Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e26eb136-4fe5-4e61-a4d8-f345f52bc25d/0/326130663a316363353a34303a3a2f34342d3438203d3e20323131353735.roa
File: 326130663a316363353a34303a3a2f34342d3438203d3e20323131353735.roa (raw, json)
Hash identifier: QpwwdAZOOs5BUruAxr/jY+OnAcO4g9v4dc0VJjrLR6o=
Subject key identifier: 64:33:98:4D:01:AA:1D:73:FF:83:39:ED:CA:19:15:27:BD:26:BA:4D
Certificate issuer: /CN=75a838e02c61800f73d3019de0a51f567b64bc0e
Certificate serial: 07FBA560E76286D2ADFE1072B9FB8A45B4304ED5
Authority key identifier: 75:A8:38:E0:2C:61:80:0F:73:D3:01:9D:E0:A5:1F:56:7B:64:BC:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dag44CxhgA9z0wGd4KUfVntkvA4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e26eb136-4fe5-4e61-a4d8-f345f52bc25d/0/326130663a316363353a34303a3a2f34342d3438203d3e20323131353735.roa
Signing time: Sat 01 Nov 2025 11:14:40 +0000
ROA not before: Sat 01 Nov 2025 11:09:40 +0000
ROA not after: Sat 31 Oct 2026 11:14:40 +0000
asID: 211575
IP address blocks: 2a0f:1cc5:40::/44 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e26eb136-4fe5-4e61-a4d8-f345f52bc25d/0/75A838E02C61800F73D3019DE0A51F567B64BC0E.crl
rsync://rsync.paas.rpki.ripe.net/repository/e26eb136-4fe5-4e61-a4d8-f345f52bc25d/0/75A838E02C61800F73D3019DE0A51F567B64BC0E.mft
rsync://rpki.ripe.net/repository/DEFAULT/dag44CxhgA9z0wGd4KUfVntkvA4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 15:54:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:fb:a5:60:e7:62:86:d2:ad:fe:10:72:b9:fb:8a:45:b4:30:4e:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75a838e02c61800f73d3019de0a51f567b64bc0e
Validity
Not Before: Nov 1 11:09:40 2025 GMT
Not After : Oct 31 11:14:40 2026 GMT
Subject: CN=6433984D01AA1D73FF8339EDCA191527BD26BA4D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:63:26:60:bd:f2:0d:ba:d5:a6:2d:ac:57:07:
2d:fe:a6:d5:1c:07:d6:ab:da:b1:11:c8:24:f2:e4:
5d:ce:ef:90:e6:18:b5:2c:32:db:25:3b:32:dc:93:
38:49:1d:cc:49:1c:3d:75:ac:dc:fe:69:a1:4f:4f:
39:85:38:38:93:35:db:9e:f0:18:d7:0e:4e:de:ad:
f0:1d:28:b8:9f:5c:e1:67:be:12:29:bb:35:21:4b:
84:46:ed:9a:20:a4:08:f3:fa:23:a9:c1:75:c0:b2:
b0:45:56:db:3e:ef:19:a8:20:af:24:19:c1:04:7e:
7c:28:c0:d5:1d:4e:87:d3:4f:35:c1:0e:a8:7a:8a:
c7:a1:29:d2:7b:7a:eb:c6:3f:cb:66:78:10:a9:f0:
25:bf:58:f5:e7:21:9f:df:08:3c:d3:ee:8d:21:38:
91:64:84:51:81:e0:10:ab:e9:b4:63:fa:06:b7:ff:
83:b5:a1:5b:44:3a:4a:ab:ab:e6:f2:d1:c8:40:d3:
08:f3:2f:c1:aa:05:c0:a3:65:ac:82:52:68:6a:91:
ce:d4:9e:49:f0:8b:0c:7f:8f:72:ba:8b:4c:ed:ec:
af:f1:6d:ee:77:6c:b8:f0:10:fc:ec:d6:77:15:06:
3c:9d:99:4e:62:1d:2b:e1:57:8a:94:e1:f7:94:aa:
1b:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:33:98:4D:01:AA:1D:73:FF:83:39:ED:CA:19:15:27:BD:26:BA:4D
X509v3 Authority Key Identifier:
keyid:75:A8:38:E0:2C:61:80:0F:73:D3:01:9D:E0:A5:1F:56:7B:64:BC:0E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e26eb136-4fe5-4e61-a4d8-f345f52bc25d/0/75A838E02C61800F73D3019DE0A51F567B64BC0E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dag44CxhgA9z0wGd4KUfVntkvA4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e26eb136-4fe5-4e61-a4d8-f345f52bc25d/0/326130663a316363353a34303a3a2f34342d3438203d3e20323131353735.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1cc5:40::/44
Signature Algorithm: sha256WithRSAEncryption
4d:61:39:72:50:f9:20:fd:cd:f9:af:27:9c:6d:01:38:55:f8:
e4:a2:74:86:8b:01:ed:b0:c3:c9:c4:cb:c9:9c:82:91:eb:6e:
af:65:6e:d8:7b:67:d2:e4:da:57:79:8d:85:13:66:6c:de:db:
e3:ed:73:af:5e:1d:ec:41:e8:64:61:3e:8f:1d:96:c0:d5:01:
3e:b2:24:cc:0c:69:c3:2e:d1:49:cc:09:e9:9e:34:a5:1f:c1:
53:34:3a:b1:9e:72:e7:8b:46:ae:c9:7d:30:ea:95:8a:20:f0:
6f:25:37:ff:c5:2a:b0:88:a6:ee:11:b3:48:3b:22:40:9b:64:
0a:f5:0b:f0:71:80:b5:3a:a5:e9:37:c3:3a:c3:35:12:7b:51:
e3:89:3f:09:c9:0c:66:ea:c6:95:3e:45:f2:8b:35:2a:58:88:
48:69:c1:5a:af:fe:56:a1:8b:69:1d:8b:62:90:ee:16:44:06:
3c:d2:d0:d4:c7:d2:b5:44:68:a2:fe:77:b8:1d:89:88:b9:8e:
3a:42:63:5a:53:7d:29:15:93:5c:de:f5:b7:66:38:de:ca:d8:
5a:5d:4c:40:53:16:d5:23:af:24:29:8c:03:2f:ed:d2:10:be:
71:5d:50:1a:94:a2:00:76:b2:7e:b2:b1:c0:37:98:98:d5:22:
ef:5d:06:d7
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUB/ulYOdihtKt/hByufuKRbQwTtUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzVhODM4ZTAyYzYxODAwZjczZDMwMTlkZTBhNTFmNTY3
YjY0YmMwZTAeFw0yNTExMDExMTA5NDBaFw0yNjEwMzExMTE0NDBaMDMxMTAvBgNV
BAMTKDY0MzM5ODREMDFBQTFENzNGRjgzMzlFRENBMTkxNTI3QkQyNkJBNEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5YyZgvfINutWmLaxXBy3+ptUc
B9ar2rERyCTy5F3O75DmGLUsMtslOzLckzhJHcxJHD11rNz+aaFPTzmFODiTNdue
8BjXDk7erfAdKLifXOFnvhIpuzUhS4RG7ZogpAjz+iOpwXXAsrBFVts+7xmoIK8k
GcEEfnwowNUdTofTTzXBDqh6isehKdJ7euvGP8tmeBCp8CW/WPXnIZ/fCDzT7o0h
OJFkhFGB4BCr6bRj+ga3/4O1oVtEOkqrq+by0chA0wjzL8GqBcCjZayCUmhqkc7U
nknwiwx/j3K6i0zt7K/xbe53bLjwEPzs1ncVBjydmU5iHSvhV4qU4feUqhuhAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUZDOYTQGqHXP/gzntyhkVJ70muk0wHwYDVR0j
BBgwFoAUdag44CxhgA9z0wGd4KUfVntkvA4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTI2ZWIxMzYtNGZlNS00ZTYxLWE0ZDgtZjM0NWY1MmJj
MjVkLzAvNzVBODM4RTAyQzYxODAwRjczRDMwMTlERTBBNTFGNTY3QjY0QkMwRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2RhZzQ0Q3hoZ0E5ejB3R2Q0S1VmVm50
a3ZBNC5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTI2ZWIxMzYt
NGZlNS00ZTYxLWE0ZDgtZjM0NWY1MmJjMjVkLzAvMzI2MTMwNjYzYTMxNjM2MzM1
M2EzNDMwM2EzYTJmMzQzNDJkMzQzODIwM2QzZTIwMzIzMTMxMzUzNzM1LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcEKg8cxQBAMA0GCSqGSIb3DQEBCwUAA4IBAQBNYTlyUPkg/c35ryecbQE4
VfjkonSGiwHtsMPJxMvJnIKR626vZW7Ye2fS5NpXeY2FE2Zs3tvj7XOvXh3sQehk
YT6PHZbA1QE+siTMDGnDLtFJzAnpnjSlH8FTNDqxnnLni0auyX0w6pWKIPBvJTf/
xSqwiKbuEbNIOyJAm2QK9QvwcYC1OqXpN8M6wzUSe1HjiT8JyQxm6saVPkXyizUq
WIhIacFar/5WoYtpHYtikO4WRAY80tDUx9K1RGii/ne4HYmIuY46QmNaU30pFZNc
3vW3ZjjeythaXUxAUxbVI68kKYwDL+3SEL5xXVAalKIAdrJ+srHAN5iY1SLvXQbX
-----END CERTIFICATE-----
Generated at Wed Nov 5 06:37:05 2025 by rpki-client