Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a34393a3a2f34382d3438203d3e203136353039.roa
File: 326131313a323963303a34393a3a2f34382d3438203d3e203136353039.roa (raw, json)
Hash identifier: vgjZnbRJJH+yUi+gix9bYk2PKg1v8CcSONkyooHBn/0=
Subject key identifier: FA:EE:DA:96:A3:F6:48:D2:5C:93:04:22:4C:5A:CE:B5:82:5E:E1:72
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 143D9C53F7373CADB704B7B9160DA88734A31AEB
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a34393a3a2f34382d3438203d3e203136353039.roa
Signing time: Tue 05 Aug 2025 21:48:12 +0000
ROA not before: Tue 05 Aug 2025 21:43:12 +0000
ROA not after: Tue 04 Aug 2026 21:48:12 +0000
asID: 16509
IP address blocks: 2a11:29c0:49::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 20 Aug 2025 23:58:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:3d:9c:53:f7:37:3c:ad:b7:04:b7:b9:16:0d:a8:87:34:a3:1a:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: Aug 5 21:43:12 2025 GMT
Not After : Aug 4 21:48:12 2026 GMT
Subject: CN=FAEEDA96A3F648D25C9304224C5ACEB5825EE172
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:4d:05:59:5f:f7:ce:1b:31:11:e6:0e:4e:b1:
85:7e:ec:e1:43:a8:7e:7f:25:56:ca:6f:cf:4b:69:
26:5c:81:4f:6e:8e:2d:05:a2:b8:7e:32:2f:74:2d:
79:0b:5a:10:40:ee:c3:e8:3f:67:b1:35:ff:56:6b:
95:c6:81:b2:23:2d:2f:16:91:6f:26:8d:c7:d0:00:
91:70:e1:f6:cb:0b:bf:20:3f:ce:56:34:37:22:0b:
b1:16:62:2a:fc:d0:0e:80:a0:3e:86:b7:5b:cf:fe:
a9:3a:2f:71:c3:a3:5f:92:a6:b1:a2:9b:ce:79:f8:
37:c5:0f:41:c6:27:7d:a8:0b:80:68:4a:01:88:a7:
be:e2:4b:b2:d8:d3:8e:48:1d:eb:ea:fb:a5:d6:29:
43:5a:26:ae:40:e1:37:47:bd:fd:9b:36:d5:a6:5a:
19:9a:ca:9a:1b:7f:75:f1:af:b7:23:ca:e9:f7:ac:
c6:9f:ea:f1:4b:4f:e2:66:af:df:75:e9:ec:7a:dd:
75:10:a4:6b:62:d3:ba:67:ca:86:a6:be:16:d3:ee:
f8:c8:70:62:8a:19:1d:ad:84:25:6b:53:44:1f:a9:
a3:0b:ea:af:fe:0b:9b:dd:00:9a:b0:f9:6a:a7:75:
f1:e3:3c:58:36:09:a1:ad:2a:e6:9b:43:b2:d3:65:
c9:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:EE:DA:96:A3:F6:48:D2:5C:93:04:22:4C:5A:CE:B5:82:5E:E1:72
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a34393a3a2f34382d3438203d3e203136353039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:49::/48
Signature Algorithm: sha256WithRSAEncryption
30:ee:fc:e7:7c:1b:98:dc:1f:10:4a:62:01:84:fc:5f:bb:1a:
1b:a1:a6:f6:72:a5:1c:1d:3d:99:9d:09:d3:3d:8a:ee:2f:37:
4e:c7:07:11:a2:10:6d:29:67:7d:b2:08:e1:92:92:8b:5d:2f:
17:94:ed:4a:c0:46:5c:b0:2a:ab:d9:92:df:6b:66:e3:25:53:
a7:68:e8:84:1a:e6:cf:14:f8:32:32:93:8b:9c:6f:3d:47:48:
28:9d:11:9c:a6:5a:30:fd:32:c4:b5:09:77:29:e6:ea:b0:c2:
6b:eb:da:ca:e2:9b:4c:d1:bb:b9:0f:e4:92:ff:cb:06:a8:4d:
4a:8d:25:e2:39:0f:1d:d3:91:24:8a:55:fb:8b:93:b1:da:e6:
7e:8f:bb:ef:76:c4:d0:b1:57:73:c1:45:73:69:12:63:95:6f:
0a:91:cd:af:70:c5:f0:9d:70:ae:54:0b:cd:40:3a:2d:18:0f:
38:8b:89:41:75:3c:75:58:cd:d6:cd:79:4d:23:6f:bc:75:8d:
c8:50:62:3c:59:22:f4:e8:91:ca:af:f4:00:35:41:4a:26:3c:
ba:e7:cc:02:e9:32:0f:93:28:f7:df:88:8b:6d:96:aa:73:ff:
99:2b:f6:b1:6e:27:9f:1f:06:0c:20:74:a0:07:c1:87:d9:d8:
a5:e3:34:31
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUFD2cU/c3PK23BLe5Fg2ohzSjGuswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNTA4MDUyMTQzMTJaFw0yNjA4MDQyMTQ4MTJaMDMxMTAvBgNV
BAMTKEZBRUVEQTk2QTNGNjQ4RDI1QzkzMDQyMjRDNUFDRUI1ODI1RUUxNzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2TQVZX/fOGzER5g5OsYV+7OFD
qH5/JVbKb89LaSZcgU9uji0Forh+Mi90LXkLWhBA7sPoP2exNf9Wa5XGgbIjLS8W
kW8mjcfQAJFw4fbLC78gP85WNDciC7EWYir80A6AoD6Gt1vP/qk6L3HDo1+SprGi
m855+DfFD0HGJ32oC4BoSgGIp77iS7LY045IHevq+6XWKUNaJq5A4TdHvf2bNtWm
Whmaypobf3Xxr7cjyun3rMaf6vFLT+Jmr9916ex63XUQpGti07pnyoamvhbT7vjI
cGKKGR2thCVrU0QfqaML6q/+C5vdAJqw+WqndfHjPFg2CaGtKuabQ7LTZckZAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQU+u7alqP2SNJckwQiTFrOtYJe4XIwHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzNDM5M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzEzNjM1MzAzOS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHACoRKcAASTANBgkqhkiG9w0BAQsFAAOCAQEAMO7853wbmNwfEEpiAYT8X7sa
G6Gm9nKlHB09mZ0J0z2K7i83TscHEaIQbSlnfbII4ZKSi10vF5TtSsBGXLAqq9mS
32tm4yVTp2johBrmzxT4MjKTi5xvPUdIKJ0RnKZaMP0yxLUJdynm6rDCa+vayuKb
TNG7uQ/kkv/LBqhNSo0l4jkPHdORJIpV+4uTsdrmfo+773bE0LFXc8FFc2kSY5Vv
CpHNr3DF8J1wrlQLzUA6LRgPOIuJQXU8dVjN1s15TSNvvHWNyFBiPFki9OiRyq/0
ADVBSiY8uufMAukyD5Mo99+Ii22WqnP/mSv2sW4nnx8GDCB0oAfBh9nYpeM0MQ==
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:42:35 2025 by rpki-client