Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/326130343a626463373a3130303a3a2f34382d3438203d3e203633343733.roa
File: 326130343a626463373a3130303a3a2f34382d3438203d3e203633343733.roa (raw, json)
Hash identifier: DAuKEfQ1kcbktAKQTOZ4Lsh3r8TOkcHH2cWIseksVCI=
Subject key identifier: F2:06:E9:CA:5D:88:0D:ED:5F:BA:14:96:8F:4E:42:F3:53:C8:16:16
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 500A2DAE5E11B06C8BA652994F391E59A75E7B55
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/326130343a626463373a3130303a3a2f34382d3438203d3e203633343733.roa
Signing time: Mon 13 Oct 2025 08:47:51 +0000
ROA not before: Mon 13 Oct 2025 08:42:51 +0000
ROA not after: Mon 12 Oct 2026 08:47:51 +0000
asID: 63473
IP address blocks: 2a04:bdc7:100::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:14:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:0a:2d:ae:5e:11:b0:6c:8b:a6:52:99:4f:39:1e:59:a7:5e:7b:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Oct 13 08:42:51 2025 GMT
Not After : Oct 12 08:47:51 2026 GMT
Subject: CN=F206E9CA5D880DED5FBA14968F4E42F353C81616
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:96:f6:cf:a0:46:89:46:e9:39:9b:1e:24:5c:
5f:e4:fb:94:0a:a9:5b:d0:b9:62:eb:96:a2:28:87:
0c:65:da:41:5e:31:6c:10:02:3b:c2:0b:8d:32:12:
ab:07:e9:2f:49:89:9e:2d:14:54:ff:7d:07:d0:a4:
2c:ed:07:70:7e:6c:1d:e5:58:5e:37:d1:77:9a:24:
f3:18:29:e2:c2:da:2a:ee:80:5a:7c:0e:0b:fd:bf:
37:86:63:af:a6:2a:b3:24:5f:8a:b1:d1:fb:a4:8a:
2d:b7:d0:7f:a9:4a:03:d6:62:55:10:46:0d:fd:0f:
2a:8f:25:dd:58:1c:c4:e2:3d:a5:0d:af:c8:00:05:
9f:b0:6c:22:37:0d:22:c8:c2:e9:4a:0b:22:0a:89:
c7:d8:b9:a2:b1:7b:ab:d0:64:27:09:c7:bd:d6:42:
40:7c:2b:b5:7c:75:9f:ce:8e:7c:8e:0f:03:cd:15:
15:3c:b7:a2:c5:5e:3e:b8:3d:1c:13:92:4a:ee:b4:
4b:f0:7f:78:2b:61:15:9d:2c:df:47:f8:28:ce:1a:
4c:07:02:f5:7f:b6:f4:07:ec:69:06:03:00:27:f9:
14:c3:e7:21:ce:fd:b9:95:b0:43:f1:03:ea:93:80:
01:6f:1a:34:ca:d9:f6:b9:06:68:d9:8d:f0:c0:d5:
b1:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:06:E9:CA:5D:88:0D:ED:5F:BA:14:96:8F:4E:42:F3:53:C8:16:16
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/326130343a626463373a3130303a3a2f34382d3438203d3e203633343733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:bdc7:100::/48
Signature Algorithm: sha256WithRSAEncryption
49:52:2e:e8:f5:5f:63:80:63:b7:3c:78:d2:1f:84:47:99:5b:
f5:dd:e4:08:e6:f0:51:7e:4e:9d:96:79:91:5a:e4:b8:52:e9:
e3:8f:f8:3c:39:c3:d4:6e:bc:54:1c:0f:74:de:66:a2:f0:7f:
c3:aa:cc:dc:1f:93:f2:5e:c8:8d:da:93:7a:d7:1c:37:f9:2e:
ae:2c:c2:e6:0a:ad:a2:46:d0:93:28:a3:60:3b:ed:10:b6:ca:
ab:78:7c:5c:45:b1:d4:72:c3:c1:55:06:25:f2:5f:34:6d:54:
04:fc:3b:45:a7:d4:55:d7:e1:ea:39:b3:82:5d:0e:29:2b:31:
e5:b0:9c:9b:d8:54:8d:82:de:17:c0:a7:ea:0a:b7:6c:71:ac:
02:f8:ce:a7:c0:a8:62:69:12:0e:9b:4f:dd:8b:b7:b6:37:5d:
a7:bd:1a:b1:38:5b:11:5e:eb:57:79:6b:4e:99:7f:5a:f4:c4:
50:89:3c:3e:58:b4:77:ca:e6:29:7c:a8:4c:3b:27:41:18:46:
4c:8b:aa:f3:47:ec:3e:c1:c5:44:2a:e3:ad:7c:3a:52:ab:f5:
85:6d:23:1c:8d:b6:06:70:f5:b3:63:f0:3b:51:d0:85:70:26:
b8:5b:57:77:cc:ea:e1:75:58:8c:b2:60:3c:e0:c0:47:91:cd:
df:98:90:60
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUUAotrl4RsGyLplKZTzkeWadee1UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNTEwMTMwODQyNTFaFw0yNjEwMTIwODQ3NTFaMDMxMTAvBgNV
BAMTKEYyMDZFOUNBNUQ4ODBERUQ1RkJBMTQ5NjhGNEU0MkYzNTNDODE2MTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8lvbPoEaJRuk5mx4kXF/k+5QK
qVvQuWLrlqIohwxl2kFeMWwQAjvCC40yEqsH6S9JiZ4tFFT/fQfQpCztB3B+bB3l
WF430XeaJPMYKeLC2irugFp8Dgv9vzeGY6+mKrMkX4qx0fukii230H+pSgPWYlUQ
Rg39DyqPJd1YHMTiPaUNr8gABZ+wbCI3DSLIwulKCyIKicfYuaKxe6vQZCcJx73W
QkB8K7V8dZ/OjnyODwPNFRU8t6LFXj64PRwTkkrutEvwf3grYRWdLN9H+CjOGkwH
AvV/tvQH7GkGAwAn+RTD5yHO/bmVsEPxA+qTgAFvGjTK2fa5BmjZjfDA1bH9AgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQU8gbpyl2IDe1fuhSWj05C81PIFhYwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzI2MTMwMzQzYTYyNjQ2MzM3
M2EzMTMwMzAzYTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzNjMzMzQzNzMzLnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAKgS9xwEAMA0GCSqGSIb3DQEBCwUAA4IBAQBJUi7o9V9jgGO3PHjSH4RH
mVv13eQI5vBRfk6dlnmRWuS4Uunjj/g8OcPUbrxUHA903mai8H/DqszcH5PyXsiN
2pN61xw3+S6uLMLmCq2iRtCTKKNgO+0QtsqreHxcRbHUcsPBVQYl8l80bVQE/DtF
p9RV1+HqObOCXQ4pKzHlsJyb2FSNgt4XwKfqCrdscawC+M6nwKhiaRIOm0/di7e2
N12nvRqxOFsRXutXeWtOmX9a9MRQiTw+WLR3yuYpfKhMOydBGEZMi6rzR+w+wcVE
KuOtfDpSq/WFbSMcjbYGcPWzY/A7UdCFcCa4W1d3zOrhdViMsmA84MBHkc3fmJBg
-----END CERTIFICATE-----
Generated at Mon Oct 20 17:36:50 2025 by rpki-client