Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336465303a3a2f34342d3438203d3e20323133373938.roa
File: 326131313a323963303a336465303a3a2f34342d3438203d3e20323133373938.roa (raw, json)
Hash identifier: 3uZeM3I4ZAi9nIq05hZZzkAkeBfsAEeKjRKuT7da2fU=
Subject key identifier: E1:69:7C:34:77:54:D6:ED:E0:A7:B7:75:BE:CB:AD:4B:FE:42:A7:85
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 5F8CE65F78649D1C84BEB286DAE878358A740F42
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336465303a3a2f34342d3438203d3e20323133373938.roa
Signing time: Sat 27 Sep 2025 18:13:16 +0000
ROA not before: Sat 27 Sep 2025 18:08:16 +0000
ROA not after: Sat 26 Sep 2026 18:13:16 +0000
asID: 213798
IP address blocks: 2a11:29c0:3de0::/44 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 11:05:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:8c:e6:5f:78:64:9d:1c:84:be:b2:86:da:e8:78:35:8a:74:0f:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: Sep 27 18:08:16 2025 GMT
Not After : Sep 26 18:13:16 2026 GMT
Subject: CN=E1697C347754D6EDE0A7B775BECBAD4BFE42A785
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:d8:1a:10:e4:ee:3b:bd:72:be:0e:4f:81:d7:
d0:62:ec:97:b5:6a:eb:3b:0d:f5:fe:51:51:d3:54:
3f:b5:43:05:5b:1d:fd:9f:3f:13:56:bd:ce:ba:e0:
dc:eb:20:69:2a:c6:32:03:db:43:02:ba:3c:c1:b8:
94:b6:da:bc:3c:21:0b:40:64:00:7a:5a:1e:69:91:
15:0e:e3:19:94:13:44:18:bb:88:3f:77:dc:1f:bf:
33:c3:46:35:4a:b2:d3:85:13:d0:1b:47:53:2b:03:
af:28:15:90:f3:b5:0b:96:24:c2:8a:5d:f1:f0:66:
3d:2b:bb:ca:53:05:6c:aa:8e:9c:20:d8:87:5b:5f:
0f:06:a6:c0:36:51:a7:cf:55:73:57:2d:d7:77:12:
b4:b5:6a:85:5f:f0:fa:fc:23:c8:a1:59:72:3b:2c:
f2:c3:bc:67:b5:04:85:f9:cb:59:74:af:b1:79:8d:
9c:f4:47:46:27:4d:09:a6:ef:12:6b:c1:17:d9:92:
88:52:82:90:33:95:59:d7:60:00:9f:9b:59:db:73:
af:40:e5:ef:08:63:12:b7:1a:dc:e2:d6:63:fa:60:
65:c4:e6:89:1f:09:81:fb:1f:c1:48:c6:af:b0:cc:
bb:f1:20:46:52:82:93:1f:e0:1a:7d:c5:e5:d3:4f:
63:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:69:7C:34:77:54:D6:ED:E0:A7:B7:75:BE:CB:AD:4B:FE:42:A7:85
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336465303a3a2f34342d3438203d3e20323133373938.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:3de0::/44
Signature Algorithm: sha256WithRSAEncryption
3d:c6:51:61:21:11:e5:f7:ca:7e:40:d1:ca:d6:fc:0c:44:6a:
b8:db:59:eb:9b:1d:08:9c:c6:7b:55:41:9c:4f:0c:6d:38:ec:
01:7f:cb:96:d8:53:ce:66:4d:80:e8:eb:dd:bd:d5:f9:24:f6:
53:4d:68:19:06:9a:4c:c7:8b:ad:db:f4:0c:bc:84:b9:d3:57:
22:7d:b0:58:4f:73:99:ab:33:cc:aa:7b:fd:3d:ff:31:76:c1:
f3:d5:d3:92:3e:cd:46:9f:6f:34:b4:21:cb:6e:8a:9e:17:fe:
f0:49:8d:28:be:91:58:07:b9:77:c5:84:60:79:ae:2e:e6:51:
74:dc:9a:f3:24:34:71:71:a6:82:9b:3e:dc:bd:67:49:d0:3e:
59:9c:1e:43:14:e0:3a:04:44:7c:11:23:10:b4:50:62:1f:0f:
f2:86:52:89:a3:a1:9b:44:82:7b:ea:0e:7c:c2:f3:d3:8d:ab:
5c:31:d1:a0:f8:8c:85:37:21:6a:6a:81:8f:43:a3:4a:20:37:
11:d4:a6:f1:6b:b3:df:e0:f7:d7:03:30:f2:0d:76:98:03:de:
3d:3a:6e:76:16:27:1f:ee:6f:1e:90:ff:1d:e5:d4:9a:45:25:
6a:30:67:3d:5c:64:8b:c7:39:e4:04:4a:01:f6:49:c1:ac:61:
f7:91:9b:bb
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUX4zmX3hknRyEvrKG2uh4NYp0D0IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNTA5MjcxODA4MTZaFw0yNjA5MjYxODEzMTZaMDMxMTAvBgNV
BAMTKEUxNjk3QzM0Nzc1NEQ2RURFMEE3Qjc3NUJFQ0JBRDRCRkU0MkE3ODUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDV2BoQ5O47vXK+Dk+B19Bi7Je1
aus7DfX+UVHTVD+1QwVbHf2fPxNWvc664NzrIGkqxjID20MCujzBuJS22rw8IQtA
ZAB6Wh5pkRUO4xmUE0QYu4g/d9wfvzPDRjVKstOFE9AbR1MrA68oFZDztQuWJMKK
XfHwZj0ru8pTBWyqjpwg2IdbXw8GpsA2UafPVXNXLdd3ErS1aoVf8Pr8I8ihWXI7
LPLDvGe1BIX5y1l0r7F5jZz0R0YnTQmm7xJrwRfZkohSgpAzlVnXYACfm1nbc69A
5e8IYxK3Gtzi1mP6YGXE5okfCYH7H8FIxq+wzLvxIEZSgpMf4Bp9xeXTT2M1AgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQU4Wl8NHdU1u3gp7d1vsutS/5Cp4UwHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzMzY0NjUzMDNhM2EyZjM0MzQyZDM0MzgyMDNkM2UyMDMyMzEzMzM3MzkzOC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHBCoRKcA94DANBgkqhkiG9w0BAQsFAAOCAQEAPcZRYSER5ffKfkDR
ytb8DERquNtZ65sdCJzGe1VBnE8MbTjsAX/LlthTzmZNgOjr3b3V+ST2U01oGQaa
TMeLrdv0DLyEudNXIn2wWE9zmaszzKp7/T3/MXbB89XTkj7NRp9vNLQhy26Knhf+
8EmNKL6RWAe5d8WEYHmuLuZRdNya8yQ0cXGmgps+3L1nSdA+WZweQxTgOgREfBEj
ELRQYh8P8oZSiaOhm0SCe+oOfMLz042rXDHRoPiMhTchamqBj0OjSiA3EdSm8Wuz
3+D31wMw8g12mAPePTpudhYnH+5vHpD/HeXUmkUlajBnPVxki8c55ARKAfZJwaxh
95Gbuw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 23:03:20 2025 by rpki-client