Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e97c29c1-31bd-4e09-81eb-7a199b3112a7/0/323030313a3637383a313064303a3a2f34382d3438203d3e20323133363035.roa
File: 323030313a3637383a313064303a3a2f34382d3438203d3e20323133363035.roa (raw, json)
Hash identifier: VHJui6zHwYgY2cN/lqKSQFLIt+m6q3pNicalrlY8cPY=
Subject key identifier: 32:0F:89:D8:3A:71:B9:A4:CA:11:CD:90:DA:30:20:49:4B:31:99:E0
Certificate issuer: /CN=6eec3f02205a4d34b05bb848e8b62b2ff5e50058
Certificate serial: 36DA18E55EB30CBA91024F262DB90B74476BEEFA
Authority key identifier: 6E:EC:3F:02:20:5A:4D:34:B0:5B:B8:48:E8:B6:2B:2F:F5:E5:00:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/buw_AiBaTTSwW7hI6LYrL_XlAFg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e97c29c1-31bd-4e09-81eb-7a199b3112a7/0/323030313a3637383a313064303a3a2f34382d3438203d3e20323133363035.roa
Signing time: Wed 13 Aug 2025 12:27:06 +0000
ROA not before: Wed 13 Aug 2025 12:22:06 +0000
ROA not after: Wed 12 Aug 2026 12:27:06 +0000
asID: 213605
IP address blocks: 2001:678:10d0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e97c29c1-31bd-4e09-81eb-7a199b3112a7/0/6EEC3F02205A4D34B05BB848E8B62B2FF5E50058.crl
rsync://rsync.paas.rpki.ripe.net/repository/e97c29c1-31bd-4e09-81eb-7a199b3112a7/0/6EEC3F02205A4D34B05BB848E8B62B2FF5E50058.mft
rsync://rpki.ripe.net/repository/DEFAULT/buw_AiBaTTSwW7hI6LYrL_XlAFg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Aug 2025 20:22:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:da:18:e5:5e:b3:0c:ba:91:02:4f:26:2d:b9:0b:74:47:6b:ee:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6eec3f02205a4d34b05bb848e8b62b2ff5e50058
Validity
Not Before: Aug 13 12:22:06 2025 GMT
Not After : Aug 12 12:27:06 2026 GMT
Subject: CN=320F89D83A71B9A4CA11CD90DA3020494B3199E0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:cf:65:bf:87:bf:13:0c:5c:1d:73:6c:6e:90:
f4:7b:5b:7c:11:d5:09:ff:45:04:94:41:a8:20:b3:
ef:d3:63:b0:81:2f:17:49:c8:5f:f2:0a:f6:f7:01:
cc:0a:2d:b6:bd:c0:fb:18:70:77:7f:02:99:45:38:
be:55:24:d5:b9:14:54:b9:18:a3:a5:c1:72:36:d3:
7e:8f:4d:00:7e:fd:b7:46:e9:36:be:aa:38:e9:9c:
c3:8f:86:bc:9e:33:75:a7:21:ff:44:73:21:a5:93:
5b:78:10:e7:64:30:4a:00:12:fb:04:7c:31:a7:87:
8e:4d:a9:4b:3e:d8:78:79:98:56:6e:18:c0:12:ed:
d9:4b:ee:89:0d:df:d9:ef:b5:35:66:71:3c:b1:61:
a8:34:3b:31:7f:8f:36:a2:ca:5a:b2:7a:70:09:b4:
55:38:0c:0c:fd:90:2f:86:a6:b2:fc:e4:95:b6:33:
cf:a6:72:71:1c:8c:97:d2:c6:4f:e0:90:07:9f:ca:
93:de:a7:f6:60:75:e3:db:15:98:52:5f:ca:ea:6b:
e8:a9:06:98:1c:eb:8a:7b:33:a5:79:05:05:a1:ae:
be:2d:d5:1c:92:44:3f:15:79:db:51:fe:0b:74:13:
5f:b0:1a:bc:58:0a:99:7d:da:73:5e:ef:5a:41:a0:
90:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:0F:89:D8:3A:71:B9:A4:CA:11:CD:90:DA:30:20:49:4B:31:99:E0
X509v3 Authority Key Identifier:
keyid:6E:EC:3F:02:20:5A:4D:34:B0:5B:B8:48:E8:B6:2B:2F:F5:E5:00:58
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e97c29c1-31bd-4e09-81eb-7a199b3112a7/0/6EEC3F02205A4D34B05BB848E8B62B2FF5E50058.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/buw_AiBaTTSwW7hI6LYrL_XlAFg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e97c29c1-31bd-4e09-81eb-7a199b3112a7/0/323030313a3637383a313064303a3a2f34382d3438203d3e20323133363035.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:10d0::/48
Signature Algorithm: sha256WithRSAEncryption
48:a2:7e:b2:5f:a2:94:bd:75:a2:4c:ce:2b:42:ac:67:90:ac:
a6:2d:a5:84:6f:24:4c:6a:82:05:9c:24:ad:89:11:f6:c2:7d:
98:38:df:5a:e7:a2:e3:c8:57:e6:dd:a9:7f:3c:68:5c:f0:b4:
4e:49:36:b8:14:0c:22:db:dc:57:c2:f7:e8:02:87:7f:1d:88:
98:35:09:76:23:7c:3e:ff:ad:77:58:0a:6d:24:a1:1b:ef:da:
04:55:78:9d:24:42:da:c2:e9:35:4b:0c:76:94:c0:5d:ea:84:
c2:2e:dd:5d:74:5a:66:a6:05:9d:28:db:0c:fe:77:23:92:28:
05:2c:5a:48:d3:0f:09:11:4f:25:44:ba:8d:b2:b3:a6:0e:1f:
36:20:96:82:b8:a2:0e:a5:1f:2a:e2:ea:87:ea:83:4d:4e:b0:
79:bf:4d:5b:63:8e:53:df:9b:b7:6b:77:88:0b:bc:18:79:67:
5e:09:70:d4:c4:d9:59:85:19:ff:cf:6c:2d:f4:7a:c4:7d:94:
a8:cf:bb:2d:fc:44:44:35:cf:dc:1f:24:aa:ac:a7:d6:c6:91:
f1:56:8e:71:5e:74:a9:85:84:ac:8d:ec:b3:2b:82:40:83:b8:
1c:21:d1:59:98:6a:72:65:c8:ba:e0:1c:00:0b:6a:b0:3c:40:
70:92:7f:b2
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgIUNtoY5V6zDLqRAk8mLbkLdEdr7vowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNmVlYzNmMDIyMDVhNGQzNGIwNWJiODQ4ZThiNjJiMmZm
NWU1MDA1ODAeFw0yNTA4MTMxMjIyMDZaFw0yNjA4MTIxMjI3MDZaMDMxMTAvBgNV
BAMTKDMyMEY4OUQ4M0E3MUI5QTRDQTExQ0Q5MERBMzAyMDQ5NEIzMTk5RTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMz2W/h78TDFwdc2xukPR7W3wR
1Qn/RQSUQaggs+/TY7CBLxdJyF/yCvb3AcwKLba9wPsYcHd/AplFOL5VJNW5FFS5
GKOlwXI2036PTQB+/bdG6Ta+qjjpnMOPhryeM3WnIf9EcyGlk1t4EOdkMEoAEvsE
fDGnh45NqUs+2Hh5mFZuGMAS7dlL7okN39nvtTVmcTyxYag0OzF/jzaiylqyenAJ
tFU4DAz9kC+GprL85JW2M8+mcnEcjJfSxk/gkAefypPep/ZgdePbFZhSX8rqa+ip
Bpgc64p7M6V5BQWhrr4t1RySRD8VedtR/gt0E1+wGrxYCpl92nNe71pBoJBHAgMB
AAGjggJIMIICRDAdBgNVHQ4EFgQUMg+J2DpxuaTKEc2Q2jAgSUsxmeAwHwYDVR0j
BBgwFoAUbuw/AiBaTTSwW7hI6LYrL/XlAFgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTk3YzI5YzEtMzFiZC00ZTA5LTgxZWItN2ExOTliMzEx
MmE3LzAvNkVFQzNGMDIyMDVBNEQzNEIwNUJCODQ4RThCNjJCMkZGNUU1MDA1OC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2J1d19BaUJhVFRTd1c3aEk2TFlyTF9Y
bEFGZy5jZXIwgbUGCCsGAQUFBwELBIGoMIGlMIGiBggrBgEFBQcwC4aBlXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTk3YzI5YzEt
MzFiZC00ZTA5LTgxZWItN2ExOTliMzExMmE3LzAvMzIzMDMwMzEzYTM2MzczODNh
MzEzMDY0MzAzYTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMjMxMzMzNjMwMzUucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8E
AgACMAkDBwAgAQZ4ENAwDQYJKoZIhvcNAQELBQADggEBAEiifrJfopS9daJMzitC
rGeQrKYtpYRvJExqggWcJK2JEfbCfZg431rnouPIV+bdqX88aFzwtE5JNrgUDCLb
3FfC9+gCh38diJg1CXYjfD7/rXdYCm0koRvv2gRVeJ0kQtrC6TVLDHaUwF3qhMIu
3V10WmamBZ0o2wz+dyOSKAUsWkjTDwkRTyVEuo2ys6YOHzYgloK4og6lHyri6ofq
g01OsHm/TVtjjlPfm7drd4gLvBh5Z14JcNTE2VmFGf/PbC30esR9lKjPuy38REQ1
z9wfJKqsp9bGkfFWjnFedKmFhKyN7LMrgkCDuBwh0VmYanJlyLrgHAALarA8QHCS
f7I=
-----END CERTIFICATE-----
Generated at Sat Aug 23 13:20:57 2025 by rpki-client