Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ebf04c7c-f82d-471d-85ad-98c65de1c912/0/323030313a3637633a3638383a3a2f34382d3438203d3e20323135393536.roa
File: 323030313a3637633a3638383a3a2f34382d3438203d3e20323135393536.roa (raw, json)
Hash identifier: 9LWLJC/CS8sOfArHPeCb8VXjodevg9GVDezV1/woQjw=
Subject key identifier: 91:FE:4F:56:D4:18:A0:8A:A2:62:A8:97:68:CA:4B:E4:20:64:65:D3
Certificate issuer: /CN=b3b9360c0dda3d688f4dbe53e2b6d3cef47fe825
Certificate serial: 3980EC5B77687F33085B35733B758E966D72ED95
Authority key identifier: B3:B9:36:0C:0D:DA:3D:68:8F:4D:BE:53:E2:B6:D3:CE:F4:7F:E8:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s7k2DA3aPWiPTb5T4rbTzvR_6CU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ebf04c7c-f82d-471d-85ad-98c65de1c912/0/323030313a3637633a3638383a3a2f34382d3438203d3e20323135393536.roa
Signing time: Sun 27 Jul 2025 15:21:47 +0000
ROA not before: Sun 27 Jul 2025 15:16:47 +0000
ROA not after: Sun 26 Jul 2026 15:21:47 +0000
asID: 215956
IP address blocks: 2001:67c:688::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ebf04c7c-f82d-471d-85ad-98c65de1c912/0/B3B9360C0DDA3D688F4DBE53E2B6D3CEF47FE825.crl
rsync://rsync.paas.rpki.ripe.net/repository/ebf04c7c-f82d-471d-85ad-98c65de1c912/0/B3B9360C0DDA3D688F4DBE53E2B6D3CEF47FE825.mft
rsync://rpki.ripe.net/repository/DEFAULT/s7k2DA3aPWiPTb5T4rbTzvR_6CU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 01:53:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:80:ec:5b:77:68:7f:33:08:5b:35:73:3b:75:8e:96:6d:72:ed:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3b9360c0dda3d688f4dbe53e2b6d3cef47fe825
Validity
Not Before: Jul 27 15:16:47 2025 GMT
Not After : Jul 26 15:21:47 2026 GMT
Subject: CN=91FE4F56D418A08AA262A89768CA4BE4206465D3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:96:34:6b:e2:9c:a1:19:78:09:78:a1:51:3c:
eb:2f:45:e8:31:12:61:a4:a3:7f:9d:87:cc:d1:de:
e2:e2:96:21:be:5b:c3:ad:46:c4:92:0e:ac:d6:08:
2c:e3:63:3b:5e:47:5e:7b:a0:82:8a:64:21:6e:8e:
ba:16:61:08:ca:a0:ef:e0:32:58:36:da:dd:a3:45:
8d:71:05:7f:5f:c9:16:d8:f1:00:d6:1b:f5:ca:4f:
50:52:5e:ee:77:55:22:1a:27:cc:e2:a9:a6:6e:40:
ce:b6:a7:97:52:49:84:e8:4d:74:d1:9e:6d:42:40:
5b:7d:a5:e8:c0:47:95:19:a7:76:aa:86:c9:d7:cb:
90:84:4b:89:91:f9:d4:51:f4:9d:cd:8d:44:de:73:
26:ff:04:c5:ae:30:52:e1:bc:c9:94:f0:67:7f:8c:
be:aa:f9:8c:aa:dd:0a:56:0b:30:bd:47:e1:1c:2b:
5d:ca:24:a4:dc:25:8d:6a:57:de:46:16:a3:1d:50:
45:ac:4a:7d:85:b8:49:d4:47:43:3f:96:ba:c1:cf:
c4:bf:f5:cf:1a:40:6c:22:2d:a7:19:cf:39:c2:2d:
8f:4e:2a:bc:0d:dd:fe:cd:ee:3b:61:e0:f8:5e:c8:
de:43:ee:d6:f1:ed:d4:4d:77:5b:44:3e:ea:96:a9:
6d:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:FE:4F:56:D4:18:A0:8A:A2:62:A8:97:68:CA:4B:E4:20:64:65:D3
X509v3 Authority Key Identifier:
keyid:B3:B9:36:0C:0D:DA:3D:68:8F:4D:BE:53:E2:B6:D3:CE:F4:7F:E8:25
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ebf04c7c-f82d-471d-85ad-98c65de1c912/0/B3B9360C0DDA3D688F4DBE53E2B6D3CEF47FE825.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s7k2DA3aPWiPTb5T4rbTzvR_6CU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ebf04c7c-f82d-471d-85ad-98c65de1c912/0/323030313a3637633a3638383a3a2f34382d3438203d3e20323135393536.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:688::/48
Signature Algorithm: sha256WithRSAEncryption
93:4c:78:51:ea:38:fe:9c:e4:3b:97:47:8a:8a:46:55:61:08:
65:57:e3:b4:60:84:3c:12:8e:14:16:32:67:a8:a3:8f:2a:89:
ab:65:57:d5:3b:09:d5:1d:df:32:cb:43:87:27:70:9a:2f:ae:
34:46:0b:05:6a:26:26:dd:a9:0e:dd:fa:18:c0:96:c8:f7:d0:
93:b3:0f:a0:97:2f:56:fa:08:ac:a8:09:8e:1f:bf:16:23:bb:
05:7a:39:52:e2:5a:c4:32:26:ae:bc:e6:db:49:50:53:f6:a4:
a7:de:11:b4:88:21:07:73:1a:d6:51:22:aa:61:69:d4:b1:82:
41:ab:07:66:6e:9a:ff:55:cf:dc:ae:31:2e:ac:aa:2e:b5:0d:
c9:50:78:ce:42:9e:6e:b8:09:83:2f:91:2f:ea:c4:8e:39:b0:
cc:9c:37:f2:dd:e0:32:6e:cf:5a:f5:8d:ff:d9:04:a2:90:eb:
20:52:3b:8d:bf:80:a2:ec:56:a9:ef:8c:b3:d7:92:47:cf:cb:
7c:d3:3a:fa:8f:a4:2c:36:19:5e:61:22:2a:53:82:1b:7a:66:
d3:26:ae:8b:c6:0b:f5:c5:a7:7b:d7:af:d9:53:6e:15:04:0c:
5f:3f:87:0b:b4:1f:9c:71:17:b0:09:75:92:ac:97:71:2b:4e:
92:8d:9f:63
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUOYDsW3dofzMIWzVzO3WOlm1y7ZUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjNiOTM2MGMwZGRhM2Q2ODhmNGRiZTUzZTJiNmQzY2Vm
NDdmZTgyNTAeFw0yNTA3MjcxNTE2NDdaFw0yNjA3MjYxNTIxNDdaMDMxMTAvBgNV
BAMTKDkxRkU0RjU2RDQxOEEwOEFBMjYyQTg5NzY4Q0E0QkU0MjA2NDY1RDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaljRr4pyhGXgJeKFRPOsvRegx
EmGko3+dh8zR3uLiliG+W8OtRsSSDqzWCCzjYzteR157oIKKZCFujroWYQjKoO/g
Mlg22t2jRY1xBX9fyRbY8QDWG/XKT1BSXu53VSIaJ8ziqaZuQM62p5dSSYToTXTR
nm1CQFt9pejAR5UZp3aqhsnXy5CES4mR+dRR9J3NjUTecyb/BMWuMFLhvMmU8Gd/
jL6q+Yyq3QpWCzC9R+EcK13KJKTcJY1qV95GFqMdUEWsSn2FuEnUR0M/lrrBz8S/
9c8aQGwiLacZzznCLY9OKrwN3f7N7jth4PheyN5D7tbx7dRNd1tEPuqWqW11AgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUkf5PVtQYoIqiYqiXaMpL5CBkZdMwHwYDVR0j
BBgwFoAUs7k2DA3aPWiPTb5T4rbTzvR/6CUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZWJmMDRjN2MtZjgyZC00NzFkLTg1YWQtOThjNjVkZTFj
OTEyLzAvQjNCOTM2MEMwRERBM0Q2ODhGNERCRTUzRTJCNkQzQ0VGNDdGRTgyNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3M3azJEQTNhUFdpUFRiNVQ0cmJUenZS
XzZDVS5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZWJmMDRjN2Mt
ZjgyZC00NzFkLTg1YWQtOThjNjVkZTFjOTEyLzAvMzIzMDMwMzEzYTM2Mzc2MzNh
MzYzODM4M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzMTM1MzkzNTM2LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAIAEGfAaIMA0GCSqGSIb3DQEBCwUAA4IBAQCTTHhR6jj+nOQ7l0eKikZV
YQhlV+O0YIQ8Eo4UFjJnqKOPKomrZVfVOwnVHd8yy0OHJ3CaL640RgsFaiYm3akO
3foYwJbI99CTsw+gly9W+gisqAmOH78WI7sFejlS4lrEMiauvObbSVBT9qSn3hG0
iCEHcxrWUSKqYWnUsYJBqwdmbpr/Vc/crjEurKoutQ3JUHjOQp5uuAmDL5Ev6sSO
ObDMnDfy3eAybs9a9Y3/2QSikOsgUjuNv4Ci7Fap74yz15JHz8t80zr6j6QsNhle
YSIqU4IbembTJq6Lxgv1xad716/ZU24VBAxfP4cLtB+ccRewCXWSrJdxK06SjZ9j
-----END CERTIFICATE-----
Generated at Mon Aug 4 18:29:11 2025 by rpki-client