Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d697160c-acc5-4b51-bf55-10c7a6e66980/3/323030313a3637633a326265383a3a2f34382d3438203d3e20323035333239.roa
File: 323030313a3637633a326265383a3a2f34382d3438203d3e20323035333239.roa (raw, json)
Hash identifier: 3ZFhB/5ygf5t4lpptEoHt4tGKQVifxYsEJPws7ZipKw=
Subject key identifier: 8F:9C:47:00:3F:F9:05:9A:39:E9:C6:23:9F:B8:89:5F:BE:0B:FE:9E
Certificate issuer: /CN=d642975f535f45fd9f6d8fea626bc6d24bc9d8d8
Certificate serial: 601DBC3239D76742D4FF7D474EDD0E80F743B496
Authority key identifier: D6:42:97:5F:53:5F:45:FD:9F:6D:8F:EA:62:6B:C6:D2:4B:C9:D8:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1kKXX1NfRf2fbY_qYmvG0kvJ2Ng.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d697160c-acc5-4b51-bf55-10c7a6e66980/3/323030313a3637633a326265383a3a2f34382d3438203d3e20323035333239.roa
Signing time: Wed 29 Oct 2025 08:38:24 +0000
ROA not before: Wed 29 Oct 2025 08:33:24 +0000
ROA not after: Wed 28 Oct 2026 08:38:24 +0000
asID: 205329
IP address blocks: 2001:67c:2be8::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/d697160c-acc5-4b51-bf55-10c7a6e66980/3/D642975F535F45FD9F6D8FEA626BC6D24BC9D8D8.crl
rsync://rsync.paas.rpki.ripe.net/repository/d697160c-acc5-4b51-bf55-10c7a6e66980/3/D642975F535F45FD9F6D8FEA626BC6D24BC9D8D8.mft
rsync://rpki.ripe.net/repository/DEFAULT/1kKXX1NfRf2fbY_qYmvG0kvJ2Ng.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 16:54:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:1d:bc:32:39:d7:67:42:d4:ff:7d:47:4e:dd:0e:80:f7:43:b4:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d642975f535f45fd9f6d8fea626bc6d24bc9d8d8
Validity
Not Before: Oct 29 08:33:24 2025 GMT
Not After : Oct 28 08:38:24 2026 GMT
Subject: CN=8F9C47003FF9059A39E9C6239FB8895FBE0BFE9E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:3b:39:6f:46:ae:78:de:05:b7:e8:b8:33:4c:
51:b3:db:8e:07:19:34:8f:fb:04:08:16:9a:14:d3:
fc:bb:3c:4f:8d:d0:40:76:f5:bd:bb:c3:8d:d4:2f:
98:77:81:e6:2b:f3:1d:d9:fb:f6:f2:f8:27:30:e5:
82:66:09:c7:ac:55:69:a8:d8:82:3e:bf:4b:db:f9:
a6:63:35:94:9e:e7:c5:e4:a1:c9:84:fc:12:79:71:
50:a5:85:77:81:17:7a:2b:30:6f:64:a5:46:48:00:
13:49:44:ea:5f:70:4b:d2:f7:71:fb:26:f8:74:6a:
8c:ed:3a:7b:fb:a5:ac:26:89:22:52:eb:46:68:f9:
dd:91:27:1b:70:d5:a1:31:8e:51:af:ee:b3:18:61:
46:13:29:70:a2:8f:94:f3:51:45:ae:1a:26:27:21:
da:f9:d6:38:47:94:7f:94:d2:9a:55:35:2c:e8:1a:
07:4f:cf:d8:76:5a:51:b5:55:42:b1:8a:0e:a6:d0:
22:94:36:77:a6:00:8f:ad:a1:06:cb:7b:7f:48:46:
e3:36:6d:89:e4:54:91:f9:14:eb:51:97:f1:d8:ac:
68:fd:b7:b2:24:21:b5:96:96:62:45:95:82:1f:af:
f2:22:8b:d5:7b:af:7a:18:9d:b6:44:95:43:1f:98:
6d:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:9C:47:00:3F:F9:05:9A:39:E9:C6:23:9F:B8:89:5F:BE:0B:FE:9E
X509v3 Authority Key Identifier:
keyid:D6:42:97:5F:53:5F:45:FD:9F:6D:8F:EA:62:6B:C6:D2:4B:C9:D8:D8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/d697160c-acc5-4b51-bf55-10c7a6e66980/3/D642975F535F45FD9F6D8FEA626BC6D24BC9D8D8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1kKXX1NfRf2fbY_qYmvG0kvJ2Ng.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d697160c-acc5-4b51-bf55-10c7a6e66980/3/323030313a3637633a326265383a3a2f34382d3438203d3e20323035333239.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:2be8::/48
Signature Algorithm: sha256WithRSAEncryption
5d:18:a2:8c:8b:d5:73:18:37:bb:4b:1e:55:ab:87:8e:2d:0f:
83:a4:7d:d2:04:c0:50:7b:0f:d2:aa:96:64:43:1a:fe:95:5f:
3d:d2:ee:b0:b5:c3:4b:ea:43:f7:83:5d:05:5c:c5:52:4f:b0:
d4:35:4b:a8:91:c4:43:df:28:ae:ce:ad:10:de:7d:27:8b:e1:
be:de:b8:f2:4b:87:e6:ee:0e:0c:ca:b3:13:40:40:d6:0a:8d:
9a:c4:35:6c:44:70:f5:3a:b2:3f:6a:d8:8a:96:57:e4:eb:4f:
0f:31:e0:f1:1c:63:51:a3:8e:de:cd:7d:ad:72:ec:67:d6:06:
7a:ff:dd:c5:72:1c:8a:7d:f2:46:60:4f:96:47:a6:14:a2:cf:
60:23:56:89:8d:c6:01:38:d8:46:65:19:7c:d0:f2:71:df:5a:
71:ec:e4:ed:b0:b8:be:59:6c:52:7d:cb:10:9c:a1:c2:a0:7e:
31:a9:5f:c0:e5:5d:f3:39:7d:1e:3c:2e:88:39:e4:aa:a5:42:
29:e8:10:34:e0:b4:99:48:34:cd:f3:5b:79:90:56:ef:da:8c:
66:b4:35:c8:3f:49:5b:10:d7:af:ab:83:7f:60:89:8e:c2:d8:
11:2e:5d:7b:3d:c4:2a:09:f2:d6:29:0a:52:80:c4:39:1a:c6:
3f:61:73:b2
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgIUYB28MjnXZ0LU/31HTt0OgPdDtJYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDY0Mjk3NWY1MzVmNDVmZDlmNmQ4ZmVhNjI2YmM2ZDI0
YmM5ZDhkODAeFw0yNTEwMjkwODMzMjRaFw0yNjEwMjgwODM4MjRaMDMxMTAvBgNV
BAMTKDhGOUM0NzAwM0ZGOTA1OUEzOUU5QzYyMzlGQjg4OTVGQkUwQkZFOUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDvOzlvRq543gW36LgzTFGz244H
GTSP+wQIFpoU0/y7PE+N0EB29b27w43UL5h3geYr8x3Z+/by+Ccw5YJmCcesVWmo
2II+v0vb+aZjNZSe58XkocmE/BJ5cVClhXeBF3orMG9kpUZIABNJROpfcEvS93H7
Jvh0aoztOnv7pawmiSJS60Zo+d2RJxtw1aExjlGv7rMYYUYTKXCij5TzUUWuGiYn
Idr51jhHlH+U0ppVNSzoGgdPz9h2WlG1VUKxig6m0CKUNnemAI+toQbLe39IRuM2
bYnkVJH5FOtRl/HYrGj9t7IkIbWWlmJFlYIfr/Iii9V7r3oYnbZElUMfmG2LAgMB
AAGjggJIMIICRDAdBgNVHQ4EFgQUj5xHAD/5BZo56cYjn7iJX74L/p4wHwYDVR0j
BBgwFoAU1kKXX1NfRf2fbY/qYmvG0kvJ2NgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDY5NzE2MGMtYWNjNS00YjUxLWJmNTUtMTBjN2E2ZTY2
OTgwLzMvRDY0Mjk3NUY1MzVGNDVGRDlGNkQ4RkVBNjI2QkM2RDI0QkM5RDhEOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFrS1hYMU5mUmYyZmJZX3FZbXZHMGt2
SjJOZy5jZXIwgbUGCCsGAQUFBwELBIGoMIGlMIGiBggrBgEFBQcwC4aBlXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZDY5NzE2MGMt
YWNjNS00YjUxLWJmNTUtMTBjN2E2ZTY2OTgwLzMvMzIzMDMwMzEzYTM2Mzc2MzNh
MzI2MjY1MzgzYTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMjMwMzUzMzMyMzkucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8E
AgACMAkDBwAgAQZ8K+gwDQYJKoZIhvcNAQELBQADggEBAF0YooyL1XMYN7tLHlWr
h44tD4OkfdIEwFB7D9KqlmRDGv6VXz3S7rC1w0vqQ/eDXQVcxVJPsNQ1S6iRxEPf
KK7OrRDefSeL4b7euPJLh+buDgzKsxNAQNYKjZrENWxEcPU6sj9q2IqWV+TrTw8x
4PEcY1Gjjt7Nfa1y7GfWBnr/3cVyHIp98kZgT5ZHphSiz2AjVomNxgE42EZlGXzQ
8nHfWnHs5O2wuL5ZbFJ9yxCcocKgfjGpX8DlXfM5fR48Log55KqlQinoEDTgtJlI
NM3zW3mQVu/ajGa0Ncg/SVsQ16+rg39giY7C2BEuXXs9xCoJ8tYpClKAxDkaxj9h
c7I=
-----END CERTIFICATE-----
Generated at Wed Nov 5 06:49:07 2025 by rpki-client