Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e97c29c1-31bd-4e09-81eb-7a199b3112a7/0/323030313a3637383a3132303a3a2f34382d3438203d3e20313534313535.roa
File: 323030313a3637383a3132303a3a2f34382d3438203d3e20313534313535.roa (raw, json)
Hash identifier: 2Pi+0q4VWTcoAfcU1UOMRsINdXEduhCnC5i8NWJQ6O4=
Subject key identifier: 93:72:DE:80:E9:46:95:36:C0:8A:9F:6E:69:48:35:2A:02:BE:C0:3C
Certificate issuer: /CN=6eec3f02205a4d34b05bb848e8b62b2ff5e50058
Certificate serial: 1D09E7B3A911F6855B557683027BA5FA662F7803
Authority key identifier: 6E:EC:3F:02:20:5A:4D:34:B0:5B:B8:48:E8:B6:2B:2F:F5:E5:00:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/buw_AiBaTTSwW7hI6LYrL_XlAFg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e97c29c1-31bd-4e09-81eb-7a199b3112a7/0/323030313a3637383a3132303a3a2f34382d3438203d3e20313534313535.roa
Signing time: Sun 17 Aug 2025 13:22:44 +0000
ROA not before: Sun 17 Aug 2025 13:17:44 +0000
ROA not after: Sun 16 Aug 2026 13:22:44 +0000
asID: 154155
IP address blocks: 2001:678:120::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e97c29c1-31bd-4e09-81eb-7a199b3112a7/0/6EEC3F02205A4D34B05BB848E8B62B2FF5E50058.crl
rsync://rsync.paas.rpki.ripe.net/repository/e97c29c1-31bd-4e09-81eb-7a199b3112a7/0/6EEC3F02205A4D34B05BB848E8B62B2FF5E50058.mft
rsync://rpki.ripe.net/repository/DEFAULT/buw_AiBaTTSwW7hI6LYrL_XlAFg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 12:50:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:09:e7:b3:a9:11:f6:85:5b:55:76:83:02:7b:a5:fa:66:2f:78:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6eec3f02205a4d34b05bb848e8b62b2ff5e50058
Validity
Not Before: Aug 17 13:17:44 2025 GMT
Not After : Aug 16 13:22:44 2026 GMT
Subject: CN=9372DE80E9469536C08A9F6E6948352A02BEC03C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:a7:b6:3a:27:c6:c6:6e:a6:65:8a:0c:85:11:
53:e3:49:b4:d6:94:95:54:df:8b:18:5c:11:cc:57:
90:85:d6:98:23:d7:f5:45:68:82:58:b1:2e:8a:70:
bd:8a:fb:54:a2:1c:df:65:0c:8e:67:1f:f0:85:aa:
49:54:6a:b7:6c:12:17:9a:4d:78:bf:55:1f:23:ad:
70:99:de:ce:b7:41:ad:76:8e:6e:9b:64:df:71:da:
42:9e:c8:85:eb:6e:2a:a9:d8:00:ef:d8:64:86:d7:
44:9e:bc:e8:a6:76:8a:a4:8d:4c:e4:db:b5:c0:bc:
7f:a4:da:ac:b9:56:8c:41:a2:18:fc:68:bb:75:c8:
68:56:b4:ca:a1:0c:7c:e4:c9:88:73:9b:c2:39:b4:
17:61:03:97:14:c9:1b:f9:30:f6:1d:47:d3:b1:61:
b3:58:8b:56:b8:55:7a:fd:c8:ea:e2:bd:d1:77:d5:
96:b4:99:f6:04:03:bb:94:51:95:9f:16:46:12:4c:
0e:04:21:bf:bf:cf:af:11:8f:70:5d:77:bd:37:12:
fb:86:8d:c7:91:b0:d1:6e:b7:93:59:cb:72:f4:21:
68:16:40:4a:15:7b:52:05:e5:32:3e:0c:ef:2a:b3:
74:a7:74:70:d5:47:f3:2b:73:da:ac:3e:0a:a3:28:
a7:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:72:DE:80:E9:46:95:36:C0:8A:9F:6E:69:48:35:2A:02:BE:C0:3C
X509v3 Authority Key Identifier:
keyid:6E:EC:3F:02:20:5A:4D:34:B0:5B:B8:48:E8:B6:2B:2F:F5:E5:00:58
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e97c29c1-31bd-4e09-81eb-7a199b3112a7/0/6EEC3F02205A4D34B05BB848E8B62B2FF5E50058.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/buw_AiBaTTSwW7hI6LYrL_XlAFg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e97c29c1-31bd-4e09-81eb-7a199b3112a7/0/323030313a3637383a3132303a3a2f34382d3438203d3e20313534313535.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:120::/48
Signature Algorithm: sha256WithRSAEncryption
72:23:db:fe:d8:34:f0:d4:43:82:12:5a:8e:05:2f:16:6e:3f:
ce:d5:61:be:a9:76:28:bd:b5:5a:4e:26:f3:d6:91:c0:f5:b6:
05:b9:03:f8:d1:d1:3c:e0:b4:af:23:a9:7f:17:ec:63:0b:f6:
8a:9c:03:9e:b0:d5:b4:d0:7d:bd:e2:f0:30:b2:f9:ea:96:b2:
fc:9f:61:cb:03:7c:da:25:ab:1e:d3:77:49:9b:5c:40:fe:fa:
0b:28:a2:81:44:15:68:92:ac:a7:3a:3d:03:51:17:a9:f6:f3:
08:9e:a7:ae:56:64:01:d6:a9:c0:67:6c:93:f2:dc:d9:38:29:
89:d2:4f:fe:39:1f:ca:6e:2b:22:56:56:e8:6c:1a:1d:af:bb:
22:3e:9a:2b:dd:6b:b8:b7:a8:0d:46:0b:5e:ad:9f:7a:da:8a:
58:f9:7c:8e:6a:16:ef:09:0b:89:13:76:53:7c:ce:4f:ce:7b:
c4:89:92:51:d3:78:26:9e:ca:02:d5:94:17:62:ad:2a:80:9e:
16:ab:d1:e2:1a:3d:0c:db:22:f2:4c:de:48:55:64:b4:c4:51:
b7:7c:e2:6c:74:ae:0f:a9:b8:ea:e9:32:10:93:44:88:3e:da:
4b:79:c6:40:ac:32:2a:5a:1e:e5:8f:8a:e9:93:d1:7a:d1:70:
29:63:d2:83
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUHQnns6kR9oVbVXaDAnul+mYveAMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNmVlYzNmMDIyMDVhNGQzNGIwNWJiODQ4ZThiNjJiMmZm
NWU1MDA1ODAeFw0yNTA4MTcxMzE3NDRaFw0yNjA4MTYxMzIyNDRaMDMxMTAvBgNV
BAMTKDkzNzJERTgwRTk0Njk1MzZDMDhBOUY2RTY5NDgzNTJBMDJCRUMwM0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7p7Y6J8bGbqZligyFEVPjSbTW
lJVU34sYXBHMV5CF1pgj1/VFaIJYsS6KcL2K+1SiHN9lDI5nH/CFqklUardsEhea
TXi/VR8jrXCZ3s63Qa12jm6bZN9x2kKeyIXrbiqp2ADv2GSG10SevOimdoqkjUzk
27XAvH+k2qy5VoxBohj8aLt1yGhWtMqhDHzkyYhzm8I5tBdhA5cUyRv5MPYdR9Ox
YbNYi1a4VXr9yOrivdF31Za0mfYEA7uUUZWfFkYSTA4EIb+/z68Rj3Bdd703EvuG
jceRsNFut5NZy3L0IWgWQEoVe1IF5TI+DO8qs3SndHDVR/Mrc9qsPgqjKKc3AgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUk3LegOlGlTbAip9uaUg1KgK+wDwwHwYDVR0j
BBgwFoAUbuw/AiBaTTSwW7hI6LYrL/XlAFgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTk3YzI5YzEtMzFiZC00ZTA5LTgxZWItN2ExOTliMzEx
MmE3LzAvNkVFQzNGMDIyMDVBNEQzNEIwNUJCODQ4RThCNjJCMkZGNUU1MDA1OC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2J1d19BaUJhVFRTd1c3aEk2TFlyTF9Y
bEFGZy5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTk3YzI5YzEt
MzFiZC00ZTA5LTgxZWItN2ExOTliMzExMmE3LzAvMzIzMDMwMzEzYTM2MzczODNh
MzEzMjMwM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzEzNTM0MzEzNTM1LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAIAEGeAEgMA0GCSqGSIb3DQEBCwUAA4IBAQByI9v+2DTw1EOCElqOBS8W
bj/O1WG+qXYovbVaTibz1pHA9bYFuQP40dE84LSvI6l/F+xjC/aKnAOesNW00H29
4vAwsvnqlrL8n2HLA3zaJase03dJm1xA/voLKKKBRBVokqynOj0DURep9vMInqeu
VmQB1qnAZ2yT8tzZOCmJ0k/+OR/KbisiVlbobBodr7siPpor3Wu4t6gNRgterZ96
2opY+XyOahbvCQuJE3ZTfM5PznvEiZJR03gmnsoC1ZQXYq0qgJ4Wq9HiGj0M2yLy
TN5IVWS0xFG3fOJsdK4Pqbjq6TIQk0SIPtpLecZArDIqWh7lj4rpk9F60XApY9KD
-----END CERTIFICATE-----
Generated at Sat Aug 23 17:55:21 2025 by rpki-client