Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a32393a3a2f34382d3438203d3e20323136303732.roa
File: 326131313a323963303a32393a3a2f34382d3438203d3e20323136303732.roa (raw, json)
Hash identifier: OUe3ULmGjHHtmLPfDbnzGqd7YnNQky6tm8kKSDZaVBA=
Subject key identifier: 78:35:2A:51:56:57:AD:AD:E0:D6:7B:86:2E:C0:30:44:57:7D:27:57
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 46C40D30E4382E3DCED96508666BAA563589E289
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a32393a3a2f34382d3438203d3e20323136303732.roa
Signing time: Tue 02 Sep 2025 15:22:37 +0000
ROA not before: Tue 02 Sep 2025 15:17:37 +0000
ROA not after: Tue 01 Sep 2026 15:22:37 +0000
asID: 216072
IP address blocks: 2a11:29c0:29::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 10 Sep 2025 08:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:c4:0d:30:e4:38:2e:3d:ce:d9:65:08:66:6b:aa:56:35:89:e2:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: Sep 2 15:17:37 2025 GMT
Not After : Sep 1 15:22:37 2026 GMT
Subject: CN=78352A515657ADADE0D67B862EC03044577D2757
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:7c:9e:b3:0c:b2:06:2e:7a:9a:97:ae:a2:cf:
77:c7:dd:05:87:62:d5:52:cf:2f:d7:9f:aa:dc:1b:
25:0b:da:8b:69:c5:00:21:f7:53:78:5c:2e:8f:a0:
62:2a:84:12:c8:1b:79:5a:b2:b8:c9:44:65:dc:c0:
04:e4:67:45:ec:c4:5d:6c:d1:f5:39:e7:f7:22:eb:
b4:e1:d7:65:47:27:05:d7:71:7e:0a:de:bc:68:07:
ab:a2:53:61:97:d8:da:33:81:34:f1:75:72:35:cd:
c4:e4:34:f3:fc:ac:14:cb:68:a9:4b:89:7d:da:69:
31:a9:1d:61:db:f1:c6:a0:70:de:29:25:c8:7d:0b:
9b:4e:fc:ad:4b:d4:ef:80:ad:b3:57:ba:68:56:76:
15:bb:f5:9c:47:9e:3d:60:ed:be:25:a6:a5:fb:0e:
bd:73:4c:dc:84:07:64:fb:d6:49:5a:dc:dd:b6:b1:
60:90:5d:2a:01:3e:8b:30:63:f9:16:5e:7f:3c:51:
9f:11:5a:ef:fc:b5:0c:ee:c3:90:2c:93:26:ef:97:
b4:1d:73:51:82:f9:a2:23:b2:2c:31:3c:a7:a1:b2:
4d:51:6c:a5:1d:f3:b9:14:f6:15:59:02:38:f6:78:
d9:5a:0f:c9:14:d3:ea:81:a9:8c:ee:39:5d:d8:c0:
43:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:35:2A:51:56:57:AD:AD:E0:D6:7B:86:2E:C0:30:44:57:7D:27:57
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a32393a3a2f34382d3438203d3e20323136303732.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:29::/48
Signature Algorithm: sha256WithRSAEncryption
1a:d4:ce:df:39:5b:4a:66:b0:37:f9:70:13:ba:75:16:39:fd:
ac:ce:db:fa:8b:b2:6d:15:51:fd:67:ae:7c:9f:ca:c9:01:a8:
53:27:13:e4:39:48:04:a0:4b:bb:48:98:4c:df:50:cb:d1:ac:
96:23:d9:90:8f:50:4c:3f:12:11:64:d3:90:58:db:f5:de:41:
04:26:50:96:a5:28:70:9b:e6:d1:a4:bf:e4:58:e0:5a:c7:a1:
a0:8c:e2:67:e2:d0:10:55:12:80:85:f4:2c:6a:45:f7:a3:76:
22:cc:b1:9c:76:c8:3b:18:04:df:70:06:e3:d4:8b:9e:84:61:
27:c9:96:27:08:b1:80:41:65:89:4d:09:d6:13:aa:0e:f6:8a:
40:13:8f:31:69:c3:0a:fb:47:5f:78:7a:49:22:22:b0:b1:63:
2c:20:f2:63:f6:d0:d3:ea:d6:36:22:fe:26:99:f3:f9:76:57:
0d:25:78:b3:7b:44:dc:c6:42:05:40:17:38:9d:c8:b7:11:33:
21:af:83:65:db:2f:40:8b:d7:b3:c5:69:dd:37:35:95:f0:17:
7c:a5:df:f7:b8:4f:1b:e2:72:26:0e:dd:a7:39:ea:5f:57:f2:
e7:84:97:1b:e1:34:f7:08:e4:58:da:ca:ee:5e:21:0c:24:f7:
e9:52:51:7f
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIURsQNMOQ4Lj3O2WUIZmuqVjWJ4okwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNTA5MDIxNTE3MzdaFw0yNjA5MDExNTIyMzdaMDMxMTAvBgNV
BAMTKDc4MzUyQTUxNTY1N0FEQURFMEQ2N0I4NjJFQzAzMDQ0NTc3RDI3NTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDfJ6zDLIGLnqal66iz3fH3QWH
YtVSzy/Xn6rcGyUL2otpxQAh91N4XC6PoGIqhBLIG3lasrjJRGXcwATkZ0XsxF1s
0fU55/ci67Th12VHJwXXcX4K3rxoB6uiU2GX2NozgTTxdXI1zcTkNPP8rBTLaKlL
iX3aaTGpHWHb8cagcN4pJch9C5tO/K1L1O+ArbNXumhWdhW79ZxHnj1g7b4lpqX7
Dr1zTNyEB2T71kla3N22sWCQXSoBPoswY/kWXn88UZ8RWu/8tQzuw5Askybvl7Qd
c1GC+aIjsiwxPKehsk1RbKUd87kU9hVZAjj2eNlaD8kU0+qBqYzuOV3YwEPdAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUeDUqUVZXra3g1nuGLsAwRFd9J1cwHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzMjM5M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzMTM2MzAzNzMyLnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAKhEpwAApMA0GCSqGSIb3DQEBCwUAA4IBAQAa1M7fOVtKZrA3+XATunUW
Of2sztv6i7JtFVH9Z658n8rJAahTJxPkOUgEoEu7SJhM31DL0ayWI9mQj1BMPxIR
ZNOQWNv13kEEJlCWpShwm+bRpL/kWOBax6GgjOJn4tAQVRKAhfQsakX3o3YizLGc
dsg7GATfcAbj1IuehGEnyZYnCLGAQWWJTQnWE6oO9opAE48xacMK+0dfeHpJIiKw
sWMsIPJj9tDT6tY2Iv4mmfP5dlcNJXize0TcxkIFQBc4nci3ETMhr4Nl2y9Ai9ez
xWndNzWV8Bd8pd/3uE8b4nImDt2nOepfV/LnhJcb4TT3CORY2sruXiEMJPfpUlF/
-----END CERTIFICATE-----
Generated at Tue Sep 9 15:27:57 2025 by rpki-client