Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563373a663530303a3a2f34302d3430203d3e20323038343533.roa
File: 326131343a316563373a663530303a3a2f34302d3430203d3e20323038343533.roa (raw, json)
Hash identifier: 26SEXU3Pd+BR8SHx6kufhwY94Io89XBTIVQPTTPnVB8=
Subject key identifier: FB:34:7E:6E:03:F0:CC:53:51:8B:EC:04:28:88:3B:0B:B3:47:80:09
Certificate issuer: /CN=3134ee987e08d8b5583feef621a03150c4f35434
Certificate serial: 1199E1A53E2F8042FE19484167700C7B19F78479
Authority key identifier: 31:34:EE:98:7E:08:D8:B5:58:3F:EE:F6:21:A0:31:50:C4:F3:54:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563373a663530303a3a2f34302d3430203d3e20323038343533.roa
Signing time: Fri 19 Sep 2025 12:55:32 +0000
ROA not before: Fri 19 Sep 2025 12:50:32 +0000
ROA not after: Fri 18 Sep 2026 12:55:32 +0000
asID: 208453
IP address blocks: 2a14:1ec7:f500::/40 maxlen: 40
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.crl
rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.mft
rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 05:47:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:99:e1:a5:3e:2f:80:42:fe:19:48:41:67:70:0c:7b:19:f7:84:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3134ee987e08d8b5583feef621a03150c4f35434
Validity
Not Before: Sep 19 12:50:32 2025 GMT
Not After : Sep 18 12:55:32 2026 GMT
Subject: CN=FB347E6E03F0CC53518BEC0428883B0BB3478009
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:31:cf:7d:f3:72:bd:61:98:8b:46:65:75:2b:
e3:7b:0b:82:36:a2:72:79:1c:4f:d8:3e:ca:41:49:
0f:f4:08:c9:a0:d7:b0:72:5e:8b:6c:1d:18:4e:ef:
6d:f4:f6:1d:10:a4:86:f0:ad:3b:96:c1:a4:c3:9f:
1c:f7:2a:43:38:42:c7:84:ee:d0:fc:ba:f0:7d:5a:
68:06:3a:5d:f3:57:9f:c5:cd:2b:ff:09:1f:42:95:
17:6e:41:c8:1e:2d:3e:ff:b2:9c:eb:5b:cb:1d:64:
b5:bf:74:d2:83:a8:48:a5:da:7f:86:77:4c:21:31:
fa:0b:e7:f4:c7:e0:a5:5d:70:06:c4:b3:2b:9a:41:
86:f9:f8:d2:7b:3a:ea:d4:5d:d8:59:5a:8b:11:02:
3d:41:fd:e0:cf:ac:36:4e:0d:d6:ee:e1:9f:5a:22:
37:9b:95:dc:8c:b5:a6:e4:2d:c4:51:76:c8:48:12:
16:1e:92:3e:ae:20:09:7a:31:5f:57:c5:0d:e3:75:
20:db:04:64:dd:d6:94:25:bd:fa:89:49:2d:90:d0:
72:8a:10:47:c3:46:fd:f9:02:5c:98:20:9b:5f:9a:
2c:f7:71:09:c2:3f:4b:78:c8:62:1d:da:9e:dc:8c:
86:fa:ba:5e:cd:b2:63:5a:99:9f:7d:6c:1c:b9:f6:
da:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:34:7E:6E:03:F0:CC:53:51:8B:EC:04:28:88:3B:0B:B3:47:80:09
X509v3 Authority Key Identifier:
keyid:31:34:EE:98:7E:08:D8:B5:58:3F:EE:F6:21:A0:31:50:C4:F3:54:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563373a663530303a3a2f34302d3430203d3e20323038343533.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:1ec7:f500::/40
Signature Algorithm: sha256WithRSAEncryption
17:28:ed:3a:12:fa:e5:89:65:6e:98:e9:fe:b4:c8:b2:1a:a9:
75:1d:31:77:06:34:57:45:ee:20:49:65:6e:ba:8d:fe:37:a9:
fb:d9:38:fd:81:7c:e4:1e:60:8c:f8:9c:83:c5:75:e4:28:b4:
69:59:39:30:0f:96:e2:b5:02:50:ac:02:4d:93:47:47:26:4b:
7d:39:0a:2b:c8:c5:50:5d:06:77:3d:92:45:68:68:73:f2:c2:
d7:16:a7:b4:10:a5:ed:90:d5:a1:29:ce:85:7a:06:ea:16:4d:
c6:d1:d8:1f:38:6d:b8:fc:0e:c2:ec:74:b9:07:c7:a3:28:e0:
a2:83:0a:f9:cb:ee:9b:a4:76:37:07:a0:11:a6:76:e3:08:d8:
27:9f:39:8f:d8:91:46:57:5b:b0:3d:a2:4b:2e:9a:06:d1:6a:
e3:b3:d0:a0:fa:64:38:38:ca:82:97:e5:2e:6e:47:44:98:55:
96:65:08:84:ac:43:b2:de:83:85:00:2a:c4:13:d3:97:73:9c:
b1:e5:68:fa:1d:8c:81:39:fd:ee:cb:22:7e:f2:5c:75:dd:16:
29:b8:05:f6:2b:96:f3:9c:0d:d7:54:b3:f2:97:00:4f:fd:47:
ad:17:ed:eb:d4:fc:50:f1:ff:ea:69:2b:b8:d8:d8:c3:8f:7e:
74:35:c6:22
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIUEZnhpT4vgEL+GUhBZ3AMexn3hHkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzEzNGVlOTg3ZTA4ZDhiNTU4M2ZlZWY2MjFhMDMxNTBj
NGYzNTQzNDAeFw0yNTA5MTkxMjUwMzJaFw0yNjA5MTgxMjU1MzJaMDMxMTAvBgNV
BAMTKEZCMzQ3RTZFMDNGMENDNTM1MThCRUMwNDI4ODgzQjBCQjM0NzgwMDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNMc9983K9YZiLRmV1K+N7C4I2
onJ5HE/YPspBSQ/0CMmg17ByXotsHRhO72309h0QpIbwrTuWwaTDnxz3KkM4QseE
7tD8uvB9WmgGOl3zV5/FzSv/CR9ClRduQcgeLT7/spzrW8sdZLW/dNKDqEil2n+G
d0whMfoL5/TH4KVdcAbEsyuaQYb5+NJ7OurUXdhZWosRAj1B/eDPrDZODdbu4Z9a
IjebldyMtabkLcRRdshIEhYekj6uIAl6MV9XxQ3jdSDbBGTd1pQlvfqJSS2Q0HKK
EEfDRv35AlyYIJtfmiz3cQnCP0t4yGId2p7cjIb6ul7NsmNamZ99bBy59torAgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQU+zR+bgPwzFNRi+wEKIg7C7NHgAkwHwYDVR0j
BBgwFoAUMTTumH4I2LVYP+72IaAxUMTzVDQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWEzYmI5M2YtOThhNC00YzdlLWEwZTEtODA1N2E0ZjA4
NmM5LzAvMzEzNEVFOTg3RTA4RDhCNTU4M0ZFRUY2MjFBMDMxNTBDNEYzNTQzNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL01UVHVtSDRJMkxWWVAtNzJJYUF4VU1U
elZEUS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWEzYmI5M2Yt
OThhNC00YzdlLWEwZTEtODA1N2E0ZjA4NmM5LzAvMzI2MTMxMzQzYTMxNjU2MzM3
M2E2NjM1MzAzMDNhM2EyZjM0MzAyZDM0MzAyMDNkM2UyMDMyMzAzODM0MzUzMy5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw
DgQCAAIwCAMGACoUHsf1MA0GCSqGSIb3DQEBCwUAA4IBAQAXKO06EvrliWVumOn+
tMiyGql1HTF3BjRXRe4gSWVuuo3+N6n72Tj9gXzkHmCM+JyDxXXkKLRpWTkwD5bi
tQJQrAJNk0dHJkt9OQoryMVQXQZ3PZJFaGhz8sLXFqe0EKXtkNWhKc6FegbqFk3G
0dgfOG24/A7C7HS5B8ejKOCigwr5y+6bpHY3B6ARpnbjCNgnnzmP2JFGV1uwPaJL
LpoG0Wrjs9Cg+mQ4OMqCl+UubkdEmFWWZQiErEOy3oOFACrEE9OXc5yx5Wj6HYyB
Of3uyyJ+8lx13RYpuAX2K5bznA3XVLPylwBP/UetF+3r1PxQ8f/qaSu42NjDj350
NcYi
-----END CERTIFICATE-----
Generated at Sun Oct 19 23:02:57 2025 by rpki-client