Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/326130313a3137303a313035303a3a2f34382d3438203d3e20323038353435.roa
File: 326130313a3137303a313035303a3a2f34382d3438203d3e20323038353435.roa (raw, json)
Hash identifier: /hPvZsD4bYxTpCj++nRWgBMqHrulDaUBF57niRpbcCA=
Subject key identifier: 81:E9:C4:7D:4F:EE:0C:CE:F0:39:CB:85:A7:D0:73:D1:9A:2E:E8:8C
Certificate issuer: /CN=3feccb17be51ee59ec74d64eed917e221ee28a1b
Certificate serial: 71AD25D89312349BD881C518FC24E1165255DC7D
Authority key identifier: 3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/326130313a3137303a313035303a3a2f34382d3438203d3e20323038353435.roa
Signing time: Thu 04 Sep 2025 10:40:06 +0000
ROA not before: Thu 04 Sep 2025 10:35:06 +0000
ROA not after: Thu 03 Sep 2026 10:40:06 +0000
asID: 208545
IP address blocks: 2a01:170:1050::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl
rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.mft
rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Sep 2025 12:34:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:ad:25:d8:93:12:34:9b:d8:81:c5:18:fc:24:e1:16:52:55:dc:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3feccb17be51ee59ec74d64eed917e221ee28a1b
Validity
Not Before: Sep 4 10:35:06 2025 GMT
Not After : Sep 3 10:40:06 2026 GMT
Subject: CN=81E9C47D4FEE0CCEF039CB85A7D073D19A2EE88C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:7f:e9:01:61:0e:34:17:93:f9:d1:c3:1e:ac:
d8:ab:10:e4:39:3c:2a:9c:b4:f0:8e:bb:4c:dd:72:
ec:80:77:a7:83:2b:76:18:23:94:88:58:26:c7:50:
d3:35:ae:61:f5:db:1e:17:6e:04:35:b4:fc:02:16:
d7:d8:b3:6a:f3:fc:1c:b7:09:4d:79:a5:2f:14:19:
a2:af:12:b7:dc:77:2c:3e:ad:b6:fa:8a:8e:78:aa:
13:51:4e:5f:ad:1a:09:ea:4c:c0:9a:19:1f:1e:b1:
68:5d:57:f1:51:91:1a:f6:cf:ed:91:4b:0e:61:d7:
2d:63:88:64:80:0f:8a:a8:bc:f2:04:08:e2:ad:40:
7d:47:b5:55:b8:6a:31:ac:68:ab:de:c9:66:1f:d1:
1b:c1:4c:20:7f:3c:67:94:4f:13:9a:f4:58:80:51:
88:c5:c0:2f:68:24:86:93:fd:77:57:de:8c:ff:82:
dd:70:16:52:9f:f9:91:94:51:57:14:ec:15:a9:77:
d0:ec:51:b5:7e:21:b0:58:11:ab:c9:f2:ad:30:9b:
9d:c1:5d:f2:b3:fd:87:5d:3a:83:d5:26:43:6c:80:
f7:d1:3a:5c:0a:ca:e0:36:58:2c:e2:cf:56:51:69:
68:5c:fa:dd:53:30:12:94:32:d3:65:be:61:2e:b4:
0d:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:E9:C4:7D:4F:EE:0C:CE:F0:39:CB:85:A7:D0:73:D1:9A:2E:E8:8C
X509v3 Authority Key Identifier:
keyid:3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/326130313a3137303a313035303a3a2f34382d3438203d3e20323038353435.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:170:1050::/48
Signature Algorithm: sha256WithRSAEncryption
00:89:e1:44:a8:f5:6f:2d:b3:d3:83:c3:51:15:05:f6:aa:00:
32:37:61:19:a5:8a:77:01:56:73:b0:5c:c3:eb:2f:fc:a1:f0:
fb:36:40:e0:75:a0:01:3b:f9:f1:a7:d3:19:37:53:6a:1a:88:
e1:80:2f:55:e4:59:42:1a:0a:2b:f0:e4:de:b7:b7:32:2d:99:
6a:34:c8:09:8e:71:ff:d6:e9:89:72:5a:7b:46:cc:60:9f:74:
0a:8b:50:b2:83:3a:89:c6:dd:4b:4f:72:85:f3:32:79:18:6f:
8a:b7:3e:09:b2:eb:07:21:e5:0d:26:45:58:43:bd:80:b1:7c:
96:f6:7b:7e:db:64:92:bc:e0:85:b0:54:23:ef:8b:8f:4d:d9:
75:f0:14:67:15:27:ca:e6:5b:6b:0a:09:bf:a1:9b:ba:44:62:
1f:d6:ae:84:51:92:33:0e:f5:6c:b1:db:6c:b4:30:fa:39:b2:
f6:22:da:fd:f4:cd:71:ae:a7:71:9b:ca:1c:d9:f6:c7:f0:95:
78:c5:8a:80:7f:f0:5b:e5:b0:03:fc:2d:93:99:53:4f:f2:73:
ad:54:06:db:16:7d:5a:33:d3:ac:68:a9:7a:86:81:aa:fb:4a:
f4:26:eb:23:e6:e7:48:3b:31:f6:8a:77:af:95:47:ae:12:5f:
8b:60:e9:90
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgIUca0l2JMSNJvYgcUY/CThFlJV3H0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2ZlY2NiMTdiZTUxZWU1OWVjNzRkNjRlZWQ5MTdlMjIx
ZWUyOGExYjAeFw0yNTA5MDQxMDM1MDZaFw0yNjA5MDMxMDQwMDZaMDMxMTAvBgNV
BAMTKDgxRTlDNDdENEZFRTBDQ0VGMDM5Q0I4NUE3RDA3M0QxOUEyRUU4OEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyf+kBYQ40F5P50cMerNirEOQ5
PCqctPCOu0zdcuyAd6eDK3YYI5SIWCbHUNM1rmH12x4XbgQ1tPwCFtfYs2rz/By3
CU15pS8UGaKvErfcdyw+rbb6io54qhNRTl+tGgnqTMCaGR8esWhdV/FRkRr2z+2R
Sw5h1y1jiGSAD4qovPIECOKtQH1HtVW4ajGsaKveyWYf0RvBTCB/PGeUTxOa9FiA
UYjFwC9oJIaT/XdX3oz/gt1wFlKf+ZGUUVcU7BWpd9DsUbV+IbBYEavJ8q0wm53B
XfKz/YddOoPVJkNsgPfROlwKyuA2WCziz1ZRaWhc+t1TMBKUMtNlvmEutA0dAgMB
AAGjggJIMIICRDAdBgNVHQ4EFgQUgenEfU/uDM7wOcuFp9Bz0Zou6IwwHwYDVR0j
BBgwFoAUP+zLF75R7lnsdNZO7ZF+Ih7iihswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjJkYjc1NTUtOWFhNC00OTgzLTkzMTYtNzM4MDlkZDM1
NGJjLzAvM0ZFQ0NCMTdCRTUxRUU1OUVDNzRENjRFRUQ5MTdFMjIxRUUyOEExQi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1AtekxGNzVSN2xuc2ROWk83WkYtSWg3
aWlocy5jZXIwgbUGCCsGAQUFBwELBIGoMIGlMIGiBggrBgEFBQcwC4aBlXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMjJkYjc1NTUt
OWFhNC00OTgzLTkzMTYtNzM4MDlkZDM1NGJjLzAvMzI2MTMwMzEzYTMxMzczMDNh
MzEzMDM1MzAzYTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMjMwMzgzNTM0MzUucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8E
AgACMAkDBwAqAQFwEFAwDQYJKoZIhvcNAQELBQADggEBAACJ4USo9W8ts9ODw1EV
BfaqADI3YRmlincBVnOwXMPrL/yh8Ps2QOB1oAE7+fGn0xk3U2oaiOGAL1XkWUIa
Civw5N63tzItmWo0yAmOcf/W6YlyWntGzGCfdAqLULKDOonG3UtPcoXzMnkYb4q3
Pgmy6wch5Q0mRVhDvYCxfJb2e37bZJK84IWwVCPvi49N2XXwFGcVJ8rmW2sKCb+h
m7pEYh/WroRRkjMO9Wyx22y0MPo5svYi2v30zXGup3GbyhzZ9sfwlXjFioB/8Fvl
sAP8LZOZU0/yc61UBtsWfVoz06xoqXqGgar7SvQm6yPm50g7MfaKd6+VR64SX4tg
6ZA=
-----END CERTIFICATE-----
Generated at Sun Sep 7 04:02:25 2025 by rpki-client