Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/326131343a333863303a333a3a2f34382d3438203d3e20333936303634.roa
File: 326131343a333863303a333a3a2f34382d3438203d3e20333936303634.roa (raw, json)
Hash identifier: RQOZ0GeuB2hc8N96mezhBhXKeCrh7X17R4TSsdmASyE=
Subject key identifier: 33:2B:8D:DC:EF:A3:5F:25:AF:22:AA:CE:59:F5:5B:A3:75:53:68:A1
Certificate issuer: /CN=5cdc04bb23eaa4cecc791dfe04bb028b7e797b68
Certificate serial: 7723A55527066B57487B4449DD7CFCC2C0376DE3
Authority key identifier: 5C:DC:04:BB:23:EA:A4:CE:CC:79:1D:FE:04:BB:02:8B:7E:79:7B:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XNwEuyPqpM7MeR3-BLsCi355e2g.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/326131343a333863303a333a3a2f34382d3438203d3e20333936303634.roa
Signing time: Sat 02 Aug 2025 16:47:52 +0000
ROA not before: Sat 02 Aug 2025 16:42:52 +0000
ROA not after: Sat 01 Aug 2026 16:47:52 +0000
asID: 396064
IP address blocks: 2a14:38c0:3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/5CDC04BB23EAA4CECC791DFE04BB028B7E797B68.crl
rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/5CDC04BB23EAA4CECC791DFE04BB028B7E797B68.mft
rsync://rpki.ripe.net/repository/DEFAULT/XNwEuyPqpM7MeR3-BLsCi355e2g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 04:56:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:23:a5:55:27:06:6b:57:48:7b:44:49:dd:7c:fc:c2:c0:37:6d:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cdc04bb23eaa4cecc791dfe04bb028b7e797b68
Validity
Not Before: Aug 2 16:42:52 2025 GMT
Not After : Aug 1 16:47:52 2026 GMT
Subject: CN=332B8DDCEFA35F25AF22AACE59F55BA3755368A1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:ef:4b:6e:f2:ee:80:e4:ad:5a:2b:d9:4b:47:
ae:02:27:b9:be:e7:6b:f3:85:53:f4:6a:11:1d:a4:
73:be:a3:a2:21:b0:b5:a0:81:5e:f4:b2:2a:1b:42:
eb:18:7f:a0:30:61:6c:54:36:10:cc:c3:ff:30:7d:
e6:77:6b:e2:f3:11:86:89:f2:9e:b5:0b:05:98:df:
1c:32:4a:43:f4:fb:df:3f:0e:51:59:37:e4:7b:89:
14:c1:21:35:06:85:ea:6a:09:68:d7:14:d5:4a:9c:
f9:2f:e1:6c:66:e1:73:63:d4:a3:75:ad:91:1c:34:
c7:64:3e:5d:c1:9f:9c:bc:92:ea:00:c4:26:f6:8f:
ef:61:8d:b1:2f:f5:45:27:9d:bb:a5:08:a8:0d:59:
69:ee:41:8a:74:27:83:da:3c:e9:26:ad:78:be:21:
3e:3a:93:38:c1:10:5c:3d:2c:18:09:29:13:79:36:
85:14:69:a0:30:fd:97:b5:eb:11:a2:a4:95:41:ff:
05:2d:e7:e7:cd:60:91:83:df:9e:1d:1b:83:35:6c:
87:9e:b4:29:6c:18:39:47:47:92:55:68:eb:2c:61:
ee:3d:34:a0:f9:d8:1d:f2:ef:ec:19:3b:62:77:32:
d6:c7:77:ef:65:8f:d7:bf:56:57:89:e3:67:c9:cf:
82:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:2B:8D:DC:EF:A3:5F:25:AF:22:AA:CE:59:F5:5B:A3:75:53:68:A1
X509v3 Authority Key Identifier:
keyid:5C:DC:04:BB:23:EA:A4:CE:CC:79:1D:FE:04:BB:02:8B:7E:79:7B:68
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/5CDC04BB23EAA4CECC791DFE04BB028B7E797B68.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XNwEuyPqpM7MeR3-BLsCi355e2g.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/326131343a333863303a333a3a2f34382d3438203d3e20333936303634.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:38c0:3::/48
Signature Algorithm: sha256WithRSAEncryption
74:e7:91:cb:0f:12:a0:ce:85:ee:f9:b6:7e:26:c7:6a:dc:9f:
9e:e7:0d:ed:b8:21:8f:d1:f0:ec:1c:ad:73:9c:60:b9:13:05:
dd:b1:8b:cc:ac:11:fb:29:90:ae:62:c0:ad:a9:5a:12:ac:0a:
ff:52:46:ce:d7:35:24:31:cc:b7:f1:19:73:f9:cd:96:92:a4:
a0:08:20:ff:f6:79:7a:c3:a7:45:c5:c1:e8:cb:aa:f2:5e:26:
87:24:32:bf:f9:15:11:22:59:cf:b8:37:e1:7e:5b:d0:14:dd:
8b:41:c2:7d:09:ee:96:1a:3c:f7:3f:2b:f1:7a:88:69:e8:f7:
92:8c:2f:e2:fe:4e:d0:e8:4c:8d:08:bd:e3:d7:f6:0e:be:78:
1f:da:0b:24:17:b0:d5:7f:37:2c:d2:61:85:6c:e3:00:41:7f:
be:82:c0:8f:2e:a7:69:a3:0c:2b:05:32:f9:2f:6d:51:98:d4:
a1:d9:25:97:a8:bc:6d:e8:03:21:1a:1c:26:9f:b9:a2:10:fd:
ac:78:3a:8d:70:22:a0:d9:7f:2e:79:ee:b1:48:95:ac:a5:85:
6f:f5:59:8c:56:8b:e6:6e:45:7e:d6:bf:0e:8e:91:64:b0:e0:
09:57:ed:35:38:a9:04:ed:71:38:ef:b2:06:b9:3f:a5:bb:f3:
7e:4e:76:b8
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUdyOlVScGa1dIe0RJ3Xz8wsA3beMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWNkYzA0YmIyM2VhYTRjZWNjNzkxZGZlMDRiYjAyOGI3
ZTc5N2I2ODAeFw0yNTA4MDIxNjQyNTJaFw0yNjA4MDExNjQ3NTJaMDMxMTAvBgNV
BAMTKDMzMkI4RERDRUZBMzVGMjVBRjIyQUFDRTU5RjU1QkEzNzU1MzY4QTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDa70tu8u6A5K1aK9lLR64CJ7m+
52vzhVP0ahEdpHO+o6IhsLWggV70siobQusYf6AwYWxUNhDMw/8wfeZ3a+LzEYaJ
8p61CwWY3xwySkP0+98/DlFZN+R7iRTBITUGhepqCWjXFNVKnPkv4Wxm4XNj1KN1
rZEcNMdkPl3Bn5y8kuoAxCb2j+9hjbEv9UUnnbulCKgNWWnuQYp0J4PaPOkmrXi+
IT46kzjBEFw9LBgJKRN5NoUUaaAw/Ze16xGipJVB/wUt5+fNYJGD354dG4M1bIee
tClsGDlHR5JVaOssYe49NKD52B3y7+wZO2J3MtbHd+9lj9e/VleJ42fJz4J5AgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUMyuN3O+jXyWvIqrOWfVbo3VTaKEwHwYDVR0j
BBgwFoAUXNwEuyPqpM7MeR3+BLsCi355e2gwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2QxOWRiMjAtNDY1My00OGQ0LThmYzQtNTgwZDEzNjli
N2M0LzAvNUNEQzA0QkIyM0VBQTRDRUNDNzkxREZFMDRCQjAyOEI3RTc5N0I2OC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hOd0V1eVBxcE03TWVSMy1CTHNDaTM1
NWUyZy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2QxOWRiMjAt
NDY1My00OGQ0LThmYzQtNTgwZDEzNjliN2M0LzAvMzI2MTMxMzQzYTMzMzg2MzMw
M2EzMzNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMzMzkzNjMwMzYzNC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHACoUOMAAAzANBgkqhkiG9w0BAQsFAAOCAQEAdOeRyw8SoM6F7vm2fibHatyf
nucN7bghj9Hw7Bytc5xguRMF3bGLzKwR+ymQrmLAralaEqwK/1JGztc1JDHMt/EZ
c/nNlpKkoAgg//Z5esOnRcXB6Muq8l4mhyQyv/kVESJZz7g34X5b0BTdi0HCfQnu
lho89z8r8XqIaej3kowv4v5O0OhMjQi949f2Dr54H9oLJBew1X83LNJhhWzjAEF/
voLAjy6naaMMKwUy+S9tUZjUodkll6i8begDIRocJp+5ohD9rHg6jXAioNl/Lnnu
sUiVrKWFb/VZjFaL5m5Ffta/Do6RZLDgCVftNTipBO1xOO+yBrk/pbvzfk52uA==
-----END CERTIFICATE-----
Generated at Mon Aug 4 14:59:21 2025 by rpki-client