Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ff7a989-ecdf-43d6-86e1-f6c3935b9b3d/4/326131343a366634343a65663a3a2f34382d3438203d3e20323136303338.roa
File: 326131343a366634343a65663a3a2f34382d3438203d3e20323136303338.roa (raw, json)
Hash identifier: QG09fxLJtKa1Y7d6YZoiVLo1F1ttiuWxvVNqxNhuPNo=
Subject key identifier: 4F:21:1E:52:EC:FA:64:83:BB:DE:7A:35:C6:0D:7E:90:C0:21:BD:74
Certificate issuer: /CN=3eeebb946a8d21d4083c93dc09cee557bb2ac32e
Certificate serial: 7694C1C723587E5579F8FC94A569E27C671B4813
Authority key identifier: 3E:EE:BB:94:6A:8D:21:D4:08:3C:93:DC:09:CE:E5:57:BB:2A:C3:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pu67lGqNIdQIPJPcCc7lV7sqwy4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ff7a989-ecdf-43d6-86e1-f6c3935b9b3d/4/326131343a366634343a65663a3a2f34382d3438203d3e20323136303338.roa
Signing time: Mon 21 Jul 2025 12:32:34 +0000
ROA not before: Mon 21 Jul 2025 12:27:34 +0000
ROA not after: Mon 20 Jul 2026 12:32:34 +0000
asID: 216038
IP address blocks: 2a14:6f44:ef::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ff7a989-ecdf-43d6-86e1-f6c3935b9b3d/4/3EEEBB946A8D21D4083C93DC09CEE557BB2AC32E.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ff7a989-ecdf-43d6-86e1-f6c3935b9b3d/4/3EEEBB946A8D21D4083C93DC09CEE557BB2AC32E.mft
rsync://rpki.ripe.net/repository/DEFAULT/Pu67lGqNIdQIPJPcCc7lV7sqwy4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 26 Jul 2025 21:50:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:94:c1:c7:23:58:7e:55:79:f8:fc:94:a5:69:e2:7c:67:1b:48:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3eeebb946a8d21d4083c93dc09cee557bb2ac32e
Validity
Not Before: Jul 21 12:27:34 2025 GMT
Not After : Jul 20 12:32:34 2026 GMT
Subject: CN=4F211E52ECFA6483BBDE7A35C60D7E90C021BD74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:73:84:2e:2f:26:f0:15:0f:58:3a:81:d0:e1:
7e:ca:59:22:12:c6:d7:ca:6f:a3:98:7e:3a:12:53:
72:83:16:d2:64:7c:8a:87:3e:aa:6a:ac:a1:44:b6:
e2:cc:ec:16:5b:f0:53:ef:34:14:2d:98:8a:ea:a3:
65:48:59:64:08:85:ad:37:6c:ea:5a:8f:62:ea:07:
91:8c:3d:a2:44:91:62:09:88:27:26:7f:c1:39:c7:
ea:a9:48:89:24:ff:d6:bd:cf:85:32:3b:1a:a0:30:
34:be:18:f9:63:dc:9a:52:17:6f:01:fa:5e:0d:03:
3c:c2:04:37:3f:da:ad:cb:af:66:2c:4a:57:dd:f5:
1e:a2:8b:42:0e:12:80:94:1f:d1:22:f0:82:0e:84:
4f:06:0f:83:47:a7:27:65:25:a5:0e:f6:d8:24:22:
11:f6:55:75:a0:6e:4e:da:e6:02:17:7b:11:50:f9:
fb:cc:f2:41:9c:8b:e1:43:61:06:5b:e6:29:81:a7:
74:54:d3:d2:ad:49:bf:2b:a2:cd:9d:00:0e:86:a7:
b7:8d:53:69:7c:fa:fb:86:1a:b5:85:d1:88:c5:d3:
53:9c:36:35:48:1b:a7:98:04:d8:a0:90:40:d5:8f:
49:3f:57:84:4e:24:b6:21:7c:da:ff:fb:38:75:13:
e8:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:21:1E:52:EC:FA:64:83:BB:DE:7A:35:C6:0D:7E:90:C0:21:BD:74
X509v3 Authority Key Identifier:
keyid:3E:EE:BB:94:6A:8D:21:D4:08:3C:93:DC:09:CE:E5:57:BB:2A:C3:2E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ff7a989-ecdf-43d6-86e1-f6c3935b9b3d/4/3EEEBB946A8D21D4083C93DC09CEE557BB2AC32E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pu67lGqNIdQIPJPcCc7lV7sqwy4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ff7a989-ecdf-43d6-86e1-f6c3935b9b3d/4/326131343a366634343a65663a3a2f34382d3438203d3e20323136303338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:6f44:ef::/48
Signature Algorithm: sha256WithRSAEncryption
6e:9d:2b:90:ad:e9:bb:f0:83:31:71:5c:d5:4e:12:a9:ed:de:
25:9a:e4:64:2f:f5:47:49:9c:f6:bf:54:6c:da:15:d1:a0:94:
1b:43:cd:91:11:12:1d:b1:06:d8:ba:a4:8d:c4:41:70:1b:b0:
86:31:c9:6a:2a:d7:73:e8:59:ac:62:ab:a3:e5:6b:55:24:86:
51:04:c8:db:80:21:c4:a1:33:0c:db:9a:06:dd:5d:74:18:80:
22:62:29:89:25:19:3d:62:2b:87:0e:4b:84:4b:4a:2b:e1:95:
13:76:3b:f5:2c:94:4d:f0:0a:80:b5:69:2c:c3:52:b3:a7:4d:
fe:3e:a1:71:90:f9:c0:68:71:b4:58:42:71:c2:82:5f:6e:a1:
19:84:c7:ec:36:04:20:0b:d8:1a:06:48:fb:a2:7e:8b:26:a6:
16:9e:f7:90:74:a0:55:27:e7:e0:7e:5d:bc:f1:c9:f6:4f:f1:
25:42:ed:37:1d:5a:7c:0d:bc:5e:39:ea:b4:b3:e2:06:41:17:
27:13:9b:75:ba:36:b5:45:94:b9:50:8f:42:09:df:c4:e4:ba:
43:15:50:0b:b6:19:88:36:ae:a5:6e:c7:e6:7b:aa:7e:d8:34:
76:dd:33:36:97:6e:7c:2a:b1:1e:a3:a9:52:21:60:b9:7f:85:
a6:b8:77:b3
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUdpTBxyNYflV5+PyUpWnifGcbSBMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2VlZWJiOTQ2YThkMjFkNDA4M2M5M2RjMDljZWU1NTdi
YjJhYzMyZTAeFw0yNTA3MjExMjI3MzRaFw0yNjA3MjAxMjMyMzRaMDMxMTAvBgNV
BAMTKDRGMjExRTUyRUNGQTY0ODNCQkRFN0EzNUM2MEQ3RTkwQzAyMUJENzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCTc4QuLybwFQ9YOoHQ4X7KWSIS
xtfKb6OYfjoSU3KDFtJkfIqHPqpqrKFEtuLM7BZb8FPvNBQtmIrqo2VIWWQIha03
bOpaj2LqB5GMPaJEkWIJiCcmf8E5x+qpSIkk/9a9z4UyOxqgMDS+GPlj3JpSF28B
+l4NAzzCBDc/2q3Lr2YsSlfd9R6ii0IOEoCUH9Ei8IIOhE8GD4NHpydlJaUO9tgk
IhH2VXWgbk7a5gIXexFQ+fvM8kGci+FDYQZb5imBp3RU09KtSb8ros2dAA6Gp7eN
U2l8+vuGGrWF0YjF01OcNjVIG6eYBNigkEDVj0k/V4ROJLYhfNr/+zh1E+h7AgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUTyEeUuz6ZIO73no1xg1+kMAhvXQwHwYDVR0j
BBgwFoAUPu67lGqNIdQIPJPcCc7lV7sqwy4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmZmN2E5ODktZWNkZi00M2Q2LTg2ZTEtZjZjMzkzNWI5
YjNkLzQvM0VFRUJCOTQ2QThEMjFENDA4M0M5M0RDMDlDRUU1NTdCQjJBQzMyRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1B1NjdsR3FOSWRRSVBKUGNDYzdsVjdz
cXd5NC5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmZmN2E5ODkt
ZWNkZi00M2Q2LTg2ZTEtZjZjMzkzNWI5YjNkLzQvMzI2MTMxMzQzYTM2NjYzNDM0
M2E2NTY2M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzMTM2MzAzMzM4LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAKhRvRADvMA0GCSqGSIb3DQEBCwUAA4IBAQBunSuQrem78IMxcVzVThKp
7d4lmuRkL/VHSZz2v1Rs2hXRoJQbQ82RERIdsQbYuqSNxEFwG7CGMclqKtdz6Fms
Yquj5WtVJIZRBMjbgCHEoTMM25oG3V10GIAiYimJJRk9YiuHDkuES0or4ZUTdjv1
LJRN8AqAtWksw1Kzp03+PqFxkPnAaHG0WEJxwoJfbqEZhMfsNgQgC9gaBkj7on6L
JqYWnveQdKBVJ+fgfl288cn2T/ElQu03HVp8DbxeOeq0s+IGQRcnE5t1uja1RZS5
UI9CCd/E5LpDFVALthmINq6lbsfme6p+2DR23TM2l258KrEeo6lSIWC5f4WmuHez
-----END CERTIFICATE-----
Generated at Sat Jul 26 06:37:38 2025 by rpki-client