Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/326131343a333863303a323a3a2f34382d3438203d3e20333936303634.roa
File: 326131343a333863303a323a3a2f34382d3438203d3e20333936303634.roa (raw, json)
Hash identifier: b3AvMY9Sl1B0jVsJOJivHhqGlksNlQ/JV9muHKrGSGQ=
Subject key identifier: 6C:E1:38:6F:58:50:2A:CC:75:27:E9:1F:65:AB:FE:00:E3:41:7F:5D
Certificate issuer: /CN=5cdc04bb23eaa4cecc791dfe04bb028b7e797b68
Certificate serial: 78569403FC2BB5D5E08BE0818618A2D67B43C8CF
Authority key identifier: 5C:DC:04:BB:23:EA:A4:CE:CC:79:1D:FE:04:BB:02:8B:7E:79:7B:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XNwEuyPqpM7MeR3-BLsCi355e2g.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/326131343a333863303a323a3a2f34382d3438203d3e20333936303634.roa
Signing time: Mon 21 Jul 2025 20:25:59 +0000
ROA not before: Mon 21 Jul 2025 20:20:59 +0000
ROA not after: Mon 20 Jul 2026 20:25:59 +0000
asID: 396064
IP address blocks: 2a14:38c0:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/5CDC04BB23EAA4CECC791DFE04BB028B7E797B68.crl
rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/5CDC04BB23EAA4CECC791DFE04BB028B7E797B68.mft
rsync://rpki.ripe.net/repository/DEFAULT/XNwEuyPqpM7MeR3-BLsCi355e2g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 03:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:56:94:03:fc:2b:b5:d5:e0:8b:e0:81:86:18:a2:d6:7b:43:c8:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cdc04bb23eaa4cecc791dfe04bb028b7e797b68
Validity
Not Before: Jul 21 20:20:59 2025 GMT
Not After : Jul 20 20:25:59 2026 GMT
Subject: CN=6CE1386F58502ACC7527E91F65ABFE00E3417F5D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:6f:0f:aa:76:f7:ee:45:d9:c9:23:a9:4f:cb:
71:c6:98:10:3e:cf:b9:2a:0f:22:9b:11:63:56:9c:
5e:6b:19:fb:d7:33:4a:79:12:1d:ef:fe:20:2d:25:
5d:93:a9:5f:b9:b9:53:c2:5f:85:04:39:f5:1f:7b:
6f:e1:05:f6:e3:1a:15:ba:e8:76:e0:c9:4a:cb:e9:
b8:6d:85:cc:33:b9:d1:98:e4:05:9f:e1:e8:35:87:
2b:f5:ee:f5:41:14:3c:ee:ad:75:8b:84:ae:a7:8f:
e9:ba:58:ae:57:9a:bf:0a:a7:0a:0a:c9:cb:7c:61:
11:27:03:b3:9f:a0:07:38:0d:7f:8a:77:bc:d9:68:
80:2d:ea:15:b2:9b:cc:f4:62:2c:09:a9:f0:89:f0:
17:c6:a6:b6:85:d0:13:cd:a4:73:4c:1c:28:80:cb:
b1:f8:29:fd:ca:a7:70:c4:c3:c0:e7:43:e6:12:07:
61:12:a6:ea:c2:58:8d:1c:2a:ad:16:2d:2e:c3:e5:
f0:4d:31:99:2a:73:04:0b:07:6f:6b:10:42:eb:7b:
bf:b4:6f:2f:81:f2:93:c2:55:70:8e:47:e6:52:a6:
1e:03:8a:88:9e:20:20:48:4f:18:f6:71:bf:03:55:
6d:d8:56:35:4c:61:9b:07:e7:69:03:11:fd:e6:d9:
be:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:E1:38:6F:58:50:2A:CC:75:27:E9:1F:65:AB:FE:00:E3:41:7F:5D
X509v3 Authority Key Identifier:
keyid:5C:DC:04:BB:23:EA:A4:CE:CC:79:1D:FE:04:BB:02:8B:7E:79:7B:68
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/5CDC04BB23EAA4CECC791DFE04BB028B7E797B68.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XNwEuyPqpM7MeR3-BLsCi355e2g.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/326131343a333863303a323a3a2f34382d3438203d3e20333936303634.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:38c0:2::/48
Signature Algorithm: sha256WithRSAEncryption
67:a0:80:2a:e4:15:71:75:b1:ce:22:24:a6:30:64:18:83:a8:
f0:a7:26:c8:95:29:3b:5d:00:ff:61:0e:6e:8b:f4:03:ac:1d:
2b:6b:b3:6b:a7:55:40:44:d9:7a:79:ab:3c:41:ec:6e:bc:20:
a4:1d:fe:d2:01:b9:64:34:38:91:47:90:e8:e4:09:69:9e:17:
9a:e4:d1:c0:2d:dc:f1:47:79:af:b5:31:da:b1:26:f1:7d:bf:
6f:b3:4d:be:d0:6d:df:d0:d4:a5:08:a5:f9:ea:e1:4f:0c:4c:
b7:5c:23:84:b4:57:5d:15:1a:6f:b9:48:b0:6b:04:4d:99:cf:
ca:86:dd:18:32:1a:80:d9:86:01:c9:1a:cc:4e:48:34:ef:e0:
0e:01:fd:b9:71:d7:c1:fc:9d:23:7c:16:f5:d1:59:c6:d7:be:
87:0c:30:46:1e:44:c7:09:32:fa:37:73:a0:da:2a:12:b8:ac:
6d:57:af:0d:c7:0e:e4:d0:e4:02:8c:ae:04:68:9b:24:3a:44:
96:3f:54:b6:12:b9:2b:f1:bc:83:ae:fb:f6:da:b7:1e:01:76:
bc:c7:9e:7c:da:6f:ec:16:7f:93:b4:94:ae:8b:70:63:79:9f:
40:a3:0a:e6:70:7a:d8:5c:29:4b:8e:eb:b3:9c:68:89:ac:e7:
76:e0:ad:6e
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUeFaUA/wrtdXgi+CBhhii1ntDyM8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWNkYzA0YmIyM2VhYTRjZWNjNzkxZGZlMDRiYjAyOGI3
ZTc5N2I2ODAeFw0yNTA3MjEyMDIwNTlaFw0yNjA3MjAyMDI1NTlaMDMxMTAvBgNV
BAMTKDZDRTEzODZGNTg1MDJBQ0M3NTI3RTkxRjY1QUJGRTAwRTM0MTdGNUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0bw+qdvfuRdnJI6lPy3HGmBA+
z7kqDyKbEWNWnF5rGfvXM0p5Eh3v/iAtJV2TqV+5uVPCX4UEOfUfe2/hBfbjGhW6
6HbgyUrL6bhthcwzudGY5AWf4eg1hyv17vVBFDzurXWLhK6nj+m6WK5Xmr8KpwoK
yct8YREnA7OfoAc4DX+Kd7zZaIAt6hWym8z0YiwJqfCJ8BfGpraF0BPNpHNMHCiA
y7H4Kf3Kp3DEw8DnQ+YSB2ESpurCWI0cKq0WLS7D5fBNMZkqcwQLB29rEELre7+0
by+B8pPCVXCOR+ZSph4DioieICBITxj2cb8DVW3YVjVMYZsH52kDEf3m2b4zAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUbOE4b1hQKsx1J+kfZav+AONBf10wHwYDVR0j
BBgwFoAUXNwEuyPqpM7MeR3+BLsCi355e2gwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2QxOWRiMjAtNDY1My00OGQ0LThmYzQtNTgwZDEzNjli
N2M0LzAvNUNEQzA0QkIyM0VBQTRDRUNDNzkxREZFMDRCQjAyOEI3RTc5N0I2OC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hOd0V1eVBxcE03TWVSMy1CTHNDaTM1
NWUyZy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2QxOWRiMjAt
NDY1My00OGQ0LThmYzQtNTgwZDEzNjliN2M0LzAvMzI2MTMxMzQzYTMzMzg2MzMw
M2EzMjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMzMzkzNjMwMzYzNC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHACoUOMAAAjANBgkqhkiG9w0BAQsFAAOCAQEAZ6CAKuQVcXWxziIkpjBkGIOo
8KcmyJUpO10A/2EObov0A6wdK2uza6dVQETZenmrPEHsbrwgpB3+0gG5ZDQ4kUeQ
6OQJaZ4XmuTRwC3c8Ud5r7Ux2rEm8X2/b7NNvtBt39DUpQil+erhTwxMt1wjhLRX
XRUab7lIsGsETZnPyobdGDIagNmGAckazE5INO/gDgH9uXHXwfydI3wW9dFZxte+
hwwwRh5Exwky+jdzoNoqErisbVevDccO5NDkAoyuBGibJDpElj9UthK5K/G8g677
9tq3HgF2vMeefNpv7BZ/k7SUrotwY3mfQKMK5nB62FwpS47rs5xoiaznduCtbg==
-----END CERTIFICATE-----
Generated at Mon Aug 4 11:18:09 2025 by rpki-client