Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/bf52d814-3d2f-4df4-8140-dfb530f74912/0/326130303a386530303a313a3a2f34382d3438203d3e203230373132.roa
File: 326130303a386530303a313a3a2f34382d3438203d3e203230373132.roa (raw, json)
Hash identifier: 2qiBxfK+UGsXjYXrt6Cm3jSdVu6qoZhGBCRhmjYUhjg=
Subject key identifier: 72:DE:76:9E:AC:13:AF:98:75:A5:3E:AF:E3:06:05:95:53:CE:A9:A3
Certificate issuer: /CN=f29fbab4db867f6bd9a7eff6aa55d98c162e1aad
Certificate serial: 606C016312506B10A9CC88DCAE7225AC37B1FB17
Authority key identifier: F2:9F:BA:B4:DB:86:7F:6B:D9:A7:EF:F6:AA:55:D9:8C:16:2E:1A:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8p-6tNuGf2vZp-_2qlXZjBYuGq0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/bf52d814-3d2f-4df4-8140-dfb530f74912/0/326130303a386530303a313a3a2f34382d3438203d3e203230373132.roa
Signing time: Sat 13 Sep 2025 18:55:07 +0000
ROA not before: Sat 13 Sep 2025 18:50:07 +0000
ROA not after: Sat 12 Sep 2026 18:55:07 +0000
asID: 20712
IP address blocks: 2a00:8e00:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/bf52d814-3d2f-4df4-8140-dfb530f74912/0/F29FBAB4DB867F6BD9A7EFF6AA55D98C162E1AAD.crl
rsync://rsync.paas.rpki.ripe.net/repository/bf52d814-3d2f-4df4-8140-dfb530f74912/0/F29FBAB4DB867F6BD9A7EFF6AA55D98C162E1AAD.mft
rsync://rpki.ripe.net/repository/DEFAULT/8p-6tNuGf2vZp-_2qlXZjBYuGq0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:6c:01:63:12:50:6b:10:a9:cc:88:dc:ae:72:25:ac:37:b1:fb:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f29fbab4db867f6bd9a7eff6aa55d98c162e1aad
Validity
Not Before: Sep 13 18:50:07 2025 GMT
Not After : Sep 12 18:55:07 2026 GMT
Subject: CN=72DE769EAC13AF9875A53EAFE306059553CEA9A3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:d7:10:1b:f3:8a:5c:ce:54:6d:e7:07:f4:69:
60:dd:ca:ee:22:c2:3d:34:1d:93:ab:3d:79:b7:bd:
86:8a:21:ac:17:f2:09:f1:bd:00:54:e1:82:d9:1e:
aa:b9:4f:83:a3:9e:a4:21:13:db:e9:72:80:9c:48:
52:44:c8:8e:47:4c:74:3e:b6:4c:de:d9:c6:d3:a7:
78:bc:a1:62:d7:c5:ca:59:16:a1:6f:29:b4:d1:57:
bc:f6:f2:0f:c7:2e:40:28:c6:07:96:92:78:88:89:
15:d5:f0:5f:90:2c:f3:2e:7e:9f:58:d3:84:99:64:
67:b1:e3:73:db:f6:c1:69:69:96:e8:de:55:52:84:
55:86:88:d3:96:b6:54:a7:30:8b:a0:84:bb:80:2b:
68:da:90:a4:9a:2f:f8:dd:c5:a8:c3:bc:65:af:74:
3a:b4:2f:29:9c:05:ec:d4:28:2f:eb:79:0e:41:e2:
c4:60:a1:6e:b7:08:a7:d1:d6:be:13:5c:32:4f:0d:
64:83:cc:e4:51:c6:b6:f0:8e:cc:14:c7:d9:10:37:
3d:64:a4:e9:a2:26:c4:3a:64:a0:56:39:5d:80:12:
dd:2b:70:b7:e8:8d:7d:ff:6e:a5:1d:57:97:13:ba:
0b:4e:8f:fe:18:97:dc:72:19:73:ae:5d:c5:28:37:
0e:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:DE:76:9E:AC:13:AF:98:75:A5:3E:AF:E3:06:05:95:53:CE:A9:A3
X509v3 Authority Key Identifier:
keyid:F2:9F:BA:B4:DB:86:7F:6B:D9:A7:EF:F6:AA:55:D9:8C:16:2E:1A:AD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/bf52d814-3d2f-4df4-8140-dfb530f74912/0/F29FBAB4DB867F6BD9A7EFF6AA55D98C162E1AAD.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8p-6tNuGf2vZp-_2qlXZjBYuGq0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/bf52d814-3d2f-4df4-8140-dfb530f74912/0/326130303a386530303a313a3a2f34382d3438203d3e203230373132.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:8e00:1::/48
Signature Algorithm: sha256WithRSAEncryption
5f:19:5f:cd:ac:a9:51:91:03:4e:1f:fb:32:dc:0c:b2:43:4f:
df:7e:f5:c3:98:4a:49:b9:a4:6e:24:74:e3:4f:b5:67:c1:a2:
f1:20:54:11:5d:6a:c2:ae:fc:10:68:a0:d0:ce:4f:ac:dc:ad:
f8:93:ef:e5:1c:f4:a6:ca:7c:54:b1:29:e5:91:b6:a0:20:24:
ba:f6:ad:82:f7:f3:85:a4:6c:0c:2a:82:85:5e:bd:15:f4:d0:
ee:43:e3:60:40:30:c7:06:0e:f9:e4:fb:b5:cb:46:c4:1c:c0:
68:09:04:62:30:6b:21:89:a6:d5:7e:d4:47:d2:e8:cc:f5:5e:
04:83:b4:4d:14:81:10:1e:12:25:11:86:9d:54:78:6e:63:97:
81:a5:e6:00:46:84:6a:62:83:0d:2f:b1:28:2b:15:4b:b4:85:
f2:2d:6e:cf:53:ce:ab:ef:f5:44:1f:4c:4c:13:00:28:f7:31:
73:d8:b4:4a:09:0d:ce:43:ff:05:19:55:89:45:94:25:52:dd:
13:dd:7f:10:b1:a4:bd:97:32:f0:5d:00:56:13:da:fd:c9:f7:
af:8b:2f:75:cd:71:05:4a:f7:66:68:a5:a1:53:f0:cc:be:07:
76:ed:b3:f1:0c:54:3e:5c:58:6b:a1:41:4b:2c:ef:64:99:52:
5c:4b:ce:4b
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUYGwBYxJQaxCpzIjcrnIlrDex+xcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZjI5ZmJhYjRkYjg2N2Y2YmQ5YTdlZmY2YWE1NWQ5OGMx
NjJlMWFhZDAeFw0yNTA5MTMxODUwMDdaFw0yNjA5MTIxODU1MDdaMDMxMTAvBgNV
BAMTKDcyREU3NjlFQUMxM0FGOTg3NUE1M0VBRkUzMDYwNTk1NTNDRUE5QTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZ1xAb84pczlRt5wf0aWDdyu4i
wj00HZOrPXm3vYaKIawX8gnxvQBU4YLZHqq5T4OjnqQhE9vpcoCcSFJEyI5HTHQ+
tkze2cbTp3i8oWLXxcpZFqFvKbTRV7z28g/HLkAoxgeWkniIiRXV8F+QLPMufp9Y
04SZZGex43Pb9sFpaZbo3lVShFWGiNOWtlSnMIughLuAK2jakKSaL/jdxajDvGWv
dDq0LymcBezUKC/reQ5B4sRgoW63CKfR1r4TXDJPDWSDzORRxrbwjswUx9kQNz1k
pOmiJsQ6ZKBWOV2AEt0rcLfojX3/bqUdV5cTugtOj/4Yl9xyGXOuXcUoNw4/AgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUct52nqwTr5h1pT6v4wYFlVPOqaMwHwYDVR0j
BBgwFoAU8p+6tNuGf2vZp+/2qlXZjBYuGq0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYmY1MmQ4MTQtM2QyZi00ZGY0LTgxNDAtZGZiNTMwZjc0
OTEyLzAvRjI5RkJBQjREQjg2N0Y2QkQ5QTdFRkY2QUE1NUQ5OEMxNjJFMUFBRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzhwLTZ0TnVHZjJ2WnAtXzJxbFhaakJZ
dUdxMC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYmY1MmQ4MTQt
M2QyZi00ZGY0LTgxNDAtZGZiNTMwZjc0OTEyLzAvMzI2MTMwMzAzYTM4NjUzMDMw
M2EzMTNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAzNzMxMzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkD
BwAqAI4AAAEwDQYJKoZIhvcNAQELBQADggEBAF8ZX82sqVGRA04f+zLcDLJDT99+
9cOYSkm5pG4kdONPtWfBovEgVBFdasKu/BBooNDOT6zcrfiT7+Uc9KbKfFSxKeWR
tqAgJLr2rYL384WkbAwqgoVevRX00O5D42BAMMcGDvnk+7XLRsQcwGgJBGIwayGJ
ptV+1EfS6Mz1XgSDtE0UgRAeEiURhp1UeG5jl4Gl5gBGhGpigw0vsSgrFUu0hfIt
bs9Tzqvv9UQfTEwTACj3MXPYtEoJDc5D/wUZVYlFlCVS3RPdfxCxpL2XMvBdAFYT
2v3J96+LL3XNcQVK92ZopaFT8My+B3bts/EMVD5cWGuhQUss72SZUlxLzks=
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:27:06 2025 by rpki-client