Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336530303a3a2f34342d3438203d3e20323130333338.roa
File: 326131313a323963303a336530303a3a2f34342d3438203d3e20323130333338.roa (raw, json)
Hash identifier: SeAiV+7jRM/2CuZDucfIh5ylhoemUdHpI08vLXDC4ME=
Subject key identifier: B1:10:C7:FC:3B:82:FD:D6:44:03:AA:78:F8:22:66:CF:AD:DC:A6:30
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 53E2F91C125E4F80A965079DACB57AF2E291B563
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336530303a3a2f34342d3438203d3e20323130333338.roa
Signing time: Wed 17 Sep 2025 20:52:19 +0000
ROA not before: Wed 17 Sep 2025 20:47:19 +0000
ROA not after: Wed 16 Sep 2026 20:52:19 +0000
asID: 210338
IP address blocks: 2a11:29c0:3e00::/44 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 16:23:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:e2:f9:1c:12:5e:4f:80:a9:65:07:9d:ac:b5:7a:f2:e2:91:b5:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: Sep 17 20:47:19 2025 GMT
Not After : Sep 16 20:52:19 2026 GMT
Subject: CN=B110C7FC3B82FDD64403AA78F82266CFADDCA630
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:b5:13:b3:f6:74:45:7d:4d:88:f1:f8:f3:81:
1d:63:3c:2f:d9:1d:d0:8f:76:9d:be:bc:91:ce:a2:
1a:10:d8:04:d9:c1:35:70:82:0e:5b:29:90:8e:13:
dd:e5:72:c8:e9:cc:2e:28:71:03:17:be:c8:3d:7e:
46:dd:48:e3:13:eb:ed:a9:36:28:ea:b6:90:30:9a:
5d:95:ab:b5:0d:6a:46:b9:dd:10:6f:cb:57:d5:c4:
42:04:a1:65:11:62:ca:57:19:12:52:65:8a:6f:14:
08:cc:80:2e:76:f7:81:d2:29:e6:67:8b:a3:03:3a:
10:ba:d9:f0:f5:aa:21:9b:6e:51:64:a1:a0:44:ce:
bf:88:fd:f3:dc:1a:b7:9b:5b:bd:0d:b9:7b:61:0a:
28:50:c0:38:7c:4d:63:35:75:e8:75:de:23:93:cd:
85:11:3f:ba:77:1b:5a:a3:54:fe:e9:0d:9f:f8:e2:
f3:85:08:56:86:89:53:7d:c7:57:07:5c:31:62:0a:
c9:3b:d9:9b:fb:90:44:1b:57:f8:a1:42:e2:dd:89:
85:48:a1:7c:13:68:21:bc:a0:db:bb:b4:9d:2c:0c:
63:f4:89:fe:a1:cf:cd:54:83:a2:ab:ab:88:c1:22:
8f:f1:11:dd:cf:8e:a2:39:31:f8:7f:c5:16:22:ad:
cb:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:10:C7:FC:3B:82:FD:D6:44:03:AA:78:F8:22:66:CF:AD:DC:A6:30
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336530303a3a2f34342d3438203d3e20323130333338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:3e00::/44
Signature Algorithm: sha256WithRSAEncryption
ab:1b:15:f2:c5:ee:16:48:c2:ab:f8:ad:e3:7c:71:ad:f0:7f:
98:61:09:e7:f5:c6:d9:5b:50:86:48:06:3b:f4:18:dc:93:c1:
96:3b:1c:61:ba:37:49:c9:8c:a6:94:2f:3d:00:8f:e6:2d:11:
af:7f:96:f2:1e:43:a7:36:b9:71:fc:3f:01:c5:56:6b:9e:bf:
57:e1:a4:17:05:bc:a4:56:25:fc:1c:d8:43:32:c3:18:00:2a:
63:aa:07:01:b7:ac:39:01:d1:03:4b:dd:bb:aa:d9:60:d1:95:
f1:d8:43:ac:16:8d:51:fe:e1:21:cb:99:2b:b0:c5:24:23:ab:
11:9a:6f:3b:ca:e0:1c:b9:fc:87:c3:25:30:af:8c:6f:c8:8d:
72:f7:34:d1:da:f8:2b:3c:85:58:af:a9:22:77:92:76:45:f2:
26:4e:2c:22:39:4d:db:8b:a2:34:28:31:3e:31:b3:24:83:a2:
99:73:df:cf:ef:0e:f2:63:02:5c:c4:fe:73:4b:56:b4:15:d1:
bb:3f:0a:9a:4e:e1:bb:9c:3a:1b:53:00:1a:4e:53:dc:2f:6c:
95:fd:28:dd:8d:92:0d:a9:e5:b9:be:69:82:75:12:09:ec:83:
82:ea:ea:3d:78:21:ed:d9:af:6d:60:37:15:84:1f:b2:7f:7e:
a1:8d:4b:17
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUU+L5HBJeT4CpZQedrLV68uKRtWMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNTA5MTcyMDQ3MTlaFw0yNjA5MTYyMDUyMTlaMDMxMTAvBgNV
BAMTKEIxMTBDN0ZDM0I4MkZERDY0NDAzQUE3OEY4MjI2NkNGQUREQ0E2MzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNtROz9nRFfU2I8fjzgR1jPC/Z
HdCPdp2+vJHOohoQ2ATZwTVwgg5bKZCOE93lcsjpzC4ocQMXvsg9fkbdSOMT6+2p
NijqtpAwml2Vq7UNaka53RBvy1fVxEIEoWURYspXGRJSZYpvFAjMgC5294HSKeZn
i6MDOhC62fD1qiGbblFkoaBEzr+I/fPcGrebW70NuXthCihQwDh8TWM1deh13iOT
zYURP7p3G1qjVP7pDZ/44vOFCFaGiVN9x1cHXDFiCsk72Zv7kEQbV/ihQuLdiYVI
oXwTaCG8oNu7tJ0sDGP0if6hz81Ug6Krq4jBIo/xEd3PjqI5Mfh/xRYircvJAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUsRDH/DuC/dZEA6p4+CJmz63cpjAwHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzMzY1MzAzMDNhM2EyZjM0MzQyZDM0MzgyMDNkM2UyMDMyMzEzMDMzMzMzOC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHBCoRKcA+ADANBgkqhkiG9w0BAQsFAAOCAQEAqxsV8sXuFkjCq/it
43xxrfB/mGEJ5/XG2VtQhkgGO/QY3JPBljscYbo3ScmMppQvPQCP5i0Rr3+W8h5D
pza5cfw/AcVWa56/V+GkFwW8pFYl/BzYQzLDGAAqY6oHAbesOQHRA0vdu6rZYNGV
8dhDrBaNUf7hIcuZK7DFJCOrEZpvO8rgHLn8h8MlMK+Mb8iNcvc00dr4KzyFWK+p
IneSdkXyJk4sIjlN24uiNCgxPjGzJIOimXPfz+8O8mMCXMT+c0tWtBXRuz8Kmk7h
u5w6G1MAGk5T3C9slf0o3Y2SDanlub5pgnUSCeyDgurqPXgh7dmvbWA3FYQfsn9+
oY1LFw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 09:09:23 2025 by rpki-client