Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/326130653a666434353a353030303a3a2f34302d3438203d3e20323034383330.roa
File: 326130653a666434353a353030303a3a2f34302d3438203d3e20323034383330.roa (raw, json)
Hash identifier: 9ztDCaU6aAMVKVrLFNLTSsl1A84X7CinJDw99b10Wgk=
Subject key identifier: DD:E2:9F:5A:C9:A6:61:62:F0:3F:54:98:AB:25:DD:93:BD:56:4C:6B
Certificate issuer: /CN=7f216f49a3b9a84a0e85e80a2c42874f09ea3985
Certificate serial: 45320E3E0EA32D40D7022FC30FF6269A60A74DCF
Authority key identifier: 7F:21:6F:49:A3:B9:A8:4A:0E:85:E8:0A:2C:42:87:4F:09:EA:39:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fyFvSaO5qEoOhegKLEKHTwnqOYU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/326130653a666434353a353030303a3a2f34302d3438203d3e20323034383330.roa
Signing time: Thu 16 Oct 2025 09:13:04 +0000
ROA not before: Thu 16 Oct 2025 09:08:04 +0000
ROA not after: Thu 15 Oct 2026 09:13:04 +0000
asID: 204830
IP address blocks: 2a0e:fd45:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.crl
rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.mft
rsync://rpki.ripe.net/repository/DEFAULT/fyFvSaO5qEoOhegKLEKHTwnqOYU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:32:0e:3e:0e:a3:2d:40:d7:02:2f:c3:0f:f6:26:9a:60:a7:4d:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7f216f49a3b9a84a0e85e80a2c42874f09ea3985
Validity
Not Before: Oct 16 09:08:04 2025 GMT
Not After : Oct 15 09:13:04 2026 GMT
Subject: CN=DDE29F5AC9A66162F03F5498AB25DD93BD564C6B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:fa:6d:09:e2:e6:63:ff:60:51:90:6f:6a:59:
c1:d3:a6:c8:d3:67:68:95:4e:85:2d:9f:00:ad:7f:
80:f8:f0:71:98:1d:9d:08:ed:6b:50:cd:20:c3:a3:
ea:d2:cc:3b:ce:55:8b:f1:b9:dd:da:cb:10:05:97:
9a:2c:2e:a6:79:bd:76:bd:29:e0:82:ed:cf:81:ff:
f2:f7:60:11:a2:01:45:77:96:24:47:1c:d0:3f:17:
e7:3f:01:cf:c8:3b:7c:1b:a1:3b:1d:3d:ab:4d:f9:
07:3a:dd:a4:f7:e7:87:61:a4:88:d9:3c:bb:c0:ad:
9e:e8:74:dc:5b:de:3f:18:01:58:08:95:21:97:90:
6d:60:a0:49:94:bd:2d:b8:b0:89:ba:13:d2:6a:10:
b3:44:71:46:e9:f6:1f:b4:14:52:73:67:dc:a7:c5:
ea:e7:b8:21:0e:8c:ea:37:76:b0:f6:8e:5e:80:e9:
26:26:69:47:6a:06:ff:2d:9b:b4:42:14:a1:dd:bb:
62:24:a0:e2:96:0a:a1:26:ec:d0:07:5c:0b:1a:96:
4d:87:f7:c8:67:8b:59:20:b7:95:4d:bc:71:97:2b:
22:e1:12:39:e1:53:fe:1b:11:e0:ea:39:7c:20:27:
e9:8f:29:0e:a8:2b:ee:d9:f6:72:81:7b:f7:85:ae:
b6:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:E2:9F:5A:C9:A6:61:62:F0:3F:54:98:AB:25:DD:93:BD:56:4C:6B
X509v3 Authority Key Identifier:
keyid:7F:21:6F:49:A3:B9:A8:4A:0E:85:E8:0A:2C:42:87:4F:09:EA:39:85
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fyFvSaO5qEoOhegKLEKHTwnqOYU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/326130653a666434353a353030303a3a2f34302d3438203d3e20323034383330.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:fd45:5000::/40
Signature Algorithm: sha256WithRSAEncryption
96:dc:4c:ae:c9:db:73:fb:1a:3f:66:99:a2:f9:1c:b8:3e:9e:
6a:2d:ed:86:6d:5a:c7:12:ea:c4:61:6b:d8:fe:c8:77:93:1b:
e0:d8:03:18:48:91:66:c6:27:7c:35:57:fa:4d:72:3b:75:d4:
c7:77:0f:76:3e:05:e3:0e:77:af:51:34:05:68:b7:1e:11:e0:
4a:b6:81:1a:4a:e4:5f:62:e4:90:8f:67:03:8d:f1:6c:da:dd:
33:97:bc:a4:ee:de:94:8c:16:2f:d8:22:87:4a:8d:ba:38:cf:
5c:fe:c7:58:a1:e8:1b:87:a8:5d:a3:f9:55:38:3e:a0:d9:18:
20:2d:c9:2c:15:49:c9:62:65:0f:01:5b:59:80:b5:e8:5a:69:
8c:9a:2b:1e:37:66:1b:b1:0c:48:52:97:13:de:8f:c9:78:30:
70:86:f1:53:79:3f:28:23:dc:15:81:4f:b3:71:0f:bf:77:3d:
a4:bf:0f:ef:42:43:0a:04:64:66:70:be:97:2d:a4:03:62:e4:
70:9a:f8:31:ae:5e:b9:ca:3b:16:ab:9b:c9:b2:c5:fa:40:42:
43:03:42:9c:93:d1:a8:b7:13:d9:40:83:7a:1a:c2:a2:a4:2c:
61:f8:dc:6e:b5:89:57:0f:f7:0c:1d:79:de:29:e4:28:b9:ab:
d5:1a:87:b1
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIURTIOPg6jLUDXAi/DD/YmmmCnTc8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2YyMTZmNDlhM2I5YTg0YTBlODVlODBhMmM0Mjg3NGYw
OWVhMzk4NTAeFw0yNTEwMTYwOTA4MDRaFw0yNjEwMTUwOTEzMDRaMDMxMTAvBgNV
BAMTKERERTI5RjVBQzlBNjYxNjJGMDNGNTQ5OEFCMjVERDkzQkQ1NjRDNkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDc+m0J4uZj/2BRkG9qWcHTpsjT
Z2iVToUtnwCtf4D48HGYHZ0I7WtQzSDDo+rSzDvOVYvxud3ayxAFl5osLqZ5vXa9
KeCC7c+B//L3YBGiAUV3liRHHNA/F+c/Ac/IO3wboTsdPatN+Qc63aT354dhpIjZ
PLvArZ7odNxb3j8YAVgIlSGXkG1goEmUvS24sIm6E9JqELNEcUbp9h+0FFJzZ9yn
xernuCEOjOo3drD2jl6A6SYmaUdqBv8tm7RCFKHdu2IkoOKWCqEm7NAHXAsalk2H
98hni1kgt5VNvHGXKyLhEjnhU/4bEeDqOXwgJ+mPKQ6oK+7Z9nKBe/eFrrbvAgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQU3eKfWsmmYWLwP1SYqyXdk71WTGswHwYDVR0j
BBgwFoAUfyFvSaO5qEoOhegKLEKHTwnqOYUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmRmYjMwY2EtZTFjMi00OTIxLWIwNTQtZDRhZjA5MTY1
YWYxLzAvN0YyMTZGNDlBM0I5QTg0QTBFODVFODBBMkM0Mjg3NEYwOUVBMzk4NS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Z5RnZTYU81cUVvT2hlZ0tMRUtIVHdu
cU9ZVS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmRmYjMwY2Et
ZTFjMi00OTIxLWIwNTQtZDRhZjA5MTY1YWYxLzAvMzI2MTMwNjUzYTY2NjQzNDM1
M2EzNTMwMzAzMDNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDMyMzAzNDM4MzMzMC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw
DgQCAAIwCAMGACoO/UVQMA0GCSqGSIb3DQEBCwUAA4IBAQCW3Eyuydtz+xo/Zpmi
+Ry4Pp5qLe2GbVrHEurEYWvY/sh3kxvg2AMYSJFmxid8NVf6TXI7ddTHdw92PgXj
DnevUTQFaLceEeBKtoEaSuRfYuSQj2cDjfFs2t0zl7yk7t6UjBYv2CKHSo26OM9c
/sdYoegbh6hdo/lVOD6g2RggLcksFUnJYmUPAVtZgLXoWmmMmiseN2YbsQxIUpcT
3o/JeDBwhvFTeT8oI9wVgU+zcQ+/dz2kvw/vQkMKBGRmcL6XLaQDYuRwmvgxrl65
yjsWq5vJssX6QEJDA0Kck9GotxPZQIN6GsKipCxh+NxutYlXD/cMHXneKeQouavV
Goex
-----END CERTIFICATE-----
Generated at Mon Oct 20 09:59:14 2025 by rpki-client