Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a34393a3a2f34382d3438203d3e20323134313238.roa
File: 326131313a323963303a34393a3a2f34382d3438203d3e20323134313238.roa (raw, json)
Hash identifier: R4o8lpE2xhvt9Ijhohgyb0AN5vLiaYVrYa+/7qC+Qro=
Subject key identifier: 9D:15:12:27:20:CA:CF:1C:90:33:A8:1F:5A:6A:29:FC:29:45:1E:C2
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 74B44C5A00F49393C81B1E0297D231F6F1479CCD
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a34393a3a2f34382d3438203d3e20323134313238.roa
Signing time: Thu 28 Aug 2025 21:10:42 +0000
ROA not before: Thu 28 Aug 2025 21:05:42 +0000
ROA not after: Thu 27 Aug 2026 21:10:42 +0000
asID: 214128
IP address blocks: 2a11:29c0:49::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 10 Sep 2025 08:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:b4:4c:5a:00:f4:93:93:c8:1b:1e:02:97:d2:31:f6:f1:47:9c:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: Aug 28 21:05:42 2025 GMT
Not After : Aug 27 21:10:42 2026 GMT
Subject: CN=9D15122720CACF1C9033A81F5A6A29FC29451EC2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:d5:b6:f8:a4:2e:ad:59:d2:fa:7a:c8:94:a8:
94:18:e7:56:27:56:12:17:02:83:af:2f:3e:3c:83:
3e:34:69:32:24:b1:7e:93:0c:1b:6c:11:84:1f:a3:
da:b4:2f:1f:86:94:c1:be:7c:82:bc:d1:01:0f:cc:
db:64:8f:b6:70:0d:e4:8a:15:bc:5c:29:b2:1e:7f:
81:b3:51:9f:d9:02:d7:5d:9b:c4:78:67:2f:d7:45:
29:c1:e6:83:ff:be:9a:f8:d2:a5:90:f8:9c:31:bf:
55:5b:c0:8a:af:1b:4e:49:3b:0c:bc:c0:f4:f2:8d:
c7:2d:9a:73:f9:ab:73:27:06:2e:d8:12:d9:10:0e:
4c:f8:8c:cf:85:07:17:46:ab:82:f7:87:00:18:6e:
d9:ba:0a:5f:18:76:03:ac:31:a4:be:9e:40:5a:7b:
4f:f5:72:f8:d3:df:eb:28:7b:9c:2a:20:f2:43:67:
dc:3a:41:16:60:11:f2:95:47:9f:d7:34:2f:38:71:
52:bf:b7:67:22:50:a9:3f:3a:b3:40:58:e6:b5:04:
21:60:f3:6b:c4:1d:f0:8e:ee:4e:9d:6e:da:01:47:
fd:36:b8:9d:c9:55:a6:27:f7:ed:24:21:8c:37:00:
38:08:40:5f:c9:25:1a:d1:1f:b3:22:7a:c4:a7:d6:
00:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:15:12:27:20:CA:CF:1C:90:33:A8:1F:5A:6A:29:FC:29:45:1E:C2
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a34393a3a2f34382d3438203d3e20323134313238.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:49::/48
Signature Algorithm: sha256WithRSAEncryption
41:3a:b9:1b:45:cb:f0:df:5f:15:7a:df:a9:38:7d:ee:f0:51:
59:69:42:63:a6:83:72:0c:fc:9a:04:a9:6d:2b:9d:08:f1:a8:
00:eb:bf:a0:8d:ae:38:3b:0a:14:16:c8:0f:87:25:bd:85:38:
8d:8f:d8:f5:5e:fa:3a:b3:ae:8e:b8:f1:05:ea:fa:12:87:8f:
92:ad:51:91:67:df:59:d4:4a:d7:7d:3a:ff:19:94:40:21:f3:
5c:4e:b6:8b:87:21:0b:51:c8:dc:91:97:44:ee:29:d8:0a:b7:
84:6e:06:b6:35:56:55:7e:15:dc:c9:d5:fb:7e:b5:16:55:ac:
05:43:77:90:da:90:b6:ef:d2:b9:26:00:dc:78:23:f4:96:02:
11:f4:f6:8d:0d:aa:17:26:87:ea:b7:11:10:bd:34:dd:f8:99:
a2:d5:4f:5a:a0:f8:c6:eb:fb:d2:eb:62:60:3c:cc:ab:36:a2:
7a:42:1f:59:57:f8:e5:f5:bf:c7:68:44:58:b3:63:28:6f:96:
70:3c:26:76:e8:44:17:59:78:93:93:39:b4:84:94:ab:41:87:
59:1b:c8:c3:62:a1:b4:fd:12:bd:f0:10:b4:e3:04:28:7c:90:
fb:82:93:2e:96:91:89:35:ca:3e:24:22:6c:82:45:c7:ff:13:
8f:b5:cf:d2
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUdLRMWgD0k5PIGx4Cl9Ix9vFHnM0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNTA4MjgyMTA1NDJaFw0yNjA4MjcyMTEwNDJaMDMxMTAvBgNV
BAMTKDlEMTUxMjI3MjBDQUNGMUM5MDMzQTgxRjVBNkEyOUZDMjk0NTFFQzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCk1bb4pC6tWdL6esiUqJQY51Yn
VhIXAoOvLz48gz40aTIksX6TDBtsEYQfo9q0Lx+GlMG+fIK80QEPzNtkj7ZwDeSK
FbxcKbIef4GzUZ/ZAtddm8R4Zy/XRSnB5oP/vpr40qWQ+Jwxv1VbwIqvG05JOwy8
wPTyjcctmnP5q3MnBi7YEtkQDkz4jM+FBxdGq4L3hwAYbtm6Cl8YdgOsMaS+nkBa
e0/1cvjT3+soe5wqIPJDZ9w6QRZgEfKVR5/XNC84cVK/t2ciUKk/OrNAWOa1BCFg
82vEHfCO7k6dbtoBR/02uJ3JVaYn9+0kIYw3ADgIQF/JJRrRH7MiesSn1gDtAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUnRUSJyDKzxyQM6gfWmop/ClFHsIwHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzNDM5M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzMTM0MzEzMjM4LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAKhEpwABJMA0GCSqGSIb3DQEBCwUAA4IBAQBBOrkbRcvw318Vet+pOH3u
8FFZaUJjpoNyDPyaBKltK50I8agA67+gja44OwoUFsgPhyW9hTiNj9j1Xvo6s66O
uPEF6voSh4+SrVGRZ99Z1ErXfTr/GZRAIfNcTraLhyELUcjckZdE7inYCreEbga2
NVZVfhXcydX7frUWVawFQ3eQ2pC279K5JgDceCP0lgIR9PaNDaoXJofqtxEQvTTd
+Jmi1U9aoPjG6/vS62JgPMyrNqJ6Qh9ZV/jl9b/HaERYs2Mob5ZwPCZ26EQXWXiT
kzm0hJSrQYdZG8jDYqG0/RK98BC04wQofJD7gpMulpGJNco+JCJsgkXH/xOPtc/S
-----END CERTIFICATE-----
Generated at Tue Sep 9 15:27:51 2025 by rpki-client