Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a35303a3a2f34382d3438203d3e20323134313636.roa
File: 326131313a323963303a35303a3a2f34382d3438203d3e20323134313636.roa (raw, json)
Hash identifier: dqtNlvt1OvrwKNCOddtaOO+vZhs0UCnexe+h8Mdf0H4=
Subject key identifier: 19:0D:D8:06:C5:50:AA:55:F8:31:E3:EB:99:3B:9D:F3:EC:5C:6B:0D
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 69D93C9790704820DA557FB76935F7E70DDB7869
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a35303a3a2f34382d3438203d3e20323134313636.roa
Signing time: Wed 20 Aug 2025 20:10:41 +0000
ROA not before: Wed 20 Aug 2025 20:05:41 +0000
ROA not after: Wed 19 Aug 2026 20:10:41 +0000
asID: 214166
IP address blocks: 2a11:29c0:50::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 17:05:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:d9:3c:97:90:70:48:20:da:55:7f:b7:69:35:f7:e7:0d:db:78:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: Aug 20 20:05:41 2025 GMT
Not After : Aug 19 20:10:41 2026 GMT
Subject: CN=190DD806C550AA55F831E3EB993B9DF3EC5C6B0D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:25:35:fb:d5:0d:40:76:4f:af:f1:20:05:d2:
23:05:27:dd:16:0e:ff:76:9f:43:ef:0d:f1:af:20:
13:4e:60:b5:f9:6d:9c:4b:de:ff:9e:43:8a:b9:2c:
54:5b:4f:d6:7b:db:f3:53:98:8c:25:5a:f4:02:bc:
67:bd:ba:0a:e4:6d:96:01:9d:58:8a:15:ac:54:b2:
07:2d:50:e1:29:b2:cf:b5:03:6a:18:d2:c6:88:f1:
9d:6c:31:6b:fd:c5:a5:e9:28:59:07:11:e3:9b:33:
bb:4b:aa:da:7c:c6:01:44:04:db:53:8b:e0:62:dd:
03:4f:a3:a1:63:fd:1a:83:b0:f1:13:01:c3:d1:a7:
50:58:09:df:01:ec:4a:7c:dc:20:17:b5:56:6a:87:
8d:9c:53:50:07:6f:84:80:f9:56:15:92:75:e8:b0:
54:d8:2a:ca:a3:59:53:67:b8:e4:1d:53:fa:33:aa:
b3:be:1f:fe:dd:9e:8a:7b:0f:7d:3c:6f:4d:68:e1:
c0:bf:10:85:a9:d4:7e:91:80:fa:b3:2a:ee:af:58:
a8:25:a4:d4:43:e8:d2:f2:58:92:d0:3c:71:ce:3a:
fb:cb:03:41:2b:1e:3b:74:e7:ed:3f:8f:9a:b0:09:
1e:04:15:70:ca:ce:30:b8:94:8e:28:a9:46:2b:b3:
04:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:0D:D8:06:C5:50:AA:55:F8:31:E3:EB:99:3B:9D:F3:EC:5C:6B:0D
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a35303a3a2f34382d3438203d3e20323134313636.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:50::/48
Signature Algorithm: sha256WithRSAEncryption
5d:cc:01:05:46:08:06:93:19:cb:97:6b:60:8f:46:3c:d4:d4:
6a:b9:91:b9:12:8e:b0:cd:ad:dc:72:8b:49:35:30:24:a3:38:
04:79:80:57:f8:9c:80:bd:a9:c4:09:bb:ed:67:68:b4:9b:5c:
5d:bc:94:1f:81:0b:d0:a4:46:40:55:99:ce:5d:19:c7:24:9e:
ca:4c:10:68:04:6f:64:fc:4c:69:bf:0e:0d:c1:11:c0:80:eb:
f0:ea:2c:dc:66:b5:ca:e6:0b:69:85:2f:01:e2:1f:3a:0d:2c:
03:05:ec:4a:a7:9f:ba:1f:e2:8a:21:b5:d3:e6:73:ab:da:7e:
86:19:0f:64:48:68:8a:e3:cf:50:d8:f4:ce:aa:63:6e:28:bd:
86:04:62:ec:2f:0c:57:2f:97:70:c4:93:1f:5d:4e:c8:0e:b3:
9a:e9:dc:c7:55:ee:03:40:36:2a:8f:d7:4c:c9:2a:20:0a:2a:
65:2c:bc:52:93:f2:d1:d7:bb:2d:3f:c0:c0:8b:5e:a1:9c:66:
d1:a8:17:45:65:4a:e0:f5:91:ea:a0:28:35:76:45:89:67:fa:
44:4b:4f:f2:14:7d:88:94:22:20:8b:c1:0a:be:d8:5e:24:a4:
f0:65:b8:3e:54:d4:e5:2b:44:1f:03:6e:20:06:53:14:87:cb:
92:da:ba:6a
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUadk8l5BwSCDaVX+3aTX35w3beGkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNTA4MjAyMDA1NDFaFw0yNjA4MTkyMDEwNDFaMDMxMTAvBgNV
BAMTKDE5MEREODA2QzU1MEFBNTVGODMxRTNFQjk5M0I5REYzRUM1QzZCMEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxJTX71Q1Adk+v8SAF0iMFJ90W
Dv92n0PvDfGvIBNOYLX5bZxL3v+eQ4q5LFRbT9Z72/NTmIwlWvQCvGe9ugrkbZYB
nViKFaxUsgctUOEpss+1A2oY0saI8Z1sMWv9xaXpKFkHEeObM7tLqtp8xgFEBNtT
i+Bi3QNPo6Fj/RqDsPETAcPRp1BYCd8B7Ep83CAXtVZqh42cU1AHb4SA+VYVknXo
sFTYKsqjWVNnuOQdU/ozqrO+H/7dnop7D308b01o4cC/EIWp1H6RgPqzKu6vWKgl
pNRD6NLyWJLQPHHOOvvLA0ErHjt05+0/j5qwCR4EFXDKzjC4lI4oqUYrswQZAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUGQ3YBsVQqlX4MePrmTud8+xcaw0wHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzNTMwM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzMTM0MzEzNjM2LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAKhEpwABQMA0GCSqGSIb3DQEBCwUAA4IBAQBdzAEFRggGkxnLl2tgj0Y8
1NRquZG5Eo6wza3ccotJNTAkozgEeYBX+JyAvanECbvtZ2i0m1xdvJQfgQvQpEZA
VZnOXRnHJJ7KTBBoBG9k/Expvw4NwRHAgOvw6izcZrXK5gtphS8B4h86DSwDBexK
p5+6H+KKIbXT5nOr2n6GGQ9kSGiK489Q2PTOqmNuKL2GBGLsLwxXL5dwxJMfXU7I
DrOa6dzHVe4DQDYqj9dMySogCiplLLxSk/LR17stP8DAi16hnGbRqBdFZUrg9ZHq
oCg1dkWJZ/pES0/yFH2IlCIgi8EKvtheJKTwZbg+VNTlK0QfA24gBlMUh8uS2rpq
-----END CERTIFICATE-----
Generated at Sun Aug 24 07:12:14 2025 by rpki-client