Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/326130643a623238373a646130303a3a2f34382d3438203d3e20323135313436.roa
File: 326130643a623238373a646130303a3a2f34382d3438203d3e20323135313436.roa (raw, json)
Hash identifier: BOfTSY7wWayFslIYZyC++f09YnW0ZvOoQVsy6AzQanA=
Subject key identifier: 06:CE:51:FA:35:06:D0:8B:41:20:8A:47:86:E0:89:6A:C4:14:E7:5A
Certificate issuer: /CN=88cdd9c193da9185a4ac15b2ade875fe97b6f491
Certificate serial: 70EAEF98EDDA10B92D5E42BFA1E13886347B5872
Authority key identifier: 88:CD:D9:C1:93:DA:91:85:A4:AC:15:B2:AD:E8:75:FE:97:B6:F4:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iM3ZwZPakYWkrBWyreh1_pe29JE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/326130643a623238373a646130303a3a2f34382d3438203d3e20323135313436.roa
Signing time: Sun 21 Sep 2025 15:39:53 +0000
ROA not before: Sun 21 Sep 2025 15:34:53 +0000
ROA not after: Sun 20 Sep 2026 15:39:53 +0000
asID: 215146
IP address blocks: 2a0d:b287:da00::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/88CDD9C193DA9185A4AC15B2ADE875FE97B6F491.crl
rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/88CDD9C193DA9185A4AC15B2ADE875FE97B6F491.mft
rsync://rpki.ripe.net/repository/DEFAULT/iM3ZwZPakYWkrBWyreh1_pe29JE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 08:52:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:ea:ef:98:ed:da:10:b9:2d:5e:42:bf:a1:e1:38:86:34:7b:58:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88cdd9c193da9185a4ac15b2ade875fe97b6f491
Validity
Not Before: Sep 21 15:34:53 2025 GMT
Not After : Sep 20 15:39:53 2026 GMT
Subject: CN=06CE51FA3506D08B41208A4786E0896AC414E75A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:11:37:40:fe:2c:c3:4c:74:31:c9:05:29:5a:
6e:55:7d:42:85:d7:ce:4d:a7:f3:b6:f9:9e:93:c8:
5d:b2:89:ff:63:ed:b3:21:c4:95:9d:c7:31:a9:5d:
43:56:1a:38:33:a8:85:28:1c:0c:a9:0d:e5:b8:25:
7b:65:d2:2e:7c:87:6f:1e:a4:ef:53:19:fb:90:95:
f7:7b:ab:07:3f:42:f6:2d:f0:0f:d9:7c:6e:c1:44:
28:d9:28:04:1c:35:91:e5:f6:30:1c:f9:c7:fe:ab:
6a:ed:48:ad:21:6a:88:a4:e5:d4:22:14:cb:23:ad:
be:87:31:14:6f:5b:26:d0:7e:e6:37:51:ef:85:6d:
6a:71:6c:1b:f3:d0:1c:15:e8:2c:ca:71:91:67:ae:
d9:ae:fc:72:ca:56:da:2c:ba:3a:7a:f8:ad:0d:82:
0d:43:fe:5b:1e:94:f3:07:d0:d9:50:12:ef:22:42:
a4:68:45:7c:b7:c3:51:f8:de:17:90:f9:d2:9b:e9:
87:e6:10:d1:c1:73:86:09:c6:4c:93:16:9e:21:36:
7c:78:92:90:ff:e9:de:a4:1c:fb:80:a4:bb:79:fa:
1e:79:de:9f:d2:48:b4:3b:65:25:92:75:dd:e1:a0:
47:6a:c9:34:7a:9c:ea:e4:64:8e:63:bb:18:01:6b:
27:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:CE:51:FA:35:06:D0:8B:41:20:8A:47:86:E0:89:6A:C4:14:E7:5A
X509v3 Authority Key Identifier:
keyid:88:CD:D9:C1:93:DA:91:85:A4:AC:15:B2:AD:E8:75:FE:97:B6:F4:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/88CDD9C193DA9185A4AC15B2ADE875FE97B6F491.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iM3ZwZPakYWkrBWyreh1_pe29JE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/326130643a623238373a646130303a3a2f34382d3438203d3e20323135313436.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:b287:da00::/48
Signature Algorithm: sha256WithRSAEncryption
a2:2f:1e:40:76:68:70:df:9b:73:59:4c:52:18:38:52:3e:61:
39:9d:6b:76:e4:70:bc:33:27:50:62:1a:e7:08:fe:84:c6:45:
4c:4b:0e:76:98:54:07:aa:d7:23:a9:8d:b8:19:02:99:a7:2e:
85:48:e9:72:32:84:f4:82:43:c2:bf:9e:ea:f6:01:8c:d6:5a:
52:5e:48:70:75:2a:a8:6e:af:c9:ce:cf:a0:34:e8:dd:33:26:
9d:ec:6f:6b:3e:a3:1f:9b:fd:e2:92:c1:43:21:89:3e:f2:4c:
2a:37:6a:3e:1f:ca:23:4c:95:c4:4c:53:e6:35:71:77:60:fb:
7d:6a:b9:15:8d:73:8c:a5:2f:81:8b:58:e4:48:8d:41:2b:4d:
e4:35:89:03:12:e9:7c:ad:d3:89:53:76:79:3e:49:9d:18:e8:
19:d3:3e:b0:29:0b:39:9d:c0:71:f6:10:ad:bd:ac:d6:8b:98:
1b:1b:ce:35:f7:f2:34:2a:92:c4:a3:8c:68:c8:17:09:f0:e1:
5f:ab:68:64:f2:26:be:88:08:e3:93:9c:8f:22:c3:01:02:48:
05:ef:d9:f2:1f:24:52:fe:48:e8:fa:46:62:f4:a6:2f:f1:1e:
5b:0d:9b:2a:25:af:bc:31:78:5b:42:9e:99:f8:86:a2:4f:66:
ea:6a:88:0c
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUcOrvmO3aELktXkK/oeE4hjR7WHIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjZGQ5YzE5M2RhOTE4NWE0YWMxNWIyYWRlODc1ZmU5
N2I2ZjQ5MTAeFw0yNTA5MjExNTM0NTNaFw0yNjA5MjAxNTM5NTNaMDMxMTAvBgNV
BAMTKDA2Q0U1MUZBMzUwNkQwOEI0MTIwOEE0Nzg2RTA4OTZBQzQxNEU3NUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxETdA/izDTHQxyQUpWm5VfUKF
185Np/O2+Z6TyF2yif9j7bMhxJWdxzGpXUNWGjgzqIUoHAypDeW4JXtl0i58h28e
pO9TGfuQlfd7qwc/QvYt8A/ZfG7BRCjZKAQcNZHl9jAc+cf+q2rtSK0haoik5dQi
FMsjrb6HMRRvWybQfuY3Ue+FbWpxbBvz0BwV6CzKcZFnrtmu/HLKVtosujp6+K0N
gg1D/lselPMH0NlQEu8iQqRoRXy3w1H43heQ+dKb6YfmENHBc4YJxkyTFp4hNnx4
kpD/6d6kHPuApLt5+h553p/SSLQ7ZSWSdd3hoEdqyTR6nOrkZI5juxgBayd/AgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUBs5R+jUG0ItBIIpHhuCJasQU51owHwYDVR0j
BBgwFoAUiM3ZwZPakYWkrBWyreh1/pe29JEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTZhZmYyMzQtNjFjNS00MjkwLThhNmQtNWYyYjkwMjcz
MjJmLzAvODhDREQ5QzE5M0RBOTE4NUE0QUMxNUIyQURFODc1RkU5N0I2RjQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNM1p3WlBha1lXa3JCV3lyZWgxX3Bl
MjlKRS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTZhZmYyMzQt
NjFjNS00MjkwLThhNmQtNWYyYjkwMjczMjJmLzAvMzI2MTMwNjQzYTYyMzIzODM3
M2E2NDYxMzAzMDNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzNTMxMzQzNi5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoNsofaADANBgkqhkiG9w0BAQsFAAOCAQEAoi8eQHZocN+bc1lM
Uhg4Uj5hOZ1rduRwvDMnUGIa5wj+hMZFTEsOdphUB6rXI6mNuBkCmacuhUjpcjKE
9IJDwr+e6vYBjNZaUl5IcHUqqG6vyc7PoDTo3TMmnexvaz6jH5v94pLBQyGJPvJM
KjdqPh/KI0yVxExT5jVxd2D7fWq5FY1zjKUvgYtY5EiNQStN5DWJAxLpfK3TiVN2
eT5JnRjoGdM+sCkLOZ3AcfYQrb2s1ouYGxvONffyNCqSxKOMaMgXCfDhX6toZPIm
vogI45OcjyLDAQJIBe/Z8h8kUv5I6PpGYvSmL/EeWw2bKiWvvDF4W0KemfiGok9m
6mqIDA==
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:53:40 2025 by rpki-client