Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/326130653a666434353a326538303a3a2f34382d3438203d3e20323134373233.roa
File: 326130653a666434353a326538303a3a2f34382d3438203d3e20323134373233.roa (raw, json)
Hash identifier: OBdYMpDCrnydUqYR/9aR6OWDxV3xrASuK04QdHbbnp4=
Subject key identifier: B2:71:32:72:67:0B:9B:3C:7B:D3:2B:5D:18:E5:E2:51:17:1A:8C:15
Certificate issuer: /CN=7f216f49a3b9a84a0e85e80a2c42874f09ea3985
Certificate serial: 78C548E18C011820400434BD3443A077A58BB447
Authority key identifier: 7F:21:6F:49:A3:B9:A8:4A:0E:85:E8:0A:2C:42:87:4F:09:EA:39:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fyFvSaO5qEoOhegKLEKHTwnqOYU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/326130653a666434353a326538303a3a2f34382d3438203d3e20323134373233.roa
Signing time: Tue 14 Oct 2025 08:27:30 +0000
ROA not before: Tue 14 Oct 2025 08:22:30 +0000
ROA not after: Tue 13 Oct 2026 08:27:30 +0000
asID: 214723
IP address blocks: 2a0e:fd45:2e80::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.crl
rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.mft
rsync://rpki.ripe.net/repository/DEFAULT/fyFvSaO5qEoOhegKLEKHTwnqOYU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:c5:48:e1:8c:01:18:20:40:04:34:bd:34:43:a0:77:a5:8b:b4:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7f216f49a3b9a84a0e85e80a2c42874f09ea3985
Validity
Not Before: Oct 14 08:22:30 2025 GMT
Not After : Oct 13 08:27:30 2026 GMT
Subject: CN=B2713272670B9B3C7BD32B5D18E5E251171A8C15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:11:6c:be:93:a2:03:0a:cd:86:85:73:a3:23:
6a:6c:f5:5d:80:65:ba:8e:4b:7d:6e:91:15:51:0d:
f1:c4:9a:4d:7b:45:b8:37:dd:e0:33:c6:29:b6:be:
e5:a2:db:ea:56:09:b4:bc:cd:de:3e:c2:1f:ca:82:
03:18:2a:ca:9e:16:31:08:7d:8e:e4:85:e4:d1:f0:
21:6d:c9:77:d7:59:ac:00:01:4e:b6:8f:ba:a0:80:
4b:61:cb:e2:bf:f0:f1:01:b1:86:30:f4:f6:f9:2d:
6b:21:fe:96:66:30:9a:85:08:08:ea:c8:45:40:ea:
f6:5c:55:6b:51:47:ca:50:0f:8f:97:21:ac:19:8d:
ed:68:de:f2:bb:c6:54:a5:78:83:f6:80:8e:21:d3:
aa:60:01:48:32:64:54:78:74:64:83:c8:b9:cd:12:
38:e9:54:d2:d7:a4:02:29:0f:d9:14:1a:6d:c9:76:
c5:42:e2:2e:f9:e7:b5:80:d3:bd:be:74:86:65:13:
6e:ee:55:fd:20:c9:2f:77:c2:e2:43:f2:f8:73:ee:
48:2d:db:fb:e8:e8:1a:d3:75:60:71:14:11:7f:48:
8c:22:eb:19:92:94:ef:ba:85:a4:6d:a9:3c:6f:31:
fa:d4:72:3a:a3:01:3c:1d:39:d1:50:80:ad:5f:af:
83:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:71:32:72:67:0B:9B:3C:7B:D3:2B:5D:18:E5:E2:51:17:1A:8C:15
X509v3 Authority Key Identifier:
keyid:7F:21:6F:49:A3:B9:A8:4A:0E:85:E8:0A:2C:42:87:4F:09:EA:39:85
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fyFvSaO5qEoOhegKLEKHTwnqOYU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/326130653a666434353a326538303a3a2f34382d3438203d3e20323134373233.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:fd45:2e80::/48
Signature Algorithm: sha256WithRSAEncryption
39:16:33:5b:7b:5b:7a:fe:72:44:0c:3c:ac:6f:41:52:ed:4d:
08:9b:81:73:74:4e:d6:22:e2:90:ee:80:38:10:7b:ec:16:9c:
e2:b3:7f:67:93:e2:a7:c3:61:83:18:dd:f7:f8:25:8c:42:1c:
c9:3a:88:55:3b:0d:83:05:3e:88:66:5d:05:5c:e7:6c:66:05:
b2:cb:64:33:7d:29:3a:b0:0e:0b:d9:bc:9b:7d:ff:ba:7c:c6:
f1:07:65:a7:16:71:4a:2b:b0:4b:c0:da:72:c9:fc:0c:d7:9a:
60:32:48:2b:cb:9a:09:c1:c2:19:28:47:d3:8e:48:d7:f5:5b:
80:a4:23:ca:d7:d5:ae:d1:e8:d6:98:e7:23:d2:ff:4f:a7:7e:
6c:c2:e4:b5:ff:88:48:15:58:56:3a:a8:7f:e2:c7:11:2c:8a:
56:cd:c1:f6:d8:93:95:ec:d3:37:15:3a:a5:21:03:8f:b5:96:
8e:e6:a0:f3:79:a6:3e:99:bc:57:f2:3c:6d:c8:16:f3:26:e4:
09:f2:ff:10:89:db:4d:43:d0:79:ed:c3:fe:af:b5:6a:36:84:
9d:4a:1b:96:b9:ee:81:9b:4c:49:d8:9c:3b:8f:73:c0:18:4c:
48:aa:22:39:67:f2:99:b0:cb:47:ac:f3:27:5d:9c:28:16:30:
be:36:37:71
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUeMVI4YwBGCBABDS9NEOgd6WLtEcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2YyMTZmNDlhM2I5YTg0YTBlODVlODBhMmM0Mjg3NGYw
OWVhMzk4NTAeFw0yNTEwMTQwODIyMzBaFw0yNjEwMTMwODI3MzBaMDMxMTAvBgNV
BAMTKEIyNzEzMjcyNjcwQjlCM0M3QkQzMkI1RDE4RTVFMjUxMTcxQThDMTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmEWy+k6IDCs2GhXOjI2ps9V2A
ZbqOS31ukRVRDfHEmk17Rbg33eAzxim2vuWi2+pWCbS8zd4+wh/KggMYKsqeFjEI
fY7kheTR8CFtyXfXWawAAU62j7qggEthy+K/8PEBsYYw9Pb5LWsh/pZmMJqFCAjq
yEVA6vZcVWtRR8pQD4+XIawZje1o3vK7xlSleIP2gI4h06pgAUgyZFR4dGSDyLnN
EjjpVNLXpAIpD9kUGm3JdsVC4i7557WA072+dIZlE27uVf0gyS93wuJD8vhz7kgt
2/vo6BrTdWBxFBF/SIwi6xmSlO+6haRtqTxvMfrUcjqjATwdOdFQgK1fr4OXAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUsnEycmcLmzx70ytdGOXiURcajBUwHwYDVR0j
BBgwFoAUfyFvSaO5qEoOhegKLEKHTwnqOYUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmRmYjMwY2EtZTFjMi00OTIxLWIwNTQtZDRhZjA5MTY1
YWYxLzAvN0YyMTZGNDlBM0I5QTg0QTBFODVFODBBMkM0Mjg3NEYwOUVBMzk4NS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Z5RnZTYU81cUVvT2hlZ0tMRUtIVHdu
cU9ZVS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmRmYjMwY2Et
ZTFjMi00OTIxLWIwNTQtZDRhZjA5MTY1YWYxLzAvMzI2MTMwNjUzYTY2NjQzNDM1
M2EzMjY1MzgzMDNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzNDM3MzIzMy5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoO/UUugDANBgkqhkiG9w0BAQsFAAOCAQEAORYzW3tbev5yRAw8
rG9BUu1NCJuBc3RO1iLikO6AOBB77Bac4rN/Z5Pip8Nhgxjd9/gljEIcyTqIVTsN
gwU+iGZdBVznbGYFsstkM30pOrAOC9m8m33/unzG8QdlpxZxSiuwS8Dacsn8DNea
YDJIK8uaCcHCGShH045I1/VbgKQjytfVrtHo1pjnI9L/T6d+bMLktf+ISBVYVjqo
f+LHESyKVs3B9tiTlezTNxU6pSEDj7WWjuag83mmPpm8V/I8bcgW8ybkCfL/EInb
TUPQee3D/q+1ajaEnUoblrnugZtMSdicO49zwBhMSKoiOWfymbDLR6zzJ12cKBYw
vjY3cQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 09:58:59 2025 by rpki-client