Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/326131333a393634343a343030303a3a2f34302d3438203d3e203133333335.roa
File: 326131333a393634343a343030303a3a2f34302d3438203d3e203133333335.roa (raw, json)
Hash identifier: 3m2Z/mjozERlCSY+vSBpPSC7mc1wNvFz/UzxCrw2jy0=
Subject key identifier: B9:12:C3:C7:02:7F:24:D4:5B:F8:C5:06:20:91:97:60:C8:18:DD:51
Certificate issuer: /CN=f1d0572fe72991bd32854bac716676ebdad22ace
Certificate serial: 5682D9808F91947240B17ECEEBB9A81CC9EBEE91
Authority key identifier: F1:D0:57:2F:E7:29:91:BD:32:85:4B:AC:71:66:76:EB:DA:D2:2A:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/326131333a393634343a343030303a3a2f34302d3438203d3e203133333335.roa
Signing time: Mon 03 Nov 2025 19:24:41 +0000
ROA not before: Mon 03 Nov 2025 19:19:41 +0000
ROA not after: Mon 02 Nov 2026 19:24:41 +0000
asID: 13335
IP address blocks: 2a13:9644:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.crl
rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.mft
rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 15:55:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:82:d9:80:8f:91:94:72:40:b1:7e:ce:eb:b9:a8:1c:c9:eb:ee:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d0572fe72991bd32854bac716676ebdad22ace
Validity
Not Before: Nov 3 19:19:41 2025 GMT
Not After : Nov 2 19:24:41 2026 GMT
Subject: CN=B912C3C7027F24D45BF8C50620919760C818DD51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:18:fe:3c:13:f9:fe:fe:13:5e:ba:f4:dc:c1:
a6:b5:36:10:3d:9b:48:bc:e7:5a:42:1f:02:c3:3b:
68:6d:ed:45:41:a2:e0:9a:43:1c:71:97:57:f4:a2:
5e:d7:65:4b:61:6f:6d:6c:74:43:76:e2:6d:44:e3:
75:54:33:04:d9:c2:d8:56:6b:41:09:2e:18:bc:b9:
e2:f9:72:0e:6d:a4:c6:2e:dc:5e:55:72:24:c8:43:
b1:82:49:7e:30:d4:c8:8c:20:38:3d:d8:06:f4:d9:
ef:25:64:8b:ba:6e:9f:3e:7b:96:52:45:fb:f1:93:
e9:78:4b:b4:17:02:df:16:7c:42:63:08:70:1d:09:
c4:04:64:d8:7a:e0:31:62:fc:57:8a:d0:11:d2:78:
cd:59:d2:8d:51:90:78:94:e3:1f:75:f5:f6:0e:8b:
d2:5a:17:c9:a0:d4:67:01:77:95:b7:d3:50:5d:0c:
ef:20:50:e8:7a:f8:1e:03:fa:e0:fb:fb:07:ec:8e:
ae:3d:64:75:b5:09:c9:1c:db:16:1e:bc:2b:d3:25:
db:95:da:93:6c:3b:03:81:da:95:d5:f3:c9:1c:20:
c7:2d:c5:ee:83:fa:d5:f1:85:cf:5b:d4:08:a7:2f:
80:4d:52:f8:aa:d8:5f:a0:bd:34:fd:61:e6:d9:7d:
0f:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:12:C3:C7:02:7F:24:D4:5B:F8:C5:06:20:91:97:60:C8:18:DD:51
X509v3 Authority Key Identifier:
keyid:F1:D0:57:2F:E7:29:91:BD:32:85:4B:AC:71:66:76:EB:DA:D2:2A:CE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/326131333a393634343a343030303a3a2f34302d3438203d3e203133333335.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9644:4000::/40
Signature Algorithm: sha256WithRSAEncryption
51:83:b0:a6:14:f5:3e:65:7a:24:4b:bf:aa:6c:4b:93:d8:09:
99:50:e4:57:d6:83:10:67:ca:4c:97:3c:38:75:6f:c5:40:49:
90:f8:cc:e4:a4:67:a8:20:ca:05:93:97:41:54:49:3c:6f:69:
83:f8:68:7a:e5:42:6f:5a:85:f9:be:ec:93:a6:26:6f:57:33:
81:d6:12:a2:1f:6c:2b:bb:56:cf:59:22:df:be:5d:e3:3f:e2:
7c:c1:97:5a:fd:b7:8a:27:0b:bf:cd:a2:74:ab:69:77:36:d1:
bb:54:6f:7a:95:9a:ae:3d:b7:d1:a5:a6:1c:53:1f:29:f6:ff:
92:e3:ed:fb:c1:f6:87:ff:57:9c:2d:fa:b9:ec:d0:c0:e4:6a:
b0:09:de:04:0b:29:2d:da:99:86:eb:b0:40:0a:25:02:8e:8f:
4b:a7:47:8e:9d:20:e2:4a:5b:75:74:93:23:0f:43:83:bf:1d:
0e:57:97:24:b9:36:b5:07:93:29:19:fd:3b:75:fb:41:d2:de:
ed:94:1d:4b:a3:e8:a4:1f:da:42:a0:e7:4f:c7:d9:8d:f4:e4:
0f:57:4b:93:67:12:40:9b:97:87:9f:56:49:9e:c7:39:5a:bc:
aa:0e:29:65:3d:6a:18:f3:e7:b3:f9:5f:32:7b:7a:47:ea:ef:
49:dc:4d:16
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIUVoLZgI+RlHJAsX7O67moHMnr7pEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZjFkMDU3MmZlNzI5OTFiZDMyODU0YmFjNzE2Njc2ZWJk
YWQyMmFjZTAeFw0yNTExMDMxOTE5NDFaFw0yNjExMDIxOTI0NDFaMDMxMTAvBgNV
BAMTKEI5MTJDM0M3MDI3RjI0RDQ1QkY4QzUwNjIwOTE5NzYwQzgxOERENTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsGP48E/n+/hNeuvTcwaa1NhA9
m0i851pCHwLDO2ht7UVBouCaQxxxl1f0ol7XZUthb21sdEN24m1E43VUMwTZwthW
a0EJLhi8ueL5cg5tpMYu3F5VciTIQ7GCSX4w1MiMIDg92Ab02e8lZIu6bp8+e5ZS
Rfvxk+l4S7QXAt8WfEJjCHAdCcQEZNh64DFi/FeK0BHSeM1Z0o1RkHiU4x919fYO
i9JaF8mg1GcBd5W301BdDO8gUOh6+B4D+uD7+wfsjq49ZHW1Cckc2xYevCvTJduV
2pNsOwOB2pXV88kcIMctxe6D+tXxhc9b1AinL4BNUviq2F+gvTT9YebZfQ8fAgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQUuRLDxwJ/JNRb+MUGIJGXYMgY3VEwHwYDVR0j
BBgwFoAU8dBXL+cpkb0yhUuscWZ269rSKs4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTMwZGU4NGItNDAwYS00ZmQxLWFiOGEtZTc2MTZlMjQ1
YjQ5LzAvRjFEMDU3MkZFNzI5OTFCRDMyODU0QkFDNzE2Njc2RUJEQUQyMkFDRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzhkQlhMLWNwa2IweWhVdXNjV1oyNjly
U0tzNC5jZXIwgbUGCCsGAQUFBwELBIGoMIGlMIGiBggrBgEFBQcwC4aBlXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTMwZGU4NGIt
NDAwYS00ZmQxLWFiOGEtZTc2MTZlMjQ1YjQ5LzAvMzI2MTMxMzMzYTM5MzYzNDM0
M2EzNDMwMzAzMDNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDMxMzMzMzMzMzUucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4E
AgACMAgDBgAqE5ZEQDANBgkqhkiG9w0BAQsFAAOCAQEAUYOwphT1PmV6JEu/qmxL
k9gJmVDkV9aDEGfKTJc8OHVvxUBJkPjM5KRnqCDKBZOXQVRJPG9pg/hoeuVCb1qF
+b7sk6Ymb1czgdYSoh9sK7tWz1ki375d4z/ifMGXWv23iicLv82idKtpdzbRu1Rv
epWarj230aWmHFMfKfb/kuPt+8H2h/9XnC36uezQwORqsAneBAspLdqZhuuwQAol
Ao6PS6dHjp0g4kpbdXSTIw9Dg78dDleXJLk2tQeTKRn9O3X7QdLe7ZQdS6PopB/a
QqDnT8fZjfTkD1dLk2cSQJuXh59WSZ7HOVq8qg4pZT1qGPPns/lfMnt6R+rvSdxN
Fg==
-----END CERTIFICATE-----
Generated at Wed Nov 5 04:13:25 2025 by rpki-client