Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563373a663930303a3a2f34302d3438203d3e20323131363733.roa
File: 326131343a316563373a663930303a3a2f34302d3438203d3e20323131363733.roa (raw, json)
Hash identifier: eFx1IPRipEBged0ZijUlxcw0OO6jOfnGP3TjandnEEA=
Subject key identifier: 00:49:9A:AD:DE:B7:06:1A:E0:28:E6:F2:13:42:F2:8C:4F:B0:15:CC
Certificate issuer: /CN=3134ee987e08d8b5583feef621a03150c4f35434
Certificate serial: 60BC368FECE735104C332E019D197536957F1850
Authority key identifier: 31:34:EE:98:7E:08:D8:B5:58:3F:EE:F6:21:A0:31:50:C4:F3:54:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563373a663930303a3a2f34302d3438203d3e20323131363733.roa
Signing time: Thu 25 Sep 2025 12:36:10 +0000
ROA not before: Thu 25 Sep 2025 12:31:10 +0000
ROA not after: Thu 24 Sep 2026 12:36:10 +0000
asID: 211673
IP address blocks: 2a14:1ec7:f900::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.crl
rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.mft
rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:bc:36:8f:ec:e7:35:10:4c:33:2e:01:9d:19:75:36:95:7f:18:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3134ee987e08d8b5583feef621a03150c4f35434
Validity
Not Before: Sep 25 12:31:10 2025 GMT
Not After : Sep 24 12:36:10 2026 GMT
Subject: CN=00499AADDEB7061AE028E6F21342F28C4FB015CC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:29:96:50:ba:49:a5:94:f2:45:ee:a1:88:70:
19:a3:40:ae:55:25:89:92:7b:54:0b:27:40:d6:d2:
bb:7e:67:33:c1:9a:af:af:22:e0:a9:11:0a:ba:5f:
1d:6f:26:21:38:66:9f:04:2b:c3:72:1b:44:9a:a4:
a4:8f:b1:35:a0:84:24:f3:61:1f:2a:ef:ed:d0:fc:
97:0d:70:7d:82:c4:b8:62:ad:7f:2e:68:11:0d:48:
f3:89:6f:8b:c8:c0:d4:2c:b4:c6:46:1d:c3:59:ca:
5f:32:60:32:c3:1b:da:93:83:f1:a6:74:dc:b2:db:
53:8d:ec:c0:70:8d:ac:34:a4:e6:db:9e:b7:ba:5e:
b3:b7:f1:a0:88:cd:00:09:b3:f4:ba:af:3f:78:de:
dc:fe:d1:ea:36:89:9f:1b:d5:0d:23:3a:11:bf:21:
0f:6c:dd:05:95:c1:78:6f:18:5a:a3:ab:20:89:d4:
2f:96:f0:27:e8:8b:b5:1e:0e:80:ed:04:76:ab:f3:
ae:c4:ea:06:88:07:d9:b4:71:6b:4e:80:e8:4b:60:
b6:dd:4b:27:34:57:1b:c2:b3:30:9f:6f:00:0f:53:
d3:51:12:89:74:9c:7a:39:3a:65:42:0e:c8:65:1b:
e9:3c:67:c9:b6:f1:22:ad:85:07:3b:ab:9f:2f:f1:
b7:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:49:9A:AD:DE:B7:06:1A:E0:28:E6:F2:13:42:F2:8C:4F:B0:15:CC
X509v3 Authority Key Identifier:
keyid:31:34:EE:98:7E:08:D8:B5:58:3F:EE:F6:21:A0:31:50:C4:F3:54:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563373a663930303a3a2f34302d3438203d3e20323131363733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:1ec7:f900::/40
Signature Algorithm: sha256WithRSAEncryption
43:4a:dc:b8:93:b8:ee:43:9a:10:b5:2d:c8:30:dd:e1:59:40:
3a:6d:71:dd:81:fb:e9:0f:59:f1:f9:34:90:1b:d2:a4:81:30:
07:5b:fb:58:88:c9:d4:57:32:a6:02:9b:2c:0d:7e:8b:54:54:
c2:87:0a:25:97:85:27:7d:53:d6:20:79:d6:8d:7d:de:05:44:
37:a7:b0:6c:42:4c:99:a9:b4:55:2a:45:58:1b:39:0b:be:bc:
d9:b6:38:54:f6:c7:5a:e5:b6:53:67:9f:4f:23:d3:8a:9c:5a:
75:d7:ef:06:79:79:65:b4:c3:61:f5:52:69:8e:c3:69:58:6c:
86:c5:62:c2:ec:4a:4a:e6:3f:86:1b:7c:aa:f5:bb:f2:17:a8:
eb:40:49:52:73:43:b5:2b:46:5c:b7:54:fe:50:ed:7a:31:90:
13:e7:8c:43:9e:45:47:de:03:a6:39:f0:50:07:3d:f0:4e:73:
86:16:0b:38:c9:0a:5d:34:e4:56:b1:1f:e0:a6:a8:27:25:f1:
f9:10:3d:16:4a:be:b9:11:7b:f1:f6:9e:d5:62:5b:c1:75:85:
3d:22:e2:09:cb:41:69:59:36:32:1c:d7:1d:62:06:74:14:a8:
4c:b6:4a:56:04:74:cc:59:4c:69:af:91:6e:26:f5:9c:39:80:
90:31:49:4e
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIUYLw2j+znNRBMMy4BnRl1NpV/GFAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzEzNGVlOTg3ZTA4ZDhiNTU4M2ZlZWY2MjFhMDMxNTBj
NGYzNTQzNDAeFw0yNTA5MjUxMjMxMTBaFw0yNjA5MjQxMjM2MTBaMDMxMTAvBgNV
BAMTKDAwNDk5QUFEREVCNzA2MUFFMDI4RTZGMjEzNDJGMjhDNEZCMDE1Q0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMKZZQukmllPJF7qGIcBmjQK5V
JYmSe1QLJ0DW0rt+ZzPBmq+vIuCpEQq6Xx1vJiE4Zp8EK8NyG0SapKSPsTWghCTz
YR8q7+3Q/JcNcH2CxLhirX8uaBENSPOJb4vIwNQstMZGHcNZyl8yYDLDG9qTg/Gm
dNyy21ON7MBwjaw0pObbnre6XrO38aCIzQAJs/S6rz943tz+0eo2iZ8b1Q0jOhG/
IQ9s3QWVwXhvGFqjqyCJ1C+W8Cfoi7UeDoDtBHar867E6gaIB9m0cWtOgOhLYLbd
Syc0VxvCszCfbwAPU9NREol0nHo5OmVCDshlG+k8Z8m28SKthQc7q58v8be5AgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQUAEmard63BhrgKObyE0LyjE+wFcwwHwYDVR0j
BBgwFoAUMTTumH4I2LVYP+72IaAxUMTzVDQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWEzYmI5M2YtOThhNC00YzdlLWEwZTEtODA1N2E0ZjA4
NmM5LzAvMzEzNEVFOTg3RTA4RDhCNTU4M0ZFRUY2MjFBMDMxNTBDNEYzNTQzNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL01UVHVtSDRJMkxWWVAtNzJJYUF4VU1U
elZEUS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWEzYmI5M2Yt
OThhNC00YzdlLWEwZTEtODA1N2E0ZjA4NmM5LzAvMzI2MTMxMzQzYTMxNjU2MzM3
M2E2NjM5MzAzMDNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDMyMzEzMTM2MzczMy5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw
DgQCAAIwCAMGACoUHsf5MA0GCSqGSIb3DQEBCwUAA4IBAQBDSty4k7juQ5oQtS3I
MN3hWUA6bXHdgfvpD1nx+TSQG9KkgTAHW/tYiMnUVzKmApssDX6LVFTChwoll4Un
fVPWIHnWjX3eBUQ3p7BsQkyZqbRVKkVYGzkLvrzZtjhU9sda5bZTZ59PI9OKnFp1
1+8GeXlltMNh9VJpjsNpWGyGxWLC7EpK5j+GG3yq9bvyF6jrQElSc0O1K0Zct1T+
UO16MZAT54xDnkVH3gOmOfBQBz3wTnOGFgs4yQpdNORWsR/gpqgnJfH5ED0WSr65
EXvx9p7VYlvBdYU9IuIJy0FpWTYyHNcdYgZ0FKhMtkpWBHTMWUxpr5FuJvWcOYCQ
MUlO
-----END CERTIFICATE-----
Generated at Mon Oct 20 03:42:59 2025 by rpki-client