Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563373a663830313a3a2f34382d3438203d3e20323131303139.roa
File: 326131343a316563373a663830313a3a2f34382d3438203d3e20323131303139.roa (raw, json)
Hash identifier: q5taedROXWkWDrb/6D/rTI85VzK640g7YzLTCK454po=
Subject key identifier: 8D:4C:D6:08:6A:BF:E2:D1:32:F9:CB:F4:3C:76:37:57:2E:E0:DB:36
Certificate issuer: /CN=3134ee987e08d8b5583feef621a03150c4f35434
Certificate serial: 0F15964F9D2DC2AA87589CFFE83CCDE970B06F08
Authority key identifier: 31:34:EE:98:7E:08:D8:B5:58:3F:EE:F6:21:A0:31:50:C4:F3:54:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563373a663830313a3a2f34382d3438203d3e20323131303139.roa
Signing time: Mon 06 Oct 2025 12:18:26 +0000
ROA not before: Mon 06 Oct 2025 12:13:26 +0000
ROA not after: Mon 05 Oct 2026 12:18:26 +0000
asID: 211019
IP address blocks: 2a14:1ec7:f801::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.crl
rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.mft
rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:15:96:4f:9d:2d:c2:aa:87:58:9c:ff:e8:3c:cd:e9:70:b0:6f:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3134ee987e08d8b5583feef621a03150c4f35434
Validity
Not Before: Oct 6 12:13:26 2025 GMT
Not After : Oct 5 12:18:26 2026 GMT
Subject: CN=8D4CD6086ABFE2D132F9CBF43C7637572EE0DB36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:9f:b5:4f:f7:7b:a5:7b:9c:b0:1b:44:bf:cf:
45:c5:ed:6c:57:42:c7:28:bb:b3:a1:4d:dc:6b:c3:
d1:17:b7:b8:0c:6d:69:e8:0f:f3:57:3f:7f:9d:ba:
c0:2b:27:b6:71:1e:75:cb:05:96:29:33:1c:33:9b:
0d:7f:03:ab:1c:f9:d2:50:7c:12:3c:0c:3a:45:14:
ff:56:b6:9a:cb:a7:1e:a5:72:82:3e:5f:36:48:0a:
fc:57:3a:a3:8f:b6:3a:58:67:cd:9b:a7:8c:b4:f7:
6a:ed:e5:81:7e:a3:2f:8d:77:70:a9:9f:84:fb:f7:
53:2e:43:47:ca:c6:66:79:fe:2d:53:89:e4:a3:71:
b9:dc:3f:33:50:ed:ab:1d:c9:01:a1:77:37:29:0f:
b8:17:b5:8f:e4:2c:9a:0d:00:ee:e4:f8:12:d9:65:
3b:10:00:38:58:58:7f:7d:2f:94:3e:33:b0:cf:fc:
1a:22:cc:01:a0:bc:10:bc:bd:d2:38:71:63:9c:43:
56:9d:91:1e:d4:c9:c5:a9:fb:20:b0:03:95:ff:84:
00:82:1c:df:eb:bb:21:5f:5f:ff:76:1f:b0:78:c1:
73:3b:54:bb:87:63:b7:b0:06:85:14:42:79:9b:76:
d7:71:b8:b4:6e:8d:81:e3:99:ae:45:8f:9b:f5:52:
df:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:4C:D6:08:6A:BF:E2:D1:32:F9:CB:F4:3C:76:37:57:2E:E0:DB:36
X509v3 Authority Key Identifier:
keyid:31:34:EE:98:7E:08:D8:B5:58:3F:EE:F6:21:A0:31:50:C4:F3:54:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563373a663830313a3a2f34382d3438203d3e20323131303139.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:1ec7:f801::/48
Signature Algorithm: sha256WithRSAEncryption
0b:b8:df:83:87:f6:93:7a:8d:f8:c2:cd:d9:fe:9c:53:e9:d9:
3e:95:e2:c9:3f:af:03:8f:13:a9:6e:10:36:7e:94:e5:55:ed:
0c:89:e9:3e:61:b2:22:b8:98:a5:ac:e2:52:ab:33:bb:1e:a5:
db:d2:d9:ee:67:16:5c:66:e5:53:96:46:c7:ae:ce:0d:a8:7d:
69:4c:8c:9c:98:2d:9c:50:c9:8f:82:46:21:85:42:dd:c6:b0:
db:d3:32:83:d0:12:40:f6:d3:05:bc:ea:08:2e:b9:f7:a6:92:
15:f7:bd:40:53:27:03:3c:6f:74:e2:cd:29:9d:c4:70:e0:6d:
2c:76:68:4f:b1:ff:ca:75:ca:08:12:ea:12:cf:b8:34:1e:35:
c6:44:5c:b2:e1:9e:e2:4b:28:b1:fd:d3:6c:b8:1f:39:b4:64:
08:b4:ef:b3:5b:b3:09:62:c3:2e:64:6b:df:28:f6:8d:33:6a:
38:53:cc:53:be:83:84:39:bb:40:99:eb:00:e8:33:5b:1d:45:
ae:d0:bf:9e:55:e4:1a:16:a1:61:47:a3:18:d2:5f:4b:e5:fa:
8b:b0:03:f1:58:6e:b3:08:2e:5a:e8:94:6d:77:f4:5d:bc:7c:
49:03:b5:90:4a:72:ac:cd:99:bf:0a:a6:fc:df:97:22:f6:86:
2d:2d:c5:a6
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUDxWWT50twqqHWJz/6DzN6XCwbwgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzEzNGVlOTg3ZTA4ZDhiNTU4M2ZlZWY2MjFhMDMxNTBj
NGYzNTQzNDAeFw0yNTEwMDYxMjEzMjZaFw0yNjEwMDUxMjE4MjZaMDMxMTAvBgNV
BAMTKDhENENENjA4NkFCRkUyRDEzMkY5Q0JGNDNDNzYzNzU3MkVFMERCMzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRn7VP93ule5ywG0S/z0XF7WxX
Qscou7OhTdxrw9EXt7gMbWnoD/NXP3+dusArJ7ZxHnXLBZYpMxwzmw1/A6sc+dJQ
fBI8DDpFFP9WtprLpx6lcoI+XzZICvxXOqOPtjpYZ82bp4y092rt5YF+oy+Nd3Cp
n4T791MuQ0fKxmZ5/i1TieSjcbncPzNQ7asdyQGhdzcpD7gXtY/kLJoNAO7k+BLZ
ZTsQADhYWH99L5Q+M7DP/BoizAGgvBC8vdI4cWOcQ1adkR7UycWp+yCwA5X/hACC
HN/ruyFfX/92H7B4wXM7VLuHY7ewBoUUQnmbdtdxuLRujYHjma5Fj5v1Ut9XAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUjUzWCGq/4tEy+cv0PHY3Vy7g2zYwHwYDVR0j
BBgwFoAUMTTumH4I2LVYP+72IaAxUMTzVDQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWEzYmI5M2YtOThhNC00YzdlLWEwZTEtODA1N2E0ZjA4
NmM5LzAvMzEzNEVFOTg3RTA4RDhCNTU4M0ZFRUY2MjFBMDMxNTBDNEYzNTQzNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL01UVHVtSDRJMkxWWVAtNzJJYUF4VU1U
elZEUS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWEzYmI5M2Yt
OThhNC00YzdlLWEwZTEtODA1N2E0ZjA4NmM5LzAvMzI2MTMxMzQzYTMxNjU2MzM3
M2E2NjM4MzAzMTNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzMTMwMzEzOS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoUHsf4ATANBgkqhkiG9w0BAQsFAAOCAQEAC7jfg4f2k3qN+MLN
2f6cU+nZPpXiyT+vA48TqW4QNn6U5VXtDInpPmGyIriYpaziUqszux6l29LZ7mcW
XGblU5ZGx67ODah9aUyMnJgtnFDJj4JGIYVC3caw29Myg9ASQPbTBbzqCC6596aS
Ffe9QFMnAzxvdOLNKZ3EcOBtLHZoT7H/ynXKCBLqEs+4NB41xkRcsuGe4ksosf3T
bLgfObRkCLTvs1uzCWLDLmRr3yj2jTNqOFPMU76DhDm7QJnrAOgzWx1FrtC/nlXk
GhahYUejGNJfS+X6i7AD8VhuswguWuiUbXf0Xbx8SQO1kEpyrM2Zvwqm/N+XIvaG
LS3Fpg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 03:43:09 2025 by rpki-client