Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/326131333a393634313a3a2f34382d3438203d3e203532313132.roa
File: 326131333a393634313a3a2f34382d3438203d3e203532313132.roa (raw, json)
Hash identifier: 5o2ZOradY5DoOPidcJ775vbaNLbxYZsPfZS6MPweSnY=
Subject key identifier: 3B:0A:C6:F4:49:88:81:F4:81:DC:97:84:D4:D6:AC:8B:3B:51:AD:81
Certificate issuer: /CN=f1d0572fe72991bd32854bac716676ebdad22ace
Certificate serial: 271B2916CF36D754C9B24DD218298284352C26CC
Authority key identifier: F1:D0:57:2F:E7:29:91:BD:32:85:4B:AC:71:66:76:EB:DA:D2:2A:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/326131333a393634313a3a2f34382d3438203d3e203532313132.roa
Signing time: Sat 27 Sep 2025 21:35:57 +0000
ROA not before: Sat 27 Sep 2025 21:30:57 +0000
ROA not after: Sat 26 Sep 2026 21:35:57 +0000
asID: 52112
IP address blocks: 2a13:9641::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.crl
rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.mft
rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:1b:29:16:cf:36:d7:54:c9:b2:4d:d2:18:29:82:84:35:2c:26:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d0572fe72991bd32854bac716676ebdad22ace
Validity
Not Before: Sep 27 21:30:57 2025 GMT
Not After : Sep 26 21:35:57 2026 GMT
Subject: CN=3B0AC6F4498881F481DC9784D4D6AC8B3B51AD81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:2e:e5:66:35:f2:d7:3d:e0:22:44:2b:dd:d5:
77:61:6b:0c:98:f5:d9:7f:de:a6:f2:21:c1:62:5d:
23:a1:9b:4a:14:bb:f2:82:5d:c2:7f:87:12:a9:16:
d7:a3:1a:ab:7e:49:42:9f:f4:1b:d7:74:4f:49:56:
fe:c6:06:d0:0f:78:94:81:3f:8c:86:b0:93:cd:98:
c9:0e:b0:1a:0c:13:6c:77:6a:7f:ff:b0:18:d4:bf:
6a:28:82:a4:7e:37:25:b9:f0:7a:70:ce:35:ba:fe:
f1:44:19:4c:73:84:0c:ff:2d:73:e4:10:f8:39:1e:
c6:5c:9e:7f:6e:02:5b:cd:3b:ce:50:08:1b:38:10:
ff:87:58:af:0b:c3:a4:c1:5b:b0:1e:74:b3:4b:4f:
84:93:28:54:e0:a1:c2:ec:08:66:2e:83:ce:2b:89:
d3:b6:64:0b:ca:7f:49:15:c3:45:7c:3e:4e:ae:e9:
6f:a2:ba:b5:d8:41:a4:6a:ed:c0:0c:18:3e:55:0d:
81:3f:c4:17:ce:61:ba:2e:62:78:60:40:8b:d5:2f:
8a:94:42:89:ce:13:8d:19:1d:87:be:a3:db:9f:09:
4c:1c:86:ab:5b:9e:f9:30:76:bb:d6:d3:5d:cd:c3:
63:36:7d:ae:30:d0:2c:ba:69:bf:c0:d0:b8:30:2b:
2b:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:0A:C6:F4:49:88:81:F4:81:DC:97:84:D4:D6:AC:8B:3B:51:AD:81
X509v3 Authority Key Identifier:
keyid:F1:D0:57:2F:E7:29:91:BD:32:85:4B:AC:71:66:76:EB:DA:D2:2A:CE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/326131333a393634313a3a2f34382d3438203d3e203532313132.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9641::/48
Signature Algorithm: sha256WithRSAEncryption
05:3b:0e:3f:8a:dd:d3:03:4f:92:58:4b:6c:38:9a:e3:07:af:
c9:c4:4a:bc:55:08:a1:88:69:bb:b5:50:38:c8:59:b4:2b:a9:
c8:0a:0a:6e:32:31:22:55:82:c3:70:4f:b1:c8:b7:cb:9f:d7:
43:82:e0:da:79:0c:74:16:0b:e5:3d:17:af:63:2b:c5:11:7d:
50:6f:8c:01:5a:ce:05:3c:82:16:be:31:ea:9b:ea:5a:d9:6a:
06:66:4f:44:00:06:20:3a:da:e1:8c:14:7a:eb:63:dc:47:a2:
12:67:73:64:1a:5f:aa:16:fa:84:7e:0e:d9:e8:20:81:d1:18:
db:51:06:cf:e7:7c:10:e3:97:e6:6f:28:a5:e3:50:5c:ec:56:
72:a1:e2:84:84:96:e1:c5:be:db:e2:8c:d8:04:83:8c:18:be:
78:06:d9:0d:2c:eb:75:2c:ef:ee:e2:c2:dd:0f:b3:99:83:83:
ae:2b:10:8f:d0:38:ff:03:12:ea:78:2d:f1:9c:9f:3c:9a:f7:
ed:be:75:cf:18:a9:37:bb:c0:bd:90:cf:5c:11:49:92:7f:9a:
db:9d:b8:d9:c2:1c:e3:6e:9f:1d:e7:81:a2:a2:93:e2:15:c8:
45:67:aa:d3:48:01:45:4c:ba:07:c4:fe:5b:0b:c6:37:f9:2a:
92:bd:10:75
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIUJxspFs8211TJsk3SGCmChDUsJswwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZjFkMDU3MmZlNzI5OTFiZDMyODU0YmFjNzE2Njc2ZWJk
YWQyMmFjZTAeFw0yNTA5MjcyMTMwNTdaFw0yNjA5MjYyMTM1NTdaMDMxMTAvBgNV
BAMTKDNCMEFDNkY0NDk4ODgxRjQ4MURDOTc4NEQ0RDZBQzhCM0I1MUFEODEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGLuVmNfLXPeAiRCvd1XdhawyY
9dl/3qbyIcFiXSOhm0oUu/KCXcJ/hxKpFtejGqt+SUKf9BvXdE9JVv7GBtAPeJSB
P4yGsJPNmMkOsBoME2x3an//sBjUv2oogqR+NyW58HpwzjW6/vFEGUxzhAz/LXPk
EPg5HsZcnn9uAlvNO85QCBs4EP+HWK8Lw6TBW7AedLNLT4STKFTgocLsCGYug84r
idO2ZAvKf0kVw0V8Pk6u6W+iurXYQaRq7cAMGD5VDYE/xBfOYbouYnhgQIvVL4qU
QonOE40ZHYe+o9ufCUwchqtbnvkwdrvW013Nw2M2fa4w0Cy6ab/A0LgwKyu7AgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQUOwrG9EmIgfSB3JeE1NasiztRrYEwHwYDVR0j
BBgwFoAU8dBXL+cpkb0yhUuscWZ269rSKs4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTMwZGU4NGItNDAwYS00ZmQxLWFiOGEtZTc2MTZlMjQ1
YjQ5LzAvRjFEMDU3MkZFNzI5OTFCRDMyODU0QkFDNzE2Njc2RUJEQUQyMkFDRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzhkQlhMLWNwa2IweWhVdXNjV1oyNjly
U0tzNC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTMwZGU4NGIt
NDAwYS00ZmQxLWFiOGEtZTc2MTZlMjQ1YjQ5LzAvMzI2MTMxMzMzYTM5MzYzNDMx
M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzUzMjMxMzEzMi5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoT
lkEAADANBgkqhkiG9w0BAQsFAAOCAQEABTsOP4rd0wNPklhLbDia4wevycRKvFUI
oYhpu7VQOMhZtCupyAoKbjIxIlWCw3BPsci3y5/XQ4Lg2nkMdBYL5T0Xr2MrxRF9
UG+MAVrOBTyCFr4x6pvqWtlqBmZPRAAGIDra4YwUeutj3EeiEmdzZBpfqhb6hH4O
2egggdEY21EGz+d8EOOX5m8opeNQXOxWcqHihISW4cW+2+KM2ASDjBi+eAbZDSzr
dSzv7uLC3Q+zmYODrisQj9A4/wMS6ngt8ZyfPJr37b51zxipN7vAvZDPXBFJkn+a
25242cIc426fHeeBoqKT4hXIRWeq00gBRUy6B8T+WwvGN/kqkr0QdQ==
-----END CERTIFICATE-----
Generated at Wed Nov 5 10:46:31 2025 by rpki-client