Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/326130663a356663303a646561663a3a2f34382d3438203d3e20323035303336.roa
File: 326130663a356663303a646561663a3a2f34382d3438203d3e20323035303336.roa (raw, json)
Hash identifier: nBnCDOBWFR9glmAsUSRrLmDkLZa6Zi7bYUkIoT7Lpvs=
Subject key identifier: 03:97:37:52:F8:97:A8:FD:FA:7F:0B:61:10:56:A2:1D:2F:92:F8:D0
Certificate issuer: /CN=e205ebf065fc4929f1802662ae62d7f9762600e6
Certificate serial: 2860E511A923CC91770417A2B3721489591856F6
Authority key identifier: E2:05:EB:F0:65:FC:49:29:F1:80:26:62:AE:62:D7:F9:76:26:00:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4gXr8GX8SSnxgCZirmLX-XYmAOY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/326130663a356663303a646561663a3a2f34382d3438203d3e20323035303336.roa
Signing time: Wed 05 Nov 2025 11:03:56 +0000
ROA not before: Wed 05 Nov 2025 10:58:56 +0000
ROA not after: Wed 04 Nov 2026 11:03:56 +0000
asID: 205036
IP address blocks: 2a0f:5fc0:deaf::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/E205EBF065FC4929F1802662AE62D7F9762600E6.crl
rsync://rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/E205EBF065FC4929F1802662AE62D7F9762600E6.mft
rsync://rpki.ripe.net/repository/DEFAULT/4gXr8GX8SSnxgCZirmLX-XYmAOY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:60:e5:11:a9:23:cc:91:77:04:17:a2:b3:72:14:89:59:18:56:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e205ebf065fc4929f1802662ae62d7f9762600e6
Validity
Not Before: Nov 5 10:58:56 2025 GMT
Not After : Nov 4 11:03:56 2026 GMT
Subject: CN=03973752F897A8FDFA7F0B611056A21D2F92F8D0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:02:3b:89:a6:24:da:c2:79:26:4c:73:7a:90:
0e:78:49:82:e5:42:b7:a4:0c:ef:14:84:53:a0:db:
cb:c9:13:b0:73:32:c4:34:ab:48:e9:34:84:3a:8c:
c1:30:51:4c:69:22:73:5a:af:30:33:06:e8:b8:f5:
df:19:b1:e6:9f:a2:0b:41:c1:0d:fe:81:0f:a4:07:
90:4e:d9:82:e2:3d:44:84:48:ec:3e:66:9c:8c:e0:
f7:51:f4:c8:21:e2:21:c7:f5:82:4c:67:97:e7:5d:
a1:8d:f5:90:d6:b4:0e:31:5f:02:fe:e3:c0:70:55:
9c:b8:e8:7c:d2:73:b0:a3:7f:6d:f4:13:3a:5d:9b:
39:74:36:b7:e4:fc:f2:67:d5:72:07:5c:f8:6a:7b:
68:60:50:de:d6:08:85:3c:cd:4d:d7:f3:8d:58:8d:
14:db:c4:a4:16:68:28:67:26:56:36:41:0b:c6:42:
33:56:18:92:4d:c2:01:36:94:db:ca:49:6f:a0:e2:
42:be:cd:a1:a6:69:77:23:77:27:2c:08:2c:d8:af:
32:e1:1f:36:6e:b9:cb:2a:99:de:ac:f1:cf:c0:18:
7c:f5:1b:18:d0:5d:01:8f:c0:4a:cd:dc:88:ca:e8:
05:cb:1a:c3:23:6f:dc:3a:80:0b:26:da:57:ac:06:
80:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:97:37:52:F8:97:A8:FD:FA:7F:0B:61:10:56:A2:1D:2F:92:F8:D0
X509v3 Authority Key Identifier:
keyid:E2:05:EB:F0:65:FC:49:29:F1:80:26:62:AE:62:D7:F9:76:26:00:E6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/E205EBF065FC4929F1802662AE62D7F9762600E6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4gXr8GX8SSnxgCZirmLX-XYmAOY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/326130663a356663303a646561663a3a2f34382d3438203d3e20323035303336.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:5fc0:deaf::/48
Signature Algorithm: sha256WithRSAEncryption
14:40:ba:25:a3:f5:66:5d:08:c0:32:73:8c:16:65:70:3c:65:
a4:8f:bb:3e:57:63:59:4f:50:0d:21:b4:82:a2:f8:ec:eb:68:
51:d6:66:47:d3:14:fe:20:b0:10:3a:3c:cf:43:dd:a4:63:3d:
0f:83:97:ea:d2:2b:7f:cb:02:d4:52:2b:f8:82:87:58:86:ea:
dc:82:70:5f:12:e8:d6:e1:03:50:13:6a:54:3b:ea:58:4c:2f:
df:27:a5:aa:cb:ce:d6:4e:4e:e9:e1:6c:27:69:19:c3:a0:9a:
00:f0:31:cb:83:2a:d2:c7:05:14:c3:44:fc:58:15:3b:de:64:
0a:d7:2a:12:11:fc:24:e0:f8:c4:92:29:f2:b8:ad:6c:ea:c7:
1d:0e:db:5b:74:5a:86:28:2b:76:0c:21:cf:eb:ab:31:8d:0e:
d7:f6:50:09:fd:9a:90:1e:7d:f1:e6:cf:bb:e9:53:5c:b4:d0:
40:ec:06:a4:0c:2b:42:5d:af:60:f3:b1:b9:a6:02:7a:dd:46:
13:bc:0c:0c:e5:fd:09:21:fd:8c:9b:e6:f8:ab:95:bb:83:44:
de:7a:de:e3:a8:5d:ce:70:85:60:6e:14:73:32:31:c8:da:ec:
85:21:01:b7:90:dd:fa:24:63:06:a1:30:8d:45:87:b8:34:73:
06:9d:a2:11
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUKGDlEakjzJF3BBeis3IUiVkYVvYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTIwNWViZjA2NWZjNDkyOWYxODAyNjYyYWU2MmQ3Zjk3
NjI2MDBlNjAeFw0yNTExMDUxMDU4NTZaFw0yNjExMDQxMTAzNTZaMDMxMTAvBgNV
BAMTKDAzOTczNzUyRjg5N0E4RkRGQTdGMEI2MTEwNTZBMjFEMkY5MkY4RDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMAjuJpiTawnkmTHN6kA54SYLl
QrekDO8UhFOg28vJE7BzMsQ0q0jpNIQ6jMEwUUxpInNarzAzBui49d8ZseafogtB
wQ3+gQ+kB5BO2YLiPUSESOw+ZpyM4PdR9Mgh4iHH9YJMZ5fnXaGN9ZDWtA4xXwL+
48BwVZy46HzSc7Cjf230Ezpdmzl0Nrfk/PJn1XIHXPhqe2hgUN7WCIU8zU3X841Y
jRTbxKQWaChnJlY2QQvGQjNWGJJNwgE2lNvKSW+g4kK+zaGmaXcjdycsCCzYrzLh
HzZuucsqmd6s8c/AGHz1GxjQXQGPwErN3IjK6AXLGsMjb9w6gAsm2lesBoCPAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUA5c3UviXqP36fwthEFaiHS+S+NAwHwYDVR0j
BBgwFoAU4gXr8GX8SSnxgCZirmLX+XYmAOYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYmYwYmUzZTEtODU0ZS00NjYyLTkyZTgtMDI4OTUwZmY1
N2ZlLzAvRTIwNUVCRjA2NUZDNDkyOUYxODAyNjYyQUU2MkQ3Rjk3NjI2MDBFNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzRnWHI4R1g4U1NueGdDWmlybUxYLVhZ
bUFPWS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYmYwYmUzZTEt
ODU0ZS00NjYyLTkyZTgtMDI4OTUwZmY1N2ZlLzAvMzI2MTMwNjYzYTM1NjY2MzMw
M2E2NDY1NjE2NjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAzNTMwMzMzNi5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoPX8DerzANBgkqhkiG9w0BAQsFAAOCAQEAFEC6JaP1Zl0IwDJz
jBZlcDxlpI+7PldjWU9QDSG0gqL47OtoUdZmR9MU/iCwEDo8z0PdpGM9D4OX6tIr
f8sC1FIr+IKHWIbq3IJwXxLo1uEDUBNqVDvqWEwv3yelqsvO1k5O6eFsJ2kZw6Ca
APAxy4Mq0scFFMNE/FgVO95kCtcqEhH8JOD4xJIp8ritbOrHHQ7bW3Rahigrdgwh
z+urMY0O1/ZQCf2akB598ebPu+lTXLTQQOwGpAwrQl2vYPOxuaYCet1GE7wMDOX9
CSH9jJvm+KuVu4NE3nre46hdznCFYG4UczIxyNrshSEBt5Dd+iRjBqEwjUWHuDRz
Bp2iEQ==
-----END CERTIFICATE-----
Generated at Wed Nov 5 19:05:42 2025 by rpki-client