Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/326131333a393634343a333030303a3a2f34302d3438203d3e20323131343331.roa
File: 326131333a393634343a333030303a3a2f34302d3438203d3e20323131343331.roa (raw, json)
Hash identifier: e3gM8xBShVESXc8MaKIMDq1iDa8wjJWbHPjdOfhPuFQ=
Subject key identifier: B7:66:3B:65:0D:6F:A9:EC:7A:25:F9:7A:20:2D:74:D4:69:8C:E8:9A
Certificate issuer: /CN=f1d0572fe72991bd32854bac716676ebdad22ace
Certificate serial: 0F106AF60A6285AB44462A1B51085C869247FAEB
Authority key identifier: F1:D0:57:2F:E7:29:91:BD:32:85:4B:AC:71:66:76:EB:DA:D2:2A:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/326131333a393634343a333030303a3a2f34302d3438203d3e20323131343331.roa
Signing time: Thu 10 Jul 2025 16:08:17 +0000
ROA not before: Thu 10 Jul 2025 16:03:17 +0000
ROA not after: Thu 09 Jul 2026 16:08:17 +0000
asID: 211431
IP address blocks: 2a13:9644:3000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.crl
rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.mft
rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 22:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:10:6a:f6:0a:62:85:ab:44:46:2a:1b:51:08:5c:86:92:47:fa:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d0572fe72991bd32854bac716676ebdad22ace
Validity
Not Before: Jul 10 16:03:17 2025 GMT
Not After : Jul 9 16:08:17 2026 GMT
Subject: CN=B7663B650D6FA9EC7A25F97A202D74D4698CE89A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:5a:dc:d6:0a:58:6b:0a:05:7a:c3:aa:1b:00:
a0:8c:88:24:69:b4:b0:4c:80:3d:70:84:f1:0e:7a:
2f:9a:96:c7:6b:f7:7e:f5:30:b7:86:0d:d2:6e:38:
36:f8:29:6e:21:34:bd:4b:43:ea:e7:3a:9a:f1:25:
0c:26:63:29:04:c1:e9:4a:e2:67:4f:d6:0e:f3:54:
a1:10:48:4a:ad:cc:23:51:c7:1f:0d:09:2a:e4:dc:
6b:a8:63:8f:ed:65:f5:80:63:86:76:38:30:f8:6c:
0e:3e:df:7f:70:22:81:7d:ae:9f:31:26:2b:22:2a:
18:c5:de:58:d3:b3:7c:be:8c:d6:cf:c8:5b:99:00:
be:30:3e:6d:8b:e6:c5:d9:54:24:52:97:c9:a8:31:
02:de:89:b6:02:b8:96:3a:9f:09:1c:f5:e3:d8:27:
97:e3:49:72:59:f4:b3:57:64:b1:c5:57:f5:9f:ad:
68:c7:d4:89:43:68:5e:ef:1b:cc:74:49:ff:e2:7c:
39:2d:16:c0:be:a6:73:a7:a6:11:6c:b6:c2:cd:1f:
df:76:b6:c8:bb:e3:84:5d:cb:9f:10:da:95:41:b8:
cd:b8:fe:d2:b1:3e:eb:1c:f4:80:3a:08:25:06:b0:
78:57:f6:97:0d:8c:dd:2d:b7:13:e9:a3:40:e0:6c:
36:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:66:3B:65:0D:6F:A9:EC:7A:25:F9:7A:20:2D:74:D4:69:8C:E8:9A
X509v3 Authority Key Identifier:
keyid:F1:D0:57:2F:E7:29:91:BD:32:85:4B:AC:71:66:76:EB:DA:D2:2A:CE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/326131333a393634343a333030303a3a2f34302d3438203d3e20323131343331.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9644:3000::/40
Signature Algorithm: sha256WithRSAEncryption
43:13:b4:f3:ac:61:81:c1:e0:81:54:3e:96:1e:b5:98:76:d4:
20:2c:4e:d2:0f:bb:d8:8d:0f:99:b7:4d:6a:55:16:57:7f:f7:
44:be:ee:7e:b9:21:f7:56:4e:6b:9f:05:ac:ea:10:c0:8f:a5:
25:80:6c:35:ed:60:64:54:27:14:56:76:0c:ed:36:d6:69:5c:
a1:68:d9:dc:13:8b:b2:ba:6e:36:0a:0c:e0:d2:aa:8a:53:74:
54:1d:b0:c6:84:56:a9:a5:b7:34:8a:2a:d4:d3:cd:2c:f6:3d:
54:5e:59:31:49:63:74:a4:15:71:09:bf:d5:9f:40:1b:7c:d2:
fd:03:12:9b:8a:7b:1a:e9:85:85:86:28:ee:28:df:9f:c7:d1:
6b:e1:c5:52:52:85:51:ac:8e:f0:27:0b:ca:5e:2a:b9:19:52:
c3:2f:36:fd:2f:e9:10:aa:7f:63:52:53:03:09:25:44:3b:63:
54:1e:ca:d2:21:39:53:91:ed:5a:ab:a5:e0:4b:7b:44:27:53:
3d:6b:80:e4:ef:7d:e5:87:0a:e8:4c:43:f4:01:87:a5:1b:56:
14:b7:52:f3:93:00:77:2d:61:95:f1:a9:b5:55:9f:0c:22:e4:
1b:ed:8a:6c:10:7f:02:56:cc:82:97:73:7a:b5:f0:21:df:d1:
08:7d:c4:e0
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIUDxBq9gpihatERiobUQhchpJH+uswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZjFkMDU3MmZlNzI5OTFiZDMyODU0YmFjNzE2Njc2ZWJk
YWQyMmFjZTAeFw0yNTA3MTAxNjAzMTdaFw0yNjA3MDkxNjA4MTdaMDMxMTAvBgNV
BAMTKEI3NjYzQjY1MEQ2RkE5RUM3QTI1Rjk3QTIwMkQ3NEQ0Njk4Q0U4OUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDrWtzWClhrCgV6w6obAKCMiCRp
tLBMgD1whPEOei+alsdr9371MLeGDdJuODb4KW4hNL1LQ+rnOprxJQwmYykEwelK
4mdP1g7zVKEQSEqtzCNRxx8NCSrk3GuoY4/tZfWAY4Z2ODD4bA4+339wIoF9rp8x
JisiKhjF3ljTs3y+jNbPyFuZAL4wPm2L5sXZVCRSl8moMQLeibYCuJY6nwkc9ePY
J5fjSXJZ9LNXZLHFV/WfrWjH1IlDaF7vG8x0Sf/ifDktFsC+pnOnphFstsLNH992
tsi744Rdy58Q2pVBuM24/tKxPusc9IA6CCUGsHhX9pcNjN0ttxPpo0DgbDbNAgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQUt2Y7ZQ1vqex6Jfl6IC101GmM6JowHwYDVR0j
BBgwFoAU8dBXL+cpkb0yhUuscWZ269rSKs4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTMwZGU4NGItNDAwYS00ZmQxLWFiOGEtZTc2MTZlMjQ1
YjQ5LzAvRjFEMDU3MkZFNzI5OTFCRDMyODU0QkFDNzE2Njc2RUJEQUQyMkFDRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzhkQlhMLWNwa2IweWhVdXNjV1oyNjly
U0tzNC5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTMwZGU4NGIt
NDAwYS00ZmQxLWFiOGEtZTc2MTZlMjQ1YjQ5LzAvMzI2MTMxMzMzYTM5MzYzNDM0
M2EzMzMwMzAzMDNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDMyMzEzMTM0MzMzMS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw
DgQCAAIwCAMGACoTlkQwMA0GCSqGSIb3DQEBCwUAA4IBAQBDE7TzrGGBweCBVD6W
HrWYdtQgLE7SD7vYjQ+Zt01qVRZXf/dEvu5+uSH3Vk5rnwWs6hDAj6UlgGw17WBk
VCcUVnYM7TbWaVyhaNncE4uyum42Cgzg0qqKU3RUHbDGhFappbc0iirU080s9j1U
XlkxSWN0pBVxCb/Vn0AbfNL9AxKbinsa6YWFhijuKN+fx9Fr4cVSUoVRrI7wJwvK
Xiq5GVLDLzb9L+kQqn9jUlMDCSVEO2NUHsrSITlTke1aq6XgS3tEJ1M9a4Dk733l
hwroTEP0AYelG1YUt1LzkwB3LWGV8am1VZ8MIuQb7YpsEH8CVsyCl3N6tfAh39EI
fcTg
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:51:49 2025 by rpki-client