Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563373a663130303a3a2f34302d3438203d3e20323134313838.roa
File: 326131343a316563373a663130303a3a2f34302d3438203d3e20323134313838.roa (raw, json)
Hash identifier: l6K8Ipuv+LpAjKBvLV7xS+N25xPDi1Q5md9XNlMDt3o=
Subject key identifier: 32:A3:B5:45:72:F3:BF:45:49:6A:85:75:DB:BD:45:B8:9D:31:77:8D
Certificate issuer: /CN=3134ee987e08d8b5583feef621a03150c4f35434
Certificate serial: 2F256B34B1D5D8605D1DFD7C4F3808CBB5177D5A
Authority key identifier: 31:34:EE:98:7E:08:D8:B5:58:3F:EE:F6:21:A0:31:50:C4:F3:54:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563373a663130303a3a2f34302d3438203d3e20323134313838.roa
Signing time: Mon 18 Aug 2025 11:55:30 +0000
ROA not before: Mon 18 Aug 2025 11:50:30 +0000
ROA not after: Mon 17 Aug 2026 11:55:30 +0000
asID: 214188
IP address blocks: 2a14:1ec7:f100::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.crl
rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.mft
rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 02:00:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:25:6b:34:b1:d5:d8:60:5d:1d:fd:7c:4f:38:08:cb:b5:17:7d:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3134ee987e08d8b5583feef621a03150c4f35434
Validity
Not Before: Aug 18 11:50:30 2025 GMT
Not After : Aug 17 11:55:30 2026 GMT
Subject: CN=32A3B54572F3BF45496A8575DBBD45B89D31778D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:e3:27:0c:27:2f:26:e9:52:5c:df:7c:86:f7:
a7:9e:12:e3:73:86:86:ec:00:44:b5:83:62:70:77:
6e:9e:29:6e:47:63:f6:24:ea:4b:88:b3:36:83:58:
e9:7f:ed:5d:ea:25:c0:09:57:39:2a:8e:4f:58:46:
74:9d:4d:5f:d2:ef:96:fe:9b:29:e6:77:f9:13:ca:
d5:cd:1f:b3:43:e4:78:a9:13:c3:89:10:16:11:df:
54:66:1b:33:23:30:a1:92:49:95:2a:22:d8:11:d3:
07:d6:a7:03:f2:56:e5:75:5e:8c:6f:e6:48:3e:f5:
21:b1:cd:35:cd:15:cd:10:75:bd:f2:20:a3:59:7b:
de:e0:97:c0:8c:08:15:bb:f8:af:3c:44:ad:4b:02:
e0:c7:36:db:c9:54:a8:f1:97:3b:c1:3a:83:84:09:
05:bb:2f:1f:7e:62:32:21:16:06:53:f8:c2:55:37:
25:81:51:e6:7e:f4:57:bf:f0:ed:50:30:39:34:f7:
2e:7c:28:06:03:ad:76:f9:0c:4c:b4:ef:92:39:c9:
b7:9f:5c:2d:d2:3d:26:33:8e:71:0e:ff:c7:ce:f4:
f5:8f:d1:b0:e1:10:76:4d:48:68:aa:ca:a4:8f:1f:
e6:77:ce:35:15:46:4f:e8:47:64:a9:51:90:7b:00:
de:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:A3:B5:45:72:F3:BF:45:49:6A:85:75:DB:BD:45:B8:9D:31:77:8D
X509v3 Authority Key Identifier:
keyid:31:34:EE:98:7E:08:D8:B5:58:3F:EE:F6:21:A0:31:50:C4:F3:54:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563373a663130303a3a2f34302d3438203d3e20323134313838.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:1ec7:f100::/40
Signature Algorithm: sha256WithRSAEncryption
2e:a7:32:bb:16:0b:2b:af:85:a9:18:81:2b:0b:c9:33:49:11:
98:8a:f1:6a:53:d5:34:62:e9:6b:49:5b:67:f7:d2:b0:d4:ee:
46:5a:df:a8:36:94:95:65:e3:9d:60:f6:e4:23:67:91:ff:56:
3d:7f:5f:10:5a:e3:da:55:09:33:c1:b4:03:26:da:3f:e4:01:
e9:a2:34:0b:6a:86:35:bd:bb:77:28:12:5f:01:06:f6:bd:e0:
24:c8:1e:22:4f:e8:56:b9:b6:a5:43:cf:e2:c2:3a:a9:71:25:
3b:b0:dd:76:00:b9:45:13:c6:d9:7f:37:db:ed:cf:54:f7:05:
07:f8:4a:43:87:ac:d9:df:0a:03:2c:da:56:3a:5a:39:82:a5:
5c:ff:89:21:c1:9c:c1:68:7f:4b:86:96:b2:e4:db:cf:9f:ad:
88:c2:4f:de:80:eb:cc:14:a2:55:4f:c7:10:2f:fa:d0:f9:35:
30:09:d5:54:ba:d4:e3:1c:0b:b1:a1:55:b3:d2:a7:b5:d4:8c:
53:54:10:5a:45:1d:4a:da:05:a9:12:7e:3e:e0:6c:1e:07:c6:
8d:e1:47:70:de:45:ed:09:77:7a:2d:99:b5:70:b6:6d:0e:a2:
59:f7:a4:01:fd:63:17:6e:cf:5a:98:62:94:ca:a3:1c:cf:1e:
88:b0:d1:91
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIULyVrNLHV2GBdHf18TzgIy7UXfVowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzEzNGVlOTg3ZTA4ZDhiNTU4M2ZlZWY2MjFhMDMxNTBj
NGYzNTQzNDAeFw0yNTA4MTgxMTUwMzBaFw0yNjA4MTcxMTU1MzBaMDMxMTAvBgNV
BAMTKDMyQTNCNTQ1NzJGM0JGNDU0OTZBODU3NURCQkQ0NUI4OUQzMTc3OEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDk4ycMJy8m6VJc33yG96eeEuNz
hobsAES1g2Jwd26eKW5HY/Yk6kuIszaDWOl/7V3qJcAJVzkqjk9YRnSdTV/S75b+
mynmd/kTytXNH7ND5HipE8OJEBYR31RmGzMjMKGSSZUqItgR0wfWpwPyVuV1Xoxv
5kg+9SGxzTXNFc0Qdb3yIKNZe97gl8CMCBW7+K88RK1LAuDHNtvJVKjxlzvBOoOE
CQW7Lx9+YjIhFgZT+MJVNyWBUeZ+9Fe/8O1QMDk09y58KAYDrXb5DEy075I5ybef
XC3SPSYzjnEO/8fO9PWP0bDhEHZNSGiqyqSPH+Z3zjUVRk/oR2SpUZB7AN4TAgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQUMqO1RXLzv0VJaoV1271FuJ0xd40wHwYDVR0j
BBgwFoAUMTTumH4I2LVYP+72IaAxUMTzVDQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWEzYmI5M2YtOThhNC00YzdlLWEwZTEtODA1N2E0ZjA4
NmM5LzAvMzEzNEVFOTg3RTA4RDhCNTU4M0ZFRUY2MjFBMDMxNTBDNEYzNTQzNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL01UVHVtSDRJMkxWWVAtNzJJYUF4VU1U
elZEUS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWEzYmI5M2Yt
OThhNC00YzdlLWEwZTEtODA1N2E0ZjA4NmM5LzAvMzI2MTMxMzQzYTMxNjU2MzM3
M2E2NjMxMzAzMDNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDMyMzEzNDMxMzgzOC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw
DgQCAAIwCAMGACoUHsfxMA0GCSqGSIb3DQEBCwUAA4IBAQAupzK7Fgsrr4WpGIEr
C8kzSRGYivFqU9U0YulrSVtn99Kw1O5GWt+oNpSVZeOdYPbkI2eR/1Y9f18QWuPa
VQkzwbQDJto/5AHpojQLaoY1vbt3KBJfAQb2veAkyB4iT+hWubalQ8/iwjqpcSU7
sN12ALlFE8bZfzfb7c9U9wUH+EpDh6zZ3woDLNpWOlo5gqVc/4khwZzBaH9Lhpay
5NvPn62Iwk/egOvMFKJVT8cQL/rQ+TUwCdVUutTjHAuxoVWz0qe11IxTVBBaRR1K
2gWpEn4+4GweB8aN4Udw3kXtCXd6LZm1cLZtDqJZ96QB/WMXbs9amGKUyqMczx6I
sNGR
-----END CERTIFICATE-----
Generated at Sat Aug 23 20:06:52 2025 by rpki-client