Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/326130663a356663303a646561643a3a2f34382d3438203d3e20323035303336.roa
File: 326130663a356663303a646561643a3a2f34382d3438203d3e20323035303336.roa (raw, json)
Hash identifier: Z7YS72AkRUhmGE/8eVCwX/QArQ7kzj3DMVCvF8nhupE=
Subject key identifier: AA:78:27:5A:F8:9B:43:6B:80:5D:4E:77:62:D6:24:88:70:5D:AD:6E
Certificate issuer: /CN=e205ebf065fc4929f1802662ae62d7f9762600e6
Certificate serial: 1A1A69FA5C6D7B571EDADED1AFFDD4F6E3A77924
Authority key identifier: E2:05:EB:F0:65:FC:49:29:F1:80:26:62:AE:62:D7:F9:76:26:00:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4gXr8GX8SSnxgCZirmLX-XYmAOY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/326130663a356663303a646561643a3a2f34382d3438203d3e20323035303336.roa
Signing time: Wed 05 Nov 2025 11:01:06 +0000
ROA not before: Wed 05 Nov 2025 10:56:06 +0000
ROA not after: Wed 04 Nov 2026 11:01:06 +0000
asID: 205036
IP address blocks: 2a0f:5fc0:dead::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/E205EBF065FC4929F1802662AE62D7F9762600E6.crl
rsync://rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/E205EBF065FC4929F1802662AE62D7F9762600E6.mft
rsync://rpki.ripe.net/repository/DEFAULT/4gXr8GX8SSnxgCZirmLX-XYmAOY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 14:04:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:1a:69:fa:5c:6d:7b:57:1e:da:de:d1:af:fd:d4:f6:e3:a7:79:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e205ebf065fc4929f1802662ae62d7f9762600e6
Validity
Not Before: Nov 5 10:56:06 2025 GMT
Not After : Nov 4 11:01:06 2026 GMT
Subject: CN=AA78275AF89B436B805D4E7762D62488705DAD6E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:ad:8b:81:e2:53:d7:ac:c9:38:81:18:c4:d7:
d9:09:2a:41:a5:45:d2:49:2a:06:1d:7f:1e:9b:6f:
44:af:16:ad:23:21:bc:85:8b:06:9a:cf:97:2d:fa:
a3:f4:b5:8b:b0:14:48:5f:8a:49:a1:f7:ac:88:87:
e6:48:de:d1:e0:fc:c2:93:59:4a:f4:3e:10:98:3b:
2a:6f:5b:ef:fc:53:35:3b:42:c8:78:17:77:92:12:
d7:8f:07:ce:80:6e:d2:7a:22:91:a1:7f:e9:13:85:
1d:f1:e2:69:7b:70:1b:6e:a8:b3:1b:c1:0e:a2:5f:
80:64:17:f4:5c:44:9d:62:51:fe:07:6c:7f:6b:d4:
84:44:83:5b:e7:2c:e5:10:50:51:8a:53:7a:bf:f7:
30:2b:08:89:ab:98:33:1d:01:10:26:57:69:5c:35:
0a:da:69:c3:28:19:00:44:f9:16:f8:10:24:06:6f:
e1:c2:ff:fe:41:71:ba:aa:e6:88:ef:88:f5:94:57:
1f:2d:fb:89:4d:70:ea:e2:a6:5f:8f:ae:15:fa:5f:
30:04:2b:9c:4d:cc:b8:ca:68:58:c2:80:07:d1:f6:
ff:45:57:eb:51:7c:79:bc:97:b5:47:62:b2:5f:ea:
23:4c:9b:06:f0:e0:4b:83:de:0c:60:ef:18:13:b9:
33:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:78:27:5A:F8:9B:43:6B:80:5D:4E:77:62:D6:24:88:70:5D:AD:6E
X509v3 Authority Key Identifier:
keyid:E2:05:EB:F0:65:FC:49:29:F1:80:26:62:AE:62:D7:F9:76:26:00:E6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/E205EBF065FC4929F1802662AE62D7F9762600E6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4gXr8GX8SSnxgCZirmLX-XYmAOY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/326130663a356663303a646561643a3a2f34382d3438203d3e20323035303336.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:5fc0:dead::/48
Signature Algorithm: sha256WithRSAEncryption
9f:4c:7f:0d:85:62:09:28:75:64:d5:f2:8b:24:38:84:14:8f:
72:62:11:d7:b0:95:bb:e1:53:ad:18:30:78:61:d1:15:1c:c0:
6a:39:d7:90:d9:93:f0:81:07:df:0f:f7:65:16:15:39:e1:22:
36:68:2e:8d:aa:be:a5:d2:92:00:cb:37:f9:e8:9f:89:dd:c1:
a8:71:22:0b:a7:49:b5:2a:55:ab:fa:4d:4e:af:98:39:be:07:
b1:40:12:2b:3f:1d:59:f3:21:d0:04:06:e0:c5:0c:94:d4:6b:
9b:59:12:16:08:5e:6c:5e:f0:28:72:46:08:03:ad:81:c8:da:
06:5c:be:8f:64:22:e9:8d:e8:7b:bb:bb:c8:a3:ac:7b:7f:08:
15:38:1c:97:4f:2e:fe:03:af:c3:b6:69:c0:8c:5d:cd:33:ba:
ee:4c:e8:7c:1e:6d:1b:0f:86:45:37:94:b3:ab:bd:28:2f:17:
b6:be:d4:e7:16:8f:10:af:de:89:a9:24:d4:e5:ad:e8:94:67:
a0:a2:3a:cd:96:3c:2f:7e:3f:8a:da:5d:d1:42:e6:6c:8f:e1:
4a:41:17:d1:c7:6d:a9:b1:e7:68:98:ce:f6:a8:df:bb:00:73:
2a:97:09:2b:2c:a6:db:8f:ff:b9:14:9d:42:49:ef:bd:20:1f:
2a:e4:0a:b7
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUGhpp+lxte1ce2t7Rr/3U9uOneSQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTIwNWViZjA2NWZjNDkyOWYxODAyNjYyYWU2MmQ3Zjk3
NjI2MDBlNjAeFw0yNTExMDUxMDU2MDZaFw0yNjExMDQxMTAxMDZaMDMxMTAvBgNV
BAMTKEFBNzgyNzVBRjg5QjQzNkI4MDVENEU3NzYyRDYyNDg4NzA1REFENkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnrYuB4lPXrMk4gRjE19kJKkGl
RdJJKgYdfx6bb0SvFq0jIbyFiwaaz5ct+qP0tYuwFEhfikmh96yIh+ZI3tHg/MKT
WUr0PhCYOypvW+/8UzU7Qsh4F3eSEtePB86AbtJ6IpGhf+kThR3x4ml7cBtuqLMb
wQ6iX4BkF/RcRJ1iUf4HbH9r1IREg1vnLOUQUFGKU3q/9zArCImrmDMdARAmV2lc
NQraacMoGQBE+Rb4ECQGb+HC//5Bcbqq5ojviPWUVx8t+4lNcOripl+PrhX6XzAE
K5xNzLjKaFjCgAfR9v9FV+tRfHm8l7VHYrJf6iNMmwbw4EuD3gxg7xgTuTMlAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUqngnWvibQ2uAXU53YtYkiHBdrW4wHwYDVR0j
BBgwFoAU4gXr8GX8SSnxgCZirmLX+XYmAOYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYmYwYmUzZTEtODU0ZS00NjYyLTkyZTgtMDI4OTUwZmY1
N2ZlLzAvRTIwNUVCRjA2NUZDNDkyOUYxODAyNjYyQUU2MkQ3Rjk3NjI2MDBFNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzRnWHI4R1g4U1NueGdDWmlybUxYLVhZ
bUFPWS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYmYwYmUzZTEt
ODU0ZS00NjYyLTkyZTgtMDI4OTUwZmY1N2ZlLzAvMzI2MTMwNjYzYTM1NjY2MzMw
M2E2NDY1NjE2NDNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAzNTMwMzMzNi5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoPX8DerTANBgkqhkiG9w0BAQsFAAOCAQEAn0x/DYViCSh1ZNXy
iyQ4hBSPcmIR17CVu+FTrRgweGHRFRzAajnXkNmT8IEH3w/3ZRYVOeEiNmgujaq+
pdKSAMs3+eifid3BqHEiC6dJtSpVq/pNTq+YOb4HsUASKz8dWfMh0AQG4MUMlNRr
m1kSFghebF7wKHJGCAOtgcjaBly+j2Qi6Y3oe7u7yKOse38IFTgcl08u/gOvw7Zp
wIxdzTO67kzofB5tGw+GRTeUs6u9KC8Xtr7U5xaPEK/eiakk1OWt6JRnoKI6zZY8
L34/itpd0ULmbI/hSkEX0cdtqbHnaJjO9qjfuwBzKpcJKyym24//uRSdQknvvSAf
KuQKtw==
-----END CERTIFICATE-----
Generated at Thu Nov 6 00:19:17 2025 by rpki-client