Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e26eb136-4fe5-4e61-a4d8-f345f52bc25d/0/326130663a316363353a3730303a3a2f34302d3438203d3e20323034303731.roa
File: 326130663a316363353a3730303a3a2f34302d3438203d3e20323034303731.roa (raw, json)
Hash identifier: sV0yETwTmIXrePHZAXDdmddQH9Qkwv/w6ZmZ0C48Cxg=
Subject key identifier: 9C:3C:E3:BD:DA:59:9E:C5:C2:85:D3:54:E0:FA:88:DF:03:B9:57:9B
Certificate issuer: /CN=75a838e02c61800f73d3019de0a51f567b64bc0e
Certificate serial: 37DE5D2C9A575B07EC62819D9AE087BF7C1CDE49
Authority key identifier: 75:A8:38:E0:2C:61:80:0F:73:D3:01:9D:E0:A5:1F:56:7B:64:BC:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dag44CxhgA9z0wGd4KUfVntkvA4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e26eb136-4fe5-4e61-a4d8-f345f52bc25d/0/326130663a316363353a3730303a3a2f34302d3438203d3e20323034303731.roa
Signing time: Tue 04 Nov 2025 15:00:28 +0000
ROA not before: Tue 04 Nov 2025 14:55:28 +0000
ROA not after: Tue 03 Nov 2026 15:00:28 +0000
asID: 204071
IP address blocks: 2a0f:1cc5:700::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e26eb136-4fe5-4e61-a4d8-f345f52bc25d/0/75A838E02C61800F73D3019DE0A51F567B64BC0E.crl
rsync://rsync.paas.rpki.ripe.net/repository/e26eb136-4fe5-4e61-a4d8-f345f52bc25d/0/75A838E02C61800F73D3019DE0A51F567B64BC0E.mft
rsync://rpki.ripe.net/repository/DEFAULT/dag44CxhgA9z0wGd4KUfVntkvA4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:de:5d:2c:9a:57:5b:07:ec:62:81:9d:9a:e0:87:bf:7c:1c:de:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75a838e02c61800f73d3019de0a51f567b64bc0e
Validity
Not Before: Nov 4 14:55:28 2025 GMT
Not After : Nov 3 15:00:28 2026 GMT
Subject: CN=9C3CE3BDDA599EC5C285D354E0FA88DF03B9579B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:00:3d:f7:50:21:15:44:53:6c:35:49:65:d7:
82:4f:9b:6f:06:5f:d5:a8:66:92:bf:a7:36:8e:51:
0c:2c:5a:fc:f4:d1:7a:1e:7a:db:37:94:42:a5:75:
65:bc:07:a1:3b:80:74:01:26:20:5e:d8:c8:2b:4a:
78:b9:a5:ba:45:a1:22:c1:cc:37:d3:70:0a:3b:c2:
56:4e:12:a5:78:47:a1:1e:68:60:10:34:85:1f:7e:
28:3c:87:e5:50:ca:21:ce:35:37:28:a7:6f:01:03:
4b:b6:e0:6e:84:c1:3a:06:72:d9:9b:01:86:0f:bf:
73:0d:99:73:bd:63:a7:7a:82:29:ad:b7:26:9d:ea:
5e:84:e3:46:7c:2b:cb:f4:ea:de:27:16:68:2a:74:
30:1f:f7:c3:97:0e:d5:7c:a4:d0:56:16:73:ed:0c:
5f:c1:d0:62:0c:5d:2d:79:fc:29:a3:28:83:54:3c:
af:cd:20:eb:44:b0:e6:b4:e8:f9:5e:68:1d:26:40:
34:f7:d6:27:03:50:bf:88:4e:cf:d1:d2:e4:8b:ec:
42:d9:6f:06:a1:07:d6:78:18:ef:3c:51:77:4f:c6:
06:61:ca:61:99:b7:64:fd:d2:06:9f:dd:93:f7:56:
ca:a9:74:a4:9f:e8:b2:be:a8:82:48:8b:04:d6:76:
c7:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:3C:E3:BD:DA:59:9E:C5:C2:85:D3:54:E0:FA:88:DF:03:B9:57:9B
X509v3 Authority Key Identifier:
keyid:75:A8:38:E0:2C:61:80:0F:73:D3:01:9D:E0:A5:1F:56:7B:64:BC:0E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e26eb136-4fe5-4e61-a4d8-f345f52bc25d/0/75A838E02C61800F73D3019DE0A51F567B64BC0E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dag44CxhgA9z0wGd4KUfVntkvA4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e26eb136-4fe5-4e61-a4d8-f345f52bc25d/0/326130663a316363353a3730303a3a2f34302d3438203d3e20323034303731.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1cc5:700::/40
Signature Algorithm: sha256WithRSAEncryption
2e:8f:d7:c4:94:e2:de:3f:b5:5b:5d:13:77:bf:20:55:99:bb:
66:ff:64:b1:13:c1:0a:34:5b:4e:6b:13:70:a4:59:32:2c:80:
24:ab:ab:6e:20:7f:4f:b4:e5:74:9b:07:b8:6e:8d:42:d9:26:
70:5b:6a:77:39:42:4b:d8:1a:9f:32:89:42:f1:92:39:8e:2d:
16:5b:f4:5b:6c:14:85:f8:b2:74:3a:56:72:9e:d1:c2:b2:3b:
73:32:b7:45:11:5b:ca:78:1d:02:c2:9c:24:2b:f0:21:83:1d:
55:9b:90:11:24:8a:fa:58:ee:38:50:2b:49:36:39:88:79:78:
4e:87:46:78:bf:9a:f8:cc:2b:8e:8f:50:7d:b5:a0:cc:bb:16:
e5:a8:a4:88:4f:59:c1:48:8d:06:d5:95:06:25:de:19:b2:ac:
bc:d8:9d:d3:1b:cc:17:e7:0d:98:59:43:a1:ed:89:24:33:06:
0a:1f:17:67:66:80:f4:f6:01:8a:17:86:99:8a:6c:ea:21:33:
fb:1b:42:bd:e5:6e:a3:2f:3d:3e:6b:13:d1:7a:65:b2:34:3f:
ab:7f:22:a1:51:b9:93:98:84:cd:0b:93:ef:90:cd:5b:ec:6d:
14:91:18:50:c1:42:2e:60:86:7b:79:21:5a:3f:9c:72:0c:10:
c6:89:74:40
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIUN95dLJpXWwfsYoGdmuCHv3wc3kkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzVhODM4ZTAyYzYxODAwZjczZDMwMTlkZTBhNTFmNTY3
YjY0YmMwZTAeFw0yNTExMDQxNDU1MjhaFw0yNjExMDMxNTAwMjhaMDMxMTAvBgNV
BAMTKDlDM0NFM0JEREE1OTlFQzVDMjg1RDM1NEUwRkE4OERGMDNCOTU3OUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCLAD33UCEVRFNsNUll14JPm28G
X9WoZpK/pzaOUQwsWvz00Xoeets3lEKldWW8B6E7gHQBJiBe2MgrSni5pbpFoSLB
zDfTcAo7wlZOEqV4R6EeaGAQNIUffig8h+VQyiHONTcop28BA0u24G6EwToGctmb
AYYPv3MNmXO9Y6d6gimttyad6l6E40Z8K8v06t4nFmgqdDAf98OXDtV8pNBWFnPt
DF/B0GIMXS15/CmjKINUPK/NIOtEsOa06PleaB0mQDT31icDUL+ITs/R0uSL7ELZ
bwahB9Z4GO88UXdPxgZhymGZt2T90gaf3ZP3VsqpdKSf6LK+qIJIiwTWdseRAgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQUnDzjvdpZnsXChdNU4PqI3wO5V5swHwYDVR0j
BBgwFoAUdag44CxhgA9z0wGd4KUfVntkvA4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTI2ZWIxMzYtNGZlNS00ZTYxLWE0ZDgtZjM0NWY1MmJj
MjVkLzAvNzVBODM4RTAyQzYxODAwRjczRDMwMTlERTBBNTFGNTY3QjY0QkMwRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2RhZzQ0Q3hoZ0E5ejB3R2Q0S1VmVm50
a3ZBNC5jZXIwgbUGCCsGAQUFBwELBIGoMIGlMIGiBggrBgEFBQcwC4aBlXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTI2ZWIxMzYt
NGZlNS00ZTYxLWE0ZDgtZjM0NWY1MmJjMjVkLzAvMzI2MTMwNjYzYTMxNjM2MzM1
M2EzNzMwMzAzYTNhMmYzNDMwMmQzNDM4MjAzZDNlMjAzMjMwMzQzMDM3MzEucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4E
AgACMAgDBgAqDxzFBzANBgkqhkiG9w0BAQsFAAOCAQEALo/XxJTi3j+1W10Td78g
VZm7Zv9ksRPBCjRbTmsTcKRZMiyAJKurbiB/T7TldJsHuG6NQtkmcFtqdzlCS9ga
nzKJQvGSOY4tFlv0W2wUhfiydDpWcp7RwrI7czK3RRFbyngdAsKcJCvwIYMdVZuQ
ESSK+ljuOFArSTY5iHl4TodGeL+a+Mwrjo9QfbWgzLsW5aikiE9ZwUiNBtWVBiXe
GbKsvNid0xvMF+cNmFlDoe2JJDMGCh8XZ2aA9PYBiheGmYps6iEz+xtCveVuoy89
PmsT0XplsjQ/q38ioVG5k5iEzQuT75DNW+xtFJEYUMFCLmCGe3khWj+ccgwQxol0
QA==
-----END CERTIFICATE-----
Generated at Wed Nov 5 13:57:28 2025 by rpki-client