Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/326130643a623238373a656330303a3a2f34302d3430203d3e20323135363634.roa
File: 326130643a623238373a656330303a3a2f34302d3430203d3e20323135363634.roa (raw, json)
Hash identifier: GOCABvoqojF3U9p5UEyXVqmO5f+8/wyeekfdSPGqQRY=
Subject key identifier: 18:8B:C3:4D:84:23:BB:1B:98:EB:B8:14:C7:4F:DE:20:ED:78:FC:C4
Certificate issuer: /CN=88cdd9c193da9185a4ac15b2ade875fe97b6f491
Certificate serial: 6F1AFB0B686989495B41B6C72E4008F2D9D3930C
Authority key identifier: 88:CD:D9:C1:93:DA:91:85:A4:AC:15:B2:AD:E8:75:FE:97:B6:F4:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iM3ZwZPakYWkrBWyreh1_pe29JE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/326130643a623238373a656330303a3a2f34302d3430203d3e20323135363634.roa
Signing time: Thu 24 Jul 2025 16:39:44 +0000
ROA not before: Thu 24 Jul 2025 16:34:44 +0000
ROA not after: Thu 23 Jul 2026 16:39:44 +0000
asID: 215664
IP address blocks: 2a0d:b287:ec00::/40 maxlen: 40
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/88CDD9C193DA9185A4AC15B2ADE875FE97B6F491.crl
rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/88CDD9C193DA9185A4AC15B2ADE875FE97B6F491.mft
rsync://rpki.ripe.net/repository/DEFAULT/iM3ZwZPakYWkrBWyreh1_pe29JE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 07 Aug 2025 15:56:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:1a:fb:0b:68:69:89:49:5b:41:b6:c7:2e:40:08:f2:d9:d3:93:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88cdd9c193da9185a4ac15b2ade875fe97b6f491
Validity
Not Before: Jul 24 16:34:44 2025 GMT
Not After : Jul 23 16:39:44 2026 GMT
Subject: CN=188BC34D8423BB1B98EBB814C74FDE20ED78FCC4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:bd:8b:ad:71:79:08:aa:9b:36:02:fd:22:ab:
9f:58:d8:bb:27:e7:ed:0f:ab:e4:2e:52:e2:cd:c9:
a9:a2:26:a3:21:0d:d1:15:6c:5e:95:f2:09:fd:05:
37:14:0d:78:5e:ad:01:4f:d7:f6:57:37:31:0d:2a:
51:95:f2:f4:31:85:32:00:72:31:58:2b:b8:7d:1e:
6f:ee:51:e0:d7:12:b5:47:b0:78:ec:c1:a7:f9:06:
ff:54:86:ff:60:9f:68:ac:10:a6:85:3f:68:6f:65:
ff:4e:d1:7b:32:81:98:f0:d0:37:82:93:2f:d9:ff:
6d:f9:eb:9a:af:3f:46:11:03:a9:4d:23:4b:1e:b7:
17:d1:ce:d2:2f:99:50:8e:d4:4e:c9:42:fe:09:c6:
97:72:87:fe:00:d7:39:ad:ec:15:cf:39:50:87:34:
2e:c4:da:b7:98:f9:5d:14:46:61:de:30:0a:fe:e0:
36:c9:d0:da:67:32:fc:73:1d:74:8a:38:a8:7f:2c:
7d:e1:2f:71:a7:60:80:0d:b6:8f:57:8e:f1:67:d8:
4c:fa:62:81:63:9e:25:c7:ba:8c:59:a5:e4:6d:83:
e2:da:4e:74:cb:a3:36:59:d5:10:f0:a2:9c:35:c4:
31:bf:cb:4b:95:c0:8d:96:74:d9:a4:c2:02:4a:2b:
1c:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:8B:C3:4D:84:23:BB:1B:98:EB:B8:14:C7:4F:DE:20:ED:78:FC:C4
X509v3 Authority Key Identifier:
keyid:88:CD:D9:C1:93:DA:91:85:A4:AC:15:B2:AD:E8:75:FE:97:B6:F4:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/88CDD9C193DA9185A4AC15B2ADE875FE97B6F491.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iM3ZwZPakYWkrBWyreh1_pe29JE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/326130643a623238373a656330303a3a2f34302d3430203d3e20323135363634.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:b287:ec00::/40
Signature Algorithm: sha256WithRSAEncryption
9b:34:4c:9a:8b:04:da:de:83:76:48:3d:7f:3e:fd:89:6e:7b:
7a:80:8b:be:e1:3b:69:92:86:fb:82:70:0a:65:9b:05:b4:10:
f4:13:65:40:eb:ee:cf:67:1b:f5:6d:a6:fa:9b:0c:8c:28:bc:
fd:c7:d5:62:c3:e3:40:b4:3f:35:46:51:6c:0b:e8:5a:71:1d:
47:59:b5:bc:46:6f:44:a0:bc:30:25:80:36:20:83:dc:1e:b9:
e9:5a:0c:6a:b8:13:c9:1c:bd:d1:1f:bb:73:84:e8:4a:6c:53:
56:68:b4:69:bb:eb:f5:f8:b6:4d:a3:5e:56:ae:52:2e:50:27:
c0:74:5d:69:9c:1e:c4:6e:99:05:db:d3:69:bd:f0:40:bf:f7:
eb:01:c3:f8:ba:9c:8d:f0:ab:ae:0c:7d:4a:fc:14:6a:d6:20:
ab:f8:d2:18:68:dc:60:f4:45:17:58:6c:40:f2:b3:6c:a2:31:
01:7a:30:c3:57:72:07:96:1f:99:62:05:35:01:f7:da:33:1a:
15:83:8f:27:70:ba:c2:82:0e:dd:f4:f2:c0:a4:dd:23:37:f3:
09:bd:d1:f9:32:a8:5a:d6:38:69:a9:e6:1b:c6:e6:52:12:14:
79:86:05:5f:b1:93:bb:b7:fe:69:48:78:36:f9:10:c5:f9:a6:
8e:0f:c2:3e
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIUbxr7C2hpiUlbQbbHLkAI8tnTkwwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjZGQ5YzE5M2RhOTE4NWE0YWMxNWIyYWRlODc1ZmU5
N2I2ZjQ5MTAeFw0yNTA3MjQxNjM0NDRaFw0yNjA3MjMxNjM5NDRaMDMxMTAvBgNV
BAMTKDE4OEJDMzREODQyM0JCMUI5OEVCQjgxNEM3NEZERTIwRUQ3OEZDQzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCSvYutcXkIqps2Av0iq59Y2Lsn
5+0Pq+QuUuLNyamiJqMhDdEVbF6V8gn9BTcUDXherQFP1/ZXNzENKlGV8vQxhTIA
cjFYK7h9Hm/uUeDXErVHsHjswaf5Bv9Uhv9gn2isEKaFP2hvZf9O0XsygZjw0DeC
ky/Z/23565qvP0YRA6lNI0setxfRztIvmVCO1E7JQv4Jxpdyh/4A1zmt7BXPOVCH
NC7E2reY+V0URmHeMAr+4DbJ0NpnMvxzHXSKOKh/LH3hL3GnYIANto9XjvFn2Ez6
YoFjniXHuoxZpeRtg+LaTnTLozZZ1RDwopw1xDG/y0uVwI2WdNmkwgJKKxy9AgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQUGIvDTYQjuxuY67gUx0/eIO14/MQwHwYDVR0j
BBgwFoAUiM3ZwZPakYWkrBWyreh1/pe29JEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTZhZmYyMzQtNjFjNS00MjkwLThhNmQtNWYyYjkwMjcz
MjJmLzAvODhDREQ5QzE5M0RBOTE4NUE0QUMxNUIyQURFODc1RkU5N0I2RjQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNM1p3WlBha1lXa3JCV3lyZWgxX3Bl
MjlKRS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTZhZmYyMzQt
NjFjNS00MjkwLThhNmQtNWYyYjkwMjczMjJmLzAvMzI2MTMwNjQzYTYyMzIzODM3
M2E2NTYzMzAzMDNhM2EyZjM0MzAyZDM0MzAyMDNkM2UyMDMyMzEzNTM2MzYzNC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw
DgQCAAIwCAMGACoNsofsMA0GCSqGSIb3DQEBCwUAA4IBAQCbNEyaiwTa3oN2SD1/
Pv2Jbnt6gIu+4Ttpkob7gnAKZZsFtBD0E2VA6+7PZxv1bab6mwyMKLz9x9Viw+NA
tD81RlFsC+hacR1HWbW8Rm9EoLwwJYA2IIPcHrnpWgxquBPJHL3RH7tzhOhKbFNW
aLRpu+v1+LZNo15WrlIuUCfAdF1pnB7EbpkF29NpvfBAv/frAcP4upyN8KuuDH1K
/BRq1iCr+NIYaNxg9EUXWGxA8rNsojEBejDDV3IHlh+ZYgU1AffaMxoVg48ncLrC
gg7d9PLApN0jN/MJvdH5Mqha1jhpqeYbxuZSEhR5hgVfsZO7t/5pSHg2+RDF+aaO
D8I+
-----END CERTIFICATE-----
Generated at Thu Aug 7 02:10:21 2025 by rpki-client