025 10:58:55 +0000
ROA not after: Wed 04 Nov 2026 11:03:55 +0000
asID: 205036
IP address blocks: 2a0f:5fc0:dad::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/E205EBF065FC4929F1802662AE62D7F9762600E6.crl
rsync://rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/E205EBF065FC4929F1802662AE62D7F9762600E6.mft
rsync://rpki.ripe.net/repository/DEFAULT/4gXr8GX8SSnxgCZirmLX-XYmAOY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 14:04:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:04:bb:ea:b2:40:ff:6e:ca:f2:cd:b0:60:0d:df:e4:e9:96:a7:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e205ebf065fc4929f1802662ae62d7f9762600e6
Validity
Not Before: Nov 5 10:58:55 2025 GMT
Not After : Nov 4 11:03:55 2026 GMT
Subject: CN=0B758A83FD7AFAACA06125DA40572EE1B6E4C0FA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:be:7d:c9:5b:98:79:fb:bb:10:4c:03:b2:5c:
10:f9:3f:5a:e7:f4:e9:e5:98:53:b2:9d:24:10:e7:
90:ba:46:c9:9d:3a:19:12:75:b4:b9:37:90:b4:3c:
e3:7f:4e:43:ec:f2:86:7d:31:b6:78:aa:61:86:b7:
13:d0:01:3b:ee:43:59:03:d6:e4:0e:cc:be:fc:96:
35:41:f1:fd:84:4b:48:0a:83:71:ad:df:e2:d6:ff:
cd:bc:92:6f:56:1c:4c:83:3b:b7:db:ff:28:72:95:
19:b7:d0:05:a7:62:52:16:5d:e0:7e:66:87:9b:c5:
b4:20:c3:8a:20:37:78:ae:96:d3:76:f2:2c:d5:2c:
3d:f5:b6:f9:9d:a8:06:27:39:6e:9f:3f:c9:f7:ee:
9e:b4:68:e0:f4:ba:33:eb:ed:e6:57:a7:65:8c:66:
90:8e:34:9e:dd:82:b8:ee:4e:95:6c:dc:56:14:d9:
85:bb:89:67:e0:7a:4c:5c:d8:c9:3d:b5:84:62:5b:
99:1e:08:56:2f:cd:ba:85:69:8e:d7:6d:66:75:7a:
74:83:08:bc:64:b5:05:0e:1d:ea:d9:39:d3:85:81:
79:a7:43:95:b3:78:e1:16:50:90:a3:07:31:22:8a:
25:1a:1b:3c:94:fa:2d:90:41:2c:a4:34:22:b1:c6:
49:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:75:8A:83:FD:7A:FA:AC:A0:61:25:DA:40:57:2E:E1:B6:E4:C0:FA
X509v3 Authority Key Identifier:
keyid:E2:05:EB:F0:65:FC:49:29:F1:80:26:62:AE:62:D7:F9:76:26:00:E6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/E205EBF065FC4929F1802662AE62D7F9762600E6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4gXr8GX8SSnxgCZirmLX-XYmAOY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/326130663a356663303a6461643a3a2f34382d3438203d3e20323035303336.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:5fc0:dad::/48
Signature Algorithm: sha256WithRSAEncryption
05:4f:29:40:f6:ea:6e:3a:51:e0:21:ec:a7:70:e1:45:60:9c:
42:54:66:b1:79:ba:f1:4e:d3:21:a2:ab:a7:da:5e:1b:1d:11:
ba:b8:44:cf:29:eb:43:79:fe:73:d7:76:a2:d1:d4:4e:23:83:
07:bd:11:b0:6f:dd:56:61:f5:f9:11:ef:a9:b0:0d:53:13:e4:
77:c1:50:4b:b5:8f:09:80:a1:23:12:59:a6:20:ce:d6:d2:96:
94:5a:2c:f7:46:93:5b:3e:89:ed:f6:56:a2:40:43:b6:73:9c:
4f:4f:cc:a2:0c:b7:f6:06:be:1e:19:6a:ae:33:cb:6e:1d:6a:
25:af:38:00:2f:62:13:5b:72:03:19:8f:6f:75:64:81:67:0e:
54:0e:f0:95:ba:7f:34:b2:1c:9c:d6:6f:80:74:1f:9a:30:fd:
08:23:ed:bf:67:4b:00:d5:c0:f4:ff:c7:8f:b1:c8:23:01:3d:
e7:2b:5b:07:31:57:35:8f:36:ef:bc:90:99:84:b8:c6:21:0b:
03:e3:0e:2d:58:6d:1e:70:26:82:47:32:45:14:9e:a3:5d:a6:
34:0a:6f:a5:5c:2d:66:ef:5b:d4:a4:74:0c:6d:ce:8c:e2:7d:
0b:0b:7e:98:93:76:22:28:83:12:4c:4b:60:28:e6:9b:3f:68:
47:d8:3c:09
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgIUJwS76rJA/27K8s2wYA3f5OmWp0YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTIwNWViZjA2NWZjNDkyOWYxODAyNjYyYWU2MmQ3Zjk3
NjI2MDBlNjAeFw0yNTExMDUxMDU4NTVaFw0yNjExMDQxMTAzNTVaMDMxMTAvBgNV
BAMTKDBCNzU4QTgzRkQ3QUZBQUNBMDYxMjVEQTQwNTcyRUUxQjZFNEMwRkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyvn3JW5h5+7sQTAOyXBD5P1rn
9OnlmFOynSQQ55C6RsmdOhkSdbS5N5C0PON/TkPs8oZ9MbZ4qmGGtxPQATvuQ1kD
1uQOzL78ljVB8f2ES0gKg3Gt3+LW/828km9WHEyDO7fb/yhylRm30AWnYlIWXeB+
ZoebxbQgw4ogN3iultN28izVLD31tvmdqAYnOW6fP8n37p60aOD0ujPr7eZXp2WM
ZpCONJ7dgrjuTpVs3FYU2YW7iWfgekxc2Mk9tYRiW5keCFYvzbqFaY7XbWZ1enSD
CLxktQUOHerZOdOFgXmnQ5WzeOEWUJCjBzEiiiUaGzyU+i2QQSykNCKxxkmzAgMB
AAGjggJIMIICRDAdBgNVHQ4EFgQUC3WKg/16+qygYSXaQFcu4bbkwPowHwYDVR0j
BBgwFoAU4gXr8GX8SSnxgCZirmLX+XYmAOYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYmYwYmUzZTEtODU0ZS00NjYyLTkyZTgtMDI4OTUwZmY1
N2ZlLzAvRTIwNUVCRjA2NUZDNDkyOUYxODAyNjYyQUU2MkQ3Rjk3NjI2MDBFNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzRnWHI4R1g4U1NueGdDWmlybUxYLVhZ
bUFPWS5jZXIwgbUGCCsGAQUFBwELBIGoMIGlMIGiBggrBgEFBQcwC4aBlXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYmYwYmUzZTEt
ODU0ZS00NjYyLTkyZTgtMDI4OTUwZmY1N2ZlLzAvMzI2MTMwNjYzYTM1NjY2MzMw
M2E2NDYxNjQzYTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMjMwMzUzMDMzMzYucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8E
AgACMAkDBwAqD1/ADa0wDQYJKoZIhvcNAQELBQADggEBAAVPKUD26m46UeAh7Kdw
4UVgnEJUZrF5uvFO0yGiq6faXhsdEbq4RM8p60N5/nPXdqLR1E4jgwe9EbBv3VZh
9fkR76mwDVMT5HfBUEu1jwmAoSMSWaYgztbSlpRaLPdGk1s+ie32VqJAQ7ZznE9P
zKIMt/YGvh4Zaq4zy24daiWvOAAvYhNbcgMZj291ZIFnDlQO8JW6fzSyHJzWb4B0
H5ow/Qgj7b9nSwDVwPT/x4+xyCMBPecrWwcxVzWPNu+8kJmEuMYhCwPjDi1YbR5w
JoJHMkUUnqNdpjQKb6VcLWbvW9SkdAxtzozifQsLfpiTdiIogxJMS2Ao5ps/aEfY
PAk=
-----END CERTIFICATE-----
Generated at Thu Nov 6 00:20:53 2025 by rpki-client