Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/326130643a623238373a656334323a3a2f34382d3438203d3e20323134393235.roa
File: 326130643a623238373a656334323a3a2f34382d3438203d3e20323134393235.roa (raw, json)
Hash identifier: JAmgJM2VGcbQzWkOuFvV1aRU7IhMtvcEw/0vm9hTp3I=
Subject key identifier: 03:C0:8A:D5:03:EC:3C:C7:18:A0:54:48:FD:93:4C:63:94:10:FB:8C
Certificate issuer: /CN=88cdd9c193da9185a4ac15b2ade875fe97b6f491
Certificate serial: 4CB7A1786C3AD1ABBAAEE95BA5B249CB038D2EE1
Authority key identifier: 88:CD:D9:C1:93:DA:91:85:A4:AC:15:B2:AD:E8:75:FE:97:B6:F4:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iM3ZwZPakYWkrBWyreh1_pe29JE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/326130643a623238373a656334323a3a2f34382d3438203d3e20323134393235.roa
Signing time: Sat 02 Aug 2025 09:39:47 +0000
ROA not before: Sat 02 Aug 2025 09:34:47 +0000
ROA not after: Sat 01 Aug 2026 09:39:47 +0000
asID: 214925
IP address blocks: 2a0d:b287:ec42::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/88CDD9C193DA9185A4AC15B2ADE875FE97B6F491.crl
rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/88CDD9C193DA9185A4AC15B2ADE875FE97B6F491.mft
rsync://rpki.ripe.net/repository/DEFAULT/iM3ZwZPakYWkrBWyreh1_pe29JE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 23:48:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:b7:a1:78:6c:3a:d1:ab:ba:ae:e9:5b:a5:b2:49:cb:03:8d:2e:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88cdd9c193da9185a4ac15b2ade875fe97b6f491
Validity
Not Before: Aug 2 09:34:47 2025 GMT
Not After : Aug 1 09:39:47 2026 GMT
Subject: CN=03C08AD503EC3CC718A05448FD934C639410FB8C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:d8:54:aa:44:fa:15:e1:31:aa:f0:61:73:1e:
98:85:6f:f5:04:7a:65:ae:9c:be:19:00:e2:f0:cf:
37:04:a3:2e:87:48:14:e9:d0:22:c5:1b:f8:95:e6:
c8:39:15:b8:84:ab:4b:a9:2e:69:10:10:3d:63:09:
c9:d2:ab:e0:12:e6:69:67:f7:e9:da:86:4f:14:da:
6f:27:7a:0f:0d:5a:60:f3:5b:be:6a:88:8e:11:5c:
d7:fc:44:2b:fe:33:92:fc:a0:32:38:d6:2b:5c:70:
7b:f8:39:ea:0b:6b:d5:48:fe:ab:82:b7:90:36:f2:
67:60:e5:43:1e:77:4d:c3:8d:f7:ff:a4:00:09:64:
d9:89:6b:59:34:ef:78:83:0c:e9:e5:f7:c7:27:bd:
c8:f9:ac:93:55:97:40:b4:9e:7f:7c:22:34:63:fd:
57:4c:f1:0d:0a:7b:83:ab:10:98:49:d8:bf:66:4f:
c8:47:bd:ec:2f:e8:27:73:be:27:31:6d:f8:c9:75:
24:89:01:d7:40:b6:ca:e7:e9:bb:9f:e4:02:48:37:
d9:8c:f5:39:36:e5:11:99:b3:55:77:8a:51:fc:c9:
53:4f:47:b3:c7:0f:3e:e7:4f:48:c2:48:e2:ce:d4:
98:f7:75:dd:59:ef:00:17:ec:12:86:85:1c:a5:f7:
55:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:C0:8A:D5:03:EC:3C:C7:18:A0:54:48:FD:93:4C:63:94:10:FB:8C
X509v3 Authority Key Identifier:
keyid:88:CD:D9:C1:93:DA:91:85:A4:AC:15:B2:AD:E8:75:FE:97:B6:F4:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/88CDD9C193DA9185A4AC15B2ADE875FE97B6F491.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iM3ZwZPakYWkrBWyreh1_pe29JE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/326130643a623238373a656334323a3a2f34382d3438203d3e20323134393235.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:b287:ec42::/48
Signature Algorithm: sha256WithRSAEncryption
09:bf:92:8f:39:43:90:6d:bd:9f:c1:98:0b:c9:57:39:e2:ad:
9f:7a:d8:34:95:05:65:25:6c:ef:3c:f1:c2:c6:c4:50:b7:b3:
7c:33:d0:94:65:ee:af:67:08:54:9a:ef:c3:61:25:3f:5a:41:
b7:89:7f:c5:98:fb:33:3b:2c:81:8b:58:f7:bb:4b:9f:3c:e2:
97:f7:7e:dc:30:76:17:58:06:e1:ee:02:d1:e5:00:cc:01:dd:
17:48:a2:55:0e:eb:b7:a5:7c:2e:59:55:e6:4c:f1:5a:77:fb:
c1:28:18:0e:9d:06:e7:b8:bd:57:cc:82:23:2c:ec:91:22:81:
36:05:15:05:53:86:e9:53:24:38:61:85:e0:79:da:04:e6:8b:
a3:07:7c:b4:20:aa:4d:a8:6b:d7:d2:44:1b:73:72:03:75:4a:
cb:c7:da:d7:7c:35:bc:3c:86:c5:86:03:0f:a9:12:62:36:09:
35:9e:b3:ce:80:fb:9f:f7:b6:c7:d0:5a:7d:dd:b8:00:c0:35:
89:1e:22:bf:33:d2:a7:1c:41:8f:94:9f:e7:82:1f:6f:05:18:
65:ec:78:d5:92:08:5e:a0:a8:96:3a:15:f7:9e:f8:cb:cd:51:
d0:1f:db:8d:4e:77:e5:7a:59:6e:d3:11:7d:53:5e:19:d2:49:
e9:34:72:8e
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUTLeheGw60au6rulbpbJJywONLuEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjZGQ5YzE5M2RhOTE4NWE0YWMxNWIyYWRlODc1ZmU5
N2I2ZjQ5MTAeFw0yNTA4MDIwOTM0NDdaFw0yNjA4MDEwOTM5NDdaMDMxMTAvBgNV
BAMTKDAzQzA4QUQ1MDNFQzNDQzcxOEEwNTQ0OEZEOTM0QzYzOTQxMEZCOEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDC2FSqRPoV4TGq8GFzHpiFb/UE
emWunL4ZAOLwzzcEoy6HSBTp0CLFG/iV5sg5FbiEq0upLmkQED1jCcnSq+AS5mln
9+nahk8U2m8neg8NWmDzW75qiI4RXNf8RCv+M5L8oDI41itccHv4OeoLa9VI/quC
t5A28mdg5UMed03Djff/pAAJZNmJa1k073iDDOnl98cnvcj5rJNVl0C0nn98IjRj
/VdM8Q0Ke4OrEJhJ2L9mT8hHvewv6CdzvicxbfjJdSSJAddAtsrn6buf5AJIN9mM
9Tk25RGZs1V3ilH8yVNPR7PHDz7nT0jCSOLO1Jj3dd1Z7wAX7BKGhRyl91XJAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUA8CK1QPsPMcYoFRI/ZNMY5QQ+4wwHwYDVR0j
BBgwFoAUiM3ZwZPakYWkrBWyreh1/pe29JEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTZhZmYyMzQtNjFjNS00MjkwLThhNmQtNWYyYjkwMjcz
MjJmLzAvODhDREQ5QzE5M0RBOTE4NUE0QUMxNUIyQURFODc1RkU5N0I2RjQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNM1p3WlBha1lXa3JCV3lyZWgxX3Bl
MjlKRS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTZhZmYyMzQt
NjFjNS00MjkwLThhNmQtNWYyYjkwMjczMjJmLzAvMzI2MTMwNjQzYTYyMzIzODM3
M2E2NTYzMzQzMjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzNDM5MzIzNS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoNsofsQjANBgkqhkiG9w0BAQsFAAOCAQEACb+SjzlDkG29n8GY
C8lXOeKtn3rYNJUFZSVs7zzxwsbEULezfDPQlGXur2cIVJrvw2ElP1pBt4l/xZj7
MzssgYtY97tLnzzil/d+3DB2F1gG4e4C0eUAzAHdF0iiVQ7rt6V8LllV5kzxWnf7
wSgYDp0G57i9V8yCIyzskSKBNgUVBVOG6VMkOGGF4HnaBOaLowd8tCCqTahr19JE
G3NyA3VKy8fa13w1vDyGxYYDD6kSYjYJNZ6zzoD7n/e2x9Bafd24AMA1iR4ivzPS
pxxBj5Sf54IfbwUYZex41ZIIXqColjoV9574y81R0B/bjU535XpZbtMRfVNeGdJJ
6TRyjg==
-----END CERTIFICATE-----
Generated at Wed Aug 6 11:12:52 2025 by rpki-client