Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e97c29c1-31bd-4e09-81eb-7a199b3112a7/0/323030313a3637383a3132303a3a2f34382d3438203d3e20323130343430.roa
File: 323030313a3637383a3132303a3a2f34382d3438203d3e20323130343430.roa (raw, json)
Hash identifier: 3JOlOMWoYZ7ee5pmLfyLbybRVsig7FZpDzlml2RzXwE=
Subject key identifier: B1:0C:3D:FA:56:D1:04:8B:2A:FF:45:8F:DA:94:AE:CD:6B:E8:22:73
Certificate issuer: /CN=6eec3f02205a4d34b05bb848e8b62b2ff5e50058
Certificate serial: 7E769D3D2A17C58DA2003988FFBAAB41552F9401
Authority key identifier: 6E:EC:3F:02:20:5A:4D:34:B0:5B:B8:48:E8:B6:2B:2F:F5:E5:00:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/buw_AiBaTTSwW7hI6LYrL_XlAFg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e97c29c1-31bd-4e09-81eb-7a199b3112a7/0/323030313a3637383a3132303a3a2f34382d3438203d3e20323130343430.roa
Signing time: Sun 17 Aug 2025 13:26:34 +0000
ROA not before: Sun 17 Aug 2025 13:21:34 +0000
ROA not after: Sun 16 Aug 2026 13:26:34 +0000
asID: 210440
IP address blocks: 2001:678:120::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e97c29c1-31bd-4e09-81eb-7a199b3112a7/0/6EEC3F02205A4D34B05BB848E8B62B2FF5E50058.crl
rsync://rsync.paas.rpki.ripe.net/repository/e97c29c1-31bd-4e09-81eb-7a199b3112a7/0/6EEC3F02205A4D34B05BB848E8B62B2FF5E50058.mft
rsync://rpki.ripe.net/repository/DEFAULT/buw_AiBaTTSwW7hI6LYrL_XlAFg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 12:50:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:76:9d:3d:2a:17:c5:8d:a2:00:39:88:ff:ba:ab:41:55:2f:94:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6eec3f02205a4d34b05bb848e8b62b2ff5e50058
Validity
Not Before: Aug 17 13:21:34 2025 GMT
Not After : Aug 16 13:26:34 2026 GMT
Subject: CN=B10C3DFA56D1048B2AFF458FDA94AECD6BE82273
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:77:f3:c6:47:fd:c2:b1:6a:82:33:90:fd:89:
07:a0:7c:6f:55:93:7a:be:7b:79:d5:ab:85:da:5c:
d4:86:b2:d3:fd:66:aa:62:29:d2:3f:1f:92:e1:f9:
3b:71:d4:38:95:ac:c9:1c:89:da:84:1e:a9:5f:17:
ed:2a:63:87:46:f3:37:e6:b9:98:33:24:cd:f7:51:
2e:40:ee:db:4f:46:72:97:0a:67:39:bc:e4:b8:49:
b3:ad:af:df:ca:15:5d:66:45:03:8f:5f:8b:28:72:
5e:41:50:62:46:d7:08:a7:07:c1:24:6c:ca:92:74:
53:2e:6c:fe:cb:f6:95:6f:01:f9:72:ce:63:6c:96:
6a:e2:18:67:d4:56:42:c0:e9:e7:59:98:82:d1:17:
b4:44:35:13:fc:73:73:03:92:60:8a:2c:35:08:2e:
8e:54:23:82:08:9b:27:6a:b1:bd:c9:2c:84:d7:1a:
ad:cb:bb:be:4d:e9:88:09:e3:43:c1:d5:f9:bf:ec:
f0:13:cf:a3:8b:e5:ca:31:f4:81:ca:e3:5f:ab:7a:
bb:62:61:14:23:32:88:37:92:e5:a0:bb:a4:b6:4d:
ac:05:16:ac:96:81:f4:0f:ae:6f:66:7a:f4:b9:6d:
79:d9:c9:a7:7d:55:58:fe:c3:28:db:05:35:30:29:
2a:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:0C:3D:FA:56:D1:04:8B:2A:FF:45:8F:DA:94:AE:CD:6B:E8:22:73
X509v3 Authority Key Identifier:
keyid:6E:EC:3F:02:20:5A:4D:34:B0:5B:B8:48:E8:B6:2B:2F:F5:E5:00:58
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e97c29c1-31bd-4e09-81eb-7a199b3112a7/0/6EEC3F02205A4D34B05BB848E8B62B2FF5E50058.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/buw_AiBaTTSwW7hI6LYrL_XlAFg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e97c29c1-31bd-4e09-81eb-7a199b3112a7/0/323030313a3637383a3132303a3a2f34382d3438203d3e20323130343430.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:120::/48
Signature Algorithm: sha256WithRSAEncryption
b9:98:bd:21:da:68:ec:ff:97:8f:02:a5:4a:b9:83:cf:2b:77:
99:19:43:a6:9d:26:ba:51:48:d1:ca:47:37:a1:f9:76:7c:e4:
b1:c7:f4:b6:64:c4:9e:3a:e5:e8:b5:35:35:e3:f6:f4:85:c3:
41:d5:2d:e0:f8:95:d3:a0:2d:05:a7:99:77:74:7c:28:25:99:
59:75:be:4c:03:c1:47:30:85:eb:53:fd:7e:27:12:40:30:17:
f7:e9:b9:dd:ce:32:f2:80:57:53:56:4f:39:d4:44:ad:a3:2c:
69:5f:2e:f8:ee:ad:35:50:d3:6f:69:be:7a:1e:36:56:ad:f0:
10:22:66:fe:84:6a:e8:2e:96:7f:10:e9:a1:63:31:17:dc:b3:
cf:eb:aa:a9:5d:11:3d:7b:41:be:51:b5:ed:91:d0:62:d3:19:
a3:78:64:87:80:3e:ee:e9:50:b1:af:00:c8:53:e4:94:e6:8c:
d6:4c:88:14:49:df:ba:82:eb:5d:82:82:14:57:4a:7e:1c:e7:
2e:ae:55:5b:a2:41:9d:51:05:11:fb:ab:e2:6a:6b:79:45:de:
51:1b:6d:45:9f:ab:31:ad:c7:a2:17:84:1b:ed:ac:cd:84:89:
65:51:f2:a1:e9:22:ad:0b:3c:c6:bd:29:d4:d2:b0:3e:a5:06:
38:8f:aa:ff
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUfnadPSoXxY2iADmI/7qrQVUvlAEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNmVlYzNmMDIyMDVhNGQzNGIwNWJiODQ4ZThiNjJiMmZm
NWU1MDA1ODAeFw0yNTA4MTcxMzIxMzRaFw0yNjA4MTYxMzI2MzRaMDMxMTAvBgNV
BAMTKEIxMEMzREZBNTZEMTA0OEIyQUZGNDU4RkRBOTRBRUNENkJFODIyNzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDed/PGR/3CsWqCM5D9iQegfG9V
k3q+e3nVq4XaXNSGstP9ZqpiKdI/H5Lh+Ttx1DiVrMkcidqEHqlfF+0qY4dG8zfm
uZgzJM33US5A7ttPRnKXCmc5vOS4SbOtr9/KFV1mRQOPX4socl5BUGJG1winB8Ek
bMqSdFMubP7L9pVvAflyzmNslmriGGfUVkLA6edZmILRF7RENRP8c3MDkmCKLDUI
Lo5UI4IImydqsb3JLITXGq3Lu75N6YgJ40PB1fm/7PATz6OL5cox9IHK41+rerti
YRQjMog3kuWgu6S2TawFFqyWgfQPrm9mevS5bXnZyad9VVj+wyjbBTUwKSpHAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUsQw9+lbRBIsq/0WP2pSuzWvoInMwHwYDVR0j
BBgwFoAUbuw/AiBaTTSwW7hI6LYrL/XlAFgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTk3YzI5YzEtMzFiZC00ZTA5LTgxZWItN2ExOTliMzEx
MmE3LzAvNkVFQzNGMDIyMDVBNEQzNEIwNUJCODQ4RThCNjJCMkZGNUU1MDA1OC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2J1d19BaUJhVFRTd1c3aEk2TFlyTF9Y
bEFGZy5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTk3YzI5YzEt
MzFiZC00ZTA5LTgxZWItN2ExOTliMzExMmE3LzAvMzIzMDMwMzEzYTM2MzczODNh
MzEzMjMwM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzMTMwMzQzNDMwLnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAIAEGeAEgMA0GCSqGSIb3DQEBCwUAA4IBAQC5mL0h2mjs/5ePAqVKuYPP
K3eZGUOmnSa6UUjRykc3ofl2fOSxx/S2ZMSeOuXotTU14/b0hcNB1S3g+JXToC0F
p5l3dHwoJZlZdb5MA8FHMIXrU/1+JxJAMBf36bndzjLygFdTVk851EStoyxpXy74
7q01UNNvab56HjZWrfAQImb+hGroLpZ/EOmhYzEX3LPP66qpXRE9e0G+UbXtkdBi
0xmjeGSHgD7u6VCxrwDIU+SU5ozWTIgUSd+6gutdgoIUV0p+HOcurlVbokGdUQUR
+6viamt5Rd5RG21Fn6sxrceiF4Qb7azNhIllUfKh6SKtCzzGvSnU0rA+pQY4j6r/
-----END CERTIFICATE-----
Generated at Sat Aug 23 17:54:07 2025 by rpki-client