Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/326130643a623238373a656334313a3a2f34382d3438203d3e20323132353136.roa
File: 326130643a623238373a656334313a3a2f34382d3438203d3e20323132353136.roa (raw, json)
Hash identifier: S10o6lJcne+SfvZMZmd0ndSNpfqn8OsjAJw8rNDdBSw=
Subject key identifier: 50:4B:1C:EB:B3:C8:D6:1E:C1:D0:13:A0:32:B4:93:6F:88:FB:98:95
Certificate issuer: /CN=88cdd9c193da9185a4ac15b2ade875fe97b6f491
Certificate serial: 719A73D49381103DA45E108F45B3393F1501B404
Authority key identifier: 88:CD:D9:C1:93:DA:91:85:A4:AC:15:B2:AD:E8:75:FE:97:B6:F4:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iM3ZwZPakYWkrBWyreh1_pe29JE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/326130643a623238373a656334313a3a2f34382d3438203d3e20323132353136.roa
Signing time: Thu 24 Jul 2025 16:39:46 +0000
ROA not before: Thu 24 Jul 2025 16:34:46 +0000
ROA not after: Thu 23 Jul 2026 16:39:46 +0000
asID: 212516
IP address blocks: 2a0d:b287:ec41::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/88CDD9C193DA9185A4AC15B2ADE875FE97B6F491.crl
rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/88CDD9C193DA9185A4AC15B2ADE875FE97B6F491.mft
rsync://rpki.ripe.net/repository/DEFAULT/iM3ZwZPakYWkrBWyreh1_pe29JE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 04 Aug 2025 21:46:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:9a:73:d4:93:81:10:3d:a4:5e:10:8f:45:b3:39:3f:15:01:b4:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88cdd9c193da9185a4ac15b2ade875fe97b6f491
Validity
Not Before: Jul 24 16:34:46 2025 GMT
Not After : Jul 23 16:39:46 2026 GMT
Subject: CN=504B1CEBB3C8D61EC1D013A032B4936F88FB9895
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:4e:e7:3f:ea:49:f9:46:3e:33:4e:ca:65:6e:
6d:b7:9a:7c:24:13:92:3d:5c:d8:b9:30:65:81:36:
d3:fd:2d:e5:95:3c:f8:02:4d:d1:47:70:d5:bb:36:
b7:7d:e9:cc:d0:ae:13:73:99:e3:ac:e9:af:f8:e9:
a1:4b:ed:05:10:62:04:17:67:43:5a:05:15:2d:12:
74:ca:26:80:9e:b0:8d:bb:7f:2a:fa:58:27:bb:87:
46:48:e3:e3:0d:bd:a5:ec:fe:df:b7:e7:ad:5f:d9:
14:14:67:fc:a5:5d:38:13:82:19:da:05:b3:5d:03:
7c:fa:63:20:72:85:18:54:7f:6b:62:4f:d0:95:16:
64:7f:2b:43:8d:b8:1d:c8:a7:b0:fa:c2:b3:16:4c:
75:be:ef:8b:fb:f5:26:53:76:24:c6:fa:03:36:bf:
ee:59:9e:8b:f1:90:1d:bc:42:e4:1e:3a:2f:38:9c:
e9:4d:bc:4b:7f:cc:49:9d:1a:84:4e:f6:f8:48:85:
22:45:69:b4:09:a1:04:21:4d:92:7a:de:dc:0a:f9:
a3:ee:3d:e9:16:02:20:89:3c:0c:dc:1f:9b:62:2c:
79:cb:a9:da:c7:81:aa:08:06:90:6f:d8:33:96:22:
cc:03:6b:b6:f4:70:b4:40:b2:1b:f5:a4:76:df:71:
11:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:4B:1C:EB:B3:C8:D6:1E:C1:D0:13:A0:32:B4:93:6F:88:FB:98:95
X509v3 Authority Key Identifier:
keyid:88:CD:D9:C1:93:DA:91:85:A4:AC:15:B2:AD:E8:75:FE:97:B6:F4:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/88CDD9C193DA9185A4AC15B2ADE875FE97B6F491.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iM3ZwZPakYWkrBWyreh1_pe29JE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/326130643a623238373a656334313a3a2f34382d3438203d3e20323132353136.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:b287:ec41::/48
Signature Algorithm: sha256WithRSAEncryption
1c:40:45:e7:ff:90:60:fb:a7:e8:41:05:87:a1:05:00:3d:3a:
21:47:07:e8:1a:50:c0:23:79:5d:e0:8d:6b:34:a5:4a:6c:22:
3c:13:dd:60:66:8a:d7:e4:34:fe:cf:e7:1f:fc:1c:b9:92:3e:
2a:cf:a8:c4:51:f4:a8:99:36:79:ae:93:f9:5c:f6:1b:12:6f:
f8:a8:fb:81:2d:73:84:ef:ca:36:29:1a:f1:da:23:83:58:13:
cf:65:a2:6a:d6:64:87:09:60:8d:a1:b1:30:3c:92:4b:43:b7:
41:a0:54:6d:52:67:78:ec:b0:18:12:06:51:3d:ab:35:f3:3a:
e0:01:66:01:1c:dd:ac:19:88:8e:91:e2:76:e0:33:60:71:54:
9e:31:96:00:d3:be:58:56:fb:60:8a:a5:39:33:31:e8:2a:42:
6d:70:f9:5d:2f:dc:7b:31:36:11:32:af:54:f0:10:0e:c1:6f:
c3:55:14:b3:49:10:2b:66:29:ea:fc:5e:f2:19:62:cd:ee:10:
6e:2e:1b:74:81:36:e1:af:19:bb:29:de:d9:9d:e1:fb:58:64:
35:4b:38:ad:20:19:00:28:71:b0:69:d7:49:87:0e:6e:a3:c3:
d9:0b:86:c1:d2:8e:ab:47:a5:7d:f1:a3:fd:22:79:d0:d5:81:
55:1d:0e:eb
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUcZpz1JOBED2kXhCPRbM5PxUBtAQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjZGQ5YzE5M2RhOTE4NWE0YWMxNWIyYWRlODc1ZmU5
N2I2ZjQ5MTAeFw0yNTA3MjQxNjM0NDZaFw0yNjA3MjMxNjM5NDZaMDMxMTAvBgNV
BAMTKDUwNEIxQ0VCQjNDOEQ2MUVDMUQwMTNBMDMyQjQ5MzZGODhGQjk4OTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqTuc/6kn5Rj4zTsplbm23mnwk
E5I9XNi5MGWBNtP9LeWVPPgCTdFHcNW7Nrd96czQrhNzmeOs6a/46aFL7QUQYgQX
Z0NaBRUtEnTKJoCesI27fyr6WCe7h0ZI4+MNvaXs/t+3561f2RQUZ/ylXTgTghna
BbNdA3z6YyByhRhUf2tiT9CVFmR/K0ONuB3Ip7D6wrMWTHW+74v79SZTdiTG+gM2
v+5ZnovxkB28QuQeOi84nOlNvEt/zEmdGoRO9vhIhSJFabQJoQQhTZJ63twK+aPu
PekWAiCJPAzcH5tiLHnLqdrHgaoIBpBv2DOWIswDa7b0cLRAshv1pHbfcRFfAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUUEsc67PI1h7B0BOgMrSTb4j7mJUwHwYDVR0j
BBgwFoAUiM3ZwZPakYWkrBWyreh1/pe29JEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTZhZmYyMzQtNjFjNS00MjkwLThhNmQtNWYyYjkwMjcz
MjJmLzAvODhDREQ5QzE5M0RBOTE4NUE0QUMxNUIyQURFODc1RkU5N0I2RjQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNM1p3WlBha1lXa3JCV3lyZWgxX3Bl
MjlKRS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTZhZmYyMzQt
NjFjNS00MjkwLThhNmQtNWYyYjkwMjczMjJmLzAvMzI2MTMwNjQzYTYyMzIzODM3
M2E2NTYzMzQzMTNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzMjM1MzEzNi5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoNsofsQTANBgkqhkiG9w0BAQsFAAOCAQEAHEBF5/+QYPun6EEF
h6EFAD06IUcH6BpQwCN5XeCNazSlSmwiPBPdYGaK1+Q0/s/nH/wcuZI+Ks+oxFH0
qJk2ea6T+Vz2GxJv+Kj7gS1zhO/KNika8dojg1gTz2WiatZkhwlgjaGxMDySS0O3
QaBUbVJneOywGBIGUT2rNfM64AFmARzdrBmIjpHiduAzYHFUnjGWANO+WFb7YIql
OTMx6CpCbXD5XS/cezE2ETKvVPAQDsFvw1UUs0kQK2Yp6vxe8hlize4Qbi4bdIE2
4a8Zuyne2Z3h+1hkNUs4rSAZAChxsGnXSYcObqPD2QuGwdKOq0elffGj/SJ50NWB
VR0O6w==
-----END CERTIFICATE-----
Generated at Mon Aug 4 15:03:19 2025 by rpki-client