Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a35313a3a2f34382d3438203d3e20323134313839.roa
File: 326131313a323963303a35313a3a2f34382d3438203d3e20323134313839.roa (raw, json)
Hash identifier: DdNZjXpEC+fMcUlrpKwTUaE4xUzyzTYWcCOKyu0p414=
Subject key identifier: DC:B1:66:0F:22:34:85:95:DC:18:35:AA:DC:5B:58:5B:50:05:38:9E
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 2B3F56638B3C6E5F8A9E9D3CBC732E2F7D6E0F81
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a35313a3a2f34382d3438203d3e20323134313839.roa
Signing time: Wed 27 Aug 2025 23:10:41 +0000
ROA not before: Wed 27 Aug 2025 23:05:41 +0000
ROA not after: Wed 26 Aug 2026 23:10:41 +0000
asID: 214189
IP address blocks: 2a11:29c0:51::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 10 Sep 2025 08:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:3f:56:63:8b:3c:6e:5f:8a:9e:9d:3c:bc:73:2e:2f:7d:6e:0f:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: Aug 27 23:05:41 2025 GMT
Not After : Aug 26 23:10:41 2026 GMT
Subject: CN=DCB1660F22348595DC1835AADC5B585B5005389E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:0c:2f:f2:96:ef:4a:fa:68:90:4f:84:b3:98:
3c:aa:34:c5:04:69:32:d2:79:33:6c:d9:3a:1f:05:
44:65:2b:c5:97:2f:f2:77:4e:12:b0:97:d4:c6:1e:
c2:a4:1b:06:00:d3:6c:ff:f9:42:c3:49:1c:12:71:
25:1f:ca:c3:8f:11:f6:c9:07:be:9e:83:a7:c0:31:
ef:e8:a3:c3:dd:b6:d4:38:13:f5:d3:65:62:2b:26:
04:db:7e:b0:c5:59:03:48:df:bc:27:be:4b:78:51:
87:1b:b1:a5:4c:a4:38:54:47:f5:6f:26:38:d0:65:
bd:2a:62:de:ba:e1:96:a1:12:7f:99:be:8b:bf:13:
c5:c8:2e:f7:ee:54:e8:ed:cc:07:01:31:78:e5:60:
f2:43:d8:a6:4d:25:29:12:99:3d:79:08:75:b4:f5:
3d:fa:17:10:17:1b:72:12:7f:dd:55:ea:f8:96:f0:
26:9c:bb:6d:3c:de:38:ee:dd:72:90:86:ff:1d:be:
10:c0:3d:fd:ed:5b:a3:20:0e:4b:fc:ca:06:11:4b:
a0:29:e7:26:2e:45:85:0f:45:38:f2:97:93:10:b1:
71:a2:88:ed:de:5e:42:ac:68:e4:4d:dc:20:46:80:
c1:f8:8b:a7:7f:81:82:3c:a6:d2:45:fb:2d:a2:71:
fa:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:B1:66:0F:22:34:85:95:DC:18:35:AA:DC:5B:58:5B:50:05:38:9E
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a35313a3a2f34382d3438203d3e20323134313839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:51::/48
Signature Algorithm: sha256WithRSAEncryption
4c:a3:7d:37:83:9c:c2:11:dd:35:a2:f5:ec:41:be:92:a0:6d:
35:da:9f:b3:ab:25:12:17:a4:98:5a:a6:66:24:c0:6e:45:94:
f1:aa:94:12:25:1b:b6:6d:53:aa:d9:84:64:44:59:a2:4b:e6:
b2:34:84:ee:eb:fc:b4:3a:39:57:1c:3b:07:95:81:36:f0:1a:
0a:9c:5c:5b:3b:ef:be:28:c8:35:22:19:61:38:68:bf:d7:02:
e0:c6:c9:07:a3:80:e1:37:97:29:09:d2:e3:cd:25:68:6a:9e:
05:a7:2b:21:ad:88:1a:17:4f:a7:3c:73:c2:c1:d8:93:fa:f2:
de:58:01:d9:5d:3c:71:6f:60:d7:5e:59:47:2e:df:37:ba:df:
9b:f9:65:c4:35:68:08:4b:fc:5c:b5:75:3b:7f:4b:e2:d5:47:
3d:7b:e8:62:23:41:71:99:5f:47:07:14:43:a5:87:88:91:1a:
04:e2:c4:d5:7e:1d:e7:b6:fa:a9:bb:82:3c:69:94:8a:9d:4b:
03:dd:a7:e8:38:fe:63:0f:c0:b1:02:b1:34:b7:29:dc:6f:75:
19:46:74:47:84:94:a9:b1:4f:6a:90:b2:68:a5:9c:90:4e:5d:
2e:37:f6:cc:fb:06:d6:bf:ac:2a:88:54:cc:8c:5e:ec:8f:f7:
bb:61:15:c0
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUKz9WY4s8bl+Knp08vHMuL31uD4EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNTA4MjcyMzA1NDFaFw0yNjA4MjYyMzEwNDFaMDMxMTAvBgNV
BAMTKERDQjE2NjBGMjIzNDg1OTVEQzE4MzVBQURDNUI1ODVCNTAwNTM4OUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRDC/ylu9K+miQT4SzmDyqNMUE
aTLSeTNs2TofBURlK8WXL/J3ThKwl9TGHsKkGwYA02z/+ULDSRwScSUfysOPEfbJ
B76eg6fAMe/oo8PdttQ4E/XTZWIrJgTbfrDFWQNI37wnvkt4UYcbsaVMpDhUR/Vv
JjjQZb0qYt664ZahEn+Zvou/E8XILvfuVOjtzAcBMXjlYPJD2KZNJSkSmT15CHW0
9T36FxAXG3ISf91V6viW8Cacu2083jju3XKQhv8dvhDAPf3tW6MgDkv8ygYRS6Ap
5yYuRYUPRTjyl5MQsXGiiO3eXkKsaORN3CBGgMH4i6d/gYI8ptJF+y2icfqLAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQU3LFmDyI0hZXcGDWq3FtYW1AFOJ4wHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzNTMxM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzMTM0MzEzODM5LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAKhEpwABRMA0GCSqGSIb3DQEBCwUAA4IBAQBMo303g5zCEd01ovXsQb6S
oG012p+zqyUSF6SYWqZmJMBuRZTxqpQSJRu2bVOq2YRkRFmiS+ayNITu6/y0OjlX
HDsHlYE28BoKnFxbO+++KMg1IhlhOGi/1wLgxskHo4DhN5cpCdLjzSVoap4Fpysh
rYgaF0+nPHPCwdiT+vLeWAHZXTxxb2DXXllHLt83ut+b+WXENWgIS/xctXU7f0vi
1Uc9e+hiI0FxmV9HBxRDpYeIkRoE4sTVfh3ntvqpu4I8aZSKnUsD3afoOP5jD8Cx
ArE0tyncb3UZRnRHhJSpsU9qkLJopZyQTl0uN/bM+wbWv6wqiFTMjF7sj/e7YRXA
-----END CERTIFICATE-----
Generated at Tue Sep 9 15:27:51 2025 by rpki-client