Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a346430303a3a2f34302d3438203d3e20323135363338.roa
File: 326131313a323963303a346430303a3a2f34302d3438203d3e20323135363338.roa (raw, json)
Hash identifier: HyTHuzq506sJ8dUQ+NOIW/try7X5aB9JX4eiyXCJhE0=
Subject key identifier: 4D:FC:CB:41:E9:2F:7A:44:45:CB:E7:40:E1:78:E1:22:D7:A1:37:15
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 4023D0BAE5362D3E96AD552D138A9330D324B337
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a346430303a3a2f34302d3438203d3e20323135363338.roa
Signing time: Tue 19 Aug 2025 21:10:41 +0000
ROA not before: Tue 19 Aug 2025 21:05:41 +0000
ROA not after: Tue 18 Aug 2026 21:10:41 +0000
asID: 215638
IP address blocks: 2a11:29c0:4d00::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:23:d0:ba:e5:36:2d:3e:96:ad:55:2d:13:8a:93:30:d3:24:b3:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: Aug 19 21:05:41 2025 GMT
Not After : Aug 18 21:10:41 2026 GMT
Subject: CN=4DFCCB41E92F7A4445CBE740E178E122D7A13715
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:75:f6:ce:88:bc:3a:b6:57:0e:65:96:45:8d:
8f:82:9b:94:6f:bc:8e:5b:b4:e0:a6:d0:f3:24:40:
d3:05:8c:51:42:7f:ec:f0:d9:b5:c3:8f:40:a3:06:
32:64:c1:5c:9d:3f:2c:e2:c1:7e:38:4a:d4:28:d3:
b8:79:d8:8f:3f:c7:eb:7b:01:4c:f8:5c:96:c6:73:
33:be:be:c4:c6:97:4a:09:bd:7d:d2:90:3e:35:b3:
69:86:85:2b:1d:df:fe:78:8a:86:fc:c3:9f:ef:5f:
68:a8:a8:18:df:68:d0:cb:2c:bd:b3:e8:aa:2f:6a:
b7:cb:86:02:88:a2:a5:e3:64:67:95:6a:af:d4:c6:
05:2c:69:8d:fc:9f:4b:9a:93:77:54:4a:31:62:9f:
f0:b4:c5:1b:f8:c6:99:e4:36:94:ea:3a:28:73:d9:
54:37:8a:a8:31:d4:38:87:2f:a1:9c:ee:d0:06:c7:
41:be:14:9d:60:c4:06:5f:48:31:60:e3:95:49:ba:
51:3e:0a:72:b5:fa:d1:bc:e7:00:53:13:c5:c3:51:
ed:9b:ac:86:b5:81:74:7a:30:09:6a:7a:2b:09:2e:
1d:ea:95:31:ac:a6:69:7a:83:45:a0:eb:10:ac:73:
20:47:e4:ab:22:e9:4e:86:d0:89:95:ca:54:13:60:
ed:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:FC:CB:41:E9:2F:7A:44:45:CB:E7:40:E1:78:E1:22:D7:A1:37:15
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a346430303a3a2f34302d3438203d3e20323135363338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:4d00::/40
Signature Algorithm: sha256WithRSAEncryption
80:b7:62:67:d9:e3:3d:ff:95:af:05:6f:b3:b9:6b:71:39:55:
ea:87:49:cd:48:55:50:7e:71:ac:35:98:c0:cd:30:b9:ff:f4:
54:25:b5:ff:31:5b:c5:a9:99:0e:6e:18:35:92:67:b6:46:52:
1d:1b:05:4c:f1:aa:b8:b3:de:4c:0a:ad:62:2f:d3:d5:f1:26:
3a:16:08:ed:29:2e:bc:ce:fe:35:9a:3c:bb:1a:d6:e0:00:ef:
f1:61:b6:a6:dd:84:a4:db:06:27:aa:fd:92:99:1a:a9:26:db:
fe:78:ca:1f:2e:a0:c6:59:29:2a:ce:3d:05:d7:13:53:f4:b3:
b6:9b:5d:c2:72:3a:e6:25:38:53:31:a7:81:db:af:a6:f4:1e:
67:1a:9b:95:9a:04:bc:77:1e:d3:cd:3d:9a:2d:fc:95:f3:4f:
20:5f:f8:27:13:f1:d3:36:81:dd:38:1d:04:5c:b1:4f:1f:bc:
07:27:2f:3f:db:54:32:4b:e9:29:46:db:1a:d8:7f:3b:e0:4f:
a7:9d:b4:b7:2a:e6:55:2f:c4:2e:f7:a5:5f:1b:52:5f:41:d7:
4f:a6:9d:e3:fe:92:1f:8d:13:d1:a4:9d:6b:b2:7a:e1:f5:45:
52:ef:b6:60:d9:7f:2f:18:ef:7d:ea:8e:76:c6:db:29:77:3f:
28:8d:18:4d
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIUQCPQuuU2LT6WrVUtE4qTMNMkszcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNTA4MTkyMTA1NDFaFw0yNjA4MTgyMTEwNDFaMDMxMTAvBgNV
BAMTKDRERkNDQjQxRTkyRjdBNDQ0NUNCRTc0MEUxNzhFMTIyRDdBMTM3MTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYdfbOiLw6tlcOZZZFjY+Cm5Rv
vI5btOCm0PMkQNMFjFFCf+zw2bXDj0CjBjJkwVydPyziwX44StQo07h52I8/x+t7
AUz4XJbGczO+vsTGl0oJvX3SkD41s2mGhSsd3/54iob8w5/vX2ioqBjfaNDLLL2z
6KovarfLhgKIoqXjZGeVaq/UxgUsaY38n0uak3dUSjFin/C0xRv4xpnkNpTqOihz
2VQ3iqgx1DiHL6Gc7tAGx0G+FJ1gxAZfSDFg45VJulE+CnK1+tG85wBTE8XDUe2b
rIa1gXR6MAlqeisJLh3qlTGspml6g0Wg6xCscyBH5Ksi6U6G0ImVylQTYO13AgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQUTfzLQekvekRFy+dA4XjhItehNxUwHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzNDY0MzAzMDNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDMyMzEzNTM2MzMzOC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw
DgQCAAIwCAMGACoRKcBNMA0GCSqGSIb3DQEBCwUAA4IBAQCAt2Jn2eM9/5WvBW+z
uWtxOVXqh0nNSFVQfnGsNZjAzTC5//RUJbX/MVvFqZkObhg1kme2RlIdGwVM8aq4
s95MCq1iL9PV8SY6FgjtKS68zv41mjy7GtbgAO/xYbam3YSk2wYnqv2SmRqpJtv+
eMofLqDGWSkqzj0F1xNT9LO2m13CcjrmJThTMaeB26+m9B5nGpuVmgS8dx7TzT2a
LfyV808gX/gnE/HTNoHdOB0EXLFPH7wHJy8/21QyS+kpRtsa2H874E+nnbS3KuZV
L8Qu96VfG1JfQddPpp3j/pIfjRPRpJ1rsnrh9UVS77Zg2X8vGO996o52xtspdz8o
jRhN
-----END CERTIFICATE-----
Generated at Sat Aug 23 19:51:21 2025 by rpki-client