Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/326130663a356663303a646565643a3a2f34382d3438203d3e20323035303336.roa
File: 326130663a356663303a646565643a3a2f34382d3438203d3e20323035303336.roa (raw, json)
Hash identifier: 6WyHSY5Xp60q1IE95V4h6lwOICpnxsevWtnXKH+E1RA=
Subject key identifier: AE:68:81:30:20:C2:E9:E9:B5:E0:86:71:D2:0D:97:76:88:DC:EE:2C
Certificate issuer: /CN=e205ebf065fc4929f1802662ae62d7f9762600e6
Certificate serial: 111211808A66873641F70A9819E1F4C47F8FA1F0
Authority key identifier: E2:05:EB:F0:65:FC:49:29:F1:80:26:62:AE:62:D7:F9:76:26:00:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4gXr8GX8SSnxgCZirmLX-XYmAOY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/326130663a356663303a646565643a3a2f34382d3438203d3e20323035303336.roa
Signing time: Wed 05 Nov 2025 11:03:58 +0000
ROA not before: Wed 05 Nov 2025 10:58:58 +0000
ROA not after: Wed 04 Nov 2026 11:03:58 +0000
asID: 205036
IP address blocks: 2a0f:5fc0:deed::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/E205EBF065FC4929F1802662AE62D7F9762600E6.crl
rsync://rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/E205EBF065FC4929F1802662AE62D7F9762600E6.mft
rsync://rpki.ripe.net/repository/DEFAULT/4gXr8GX8SSnxgCZirmLX-XYmAOY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 14:04:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:12:11:80:8a:66:87:36:41:f7:0a:98:19:e1:f4:c4:7f:8f:a1:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e205ebf065fc4929f1802662ae62d7f9762600e6
Validity
Not Before: Nov 5 10:58:58 2025 GMT
Not After : Nov 4 11:03:58 2026 GMT
Subject: CN=AE68813020C2E9E9B5E08671D20D977688DCEE2C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:ae:32:8b:20:45:34:6f:2a:c5:07:28:2f:fc:
94:9c:fd:fa:29:a7:4c:83:85:71:29:24:20:90:d2:
13:38:bf:2e:53:a3:2a:ad:0c:7d:0e:26:e9:33:a6:
4c:b2:95:02:ec:9e:93:f6:e9:39:91:92:25:c6:17:
b0:07:24:5a:00:1b:2c:b3:de:0b:7c:27:90:c0:6c:
53:71:27:a6:a0:05:8b:01:19:e4:e1:d2:db:6e:3a:
25:1d:d1:5f:7a:e1:67:53:d6:f1:53:d9:10:16:81:
5f:f4:9d:10:59:66:3a:48:a7:e8:eb:77:f8:de:15:
75:ac:e0:95:77:44:4c:52:df:e6:fc:01:c5:03:58:
93:81:ed:32:7f:96:93:bc:7b:41:aa:a2:5e:9f:f8:
b2:13:1e:db:15:a5:94:4f:50:b4:3d:4d:fc:a8:f0:
46:0f:85:99:76:3e:06:86:12:a5:9a:ef:64:ce:d1:
63:e5:66:31:e2:1f:30:59:ad:64:4d:5b:4d:e8:70:
9f:f7:bc:e2:c4:c6:d1:2f:82:c5:01:93:43:d8:65:
2a:de:1d:be:b2:e6:2e:e7:73:b2:19:5f:43:52:15:
46:7c:0b:7d:d1:4f:03:31:4a:86:8e:55:e0:f3:6c:
2a:ac:9a:9b:92:fa:a0:07:0a:0a:14:31:e4:5c:2f:
ff:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:68:81:30:20:C2:E9:E9:B5:E0:86:71:D2:0D:97:76:88:DC:EE:2C
X509v3 Authority Key Identifier:
keyid:E2:05:EB:F0:65:FC:49:29:F1:80:26:62:AE:62:D7:F9:76:26:00:E6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/E205EBF065FC4929F1802662AE62D7F9762600E6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4gXr8GX8SSnxgCZirmLX-XYmAOY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/326130663a356663303a646565643a3a2f34382d3438203d3e20323035303336.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:5fc0:deed::/48
Signature Algorithm: sha256WithRSAEncryption
aa:c7:83:49:4f:ed:7c:01:e7:10:27:af:c5:29:86:42:8a:30:
c7:b3:8d:66:e2:a9:80:2d:a7:77:6c:6b:ba:a6:3f:01:a8:57:
ac:72:58:2e:46:3b:b4:72:dc:25:9f:c8:cb:81:97:f3:48:f5:
58:2e:fa:c6:33:c7:f9:53:3c:b5:9f:39:22:40:e9:11:ce:4c:
1f:ed:4c:b8:27:01:8e:4e:56:b4:7d:f0:f4:dd:1f:93:64:e7:
1f:1c:38:68:fc:73:e0:76:59:25:a3:8a:aa:3c:cb:ee:0e:de:
a9:85:46:fb:1e:33:c0:0f:55:a8:48:09:c3:b4:63:68:ad:e0:
02:e5:1b:1c:d7:05:d7:b0:4e:13:00:c5:ce:1a:86:a8:f2:c4:
c0:89:92:8f:44:1b:24:79:06:d3:66:84:c1:68:fe:33:dc:38:
32:1e:f4:3d:32:db:21:eb:05:7c:72:1f:c5:f9:42:38:30:fa:
7a:29:c9:ec:df:d8:83:ac:24:9d:5f:12:4e:6f:57:46:94:66:
63:22:ee:f9:bd:4e:9e:57:53:a0:a2:12:77:28:06:18:1e:6f:
4c:50:49:fd:9c:75:af:e4:f6:8a:05:68:8a:e1:2a:34:f5:1f:
e5:5c:5c:bb:f8:d3:f7:49:18:ba:f7:5e:17:4b:dc:80:23:58:
74:03:a1:db
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUERIRgIpmhzZB9wqYGeH0xH+PofAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTIwNWViZjA2NWZjNDkyOWYxODAyNjYyYWU2MmQ3Zjk3
NjI2MDBlNjAeFw0yNTExMDUxMDU4NThaFw0yNjExMDQxMTAzNThaMDMxMTAvBgNV
BAMTKEFFNjg4MTMwMjBDMkU5RTlCNUUwODY3MUQyMEQ5Nzc2ODhEQ0VFMkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrrjKLIEU0byrFBygv/JSc/fop
p0yDhXEpJCCQ0hM4vy5ToyqtDH0OJukzpkyylQLsnpP26TmRkiXGF7AHJFoAGyyz
3gt8J5DAbFNxJ6agBYsBGeTh0ttuOiUd0V964WdT1vFT2RAWgV/0nRBZZjpIp+jr
d/jeFXWs4JV3RExS3+b8AcUDWJOB7TJ/lpO8e0Gqol6f+LITHtsVpZRPULQ9Tfyo
8EYPhZl2PgaGEqWa72TO0WPlZjHiHzBZrWRNW03ocJ/3vOLExtEvgsUBk0PYZSre
Hb6y5i7nc7IZX0NSFUZ8C33RTwMxSoaOVeDzbCqsmpuS+qAHCgoUMeRcL/9DAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUrmiBMCDC6em14IZx0g2Xdojc7iwwHwYDVR0j
BBgwFoAU4gXr8GX8SSnxgCZirmLX+XYmAOYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYmYwYmUzZTEtODU0ZS00NjYyLTkyZTgtMDI4OTUwZmY1
N2ZlLzAvRTIwNUVCRjA2NUZDNDkyOUYxODAyNjYyQUU2MkQ3Rjk3NjI2MDBFNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzRnWHI4R1g4U1NueGdDWmlybUxYLVhZ
bUFPWS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYmYwYmUzZTEt
ODU0ZS00NjYyLTkyZTgtMDI4OTUwZmY1N2ZlLzAvMzI2MTMwNjYzYTM1NjY2MzMw
M2E2NDY1NjU2NDNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAzNTMwMzMzNi5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoPX8De7TANBgkqhkiG9w0BAQsFAAOCAQEAqseDSU/tfAHnECev
xSmGQoowx7ONZuKpgC2nd2xruqY/AahXrHJYLkY7tHLcJZ/Iy4GX80j1WC76xjPH
+VM8tZ85IkDpEc5MH+1MuCcBjk5WtH3w9N0fk2TnHxw4aPxz4HZZJaOKqjzL7g7e
qYVG+x4zwA9VqEgJw7RjaK3gAuUbHNcF17BOEwDFzhqGqPLEwImSj0QbJHkG02aE
wWj+M9w4Mh70PTLbIesFfHIfxflCODD6einJ7N/Yg6wknV8STm9XRpRmYyLu+b1O
nldToKISdygGGB5vTFBJ/Zx1r+T2igVoiuEqNPUf5Vxcu/jT90kYuvdeF0vcgCNY
dAOh2w==
-----END CERTIFICATE-----
Generated at Thu Nov 6 00:19:23 2025 by rpki-client