Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/878a1856-8347-4b8f-af52-d3316e8a0769/0/323030313a3637383a313064303a3a2f34382d3438203d3e20323130343430.roa
File: 323030313a3637383a313064303a3a2f34382d3438203d3e20323130343430.roa (raw, json)
Hash identifier: OENIfL5LdwDXNnHydIuzLY0aPGCuWDVK5DktiJALMcg=
Subject key identifier: CD:6C:4C:11:7F:87:18:6B:96:F3:B0:A2:B5:8E:55:B8:A5:A1:A6:EB
Certificate issuer: /CN=c0d6d353c935e0fe15c81690dca11d31ed250300
Certificate serial: 28249CF6FF9BF9EB95AA4BCCAAB0D9FC4A758A12
Authority key identifier: C0:D6:D3:53:C9:35:E0:FE:15:C8:16:90:DC:A1:1D:31:ED:25:03:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wNbTU8k14P4VyBaQ3KEdMe0lAwA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/878a1856-8347-4b8f-af52-d3316e8a0769/0/323030313a3637383a313064303a3a2f34382d3438203d3e20323130343430.roa
Signing time: Wed 16 Jul 2025 12:02:01 +0000
ROA not before: Wed 16 Jul 2025 11:57:01 +0000
ROA not after: Wed 15 Jul 2026 12:02:01 +0000
asID: 210440
IP address blocks: 2001:678:10d0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/878a1856-8347-4b8f-af52-d3316e8a0769/0/C0D6D353C935E0FE15C81690DCA11D31ED250300.crl
rsync://rsync.paas.rpki.ripe.net/repository/878a1856-8347-4b8f-af52-d3316e8a0769/0/C0D6D353C935E0FE15C81690DCA11D31ED250300.mft
rsync://rpki.ripe.net/repository/DEFAULT/wNbTU8k14P4VyBaQ3KEdMe0lAwA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 16:21:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:24:9c:f6:ff:9b:f9:eb:95:aa:4b:cc:aa:b0:d9:fc:4a:75:8a:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c0d6d353c935e0fe15c81690dca11d31ed250300
Validity
Not Before: Jul 16 11:57:01 2025 GMT
Not After : Jul 15 12:02:01 2026 GMT
Subject: CN=CD6C4C117F87186B96F3B0A2B58E55B8A5A1A6EB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:35:15:0a:5d:2a:e9:bb:0b:1c:36:8e:bb:4a:
57:5a:3c:90:d9:d3:12:32:6a:97:0f:b2:6c:13:9a:
3b:c7:2e:d1:b5:91:82:1d:2a:93:8c:74:93:d9:1d:
ac:a8:e4:c2:ce:d2:64:ab:34:8b:b2:4d:34:a5:f5:
81:2f:eb:a1:2e:a2:a8:e6:a8:1e:7f:ea:8f:d8:a1:
48:73:a2:0f:fb:bf:e1:ad:1e:7b:cd:41:37:ab:4d:
72:92:92:6f:4a:26:39:58:40:25:3b:2e:78:76:a3:
a8:64:b2:38:3f:13:18:d0:55:06:05:04:c2:82:a7:
3c:0c:44:4a:90:24:ce:c5:4a:d7:3d:bc:a3:d3:06:
3d:eb:45:82:ed:11:2d:c0:25:c2:e5:e2:bc:90:30:
2c:ad:fb:d8:eb:11:d1:4d:34:e8:93:f1:46:d8:1d:
4b:81:33:34:49:ef:da:54:ba:f0:cc:1b:23:e9:e7:
f7:33:fa:bb:80:da:8f:4d:42:b0:e3:19:f5:ee:aa:
99:a9:31:43:a1:2c:6d:ee:53:64:19:73:c9:a7:d5:
83:a7:0e:9f:77:1e:85:de:3a:7e:bd:74:30:61:4a:
e1:50:26:65:5a:ae:30:66:8a:91:01:73:b4:2e:6b:
ec:34:68:80:cb:eb:dd:4f:f5:89:2d:84:e0:d4:f6:
61:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:6C:4C:11:7F:87:18:6B:96:F3:B0:A2:B5:8E:55:B8:A5:A1:A6:EB
X509v3 Authority Key Identifier:
keyid:C0:D6:D3:53:C9:35:E0:FE:15:C8:16:90:DC:A1:1D:31:ED:25:03:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/878a1856-8347-4b8f-af52-d3316e8a0769/0/C0D6D353C935E0FE15C81690DCA11D31ED250300.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wNbTU8k14P4VyBaQ3KEdMe0lAwA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/878a1856-8347-4b8f-af52-d3316e8a0769/0/323030313a3637383a313064303a3a2f34382d3438203d3e20323130343430.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:10d0::/48
Signature Algorithm: sha256WithRSAEncryption
a5:be:9c:33:38:d6:f7:88:45:b7:03:fb:a5:b5:21:99:23:c9:
41:3e:55:65:71:29:7e:ce:a5:67:95:c9:5d:91:f0:49:c2:af:
9b:88:ed:ed:aa:cd:69:b1:37:0b:b6:cd:25:10:0a:ea:6f:6b:
20:6a:ec:1b:f1:1c:c7:cf:28:6b:2a:c9:3d:d7:0d:e1:32:1a:
9e:5a:c8:de:4f:c3:10:c2:f5:98:03:64:da:10:13:f2:c7:40:
d2:29:73:e9:97:4e:df:d7:aa:50:04:65:c8:de:ab:c0:f4:83:
ce:7f:f0:81:d9:57:1b:9e:41:f0:40:08:d7:83:b4:38:6a:ef:
76:07:d8:f1:16:76:33:d6:0a:e3:b9:8d:6b:e2:64:53:cb:3c:
2c:97:3e:1a:3c:1d:7a:84:36:15:c5:fe:f4:c3:cb:b9:f9:8c:
2f:b4:0d:89:fe:e6:bc:09:ab:05:28:64:31:8e:1f:ee:8e:e3:
8f:43:ec:25:5b:14:e9:5b:68:86:a3:e5:d6:04:bb:16:e8:18:
05:71:58:f4:f0:3b:db:2a:12:cf:03:e4:a1:da:0c:e5:fd:eb:
a6:77:83:73:4d:18:62:2b:20:3a:f2:37:bf:b8:47:34:7e:2f:
40:bb:a6:e4:fb:28:f9:8f:d7:26:fd:90:37:8b:1d:f8:fd:08:
26:cd:18:11
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgIUKCSc9v+b+euVqkvMqrDZ/Ep1ihIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzBkNmQzNTNjOTM1ZTBmZTE1YzgxNjkwZGNhMTFkMzFl
ZDI1MDMwMDAeFw0yNTA3MTYxMTU3MDFaFw0yNjA3MTUxMjAyMDFaMDMxMTAvBgNV
BAMTKENENkM0QzExN0Y4NzE4NkI5NkYzQjBBMkI1OEU1NUI4QTVBMUE2RUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqNRUKXSrpuwscNo67SldaPJDZ
0xIyapcPsmwTmjvHLtG1kYIdKpOMdJPZHayo5MLO0mSrNIuyTTSl9YEv66Euoqjm
qB5/6o/YoUhzog/7v+GtHnvNQTerTXKSkm9KJjlYQCU7Lnh2o6hksjg/ExjQVQYF
BMKCpzwMREqQJM7FStc9vKPTBj3rRYLtES3AJcLl4ryQMCyt+9jrEdFNNOiT8UbY
HUuBMzRJ79pUuvDMGyPp5/cz+ruA2o9NQrDjGfXuqpmpMUOhLG3uU2QZc8mn1YOn
Dp93HoXeOn69dDBhSuFQJmVarjBmipEBc7Qua+w0aIDL691P9YkthODU9mGtAgMB
AAGjggJIMIICRDAdBgNVHQ4EFgQUzWxMEX+HGGuW87CitY5VuKWhpuswHwYDVR0j
BBgwFoAUwNbTU8k14P4VyBaQ3KEdMe0lAwAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODc4YTE4NTYtODM0Ny00YjhmLWFmNTItZDMzMTZlOGEw
NzY5LzAvQzBENkQzNTNDOTM1RTBGRTE1QzgxNjkwRENBMTFEMzFFRDI1MDMwMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dOYlRVOGsxNFA0VnlCYVEzS0VkTWUw
bEF3QS5jZXIwgbUGCCsGAQUFBwELBIGoMIGlMIGiBggrBgEFBQcwC4aBlXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODc4YTE4NTYt
ODM0Ny00YjhmLWFmNTItZDMzMTZlOGEwNzY5LzAvMzIzMDMwMzEzYTM2MzczODNh
MzEzMDY0MzAzYTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMjMxMzAzNDM0MzAucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8E
AgACMAkDBwAgAQZ4ENAwDQYJKoZIhvcNAQELBQADggEBAKW+nDM41veIRbcD+6W1
IZkjyUE+VWVxKX7OpWeVyV2R8EnCr5uI7e2qzWmxNwu2zSUQCupvayBq7BvxHMfP
KGsqyT3XDeEyGp5ayN5PwxDC9ZgDZNoQE/LHQNIpc+mXTt/XqlAEZcjeq8D0g85/
8IHZVxueQfBACNeDtDhq73YH2PEWdjPWCuO5jWviZFPLPCyXPho8HXqENhXF/vTD
y7n5jC+0DYn+5rwJqwUoZDGOH+6O449D7CVbFOlbaIaj5dYEuxboGAVxWPTwO9sq
Es8D5KHaDOX966Z3g3NNGGIrIDryN7+4RzR+L0C7puT7KPmP1yb9kDeLHfj9CCbN
GBE=
-----END CERTIFICATE-----
Generated at Mon Jul 21 01:55:53 2025 by rpki-client