Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a35303a3a2f34382d3438203d3e203134363138.roa
File: 326131313a323963303a35303a3a2f34382d3438203d3e203134363138.roa (raw, json)
Hash identifier: ePnd0+eYy7jNJZaDxG/Wu/CVikj4f71W7AHSuBDISAQ=
Subject key identifier: A4:5D:81:60:22:47:2D:F1:22:71:40:CA:CE:E9:F1:50:B8:8D:76:0B
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 59EC65809B3D463BA627B64E5F813D24E4674E08
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a35303a3a2f34382d3438203d3e203134363138.roa
Signing time: Thu 11 Sep 2025 01:59:36 +0000
ROA not before: Thu 11 Sep 2025 01:54:36 +0000
ROA not after: Thu 10 Sep 2026 01:59:36 +0000
asID: 14618
IP address blocks: 2a11:29c0:50::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 Oct 2025 13:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:ec:65:80:9b:3d:46:3b:a6:27:b6:4e:5f:81:3d:24:e4:67:4e:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: Sep 11 01:54:36 2025 GMT
Not After : Sep 10 01:59:36 2026 GMT
Subject: CN=A45D816022472DF1227140CACEE9F150B88D760B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:8f:7d:22:0d:ac:9e:a7:bd:54:0d:26:f4:75:
03:ec:fd:2e:5d:14:85:67:a8:b0:39:db:29:1c:81:
1d:2a:70:0f:77:44:0b:07:4b:45:6c:92:73:f3:48:
6e:97:9f:8c:57:fe:08:06:6f:f8:9d:a5:c2:a0:23:
97:fe:80:e3:1f:a8:dd:02:64:43:0d:a3:93:c0:af:
3c:71:0e:70:03:6b:45:d3:4e:d4:78:ef:6e:d6:29:
f4:26:9d:2e:6e:e3:ca:94:ba:c4:7b:de:3a:ee:0c:
d5:3f:8a:3b:84:d3:3e:46:2c:5d:02:f2:e4:80:90:
e4:97:61:e5:24:e3:64:53:63:9d:b9:b6:ef:59:30:
d0:83:dc:5f:b0:27:84:55:1a:fb:32:9e:ce:3c:cf:
11:ec:1f:b6:64:6b:a7:46:0b:df:51:69:1a:c4:de:
8c:08:1a:d4:20:b8:d2:3b:ff:70:59:e6:02:2f:31:
ec:e5:18:57:3f:76:1e:ee:8c:77:7e:36:ee:f5:df:
c2:db:c0:00:df:d5:37:f7:11:0c:12:ae:37:c0:a3:
73:a0:11:c6:56:f6:62:23:d3:30:05:1d:55:ce:94:
90:82:71:a4:78:ce:7f:12:5d:58:c3:55:59:ea:84:
e5:36:e1:c9:61:f7:94:87:c4:96:7b:51:c5:fd:cc:
32:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:5D:81:60:22:47:2D:F1:22:71:40:CA:CE:E9:F1:50:B8:8D:76:0B
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a35303a3a2f34382d3438203d3e203134363138.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:50::/48
Signature Algorithm: sha256WithRSAEncryption
9d:e2:bd:d5:ae:f9:de:7f:24:1b:85:b6:d0:a8:b6:d1:6c:a6:
f4:8b:9c:11:ea:0f:d9:ff:48:bf:97:18:92:59:44:ae:a0:7d:
6c:71:13:86:85:8b:20:d2:32:98:ec:ec:d9:30:d2:1f:82:64:
27:04:1d:cd:72:a8:71:8b:d9:e8:40:b7:27:81:0d:97:a5:a5:
41:ea:fd:1f:f0:6b:3b:f1:e6:69:56:c6:65:77:bd:72:5c:cb:
59:d1:24:a6:1c:95:76:cf:cc:03:f6:ea:6d:b4:af:1b:1d:41:
5e:24:d5:20:39:12:ab:27:6b:29:63:f6:59:2a:1d:74:91:f3:
cb:5a:b0:d6:6c:0a:65:7a:c2:4e:15:fe:2a:e1:57:c1:53:19:
ac:67:05:e3:1a:44:3d:3d:bd:96:58:f8:0f:08:1c:76:42:13:
b3:d1:0b:0b:ff:61:c3:c0:68:21:64:62:f3:91:77:e6:ec:76:
89:67:ca:ad:f5:fb:c4:a0:b5:84:85:2d:20:19:7b:24:e3:31:
a0:c5:11:ca:cd:90:a1:b4:0e:f8:ed:4b:10:fc:c3:22:76:a0:
17:f9:94:f3:1a:d4:a8:80:d9:6b:3e:da:91:5b:bb:42:6a:1a:
1d:23:fb:67:19:b7:d2:9a:74:f4:c2:34:23:d9:24:e9:a5:47:
f9:d4:ca:0d
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUWexlgJs9RjumJ7ZOX4E9JORnTggwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNTA5MTEwMTU0MzZaFw0yNjA5MTAwMTU5MzZaMDMxMTAvBgNV
BAMTKEE0NUQ4MTYwMjI0NzJERjEyMjcxNDBDQUNFRTlGMTUwQjg4RDc2MEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdj30iDayep71UDSb0dQPs/S5d
FIVnqLA52ykcgR0qcA93RAsHS0VsknPzSG6Xn4xX/ggGb/idpcKgI5f+gOMfqN0C
ZEMNo5PArzxxDnADa0XTTtR4727WKfQmnS5u48qUusR73jruDNU/ijuE0z5GLF0C
8uSAkOSXYeUk42RTY525tu9ZMNCD3F+wJ4RVGvsyns48zxHsH7Zka6dGC99RaRrE
3owIGtQguNI7/3BZ5gIvMezlGFc/dh7ujHd+Nu7138LbwADf1Tf3EQwSrjfAo3Og
EcZW9mIj0zAFHVXOlJCCcaR4zn8SXVjDVVnqhOU24clh95SHxJZ7UcX9zDJnAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUpF2BYCJHLfEicUDKzunxULiNdgswHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzNTMwM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzEzNDM2MzEzOC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHACoRKcAAUDANBgkqhkiG9w0BAQsFAAOCAQEAneK91a753n8kG4W20Ki20Wym
9IucEeoP2f9Iv5cYkllErqB9bHEThoWLINIymOzs2TDSH4JkJwQdzXKocYvZ6EC3
J4ENl6WlQer9H/BrO/HmaVbGZXe9clzLWdEkphyVds/MA/bqbbSvGx1BXiTVIDkS
qydrKWP2WSoddJHzy1qw1mwKZXrCThX+KuFXwVMZrGcF4xpEPT29llj4DwgcdkIT
s9ELC/9hw8BoIWRi85F35ux2iWfKrfX7xKC1hIUtIBl7JOMxoMURys2QobQO+O1L
EPzDInagF/mU8xrUqIDZaz7akVu7QmoaHSP7Zxm30pp09MI0I9kk6aVH+dTKDQ==
-----END CERTIFICATE-----
Generated at Wed Oct 8 22:58:42 2025 by rpki-client