Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a32383a3a2f34382d3438203d3e20323136313934.roa
File: 326131313a323963303a32383a3a2f34382d3438203d3e20323136313934.roa (raw, json)
Hash identifier: SY0kta44qvc5XuXy/WB4IRvShCBVYxE8hks3UrsuIT8=
Subject key identifier: 8A:FB:CF:61:22:7C:1C:A9:D7:60:D3:5C:AE:54:7F:17:17:2F:12:5C
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 6DC53E03E74B8CB00ABA1A6CA807BD9D24C8664F
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a32383a3a2f34382d3438203d3e20323136313934.roa
Signing time: Wed 13 Aug 2025 22:10:40 +0000
ROA not before: Wed 13 Aug 2025 22:05:40 +0000
ROA not after: Wed 12 Aug 2026 22:10:40 +0000
asID: 216194
IP address blocks: 2a11:29c0:28::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 17:05:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:c5:3e:03:e7:4b:8c:b0:0a:ba:1a:6c:a8:07:bd:9d:24:c8:66:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: Aug 13 22:05:40 2025 GMT
Not After : Aug 12 22:10:40 2026 GMT
Subject: CN=8AFBCF61227C1CA9D760D35CAE547F17172F125C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:73:7a:78:d1:92:47:97:ae:3e:20:f2:61:41:
88:83:4c:76:4a:ec:9d:26:37:d0:71:9a:31:a0:d6:
f2:55:3a:0f:f8:1c:15:75:3b:a2:4b:09:3a:be:87:
42:4f:92:8f:36:19:26:d8:88:a1:d1:35:af:cb:73:
73:13:68:49:45:ed:7a:f6:b3:e4:87:e6:97:82:01:
dd:ed:3e:3e:fa:73:1d:e9:4f:96:ef:94:82:6f:9c:
9f:a3:50:23:9a:87:81:c4:da:37:a0:3b:e0:43:89:
24:aa:b6:a0:ed:c0:0c:73:2a:d3:4f:dc:63:9f:b2:
26:f9:4a:cb:83:37:18:bc:f6:34:8f:27:a1:57:bb:
ad:02:2c:2d:af:dd:03:3d:f5:7a:4b:d5:27:8a:d5:
49:81:b5:c7:95:af:40:4e:23:93:3c:b2:f3:7e:5f:
82:70:d6:ec:5f:0e:e8:46:48:1f:b7:a4:db:93:36:
af:c5:ef:c2:a7:88:8d:8a:6e:87:6a:de:0b:0c:88:
d7:56:b1:10:28:62:bd:1d:78:ab:39:4f:4e:71:bf:
47:d8:16:7a:72:b4:34:55:7c:14:d9:c3:5e:44:c8:
03:47:ca:30:fb:69:9e:44:63:66:7c:f2:40:ee:29:
36:f1:b5:6c:60:52:ba:7a:c7:d2:d5:c7:2d:a0:c5:
e5:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:FB:CF:61:22:7C:1C:A9:D7:60:D3:5C:AE:54:7F:17:17:2F:12:5C
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a32383a3a2f34382d3438203d3e20323136313934.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:28::/48
Signature Algorithm: sha256WithRSAEncryption
17:a8:c4:4b:c7:86:28:bf:7b:95:47:33:9e:d0:b4:57:73:06:
eb:72:cb:fa:62:34:cc:0e:85:22:91:91:d4:e4:11:2f:d6:7c:
1a:f8:bd:2b:e2:de:40:6f:f8:d7:61:22:72:6f:5b:eb:42:61:
18:80:d1:d1:dd:cb:63:21:d5:f4:7a:b3:33:44:bc:fb:2c:ec:
d7:f3:f5:71:4e:fb:e6:9a:11:57:8f:da:7a:40:b3:80:2e:7b:
55:0e:00:a5:62:5a:57:b0:ab:7a:a7:19:8d:bd:27:12:83:ad:
f8:03:09:30:7a:be:be:20:fa:20:b4:e5:e9:f3:62:3d:81:dc:
27:8c:1a:fd:55:7c:21:c3:de:32:78:37:dd:7d:b4:a8:1e:b4:
c6:c6:c9:95:75:31:9c:f3:1d:66:61:b1:27:be:d9:40:4c:35:
b7:cc:60:9c:b1:4e:ed:b2:58:2c:af:07:be:34:d6:c7:ef:9b:
0f:eb:ae:5c:77:3c:55:0d:96:e4:5d:2c:85:fb:ad:60:90:a3:
7a:ca:b6:6e:15:b3:62:0f:1c:e3:40:89:9f:37:b0:61:e1:f9:
1c:e4:72:bf:a1:43:a1:f9:52:bb:2c:d3:a3:7f:d9:08:57:b7:
c9:17:d0:1e:eb:5b:27:b1:05:16:4a:98:19:ca:fd:0c:0c:08:
27:a4:c3:09
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUbcU+A+dLjLAKuhpsqAe9nSTIZk8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNTA4MTMyMjA1NDBaFw0yNjA4MTIyMjEwNDBaMDMxMTAvBgNV
BAMTKDhBRkJDRjYxMjI3QzFDQTlENzYwRDM1Q0FFNTQ3RjE3MTcyRjEyNUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDwc3p40ZJHl64+IPJhQYiDTHZK
7J0mN9BxmjGg1vJVOg/4HBV1O6JLCTq+h0JPko82GSbYiKHRNa/Lc3MTaElF7Xr2
s+SH5peCAd3tPj76cx3pT5bvlIJvnJ+jUCOah4HE2jegO+BDiSSqtqDtwAxzKtNP
3GOfsib5SsuDNxi89jSPJ6FXu60CLC2v3QM99XpL1SeK1UmBtceVr0BOI5M8svN+
X4Jw1uxfDuhGSB+3pNuTNq/F78KniI2Kbodq3gsMiNdWsRAoYr0deKs5T05xv0fY
FnpytDRVfBTZw15EyANHyjD7aZ5EY2Z88kDuKTbxtWxgUrp6x9LVxy2gxeVRAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUivvPYSJ8HKnXYNNcrlR/FxcvElwwHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzMjM4M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzMTM2MzEzOTM0LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAKhEpwAAoMA0GCSqGSIb3DQEBCwUAA4IBAQAXqMRLx4Yov3uVRzOe0LRX
cwbrcsv6YjTMDoUikZHU5BEv1nwa+L0r4t5Ab/jXYSJyb1vrQmEYgNHR3ctjIdX0
erMzRLz7LOzX8/VxTvvmmhFXj9p6QLOALntVDgClYlpXsKt6pxmNvScSg634Awkw
er6+IPogtOXp82I9gdwnjBr9VXwhw94yeDfdfbSoHrTGxsmVdTGc8x1mYbEnvtlA
TDW3zGCcsU7tslgsrwe+NNbH75sP665cdzxVDZbkXSyF+61gkKN6yrZuFbNiDxzj
QImfN7Bh4fkc5HK/oUOh+VK7LNOjf9kIV7fJF9Ae61snsQUWSpgZyv0MDAgnpMMJ
-----END CERTIFICATE-----
Generated at Sun Aug 24 03:56:09 2025 by rpki-client