Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336438303a3a2f34342d3434203d3e20323134383036.roa
File: 326131313a323963303a336438303a3a2f34342d3434203d3e20323134383036.roa (raw, json)
Hash identifier: xQGYIM/7kcmr4Yq/F8nnkTUSP0RGLVi9vduh2O0HGGA=
Subject key identifier: B3:D0:D2:89:23:7D:E9:74:B0:08:49:2F:98:4F:18:7E:AB:F1:CD:8C
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 72FC8DACB2B5A628942DF2E55689AE695B6245DC
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336438303a3a2f34342d3434203d3e20323134383036.roa
Signing time: Thu 21 Aug 2025 11:17:03 +0000
ROA not before: Thu 21 Aug 2025 11:12:03 +0000
ROA not after: Thu 20 Aug 2026 11:17:03 +0000
asID: 214806
IP address blocks: 2a11:29c0:3d80::/44 maxlen: 44
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:fc:8d:ac:b2:b5:a6:28:94:2d:f2:e5:56:89:ae:69:5b:62:45:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: Aug 21 11:12:03 2025 GMT
Not After : Aug 20 11:17:03 2026 GMT
Subject: CN=B3D0D289237DE974B008492F984F187EABF1CD8C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:86:9c:f6:96:f3:c8:6d:61:dc:b2:63:4a:34:
33:15:41:0c:77:7d:ee:c2:d5:e4:43:38:5c:77:ed:
3f:89:9e:01:b3:c8:12:21:31:d5:8d:d1:5b:e4:12:
90:51:a7:a6:55:1e:a2:b4:55:6c:9f:da:4b:be:fb:
08:74:ed:0b:59:b3:23:9e:e9:97:65:93:c9:81:df:
42:f7:c3:a3:c6:95:c3:c9:60:d8:01:aa:5b:42:49:
09:69:e7:18:92:1a:d1:67:08:7b:2f:6d:6c:f0:34:
91:d3:16:58:d9:77:c7:c2:85:95:a5:dd:c2:53:0a:
f9:f1:52:74:64:9a:ec:45:6d:9f:ee:28:84:2f:0b:
65:0f:bb:96:15:0a:ce:34:d7:f6:df:2c:c2:54:f2:
8f:76:2b:e9:14:1c:24:9d:90:53:1c:f4:e9:b5:a1:
b7:de:ad:b7:e5:09:a8:3e:93:04:03:a6:75:a4:ea:
0b:4f:6a:a0:c0:a7:d1:70:48:1c:52:50:ec:0d:f5:
d5:9c:15:c4:cd:d7:2f:54:4e:01:2b:ce:e4:52:18:
da:96:b1:fa:cc:5a:7a:3b:52:7a:61:de:2a:ac:59:
8c:de:66:2a:e1:40:ff:97:25:50:de:7b:b5:38:56:
68:b8:37:03:13:96:00:68:dd:0a:7d:aa:9c:3d:6d:
44:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:D0:D2:89:23:7D:E9:74:B0:08:49:2F:98:4F:18:7E:AB:F1:CD:8C
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336438303a3a2f34342d3434203d3e20323134383036.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:3d80::/44
Signature Algorithm: sha256WithRSAEncryption
4d:dc:fe:41:19:65:52:61:2f:f5:70:c8:0f:e3:f3:d2:cc:76:
bf:40:8f:6f:b1:71:9e:af:6e:7f:47:8e:ab:81:16:2c:0d:04:
7f:82:01:41:55:20:e9:43:c2:f9:07:e3:2a:50:de:08:bb:7d:
08:c6:f0:c1:11:8f:11:84:8b:2e:ea:d9:31:03:e5:3f:fb:0c:
18:f8:cc:9d:4c:1f:b4:19:54:17:fb:85:bf:19:2f:06:ef:2e:
ff:e0:73:99:47:d5:0d:57:c7:fd:61:86:1a:42:17:e8:74:9f:
8a:b0:1e:ac:64:b6:63:e9:09:4e:29:d1:1d:a5:2d:fe:51:1a:
45:a3:99:6f:dc:f2:28:71:40:87:32:ed:d4:42:c2:68:74:49:
f1:1c:b6:59:c4:e7:06:95:23:2b:69:e1:7f:52:46:b5:41:a0:
ac:d0:13:d7:95:f8:96:69:7c:8d:f9:64:99:a7:85:39:91:5a:
34:0e:90:fd:2d:a2:b6:f9:7c:d1:5e:d2:59:bb:6e:8f:62:20:
8a:4b:73:b1:ce:b7:27:7f:6b:70:a8:26:92:5b:19:7f:f5:36:
51:fe:a5:35:0d:8e:c2:65:c5:76:d2:0c:48:1e:48:39:2b:a1:
96:4b:45:30:b2:ee:67:1d:ab:01:18:f0:54:a8:43:19:0a:c3:
97:ff:4e:97
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUcvyNrLK1piiULfLlVomuaVtiRdwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNTA4MjExMTEyMDNaFw0yNjA4MjAxMTE3MDNaMDMxMTAvBgNV
BAMTKEIzRDBEMjg5MjM3REU5NzRCMDA4NDkyRjk4NEYxODdFQUJGMUNEOEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDahpz2lvPIbWHcsmNKNDMVQQx3
fe7C1eRDOFx37T+JngGzyBIhMdWN0VvkEpBRp6ZVHqK0VWyf2ku++wh07QtZsyOe
6Zdlk8mB30L3w6PGlcPJYNgBqltCSQlp5xiSGtFnCHsvbWzwNJHTFljZd8fChZWl
3cJTCvnxUnRkmuxFbZ/uKIQvC2UPu5YVCs401/bfLMJU8o92K+kUHCSdkFMc9Om1
obferbflCag+kwQDpnWk6gtPaqDAp9FwSBxSUOwN9dWcFcTN1y9UTgErzuRSGNqW
sfrMWno7Unph3iqsWYzeZirhQP+XJVDee7U4Vmi4NwMTlgBo3Qp9qpw9bUTbAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUs9DSiSN96XSwCEkvmE8YfqvxzYwwHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzMzY0MzgzMDNhM2EyZjM0MzQyZDM0MzQyMDNkM2UyMDMyMzEzNDM4MzAzNi5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHBCoRKcA9gDANBgkqhkiG9w0BAQsFAAOCAQEATdz+QRllUmEv9XDI
D+Pz0sx2v0CPb7Fxnq9uf0eOq4EWLA0Ef4IBQVUg6UPC+QfjKlDeCLt9CMbwwRGP
EYSLLurZMQPlP/sMGPjMnUwftBlUF/uFvxkvBu8u/+BzmUfVDVfH/WGGGkIX6HSf
irAerGS2Y+kJTinRHaUt/lEaRaOZb9zyKHFAhzLt1ELCaHRJ8Ry2WcTnBpUjK2nh
f1JGtUGgrNAT15X4lml8jflkmaeFOZFaNA6Q/S2itvl80V7SWbtuj2Igiktzsc63
J39rcKgmklsZf/U2Uf6lNQ2OwmXFdtIMSB5IOSuhlktFMLLuZx2rARjwVKhDGQrD
l/9Olw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 23:26:20 2025 by rpki-client