Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/326131343a333863303a313a3a2f34382d3438203d3e20323135323438.roa
File: 326131343a333863303a313a3a2f34382d3438203d3e20323135323438.roa (raw, json)
Hash identifier: hYvWm7RFlZS1l2LX8NsvpkNf0MsxvPiQn7slmgwssck=
Subject key identifier: 04:AD:B3:B9:89:B8:80:F1:15:71:AE:62:BB:B6:23:05:CD:03:ED:D4
Certificate issuer: /CN=5cdc04bb23eaa4cecc791dfe04bb028b7e797b68
Certificate serial: 6F1971264362B944CE0431956903CCCEAFAE817C
Authority key identifier: 5C:DC:04:BB:23:EA:A4:CE:CC:79:1D:FE:04:BB:02:8B:7E:79:7B:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XNwEuyPqpM7MeR3-BLsCi355e2g.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/326131343a333863303a313a3a2f34382d3438203d3e20323135323438.roa
Signing time: Mon 21 Jul 2025 19:46:58 +0000
ROA not before: Mon 21 Jul 2025 19:41:58 +0000
ROA not after: Mon 20 Jul 2026 19:46:58 +0000
asID: 215248
IP address blocks: 2a14:38c0:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/5CDC04BB23EAA4CECC791DFE04BB028B7E797B68.crl
rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/5CDC04BB23EAA4CECC791DFE04BB028B7E797B68.mft
rsync://rpki.ripe.net/repository/DEFAULT/XNwEuyPqpM7MeR3-BLsCi355e2g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 04:56:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:19:71:26:43:62:b9:44:ce:04:31:95:69:03:cc:ce:af:ae:81:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cdc04bb23eaa4cecc791dfe04bb028b7e797b68
Validity
Not Before: Jul 21 19:41:58 2025 GMT
Not After : Jul 20 19:46:58 2026 GMT
Subject: CN=04ADB3B989B880F11571AE62BBB62305CD03EDD4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:5e:31:5d:fe:e4:b5:22:61:5c:cc:06:62:75:
62:b5:b5:8f:13:9a:c3:54:4b:e3:cb:3d:0b:8f:3e:
ae:4f:bb:3c:28:07:a8:0e:45:ce:9a:e8:a1:df:d8:
46:2d:11:58:e1:31:67:05:65:9c:a2:5b:a8:2e:16:
77:cc:0f:6d:fa:0b:85:34:34:37:0e:34:11:f5:37:
cb:a1:56:f1:d9:5e:7b:cb:dc:7c:e0:a8:d3:60:55:
ca:d9:fd:2c:bb:30:1f:4f:d5:a5:26:f2:ca:7b:60:
6c:0c:1c:22:2d:0f:95:2f:68:a9:ee:a1:b7:74:10:
57:cf:6f:f9:09:b3:2e:41:b6:00:e0:28:24:8a:91:
f5:ae:37:dd:4b:d6:d4:22:2b:70:4a:2f:7e:6d:5b:
40:da:51:7e:19:a5:3a:55:a8:97:95:d0:4b:6d:44:
e9:c7:53:a2:16:2c:c8:8d:be:59:2a:8c:c4:6f:d1:
d6:ee:74:80:98:94:c2:9f:cf:b1:6d:e5:c2:b0:25:
f7:ba:25:f6:64:2d:82:b6:41:29:69:57:22:80:ff:
24:61:28:14:80:20:ed:c2:58:3b:22:2b:a2:1b:a3:
7a:87:14:59:74:57:80:3e:21:74:29:99:42:de:c5:
45:d6:8b:4d:08:99:61:01:3e:7a:f0:02:cc:f5:c1:
59:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:AD:B3:B9:89:B8:80:F1:15:71:AE:62:BB:B6:23:05:CD:03:ED:D4
X509v3 Authority Key Identifier:
keyid:5C:DC:04:BB:23:EA:A4:CE:CC:79:1D:FE:04:BB:02:8B:7E:79:7B:68
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/5CDC04BB23EAA4CECC791DFE04BB028B7E797B68.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XNwEuyPqpM7MeR3-BLsCi355e2g.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/326131343a333863303a313a3a2f34382d3438203d3e20323135323438.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:38c0:1::/48
Signature Algorithm: sha256WithRSAEncryption
1d:d5:0d:31:3c:21:8a:5a:01:f4:24:2f:5a:58:41:96:72:71:
0f:2b:3e:6c:0c:df:ba:f7:9a:f8:12:e3:98:59:5b:c6:06:a1:
e0:48:51:ed:21:ae:7f:68:a8:67:ca:d7:d1:05:37:31:59:ab:
1b:04:40:ab:2b:bc:c2:1e:78:59:6c:c2:06:08:0f:4e:86:d0:
b1:b1:e6:6c:c8:2a:b5:49:61:16:1e:88:a7:91:1c:b4:6d:79:
35:59:36:54:5b:5e:82:3f:4b:85:15:92:58:99:a7:2a:63:fb:
33:e6:30:23:28:95:86:23:22:97:ca:57:d2:d0:5f:e4:ae:95:
13:a6:e9:b0:5a:88:ce:6d:2d:f4:b4:b0:a0:ee:17:ec:46:c1:
2b:83:b5:56:d1:b7:6f:39:5f:01:99:b0:29:14:91:37:e6:5a:
b3:38:97:82:8c:35:bd:6b:d9:08:d0:c8:4c:4b:f9:ed:31:19:
38:01:b8:65:26:29:60:45:eb:9b:09:1a:cc:7a:b1:c0:fc:15:
58:db:bb:b4:69:ad:24:59:58:70:60:ab:63:6c:32:d4:de:2a:
2d:13:9f:7b:53:0f:7a:06:9a:5c:d9:bc:9c:eb:20:57:a5:9f:
39:8c:e4:89:b6:ae:ca:47:ef:67:c1:60:3d:3c:b6:f7:51:19:
e9:20:ba:1a
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUbxlxJkNiuUTOBDGVaQPMzq+ugXwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWNkYzA0YmIyM2VhYTRjZWNjNzkxZGZlMDRiYjAyOGI3
ZTc5N2I2ODAeFw0yNTA3MjExOTQxNThaFw0yNjA3MjAxOTQ2NThaMDMxMTAvBgNV
BAMTKDA0QURCM0I5ODlCODgwRjExNTcxQUU2MkJCQjYyMzA1Q0QwM0VERDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYXjFd/uS1ImFczAZidWK1tY8T
msNUS+PLPQuPPq5PuzwoB6gORc6a6KHf2EYtEVjhMWcFZZyiW6guFnfMD236C4U0
NDcONBH1N8uhVvHZXnvL3HzgqNNgVcrZ/Sy7MB9P1aUm8sp7YGwMHCItD5UvaKnu
obd0EFfPb/kJsy5BtgDgKCSKkfWuN91L1tQiK3BKL35tW0DaUX4ZpTpVqJeV0Ett
ROnHU6IWLMiNvlkqjMRv0dbudICYlMKfz7Ft5cKwJfe6JfZkLYK2QSlpVyKA/yRh
KBSAIO3CWDsiK6Ibo3qHFFl0V4A+IXQpmULexUXWi00ImWEBPnrwAsz1wVl9AgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUBK2zuYm4gPEVca5iu7YjBc0D7dQwHwYDVR0j
BBgwFoAUXNwEuyPqpM7MeR3+BLsCi355e2gwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2QxOWRiMjAtNDY1My00OGQ0LThmYzQtNTgwZDEzNjli
N2M0LzAvNUNEQzA0QkIyM0VBQTRDRUNDNzkxREZFMDRCQjAyOEI3RTc5N0I2OC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hOd0V1eVBxcE03TWVSMy1CTHNDaTM1
NWUyZy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2QxOWRiMjAt
NDY1My00OGQ0LThmYzQtNTgwZDEzNjliN2M0LzAvMzI2MTMxMzQzYTMzMzg2MzMw
M2EzMTNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzNTMyMzQzOC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHACoUOMAAATANBgkqhkiG9w0BAQsFAAOCAQEAHdUNMTwhiloB9CQvWlhBlnJx
Dys+bAzfuvea+BLjmFlbxgah4EhR7SGuf2ioZ8rX0QU3MVmrGwRAqyu8wh54WWzC
BggPTobQsbHmbMgqtUlhFh6Ip5EctG15NVk2VFtegj9LhRWSWJmnKmP7M+YwIyiV
hiMil8pX0tBf5K6VE6bpsFqIzm0t9LSwoO4X7EbBK4O1VtG3bzlfAZmwKRSRN+Za
sziXgow1vWvZCNDITEv57TEZOAG4ZSYpYEXrmwkazHqxwPwVWNu7tGmtJFlYcGCr
Y2wy1N4qLROfe1MPegaaXNm8nOsgV6WfOYzkibauykfvZ8FgPTy291EZ6SC6Gg==
-----END CERTIFICATE-----
Generated at Mon Aug 4 18:55:19 2025 by rpki-client