Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/878a1856-8347-4b8f-af52-d3316e8a0769/0/323030313a3637383a3132303a3a2f34382d3438203d3e20323133363035.roa
File: 323030313a3637383a3132303a3a2f34382d3438203d3e20323133363035.roa (raw, json)
Hash identifier: 5q/M4lb8Ofpk3VIN4n2HLQvoxlI5gi3EJUTq2JtSuDA=
Subject key identifier: 92:36:98:AC:41:67:1F:2F:F0:DA:77:F9:11:2B:2B:36:25:C2:E6:1F
Certificate issuer: /CN=c0d6d353c935e0fe15c81690dca11d31ed250300
Certificate serial: 54772E265F2050E89DBE0E52B4E37D6E9625BD99
Authority key identifier: C0:D6:D3:53:C9:35:E0:FE:15:C8:16:90:DC:A1:1D:31:ED:25:03:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wNbTU8k14P4VyBaQ3KEdMe0lAwA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/878a1856-8347-4b8f-af52-d3316e8a0769/0/323030313a3637383a3132303a3a2f34382d3438203d3e20323133363035.roa
Signing time: Wed 16 Jul 2025 12:03:22 +0000
ROA not before: Wed 16 Jul 2025 11:58:22 +0000
ROA not after: Wed 15 Jul 2026 12:03:22 +0000
asID: 213605
IP address blocks: 2001:678:120::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/878a1856-8347-4b8f-af52-d3316e8a0769/0/C0D6D353C935E0FE15C81690DCA11D31ED250300.crl
rsync://rsync.paas.rpki.ripe.net/repository/878a1856-8347-4b8f-af52-d3316e8a0769/0/C0D6D353C935E0FE15C81690DCA11D31ED250300.mft
rsync://rpki.ripe.net/repository/DEFAULT/wNbTU8k14P4VyBaQ3KEdMe0lAwA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 16:21:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:77:2e:26:5f:20:50:e8:9d:be:0e:52:b4:e3:7d:6e:96:25:bd:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c0d6d353c935e0fe15c81690dca11d31ed250300
Validity
Not Before: Jul 16 11:58:22 2025 GMT
Not After : Jul 15 12:03:22 2026 GMT
Subject: CN=923698AC41671F2FF0DA77F9112B2B3625C2E61F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:2f:63:b6:f7:c2:37:09:10:bf:2a:03:24:f8:
a7:cf:33:7d:7b:29:ab:d5:fb:b7:f4:f7:41:ac:6b:
4f:bb:0e:8a:69:69:f0:31:aa:1f:66:d7:4a:ae:cd:
a6:a8:08:79:f2:30:61:cf:2b:fb:06:18:61:5c:58:
f9:a8:52:a6:2e:c7:a3:4d:57:e4:cc:28:e1:42:2b:
18:23:ab:6e:60:a1:95:18:65:06:cd:8d:e1:12:ce:
c5:f8:a0:99:ec:bc:fd:ec:a2:48:b4:e3:05:d2:89:
ad:4c:c9:c2:59:9c:e9:09:56:23:d5:09:1f:85:bc:
e3:06:da:86:c9:d0:84:3a:a9:46:b2:bf:70:8b:3c:
e5:67:d0:4c:af:43:b2:ee:91:a1:31:f5:93:94:69:
18:a2:01:6c:a9:4e:46:dd:91:fc:53:44:7d:7c:bf:
93:1e:3c:63:80:1f:d8:11:7d:6f:31:e7:f0:b9:ac:
ee:c5:ab:10:19:87:a6:c4:0a:f3:54:fd:2a:58:66:
99:f4:0e:ea:b2:29:a5:3a:08:b5:d1:1f:04:01:45:
45:df:c6:05:82:34:1f:45:2d:af:6f:5a:54:11:80:
4c:11:79:33:ef:75:21:99:75:61:cc:d1:5b:0f:28:
88:64:73:f9:bb:8a:cd:9e:d7:10:db:84:dc:7d:1f:
d0:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:36:98:AC:41:67:1F:2F:F0:DA:77:F9:11:2B:2B:36:25:C2:E6:1F
X509v3 Authority Key Identifier:
keyid:C0:D6:D3:53:C9:35:E0:FE:15:C8:16:90:DC:A1:1D:31:ED:25:03:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/878a1856-8347-4b8f-af52-d3316e8a0769/0/C0D6D353C935E0FE15C81690DCA11D31ED250300.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wNbTU8k14P4VyBaQ3KEdMe0lAwA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/878a1856-8347-4b8f-af52-d3316e8a0769/0/323030313a3637383a3132303a3a2f34382d3438203d3e20323133363035.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:120::/48
Signature Algorithm: sha256WithRSAEncryption
10:13:49:8a:2b:3b:b5:e8:2d:29:2c:69:aa:26:63:c5:d6:bc:
69:2f:89:b1:1b:d3:71:41:40:f3:56:6e:2b:06:c4:73:8c:2a:
a2:af:e5:55:81:14:ec:24:a3:5b:dc:ad:a3:a8:8a:c5:aa:99:
6e:71:1c:f5:19:f2:37:73:cd:58:43:6e:cf:d7:7f:64:7e:15:
8a:3a:86:37:bb:33:e9:3b:f8:11:82:b9:70:ec:5e:86:73:a9:
fc:29:51:05:d6:5d:27:03:38:0e:4e:d9:e7:c3:e2:14:52:05:
b2:67:de:41:ea:40:7d:45:f3:a0:3f:c0:d4:84:9e:8b:dd:f0:
b5:56:c6:4f:56:fb:ba:ca:be:e4:1a:17:8c:7a:d4:69:0e:4e:
51:5d:3a:c5:65:0d:ae:7d:fc:b8:c7:7e:86:0e:00:fd:c5:ac:
56:38:10:f0:23:93:2f:96:ed:d2:3d:1b:d8:57:44:1e:06:cf:
45:b7:11:7d:92:d7:58:7f:be:3a:54:2a:58:e2:b9:b0:ac:cb:
96:3a:56:27:ef:93:e9:5e:af:35:3c:b8:d8:ba:74:a6:7e:f3:
4d:46:10:a9:01:c9:8d:67:46:f4:eb:f3:1e:d8:c2:b0:db:c7:
00:44:c3:48:14:ab:8f:99:19:87:64:86:be:64:b1:35:f0:f1:
f6:36:7c:08
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUVHcuJl8gUOidvg5StON9bpYlvZkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzBkNmQzNTNjOTM1ZTBmZTE1YzgxNjkwZGNhMTFkMzFl
ZDI1MDMwMDAeFw0yNTA3MTYxMTU4MjJaFw0yNjA3MTUxMjAzMjJaMDMxMTAvBgNV
BAMTKDkyMzY5OEFDNDE2NzFGMkZGMERBNzdGOTExMkIyQjM2MjVDMkU2MUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJL2O298I3CRC/KgMk+KfPM317
KavV+7f090Gsa0+7DoppafAxqh9m10quzaaoCHnyMGHPK/sGGGFcWPmoUqYux6NN
V+TMKOFCKxgjq25goZUYZQbNjeESzsX4oJnsvP3soki04wXSia1MycJZnOkJViPV
CR+FvOMG2obJ0IQ6qUayv3CLPOVn0EyvQ7LukaEx9ZOUaRiiAWypTkbdkfxTRH18
v5MePGOAH9gRfW8x5/C5rO7FqxAZh6bECvNU/SpYZpn0DuqyKaU6CLXRHwQBRUXf
xgWCNB9FLa9vWlQRgEwReTPvdSGZdWHM0VsPKIhkc/m7is2e1xDbhNx9H9AbAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUkjaYrEFnHy/w2nf5ESsrNiXC5h8wHwYDVR0j
BBgwFoAUwNbTU8k14P4VyBaQ3KEdMe0lAwAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODc4YTE4NTYtODM0Ny00YjhmLWFmNTItZDMzMTZlOGEw
NzY5LzAvQzBENkQzNTNDOTM1RTBGRTE1QzgxNjkwRENBMTFEMzFFRDI1MDMwMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dOYlRVOGsxNFA0VnlCYVEzS0VkTWUw
bEF3QS5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODc4YTE4NTYt
ODM0Ny00YjhmLWFmNTItZDMzMTZlOGEwNzY5LzAvMzIzMDMwMzEzYTM2MzczODNh
MzEzMjMwM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzMTMzMzYzMDM1LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAIAEGeAEgMA0GCSqGSIb3DQEBCwUAA4IBAQAQE0mKKzu16C0pLGmqJmPF
1rxpL4mxG9NxQUDzVm4rBsRzjCqir+VVgRTsJKNb3K2jqIrFqplucRz1GfI3c81Y
Q27P139kfhWKOoY3uzPpO/gRgrlw7F6Gc6n8KVEF1l0nAzgOTtnnw+IUUgWyZ95B
6kB9RfOgP8DUhJ6L3fC1VsZPVvu6yr7kGheMetRpDk5RXTrFZQ2uffy4x36GDgD9
xaxWOBDwI5Mvlu3SPRvYV0QeBs9FtxF9ktdYf746VCpY4rmwrMuWOlYn75PpXq81
PLjYunSmfvNNRhCpAcmNZ0b06/Me2MKw28cARMNIFKuPmRmHZIa+ZLE18PH2NnwI
-----END CERTIFICATE-----
Generated at Mon Jul 21 01:49:17 2025 by rpki-client