Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/326131343a333863303a333a3a2f34382d3438203d3e20323135323438.roa
File: 326131343a333863303a333a3a2f34382d3438203d3e20323135323438.roa (raw, json)
Hash identifier: rQvL6z8yuqUS7v24/Ra9en3S8KmIgkMtv1rcn8o1sfA=
Subject key identifier: E6:EE:54:82:81:3D:CE:45:BE:8E:DB:51:F1:86:08:A3:52:DA:FF:11
Certificate issuer: /CN=5cdc04bb23eaa4cecc791dfe04bb028b7e797b68
Certificate serial: 787C9C4E8C908AED710954143FEBEACBBFF868B8
Authority key identifier: 5C:DC:04:BB:23:EA:A4:CE:CC:79:1D:FE:04:BB:02:8B:7E:79:7B:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XNwEuyPqpM7MeR3-BLsCi355e2g.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/326131343a333863303a333a3a2f34382d3438203d3e20323135323438.roa
Signing time: Sat 02 Aug 2025 16:47:42 +0000
ROA not before: Sat 02 Aug 2025 16:42:42 +0000
ROA not after: Sat 01 Aug 2026 16:47:42 +0000
asID: 215248
IP address blocks: 2a14:38c0:3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/5CDC04BB23EAA4CECC791DFE04BB028B7E797B68.crl
rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/5CDC04BB23EAA4CECC791DFE04BB028B7E797B68.mft
rsync://rpki.ripe.net/repository/DEFAULT/XNwEuyPqpM7MeR3-BLsCi355e2g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 04:56:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:7c:9c:4e:8c:90:8a:ed:71:09:54:14:3f:eb:ea:cb:bf:f8:68:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cdc04bb23eaa4cecc791dfe04bb028b7e797b68
Validity
Not Before: Aug 2 16:42:42 2025 GMT
Not After : Aug 1 16:47:42 2026 GMT
Subject: CN=E6EE5482813DCE45BE8EDB51F18608A352DAFF11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:0e:3b:27:3b:fd:f4:75:77:13:09:e9:4c:d3:
86:8a:9f:f4:92:bb:c4:bd:4a:0b:35:c0:9f:86:be:
32:9c:db:62:77:50:31:d1:f7:2b:7e:e6:3b:da:7a:
2c:8d:92:38:80:a6:9e:3f:e5:86:ca:b5:5c:ff:c9:
96:fb:f9:c3:08:d5:4f:e0:bb:06:8f:ad:4c:3c:8d:
f0:73:4e:d6:9d:c9:a5:b9:ae:d1:a2:92:9c:7d:73:
38:24:63:eb:19:3a:c3:e2:f0:62:08:ce:fa:cd:de:
9d:bb:b5:ae:d1:f4:ef:3d:85:1c:c1:82:cb:aa:01:
45:7f:91:7b:9b:c0:50:0b:76:64:21:04:01:f8:fe:
a1:ce:a2:a3:44:87:51:a9:57:31:38:ef:a9:ce:20:
e0:aa:18:7f:46:61:5d:10:b7:23:7f:43:7b:df:0c:
aa:4f:fa:38:9e:b9:4c:2d:8b:1c:d6:27:f6:32:eb:
60:c1:08:ee:5e:ca:08:fe:75:15:ed:03:7f:4b:38:
83:e3:fe:f1:41:ac:2c:11:3f:7d:a0:38:a8:49:d6:
af:f5:41:2b:7a:91:1c:ab:04:9b:0c:f3:e5:6c:b3:
b5:84:5d:eb:f1:08:f2:ca:8a:02:2e:c8:d9:c8:d1:
b1:83:22:5f:55:ce:31:55:d1:bf:a7:3e:d3:86:74:
af:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:EE:54:82:81:3D:CE:45:BE:8E:DB:51:F1:86:08:A3:52:DA:FF:11
X509v3 Authority Key Identifier:
keyid:5C:DC:04:BB:23:EA:A4:CE:CC:79:1D:FE:04:BB:02:8B:7E:79:7B:68
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/5CDC04BB23EAA4CECC791DFE04BB028B7E797B68.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XNwEuyPqpM7MeR3-BLsCi355e2g.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/326131343a333863303a333a3a2f34382d3438203d3e20323135323438.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:38c0:3::/48
Signature Algorithm: sha256WithRSAEncryption
53:2f:f1:c4:98:e7:7b:32:5a:57:bf:1d:fd:b3:65:7e:8a:5f:
bd:4b:9f:73:0d:5a:a2:74:ab:97:9e:81:d9:e3:25:6b:70:87:
b1:d3:ec:73:03:3d:09:60:42:b9:a0:9e:de:a0:f2:55:3d:b8:
11:d7:c1:bb:d8:04:65:22:73:22:48:07:71:14:c8:c5:b2:af:
f6:85:8a:9e:99:9a:91:fd:52:a5:de:3d:cf:7d:1d:d7:bb:05:
a4:d9:7c:84:19:19:51:14:39:72:37:e2:9c:3b:6f:4a:7c:7c:
dc:85:ad:e5:d6:d0:ca:90:13:7b:1a:6c:94:f8:ba:aa:25:b5:
a1:7b:dc:02:4e:a4:69:eb:8e:60:8f:05:83:2e:76:e4:8a:3c:
ea:f5:50:dd:5c:63:c5:ff:db:34:8a:9d:34:a9:0e:fe:04:52:
4c:71:8b:ec:2f:72:9a:78:f3:f2:b0:a5:b6:74:cc:62:7a:a7:
74:86:09:a1:ea:14:f5:b8:68:78:b7:b3:60:bd:3a:f3:0e:7c:
fb:44:8f:60:76:67:a2:84:e4:a8:fc:11:83:1f:43:67:e6:61:
ff:cd:38:0e:7a:6d:12:9d:35:cd:91:e7:21:2c:6d:1a:52:f2:
1e:d4:8a:9e:e4:45:5a:e4:de:ce:b2:15:61:9a:57:b0:cd:1f:
61:01:a7:da
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUeHycToyQiu1xCVQUP+vqy7/4aLgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWNkYzA0YmIyM2VhYTRjZWNjNzkxZGZlMDRiYjAyOGI3
ZTc5N2I2ODAeFw0yNTA4MDIxNjQyNDJaFw0yNjA4MDExNjQ3NDJaMDMxMTAvBgNV
BAMTKEU2RUU1NDgyODEzRENFNDVCRThFREI1MUYxODYwOEEzNTJEQUZGMTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2DjsnO/30dXcTCelM04aKn/SS
u8S9Sgs1wJ+GvjKc22J3UDHR9yt+5jvaeiyNkjiApp4/5YbKtVz/yZb7+cMI1U/g
uwaPrUw8jfBzTtadyaW5rtGikpx9czgkY+sZOsPi8GIIzvrN3p27ta7R9O89hRzB
gsuqAUV/kXubwFALdmQhBAH4/qHOoqNEh1GpVzE476nOIOCqGH9GYV0QtyN/Q3vf
DKpP+jieuUwtixzWJ/Yy62DBCO5eygj+dRXtA39LOIPj/vFBrCwRP32gOKhJ1q/1
QSt6kRyrBJsM8+Vss7WEXevxCPLKigIuyNnI0bGDIl9VzjFV0b+nPtOGdK9BAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQU5u5UgoE9zkW+jttR8YYIo1La/xEwHwYDVR0j
BBgwFoAUXNwEuyPqpM7MeR3+BLsCi355e2gwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2QxOWRiMjAtNDY1My00OGQ0LThmYzQtNTgwZDEzNjli
N2M0LzAvNUNEQzA0QkIyM0VBQTRDRUNDNzkxREZFMDRCQjAyOEI3RTc5N0I2OC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hOd0V1eVBxcE03TWVSMy1CTHNDaTM1
NWUyZy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2QxOWRiMjAt
NDY1My00OGQ0LThmYzQtNTgwZDEzNjliN2M0LzAvMzI2MTMxMzQzYTMzMzg2MzMw
M2EzMzNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzNTMyMzQzOC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHACoUOMAAAzANBgkqhkiG9w0BAQsFAAOCAQEAUy/xxJjnezJaV78d/bNlfopf
vUufcw1aonSrl56B2eMla3CHsdPscwM9CWBCuaCe3qDyVT24EdfBu9gEZSJzIkgH
cRTIxbKv9oWKnpmakf1Spd49z30d17sFpNl8hBkZURQ5cjfinDtvSnx83IWt5dbQ
ypATexpslPi6qiW1oXvcAk6kaeuOYI8Fgy525Io86vVQ3Vxjxf/bNIqdNKkO/gRS
THGL7C9ymnjz8rCltnTMYnqndIYJoeoU9bhoeLezYL068w58+0SPYHZnooTkqPwR
gx9DZ+Zh/804DnptEp01zZHnISxtGlLyHtSKnuRFWuTezrIVYZpXsM0fYQGn2g==
-----END CERTIFICATE-----
Generated at Mon Aug 4 18:58:33 2025 by rpki-client