Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/326130643a623238373a656130303a3a2f34302d3430203d3e20323032373034.roa
File: 326130643a623238373a656130303a3a2f34302d3430203d3e20323032373034.roa (raw, json)
Hash identifier: JNRd26hu5UclLm2ralvA5Swgz/zS0HyqV27DJFHZj6c=
Subject key identifier: 90:16:07:16:4C:94:78:52:1A:D9:56:1B:CD:53:A7:32:4E:46:DE:1A
Certificate issuer: /CN=88cdd9c193da9185a4ac15b2ade875fe97b6f491
Certificate serial: 469EEAD49DEA3AABB11FB0F1747782FF462F7D3B
Authority key identifier: 88:CD:D9:C1:93:DA:91:85:A4:AC:15:B2:AD:E8:75:FE:97:B6:F4:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iM3ZwZPakYWkrBWyreh1_pe29JE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/326130643a623238373a656130303a3a2f34302d3430203d3e20323032373034.roa
Signing time: Mon 27 Oct 2025 21:39:54 +0000
ROA not before: Mon 27 Oct 2025 21:34:54 +0000
ROA not after: Mon 26 Oct 2026 21:39:54 +0000
asID: 202704
IP address blocks: 2a0d:b287:ea00::/40 maxlen: 40
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/88CDD9C193DA9185A4AC15B2ADE875FE97B6F491.crl
rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/88CDD9C193DA9185A4AC15B2ADE875FE97B6F491.mft
rsync://rpki.ripe.net/repository/DEFAULT/iM3ZwZPakYWkrBWyreh1_pe29JE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 04 Nov 2025 15:16:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:9e:ea:d4:9d:ea:3a:ab:b1:1f:b0:f1:74:77:82:ff:46:2f:7d:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88cdd9c193da9185a4ac15b2ade875fe97b6f491
Validity
Not Before: Oct 27 21:34:54 2025 GMT
Not After : Oct 26 21:39:54 2026 GMT
Subject: CN=901607164C9478521AD9561BCD53A7324E46DE1A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:56:04:43:df:7d:e9:f9:7e:8e:b2:ba:99:27:
95:e6:e8:53:0d:3b:2e:d5:d5:73:f2:b4:c5:70:65:
d4:f0:3c:de:c9:25:fc:0f:4e:97:2d:8b:71:0a:dc:
57:8a:4a:5d:be:a8:0b:76:84:30:e9:b6:63:53:2d:
cb:59:d3:f3:8e:4e:09:27:0c:2b:d5:6b:96:12:12:
55:1d:40:2f:69:9a:fe:34:60:c5:75:e4:25:52:3c:
0d:69:9a:0a:a8:93:6c:ff:94:bc:64:1e:70:89:74:
78:e1:8a:02:b8:f0:b8:9b:40:9e:a9:c5:7e:24:73:
98:9a:1b:93:89:4a:84:9d:24:5e:88:88:97:75:e7:
00:61:a1:86:3d:f7:0e:2e:2c:58:55:a0:cc:26:ed:
b8:54:51:48:5e:ed:f4:b5:b9:2e:25:9e:44:19:a5:
0f:9b:a8:05:91:14:64:f8:ee:24:93:fd:32:54:b3:
e0:20:00:16:aa:94:1c:8d:8e:8b:d5:d0:11:1a:f6:
36:58:84:96:d4:ae:a5:c6:2f:f4:14:a1:af:30:91:
95:e7:38:ca:0f:f8:2a:30:cd:c6:fe:ca:8b:71:62:
2b:9e:49:c5:17:a2:99:f9:d5:73:10:96:45:9a:00:
d7:e5:35:83:48:89:3f:54:19:2f:74:0a:b8:04:5a:
bf:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:16:07:16:4C:94:78:52:1A:D9:56:1B:CD:53:A7:32:4E:46:DE:1A
X509v3 Authority Key Identifier:
keyid:88:CD:D9:C1:93:DA:91:85:A4:AC:15:B2:AD:E8:75:FE:97:B6:F4:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/88CDD9C193DA9185A4AC15B2ADE875FE97B6F491.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iM3ZwZPakYWkrBWyreh1_pe29JE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/326130643a623238373a656130303a3a2f34302d3430203d3e20323032373034.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:b287:ea00::/40
Signature Algorithm: sha256WithRSAEncryption
92:15:e4:4b:0d:ee:01:fc:f3:6f:55:19:78:af:19:0d:a4:61:
78:6d:f1:c7:d1:56:9c:82:97:17:6c:8f:b0:29:4a:42:94:7c:
75:0d:6f:5c:05:d5:6e:be:c8:0c:cd:24:2d:b4:84:c8:0a:03:
d5:8e:3c:eb:27:2d:4c:cb:b8:5d:73:26:88:be:ad:b5:f9:5c:
89:2c:28:55:a6:b5:2b:ec:95:10:12:e8:33:d0:83:7c:c7:d3:
21:28:f8:e8:d7:30:c1:36:c3:a8:a6:5d:7e:26:de:f8:70:03:
9c:a6:eb:5f:52:f1:55:cc:94:d3:d8:07:7b:26:b2:5a:c4:c2:
b6:3c:04:80:e9:8f:9e:a6:13:eb:81:9e:4f:41:e0:df:f9:a6:
b4:b7:c3:06:c6:57:3c:ec:e7:87:e8:eb:e0:89:9e:25:c0:bb:
85:c5:12:ef:a4:4d:c5:78:ec:13:2a:0a:4d:05:54:38:ad:d3:
33:f1:5a:f5:11:f9:9f:07:b9:08:67:e9:a9:6b:7c:e3:84:b5:
3c:0f:b2:c8:8b:41:87:82:31:dc:5c:63:e9:b9:01:68:76:2e:
af:d9:a5:98:74:38:98:75:0a:03:7d:9e:7d:2c:fc:44:fd:bd:
95:1a:7c:8f:69:a4:17:27:b2:59:08:6c:d2:ed:dd:d3:0e:35:
04:9f:17:1d
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIURp7q1J3qOquxH7DxdHeC/0YvfTswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjZGQ5YzE5M2RhOTE4NWE0YWMxNWIyYWRlODc1ZmU5
N2I2ZjQ5MTAeFw0yNTEwMjcyMTM0NTRaFw0yNjEwMjYyMTM5NTRaMDMxMTAvBgNV
BAMTKDkwMTYwNzE2NEM5NDc4NTIxQUQ5NTYxQkNENTNBNzMyNEU0NkRFMUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWVgRD333p+X6OsrqZJ5Xm6FMN
Oy7V1XPytMVwZdTwPN7JJfwPTpcti3EK3FeKSl2+qAt2hDDptmNTLctZ0/OOTgkn
DCvVa5YSElUdQC9pmv40YMV15CVSPA1pmgqok2z/lLxkHnCJdHjhigK48LibQJ6p
xX4kc5iaG5OJSoSdJF6IiJd15wBhoYY99w4uLFhVoMwm7bhUUUhe7fS1uS4lnkQZ
pQ+bqAWRFGT47iST/TJUs+AgABaqlByNjovV0BEa9jZYhJbUrqXGL/QUoa8wkZXn
OMoP+Cowzcb+yotxYiueScUXopn51XMQlkWaANflNYNIiT9UGS90CrgEWr8fAgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQUkBYHFkyUeFIa2VYbzVOnMk5G3howHwYDVR0j
BBgwFoAUiM3ZwZPakYWkrBWyreh1/pe29JEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTZhZmYyMzQtNjFjNS00MjkwLThhNmQtNWYyYjkwMjcz
MjJmLzAvODhDREQ5QzE5M0RBOTE4NUE0QUMxNUIyQURFODc1RkU5N0I2RjQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNM1p3WlBha1lXa3JCV3lyZWgxX3Bl
MjlKRS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTZhZmYyMzQt
NjFjNS00MjkwLThhNmQtNWYyYjkwMjczMjJmLzAvMzI2MTMwNjQzYTYyMzIzODM3
M2E2NTYxMzAzMDNhM2EyZjM0MzAyZDM0MzAyMDNkM2UyMDMyMzAzMjM3MzAzNC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw
DgQCAAIwCAMGACoNsofqMA0GCSqGSIb3DQEBCwUAA4IBAQCSFeRLDe4B/PNvVRl4
rxkNpGF4bfHH0VacgpcXbI+wKUpClHx1DW9cBdVuvsgMzSQttITICgPVjjzrJy1M
y7hdcyaIvq21+VyJLChVprUr7JUQEugz0IN8x9MhKPjo1zDBNsOopl1+Jt74cAOc
putfUvFVzJTT2Ad7JrJaxMK2PASA6Y+ephPrgZ5PQeDf+aa0t8MGxlc87OeH6Ovg
iZ4lwLuFxRLvpE3FeOwTKgpNBVQ4rdMz8Vr1EfmfB7kIZ+mpa3zjhLU8D7LIi0GH
gjHcXGPpuQFodi6v2aWYdDiYdQoDfZ59LPxE/b2VGnyPaaQXJ7JZCGzS7d3TDjUE
nxcd
-----END CERTIFICATE-----
Generated at Tue Nov 4 08:05:07 2025 by rpki-client