Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/323030313a3637383a6663383a3a2f34382d3438203d3e20323037393630.roa
File: 323030313a3637383a6663383a3a2f34382d3438203d3e20323037393630.roa (raw, json)
Hash identifier: QUXjtBQSnjBfN0CM1R1fx/cIZ/hSbItmToWKeuI2pdI=
Subject key identifier: E3:F8:CD:34:94:D9:EA:63:78:46:E6:39:DF:C0:09:5C:24:0F:00:2D
Certificate issuer: /CN=0839a93dab544c296ffa143456844a8b2818b1d0
Certificate serial: 48F8A9D912E112A692133C0C5C1B83C6962F58F1
Authority key identifier: 08:39:A9:3D:AB:54:4C:29:6F:FA:14:34:56:84:4A:8B:28:18:B1:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CDmpPatUTClv-hQ0VoRKiygYsdA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/323030313a3637383a6663383a3a2f34382d3438203d3e20323037393630.roa
Signing time: Sun 03 May 2026 13:05:00 +0000
ROA not before: Sun 03 May 2026 13:00:00 +0000
ROA not after: Sun 02 May 2027 13:05:00 +0000
asID: 207960
IP address blocks: 2001:678:fc8::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/0839A93DAB544C296FFA143456844A8B2818B1D0.crl
rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/0839A93DAB544C296FFA143456844A8B2818B1D0.mft
rsync://rpki.ripe.net/repository/DEFAULT/CDmpPatUTClv-hQ0VoRKiygYsdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 00:34:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:f8:a9:d9:12:e1:12:a6:92:13:3c:0c:5c:1b:83:c6:96:2f:58:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0839a93dab544c296ffa143456844a8b2818b1d0
Validity
Not Before: May 3 13:00:00 2026 GMT
Not After : May 2 13:05:00 2027 GMT
Subject: CN=E3F8CD3494D9EA637846E639DFC0095C240F002D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:86:8a:61:81:8f:cd:d8:f6:08:bc:34:6f:59:
ff:63:10:c6:a1:2a:37:03:a0:3d:43:42:e9:c8:85:
34:bc:1b:61:58:7c:19:aa:4c:b9:10:66:f3:89:48:
a3:22:d4:cb:59:0a:53:ad:d6:f0:6a:1e:63:c7:9c:
4d:73:f8:af:6d:c7:f3:1f:2a:4e:f7:64:39:b2:3c:
f2:a4:44:0e:e2:3a:ab:bf:db:1b:2d:fc:3e:3e:23:
6e:98:70:e6:73:f0:c8:9c:ea:df:80:1c:7d:27:73:
9e:72:f8:40:4d:15:23:be:c0:03:0a:e5:12:e1:05:
d3:1d:eb:a5:82:d4:81:17:05:c7:41:b0:08:40:01:
f1:9a:8f:32:b8:3e:8a:f8:5f:f8:f7:b3:07:48:96:
77:9e:5e:5a:81:b3:51:48:c2:36:f8:ee:b9:ee:e2:
b2:d0:48:d6:15:96:94:f6:1d:d1:f4:a1:66:17:65:
49:45:a8:b2:dc:e6:85:3e:a7:32:24:e9:45:7a:58:
dd:16:fc:19:2a:3e:ce:c2:1d:68:d4:75:a9:11:9b:
79:f5:76:25:6e:6a:ae:2b:a6:a5:89:26:26:e7:c5:
33:20:23:d9:cf:d7:cd:5e:9d:dd:09:f3:6d:81:a7:
54:1d:71:f1:c1:ad:98:e0:9c:25:e5:14:1e:af:79:
91:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:F8:CD:34:94:D9:EA:63:78:46:E6:39:DF:C0:09:5C:24:0F:00:2D
X509v3 Authority Key Identifier:
keyid:08:39:A9:3D:AB:54:4C:29:6F:FA:14:34:56:84:4A:8B:28:18:B1:D0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/0839A93DAB544C296FFA143456844A8B2818B1D0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CDmpPatUTClv-hQ0VoRKiygYsdA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/323030313a3637383a6663383a3a2f34382d3438203d3e20323037393630.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:fc8::/48
Signature Algorithm: sha256WithRSAEncryption
0e:fd:de:e3:d1:42:58:12:c7:9a:65:c5:fa:b4:24:ec:93:6c:
1e:44:d3:a1:18:84:34:2d:2d:67:3c:60:fb:f2:58:37:d8:d8:
e2:d0:98:10:89:c7:cf:2c:bb:9e:45:ba:18:5c:34:62:cd:7e:
db:b9:e3:d5:4d:1f:88:89:da:ac:93:a0:74:96:85:97:5c:96:
4f:7b:28:42:f0:b7:50:42:fa:20:f9:1f:d3:d7:e8:ac:4c:56:
5d:3f:09:7f:3d:c7:05:54:36:c2:65:8e:7d:1a:6f:24:9c:7f:
a4:35:05:f7:a0:61:93:c8:e2:2b:b5:f9:9b:6b:dc:8f:cb:7b:
2f:55:28:f4:cf:11:bb:fb:0a:03:48:e5:57:75:1d:1f:31:30:
1c:30:ac:f3:4d:5a:6a:33:cd:47:f1:2c:9d:99:85:3c:14:ec:
bd:3a:19:00:4e:4b:86:b3:66:7c:7c:27:de:1a:31:ef:cb:98:
e8:30:0a:91:a6:8c:59:3b:44:7f:c0:d6:a3:05:ef:07:6f:ac:
96:3e:ab:dc:e2:a1:03:f8:2a:75:93:b4:d5:f9:9e:e5:39:93:
ae:c4:8f:20:33:4e:0b:af:74:24:8d:ae:de:e5:ba:16:7e:ea:
13:b4:63:60:71:e0:8b:3f:a3:43:7a:3d:a7:68:89:25:33:4a:
fe:24:dc:c3
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUSPip2RLhEqaSEzwMXBuDxpYvWPEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDgzOWE5M2RhYjU0NGMyOTZmZmExNDM0NTY4NDRhOGIy
ODE4YjFkMDAeFw0yNjA1MDMxMzAwMDBaFw0yNzA1MDIxMzA1MDBaMDMxMTAvBgNV
BAMTKEUzRjhDRDM0OTREOUVBNjM3ODQ2RTYzOURGQzAwOTVDMjQwRjAwMkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDhophgY/N2PYIvDRvWf9jEMah
KjcDoD1DQunIhTS8G2FYfBmqTLkQZvOJSKMi1MtZClOt1vBqHmPHnE1z+K9tx/Mf
Kk73ZDmyPPKkRA7iOqu/2xst/D4+I26YcOZz8Mic6t+AHH0nc55y+EBNFSO+wAMK
5RLhBdMd66WC1IEXBcdBsAhAAfGajzK4Por4X/j3swdIlneeXlqBs1FIwjb47rnu
4rLQSNYVlpT2HdH0oWYXZUlFqLLc5oU+pzIk6UV6WN0W/BkqPs7CHWjUdakRm3n1
diVuaq4rpqWJJibnxTMgI9nP181end0J822Bp1QdcfHBrZjgnCXlFB6veZGZAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQU4/jNNJTZ6mN4RuY538AJXCQPAC0wHwYDVR0j
BBgwFoAUCDmpPatUTClv+hQ0VoRKiygYsdAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZGRlODM3ZmItNjM5MC00MWI1LTgyYTAtZjBkMDJjMDNh
MmM2LzcvMDgzOUE5M0RBQjU0NEMyOTZGRkExNDM0NTY4NDRBOEIyODE4QjFEMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NEbXBQYXRVVENsdi1oUTBWb1JLaXln
WXNkQS5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZGRlODM3ZmIt
NjM5MC00MWI1LTgyYTAtZjBkMDJjMDNhMmM2LzcvMzIzMDMwMzEzYTM2MzczODNh
NjY2MzM4M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzMDM3MzkzNjMwLnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAIAEGeA/IMA0GCSqGSIb3DQEBCwUAA4IBAQAO/d7j0UJYEseaZcX6tCTs
k2weRNOhGIQ0LS1nPGD78lg32Nji0JgQicfPLLueRboYXDRizX7buePVTR+Iidqs
k6B0loWXXJZPeyhC8LdQQvog+R/T1+isTFZdPwl/PccFVDbCZY59Gm8knH+kNQX3
oGGTyOIrtfmba9yPy3svVSj0zxG7+woDSOVXdR0fMTAcMKzzTVpqM81H8SydmYU8
FOy9OhkATkuGs2Z8fCfeGjHvy5joMAqRpoxZO0R/wNajBe8Hb6yWPqvc4qED+Cp1
k7TV+Z7lOZOuxI8gM04Lr3Qkja7e5boWfuoTtGNgceCLP6NDej2naIklM0r+JNzD
-----END CERTIFICATE-----
Generated at Wed May 13 12:57:12 2026 by rpki-client