Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/326130663a356663303a6465623a3a2f34382d3438203d3e20323035303336.roa
File: 326130663a356663303a6465623a3a2f34382d3438203d3e20323035303336.roa (raw, json)
Hash identifier: HGgyYO79YRPv5eTIvRCSkvT+uzFYIDLIXRArnhiRVzA=
Subject key identifier: BF:C6:D7:6C:26:5E:35:7C:EB:19:9F:1B:ED:27:2B:BA:BF:C9:94:95
Certificate issuer: /CN=e205ebf065fc4929f1802662ae62d7f9762600e6
Certificate serial: 1A29F18B74D7EA2EAA6DFD71A02C0C024BB0FCE6
Authority key identifier: E2:05:EB:F0:65:FC:49:29:F1:80:26:62:AE:62:D7:F9:76:26:00:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4gXr8GX8SSnxgCZirmLX-XYmAOY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/326130663a356663303a6465623a3a2f34382d3438203d3e20323035303336.roa
Signing time: Wed 05 Nov 2025 11:03:57 +0000
ROA not before: Wed 05 Nov 2025 10:58:57 +0000
ROA not after: Wed 04 Nov 2026 11:03:57 +0000
asID: 205036
IP address blocks: 2a0f:5fc0:deb::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/E205EBF065FC4929F1802662AE62D7F9762600E6.crl
rsync://rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/E205EBF065FC4929F1802662AE62D7F9762600E6.mft
rsync://rpki.ripe.net/repository/DEFAULT/4gXr8GX8SSnxgCZirmLX-XYmAOY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:29:f1:8b:74:d7:ea:2e:aa:6d:fd:71:a0:2c:0c:02:4b:b0:fc:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e205ebf065fc4929f1802662ae62d7f9762600e6
Validity
Not Before: Nov 5 10:58:57 2025 GMT
Not After : Nov 4 11:03:57 2026 GMT
Subject: CN=BFC6D76C265E357CEB199F1BED272BBABFC99495
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:b5:cd:1a:55:43:fc:73:03:0b:5b:a7:c0:0b:
4d:32:19:09:9d:ca:d1:64:6a:fb:20:cc:26:68:13:
e5:d9:97:bb:bc:9a:78:db:70:95:21:14:76:40:e3:
20:c2:98:63:5c:18:b9:06:c2:a2:c4:0b:a8:16:ae:
92:33:cf:b0:1e:67:81:94:bc:64:ee:5c:9d:90:3e:
f6:8b:83:f8:26:4a:b1:78:fb:d4:5e:20:23:78:26:
1a:28:fc:c2:d0:34:3b:3f:9f:a8:6d:67:13:50:bc:
22:f1:1d:48:41:ee:b3:fe:34:83:b1:1b:0d:4a:37:
03:cb:6a:0a:16:46:df:aa:27:11:64:c1:95:ea:4a:
84:0d:44:0d:4a:29:d0:13:85:52:1a:0b:87:53:44:
1b:f0:69:2c:de:a9:76:5d:90:cc:8d:50:bd:ba:1d:
29:21:bd:e2:2a:34:ee:a0:a9:af:31:2a:a9:c0:36:
42:6d:77:21:5f:c9:28:35:3f:6b:b0:fd:96:fd:06:
74:40:7d:62:86:18:b3:8a:90:42:3a:ef:55:ce:df:
3e:fb:7c:7a:b3:1b:65:2d:89:1a:a9:7b:c0:31:5b:
67:74:97:c2:da:29:14:60:d3:b0:2e:ef:50:a7:94:
77:0e:7d:0b:2e:5b:30:5d:7f:d5:4e:a3:3f:38:1d:
43:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:C6:D7:6C:26:5E:35:7C:EB:19:9F:1B:ED:27:2B:BA:BF:C9:94:95
X509v3 Authority Key Identifier:
keyid:E2:05:EB:F0:65:FC:49:29:F1:80:26:62:AE:62:D7:F9:76:26:00:E6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/E205EBF065FC4929F1802662AE62D7F9762600E6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4gXr8GX8SSnxgCZirmLX-XYmAOY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/326130663a356663303a6465623a3a2f34382d3438203d3e20323035303336.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:5fc0:deb::/48
Signature Algorithm: sha256WithRSAEncryption
aa:6d:7b:a4:94:66:7b:3d:de:e3:87:21:da:dc:ac:65:4d:c9:
4d:4f:53:5c:ab:15:b2:aa:c3:49:70:4f:e2:45:24:f9:b3:07:
2b:13:74:18:96:1c:c9:88:a0:e7:64:d9:cf:8c:12:51:73:23:
88:59:17:71:2a:d9:1a:6c:33:51:eb:60:0f:5a:7f:e7:29:e4:
e3:ca:12:0b:34:e4:a2:b2:54:c9:39:2c:47:bc:92:2c:d1:25:
63:4a:de:b9:6c:e2:c1:6b:b6:ea:0f:bc:6b:41:3a:30:93:f5:
bc:81:02:d6:c1:ae:f8:7d:25:1a:a1:dc:5f:f1:63:93:2c:71:
88:ca:2a:bb:cc:27:e9:30:1d:e1:f2:d0:86:6f:c1:2e:7c:d1:
28:d5:83:69:07:6e:6f:24:7d:bb:c8:a5:87:7a:e6:16:c0:76:
9d:6e:91:44:3e:db:f6:a4:b9:33:39:3a:bf:52:c6:43:af:87:
fd:fe:db:da:00:57:40:ce:d9:26:13:af:b7:0d:4c:ec:77:ae:
bf:66:af:44:2c:03:33:49:c1:57:26:61:f6:c5:b6:20:7c:7f:
87:7f:2f:05:a2:8d:2a:eb:cd:5c:b8:04:d7:8e:47:fe:1d:56:
df:81:95:1e:46:12:6d:b8:7d:3e:86:4b:41:9e:c0:ff:ee:a2:
86:b1:e4:a7
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgIUGinxi3TX6i6qbf1xoCwMAkuw/OYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTIwNWViZjA2NWZjNDkyOWYxODAyNjYyYWU2MmQ3Zjk3
NjI2MDBlNjAeFw0yNTExMDUxMDU4NTdaFw0yNjExMDQxMTAzNTdaMDMxMTAvBgNV
BAMTKEJGQzZENzZDMjY1RTM1N0NFQjE5OUYxQkVEMjcyQkJBQkZDOTk0OTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCytc0aVUP8cwMLW6fAC00yGQmd
ytFkavsgzCZoE+XZl7u8mnjbcJUhFHZA4yDCmGNcGLkGwqLEC6gWrpIzz7AeZ4GU
vGTuXJ2QPvaLg/gmSrF4+9ReICN4Jhoo/MLQNDs/n6htZxNQvCLxHUhB7rP+NIOx
Gw1KNwPLagoWRt+qJxFkwZXqSoQNRA1KKdAThVIaC4dTRBvwaSzeqXZdkMyNUL26
HSkhveIqNO6gqa8xKqnANkJtdyFfySg1P2uw/Zb9BnRAfWKGGLOKkEI671XO3z77
fHqzG2UtiRqpe8AxW2d0l8LaKRRg07Au71CnlHcOfQsuWzBdf9VOoz84HUPRAgMB
AAGjggJIMIICRDAdBgNVHQ4EFgQUv8bXbCZeNXzrGZ8b7Scrur/JlJUwHwYDVR0j
BBgwFoAU4gXr8GX8SSnxgCZirmLX+XYmAOYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYmYwYmUzZTEtODU0ZS00NjYyLTkyZTgtMDI4OTUwZmY1
N2ZlLzAvRTIwNUVCRjA2NUZDNDkyOUYxODAyNjYyQUU2MkQ3Rjk3NjI2MDBFNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzRnWHI4R1g4U1NueGdDWmlybUxYLVhZ
bUFPWS5jZXIwgbUGCCsGAQUFBwELBIGoMIGlMIGiBggrBgEFBQcwC4aBlXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYmYwYmUzZTEt
ODU0ZS00NjYyLTkyZTgtMDI4OTUwZmY1N2ZlLzAvMzI2MTMwNjYzYTM1NjY2MzMw
M2E2NDY1NjIzYTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMjMwMzUzMDMzMzYucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8E
AgACMAkDBwAqD1/ADeswDQYJKoZIhvcNAQELBQADggEBAKpte6SUZns93uOHIdrc
rGVNyU1PU1yrFbKqw0lwT+JFJPmzBysTdBiWHMmIoOdk2c+MElFzI4hZF3Eq2Rps
M1HrYA9af+cp5OPKEgs05KKyVMk5LEe8kizRJWNK3rls4sFrtuoPvGtBOjCT9byB
AtbBrvh9JRqh3F/xY5MscYjKKrvMJ+kwHeHy0IZvwS580SjVg2kHbm8kfbvIpYd6
5hbAdp1ukUQ+2/akuTM5Or9SxkOvh/3+29oAV0DO2SYTr7cNTOx3rr9mr0QsAzNJ
wVcmYfbFtiB8f4d/LwWijSrrzVy4BNeOR/4dVt+BlR5GEm24fT6GS0GewP/uooax
5Kc=
-----END CERTIFICATE-----
Generated at Wed Nov 5 19:05:07 2025 by rpki-client