Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/326131333a393634343a31303a3a2f34362d3438203d3e203438313934.roa
File: 326131333a393634343a31303a3a2f34362d3438203d3e203438313934.roa (raw, json)
Hash identifier: WOAaZY65k+/GoeKbXXymPrZVu7CfbDlQvCXqyS0ZjLA=
Subject key identifier: 6E:0B:C0:FB:C2:4F:04:73:0F:26:99:BE:0D:9A:7F:9B:8D:F2:E4:B5
Certificate issuer: /CN=f1d0572fe72991bd32854bac716676ebdad22ace
Certificate serial: 37E12C9C729C4C97A5ED10C1AB23CA7100DF20FF
Authority key identifier: F1:D0:57:2F:E7:29:91:BD:32:85:4B:AC:71:66:76:EB:DA:D2:2A:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/326131333a393634343a31303a3a2f34362d3438203d3e203438313934.roa
Signing time: Thu 10 Jul 2025 16:08:17 +0000
ROA not before: Thu 10 Jul 2025 16:03:17 +0000
ROA not after: Thu 09 Jul 2026 16:08:17 +0000
asID: 48194
IP address blocks: 2a13:9644:10::/46 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.crl
rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.mft
rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 08:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:e1:2c:9c:72:9c:4c:97:a5:ed:10:c1:ab:23:ca:71:00:df:20:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d0572fe72991bd32854bac716676ebdad22ace
Validity
Not Before: Jul 10 16:03:17 2025 GMT
Not After : Jul 9 16:08:17 2026 GMT
Subject: CN=6E0BC0FBC24F04730F2699BE0D9A7F9B8DF2E4B5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:51:62:5b:d1:0a:63:34:52:d5:2b:be:a4:c7:
1e:bc:44:a0:80:27:b3:dd:4b:bb:a5:0d:54:a2:cd:
b5:14:4b:5d:7a:f6:84:75:99:e8:9c:9c:a6:4b:fc:
27:3b:a1:9c:d8:22:b3:cc:b0:e5:7a:f5:b8:79:c6:
e4:d4:67:a8:93:de:5f:84:6d:b9:63:a9:4c:7a:fe:
d6:cc:d5:9e:eb:05:2f:98:66:35:1d:e4:96:dc:11:
35:ef:18:2f:f3:e7:b8:49:05:55:e2:53:be:23:28:
21:ef:21:f5:50:bf:ec:c5:bb:d5:b6:ed:93:23:25:
9f:f2:b4:b8:3b:76:c7:22:9b:32:26:49:df:df:86:
53:b6:ad:bd:e3:4f:8f:9f:a8:d7:66:cd:cb:e3:a0:
a4:41:d6:17:8f:8a:28:5c:39:e6:93:11:5e:62:ef:
6d:74:9c:48:5d:f8:34:12:f1:75:c1:1a:54:49:57:
da:56:2c:bf:69:3a:9c:72:9b:d3:3c:75:6d:18:44:
c5:b2:e3:47:46:ff:8c:e8:aa:e7:12:93:c6:21:ed:
5e:7b:3c:13:0a:ea:56:e8:bc:ac:62:f2:1e:1e:7f:
a3:d2:5a:c2:36:23:ff:91:d5:f5:4d:b1:73:69:1b:
80:7e:c5:38:51:e3:88:fa:1c:3b:1f:c8:e7:fe:3f:
fd:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:0B:C0:FB:C2:4F:04:73:0F:26:99:BE:0D:9A:7F:9B:8D:F2:E4:B5
X509v3 Authority Key Identifier:
keyid:F1:D0:57:2F:E7:29:91:BD:32:85:4B:AC:71:66:76:EB:DA:D2:2A:CE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/326131333a393634343a31303a3a2f34362d3438203d3e203438313934.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9644:10::/46
Signature Algorithm: sha256WithRSAEncryption
c5:74:2a:17:9e:e5:ce:15:80:9c:72:f2:57:19:3d:ac:cb:0d:
36:f6:b0:eb:bf:d8:b2:eb:c8:27:a1:af:00:06:de:d9:d2:3e:
d3:1b:43:39:8a:dd:be:a0:fa:23:64:71:04:36:b4:f0:91:af:
c2:4e:41:61:52:80:09:1d:bb:f1:83:f4:9b:28:21:b6:3e:f5:
8e:73:dd:b1:d8:6d:0a:b0:a5:8c:db:f7:a9:19:98:92:a4:c9:
18:0d:94:45:21:6d:98:1c:36:b4:2a:15:cc:c7:c9:c6:ba:15:
cb:b2:bd:bc:21:41:49:38:4a:5a:8d:c6:ec:22:ac:a6:1e:6a:
7c:1a:31:83:a8:66:b8:a7:78:ca:be:4f:fc:65:5f:0e:70:c9:
67:a7:34:f0:8d:aa:53:80:a8:0e:f2:23:36:82:de:ce:67:25:
72:52:56:47:66:a9:f7:be:ac:9d:6b:5b:8f:44:31:2b:79:18:
82:3e:aa:1a:dd:9a:98:c1:13:f9:d6:b9:b7:17:1a:8b:08:46:
b4:4b:6e:5a:5b:23:93:a6:ee:21:a1:5e:86:15:39:01:29:46:
e9:59:6c:6a:09:7f:df:62:fd:4f:8e:bb:c0:4f:89:3e:a1:33:
c9:c0:5d:a2:48:ca:72:b5:49:0a:6e:a0:26:e7:0b:cf:e9:5d:
59:70:bc:c6
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUN+EsnHKcTJel7RDBqyPKcQDfIP8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZjFkMDU3MmZlNzI5OTFiZDMyODU0YmFjNzE2Njc2ZWJk
YWQyMmFjZTAeFw0yNTA3MTAxNjAzMTdaFw0yNjA3MDkxNjA4MTdaMDMxMTAvBgNV
BAMTKDZFMEJDMEZCQzI0RjA0NzMwRjI2OTlCRTBEOUE3RjlCOERGMkU0QjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqUWJb0QpjNFLVK76kxx68RKCA
J7PdS7ulDVSizbUUS1169oR1meicnKZL/Cc7oZzYIrPMsOV69bh5xuTUZ6iT3l+E
bbljqUx6/tbM1Z7rBS+YZjUd5JbcETXvGC/z57hJBVXiU74jKCHvIfVQv+zFu9W2
7ZMjJZ/ytLg7dscimzImSd/fhlO2rb3jT4+fqNdmzcvjoKRB1hePiihcOeaTEV5i
7210nEhd+DQS8XXBGlRJV9pWLL9pOpxym9M8dW0YRMWy40dG/4zoqucSk8Yh7V57
PBMK6lbovKxi8h4ef6PSWsI2I/+R1fVNsXNpG4B+xThR44j6HDsfyOf+P/3lAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUbgvA+8JPBHMPJpm+DZp/m43y5LUwHwYDVR0j
BBgwFoAU8dBXL+cpkb0yhUuscWZ269rSKs4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTMwZGU4NGItNDAwYS00ZmQxLWFiOGEtZTc2MTZlMjQ1
YjQ5LzAvRjFEMDU3MkZFNzI5OTFCRDMyODU0QkFDNzE2Njc2RUJEQUQyMkFDRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzhkQlhMLWNwa2IweWhVdXNjV1oyNjly
U0tzNC5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTMwZGU4NGIt
NDAwYS00ZmQxLWFiOGEtZTc2MTZlMjQ1YjQ5LzAvMzI2MTMxMzMzYTM5MzYzNDM0
M2EzMTMwM2EzYTJmMzQzNjJkMzQzODIwM2QzZTIwMzQzODMxMzkzNC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHAioTlkQAEDANBgkqhkiG9w0BAQsFAAOCAQEAxXQqF57lzhWAnHLyVxk9rMsN
Nvaw67/YsuvIJ6GvAAbe2dI+0xtDOYrdvqD6I2RxBDa08JGvwk5BYVKACR278YP0
myghtj71jnPdsdhtCrCljNv3qRmYkqTJGA2URSFtmBw2tCoVzMfJxroVy7K9vCFB
SThKWo3G7CKsph5qfBoxg6hmuKd4yr5P/GVfDnDJZ6c08I2qU4CoDvIjNoLezmcl
clJWR2ap976snWtbj0QxK3kYgj6qGt2amMET+da5txcaiwhGtEtuWlsjk6buIaFe
hhU5ASlG6Vlsagl/32L9T467wE+JPqEzycBdokjKcrVJCm6gJucLz+ldWXC8xg==
-----END CERTIFICATE-----
Generated at Tue Jul 22 20:57:14 2025 by rpki-client