Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/2/323030313a3637633a6264633a3a2f34382d3438203d3e203531303139.roa
File: 323030313a3637633a6264633a3a2f34382d3438203d3e203531303139.roa (raw, json)
Hash identifier: r78q080nc2WpQhIds9rxyP241oKMiWSxyFqoCT6mBrQ=
Subject key identifier: E1:E5:CE:5F:AC:1A:15:48:1A:6E:4B:1F:22:E4:21:C3:C0:69:D8:34
Certificate issuer: /CN=d2ff07932c3f4c1b3465ff4f0d96484733e02ead
Certificate serial: 75954E1D009F17724320B183E04C29D633799D29
Authority key identifier: D2:FF:07:93:2C:3F:4C:1B:34:65:FF:4F:0D:96:48:47:33:E0:2E:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0v8Hkyw_TBs0Zf9PDZZIRzPgLq0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/2/323030313a3637633a6264633a3a2f34382d3438203d3e203531303139.roa
Signing time: Tue 23 Jun 2026 04:00:57 +0000
ROA not before: Tue 23 Jun 2026 03:55:57 +0000
ROA not after: Tue 22 Jun 2027 04:00:57 +0000
asID: 51019
IP address blocks: 2001:67c:bdc::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/2/D2FF07932C3F4C1B3465FF4F0D96484733E02EAD.crl
rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/2/D2FF07932C3F4C1B3465FF4F0D96484733E02EAD.mft
rsync://rpki.ripe.net/repository/DEFAULT/0v8Hkyw_TBs0Zf9PDZZIRzPgLq0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 Jul 2026 11:34:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:95:4e:1d:00:9f:17:72:43:20:b1:83:e0:4c:29:d6:33:79:9d:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2ff07932c3f4c1b3465ff4f0d96484733e02ead
Validity
Not Before: Jun 23 03:55:57 2026 GMT
Not After : Jun 22 04:00:57 2027 GMT
Subject: CN=E1E5CE5FAC1A15481A6E4B1F22E421C3C069D834
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:8a:2d:a9:a6:14:63:2b:88:a0:3d:96:b8:5d:
ab:be:56:36:ef:8d:77:45:82:77:19:b2:cf:d1:2e:
4c:44:e7:00:c6:61:1d:38:2c:b8:a7:26:bc:0d:d7:
d1:26:23:c9:f4:26:b5:16:a9:0a:65:61:74:4a:41:
91:13:b7:4a:8f:f7:47:05:09:ff:24:31:62:9f:06:
d7:4b:43:6e:11:a7:ac:76:e3:3d:e7:07:ae:56:65:
93:56:72:3d:61:ee:be:11:cd:a9:51:58:ab:54:bd:
78:a4:28:03:db:0e:4b:ba:d3:21:6c:c9:0c:24:b9:
00:51:48:91:df:60:82:ab:d0:72:d9:7c:38:cd:72:
5e:38:02:21:bb:7d:54:8d:2a:72:7d:af:40:b5:ee:
4b:68:4b:1e:6e:65:63:fd:39:44:77:67:77:e2:04:
7b:5d:ab:d1:65:b7:3e:b0:17:93:a3:1e:b9:76:11:
a0:5e:f3:2c:c7:5e:89:49:f4:1d:a7:78:68:46:d4:
24:c4:c3:69:69:80:b2:68:0f:2c:c6:41:91:0d:b0:
b7:d4:a6:ac:7c:7f:c0:a4:df:91:2e:b6:6b:bb:18:
da:2a:cb:1b:11:ef:48:2b:91:ed:59:5d:17:0a:d5:
d5:ce:7e:f9:dd:9b:ed:dc:f3:7e:49:fd:1c:f4:7d:
e5:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:E5:CE:5F:AC:1A:15:48:1A:6E:4B:1F:22:E4:21:C3:C0:69:D8:34
X509v3 Authority Key Identifier:
keyid:D2:FF:07:93:2C:3F:4C:1B:34:65:FF:4F:0D:96:48:47:33:E0:2E:AD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/2/D2FF07932C3F4C1B3465FF4F0D96484733E02EAD.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0v8Hkyw_TBs0Zf9PDZZIRzPgLq0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/2/323030313a3637633a6264633a3a2f34382d3438203d3e203531303139.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:bdc::/48
Signature Algorithm: sha256WithRSAEncryption
58:16:0b:1e:98:6e:31:8b:7d:d9:04:93:1e:56:b7:65:37:bb:
e5:8d:99:f5:f0:4d:2f:62:02:a7:b7:4e:cf:79:96:1a:c7:f1:
08:14:36:84:97:0f:3d:d8:cc:f8:8d:33:cf:f7:a9:a8:e0:8d:
3f:22:4b:8a:68:b1:1a:3d:ed:53:54:7d:fc:95:df:93:35:03:
8d:d0:97:c5:06:ae:1b:46:fe:2b:8f:35:f2:20:67:be:28:db:
e3:be:98:ec:9c:13:5e:4a:a4:45:7b:22:12:16:a5:5e:93:fb:
f8:8a:1f:7b:0e:2f:08:50:ba:36:e3:c4:7c:92:f9:80:da:b2:
b5:dc:f7:fd:4f:cf:92:dd:1f:ea:e9:fd:1b:19:e0:9e:dd:48:
15:c6:c1:33:de:71:a3:4a:de:05:38:72:d8:6e:2c:f5:4e:8f:
48:e9:1f:1f:6d:42:d2:b3:a2:b8:7e:2c:81:cf:83:8e:a3:31:
8a:f0:63:eb:80:a1:d0:51:c2:3c:c3:65:f4:ad:c9:f9:5e:fc:
57:3e:78:49:85:6a:52:66:01:b0:7b:c6:75:d7:5f:01:d5:76:
3f:3e:2c:98:bf:3b:68:49:97:7d:01:c2:90:c6:34:45:bf:9d:
ae:cd:57:19:e8:cc:84:a2:ae:68:47:44:16:2d:d9:f7:0f:37:
e8:00:38:9e
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUdZVOHQCfF3JDILGD4Ewp1jN5nSkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDJmZjA3OTMyYzNmNGMxYjM0NjVmZjRmMGQ5NjQ4NDcz
M2UwMmVhZDAeFw0yNjA2MjMwMzU1NTdaFw0yNzA2MjIwNDAwNTdaMDMxMTAvBgNV
BAMTKEUxRTVDRTVGQUMxQTE1NDgxQTZFNEIxRjIyRTQyMUMzQzA2OUQ4MzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD5ii2pphRjK4igPZa4Xau+Vjbv
jXdFgncZss/RLkxE5wDGYR04LLinJrwN19EmI8n0JrUWqQplYXRKQZETt0qP90cF
Cf8kMWKfBtdLQ24Rp6x24z3nB65WZZNWcj1h7r4RzalRWKtUvXikKAPbDku60yFs
yQwkuQBRSJHfYIKr0HLZfDjNcl44AiG7fVSNKnJ9r0C17ktoSx5uZWP9OUR3Z3fi
BHtdq9Fltz6wF5OjHrl2EaBe8yzHXolJ9B2neGhG1CTEw2lpgLJoDyzGQZENsLfU
pqx8f8Ck35Eutmu7GNoqyxsR70grke1ZXRcK1dXOfvndm+3c835J/Rz0feVfAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQU4eXOX6waFUgabksfIuQhw8Bp2DQwHwYDVR0j
BBgwFoAU0v8Hkyw/TBs0Zf9PDZZIRzPgLq0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh
ZTNmLzIvRDJGRjA3OTMyQzNGNEMxQjM0NjVGRjRGMEQ5NjQ4NDczM0UwMkVBRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzB2OEhreXdfVEJzMFpmOVBEWlpJUnpQ
Z0xxMC5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEt
NDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2NhZTNmLzIvMzIzMDMwMzEzYTM2Mzc2MzNh
NjI2NDYzM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzUzMTMwMzEzOS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHACABBnwL3DANBgkqhkiG9w0BAQsFAAOCAQEAWBYLHphuMYt92QSTHla3ZTe7
5Y2Z9fBNL2ICp7dOz3mWGsfxCBQ2hJcPPdjM+I0zz/epqOCNPyJLimixGj3tU1R9
/JXfkzUDjdCXxQauG0b+K4818iBnvijb476Y7JwTXkqkRXsiEhalXpP7+Iofew4v
CFC6NuPEfJL5gNqytdz3/U/Pkt0f6un9Gxngnt1IFcbBM95xo0reBThy2G4s9U6P
SOkfH21C0rOiuH4sgc+DjqMxivBj64Ch0FHCPMNl9K3J+V78Vz54SYVqUmYBsHvG
dddfAdV2Pz4smL87aEmXfQHCkMY0Rb+drs1XGejMhKKuaEdEFi3Z9w836AA4ng==
-----END CERTIFICATE-----
Generated at Tue Jun 30 20:25:40 2026 by rpki-client