Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563373a666330303a3a2f34302d3438203d3e20323130363435.roa
File: 326131343a316563373a666330303a3a2f34302d3438203d3e20323130363435.roa (raw, json)
Hash identifier: D0UhxJixjH/6ED4b7asHdvZhN16xQRz9JstOKq1KOMc=
Subject key identifier: A8:48:4A:1F:C4:94:CF:DF:45:CD:CE:CA:75:BF:E7:53:56:AD:70:86
Certificate issuer: /CN=3134ee987e08d8b5583feef621a03150c4f35434
Certificate serial: 05EDBEB8920ECCF7C3541F49BF801FAE31E5FAD4
Authority key identifier: 31:34:EE:98:7E:08:D8:B5:58:3F:EE:F6:21:A0:31:50:C4:F3:54:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563373a666330303a3a2f34302d3438203d3e20323130363435.roa
Signing time: Wed 13 Aug 2025 09:08:12 +0000
ROA not before: Wed 13 Aug 2025 09:03:12 +0000
ROA not after: Wed 12 Aug 2026 09:08:12 +0000
asID: 210645
IP address blocks: 2a14:1ec7:fc00::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.crl
rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.mft
rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 17:19:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:ed:be:b8:92:0e:cc:f7:c3:54:1f:49:bf:80:1f:ae:31:e5:fa:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3134ee987e08d8b5583feef621a03150c4f35434
Validity
Not Before: Aug 13 09:03:12 2025 GMT
Not After : Aug 12 09:08:12 2026 GMT
Subject: CN=A8484A1FC494CFDF45CDCECA75BFE75356AD7086
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:35:dc:50:ae:e9:07:59:04:cb:80:e1:06:28:
06:c1:33:ba:cb:9a:02:bd:fa:6d:23:f0:46:d3:85:
60:0a:dc:fd:80:47:ed:ac:22:ca:29:3e:44:1f:bf:
42:7d:b4:b1:40:6f:f6:b0:76:51:a1:1c:db:a9:58:
bf:90:df:f3:07:9a:5e:90:57:a4:3e:f7:77:15:aa:
39:6d:24:ed:dc:40:54:56:a4:ab:1c:8b:b4:fc:29:
f1:3d:7c:e4:48:f0:0a:95:44:e1:39:e1:8d:b9:52:
65:d5:96:5e:2c:60:22:10:fe:df:7d:0d:14:9d:3d:
32:a4:78:94:b6:15:c2:69:33:cd:cf:13:9a:41:c5:
9f:2e:37:0a:4f:27:b3:de:77:67:c4:7a:b5:74:c3:
cc:45:11:77:b3:4e:53:3f:6b:be:4e:72:6e:12:81:
11:a5:e6:b4:14:48:26:fd:ca:bc:ac:57:17:bf:57:
8a:8c:29:ed:81:e6:38:19:cb:47:f3:04:25:e5:6b:
9a:e3:2e:fe:a2:07:f9:e2:c5:27:7c:51:77:50:8d:
8d:c8:8e:d5:da:30:9d:0e:df:41:d6:f8:a6:77:57:
e2:86:66:5c:3b:7f:68:3c:a7:a2:ec:80:18:89:d4:
56:e7:c3:1d:fd:d3:e6:a1:c6:78:42:f8:ce:46:4c:
4d:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:48:4A:1F:C4:94:CF:DF:45:CD:CE:CA:75:BF:E7:53:56:AD:70:86
X509v3 Authority Key Identifier:
keyid:31:34:EE:98:7E:08:D8:B5:58:3F:EE:F6:21:A0:31:50:C4:F3:54:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563373a666330303a3a2f34302d3438203d3e20323130363435.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:1ec7:fc00::/40
Signature Algorithm: sha256WithRSAEncryption
93:93:e1:fb:65:79:89:4d:e3:95:48:30:49:be:56:59:c3:a0:
d3:91:81:c0:0f:51:8e:06:c4:a7:00:cc:14:7d:f0:14:37:b9:
30:d5:e8:a6:81:74:03:83:db:85:f4:c4:f7:b0:59:de:18:e3:
e2:f1:9e:66:87:fb:63:01:d4:42:31:f9:71:fd:0b:1d:27:83:
20:10:39:4e:2a:63:aa:3e:f6:84:bd:e7:02:59:9c:93:93:ec:
9b:26:95:c8:8f:26:f5:de:37:d6:96:1a:72:2f:d3:13:8b:94:
61:ab:a2:8a:03:52:15:c3:0c:cc:71:82:6d:14:6e:b9:85:c0:
ca:54:59:11:c2:72:4c:67:0e:17:64:8f:a4:3b:b5:14:9a:d6:
e0:2d:bf:f6:8f:97:8f:b2:6b:5c:07:3e:eb:33:fa:1f:98:f6:
eb:04:cd:68:dd:49:ec:cd:4f:d7:92:4a:34:8f:01:d9:35:61:
f6:fd:4c:28:89:83:c0:fd:ea:32:7e:4b:01:13:4b:59:93:d1:
6e:02:da:af:22:8f:a8:bb:ea:28:fd:d1:1f:8d:47:b2:25:79:
71:f4:9b:34:60:56:a2:88:55:59:3e:40:05:fb:24:c1:54:87:
42:a1:32:c3:ed:cb:9b:ff:7a:25:3f:2f:45:9d:20:8c:97:86:
03:ae:6a:6a
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIUBe2+uJIOzPfDVB9Jv4AfrjHl+tQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzEzNGVlOTg3ZTA4ZDhiNTU4M2ZlZWY2MjFhMDMxNTBj
NGYzNTQzNDAeFw0yNTA4MTMwOTAzMTJaFw0yNjA4MTIwOTA4MTJaMDMxMTAvBgNV
BAMTKEE4NDg0QTFGQzQ5NENGREY0NUNEQ0VDQTc1QkZFNzUzNTZBRDcwODYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzNdxQrukHWQTLgOEGKAbBM7rL
mgK9+m0j8EbThWAK3P2AR+2sIsopPkQfv0J9tLFAb/awdlGhHNupWL+Q3/MHml6Q
V6Q+93cVqjltJO3cQFRWpKsci7T8KfE9fORI8AqVROE54Y25UmXVll4sYCIQ/t99
DRSdPTKkeJS2FcJpM83PE5pBxZ8uNwpPJ7Ped2fEerV0w8xFEXezTlM/a75Ocm4S
gRGl5rQUSCb9yrysVxe/V4qMKe2B5jgZy0fzBCXla5rjLv6iB/nixSd8UXdQjY3I
jtXaMJ0O30HW+KZ3V+KGZlw7f2g8p6LsgBiJ1Fbnwx390+ahxnhC+M5GTE13AgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQUqEhKH8SUz99Fzc7Kdb/nU1atcIYwHwYDVR0j
BBgwFoAUMTTumH4I2LVYP+72IaAxUMTzVDQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWEzYmI5M2YtOThhNC00YzdlLWEwZTEtODA1N2E0ZjA4
NmM5LzAvMzEzNEVFOTg3RTA4RDhCNTU4M0ZFRUY2MjFBMDMxNTBDNEYzNTQzNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL01UVHVtSDRJMkxWWVAtNzJJYUF4VU1U
elZEUS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWEzYmI5M2Yt
OThhNC00YzdlLWEwZTEtODA1N2E0ZjA4NmM5LzAvMzI2MTMxMzQzYTMxNjU2MzM3
M2E2NjYzMzAzMDNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDMyMzEzMDM2MzQzNS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw
DgQCAAIwCAMGACoUHsf8MA0GCSqGSIb3DQEBCwUAA4IBAQCTk+H7ZXmJTeOVSDBJ
vlZZw6DTkYHAD1GOBsSnAMwUffAUN7kw1eimgXQDg9uF9MT3sFneGOPi8Z5mh/tj
AdRCMflx/QsdJ4MgEDlOKmOqPvaEvecCWZyTk+ybJpXIjyb13jfWlhpyL9MTi5Rh
q6KKA1IVwwzMcYJtFG65hcDKVFkRwnJMZw4XZI+kO7UUmtbgLb/2j5ePsmtcBz7r
M/ofmPbrBM1o3UnszU/Xkko0jwHZNWH2/UwoiYPA/eoyfksBE0tZk9FuAtqvIo+o
u+oo/dEfjUeyJXlx9Js0YFaiiFVZPkAF+yTBVIdCoTLD7cub/3olPy9FnSCMl4YD
rmpq
-----END CERTIFICATE-----
Generated at Sun Aug 24 01:30:25 2025 by rpki-client