Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/cce00cf9-04a5-43d1-8b89-edfa60cd8d4a/2/323030313a3637633a313139303a626162653a3a2f36342d3634203d3e203537373832.roa
File: 323030313a3637633a313139303a626162653a3a2f36342d3634203d3e203537373832.roa (raw, json)
Hash identifier: Pxf4B7ZT6gV1TWVd3qoH34uVviW8HXPSyFTn+jTKS9w=
Subject key identifier: 96:C7:65:08:72:33:7D:30:B3:F7:82:B0:59:9C:33:5D:B0:00:F1:6F
Certificate issuer: /CN=926cb33722a3493216283dc80cae0ee9d58874f2
Certificate serial: 75D41CB75D514818EAD20406B4135E5447ADA4D7
Authority key identifier: 92:6C:B3:37:22:A3:49:32:16:28:3D:C8:0C:AE:0E:E9:D5:88:74:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kmyzNyKjSTIWKD3IDK4O6dWIdPI.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/cce00cf9-04a5-43d1-8b89-edfa60cd8d4a/2/323030313a3637633a313139303a626162653a3a2f36342d3634203d3e203537373832.roa
Signing time: Sat 20 Sep 2025 01:02:54 +0000
ROA not before: Sat 20 Sep 2025 00:57:54 +0000
ROA not after: Sat 19 Sep 2026 01:02:54 +0000
asID: 57782
IP address blocks: 2001:67c:1190:babe::/64 maxlen: 64
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/cce00cf9-04a5-43d1-8b89-edfa60cd8d4a/2/926CB33722A3493216283DC80CAE0EE9D58874F2.crl
rsync://rsync.paas.rpki.ripe.net/repository/cce00cf9-04a5-43d1-8b89-edfa60cd8d4a/2/926CB33722A3493216283DC80CAE0EE9D58874F2.mft
rsync://rpki.ripe.net/repository/DEFAULT/kmyzNyKjSTIWKD3IDK4O6dWIdPI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 Oct 2025 00:14:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:d4:1c:b7:5d:51:48:18:ea:d2:04:06:b4:13:5e:54:47:ad:a4:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=926cb33722a3493216283dc80cae0ee9d58874f2
Validity
Not Before: Sep 20 00:57:54 2025 GMT
Not After : Sep 19 01:02:54 2026 GMT
Subject: CN=96C7650872337D30B3F782B0599C335DB000F16F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:f8:79:4e:cb:ea:a5:c4:08:59:47:38:b3:79:
05:80:ab:cc:57:02:d6:8c:62:cf:50:e5:4f:b5:22:
da:e1:46:29:f2:6e:45:e0:aa:21:a8:d1:f2:e6:3f:
97:35:71:44:eb:e8:e9:68:95:c6:fb:e1:2a:52:67:
1b:ba:59:d2:e7:b9:0c:1a:ec:d8:78:9f:78:7c:37:
7f:90:63:83:3d:c2:2e:d2:45:a6:05:62:3d:4e:8e:
26:91:cd:82:84:fe:1d:a1:10:32:96:8d:1a:42:0f:
07:10:4b:45:73:61:f7:e9:ae:1b:51:ca:df:26:ce:
40:1d:19:9a:52:88:c6:8e:77:e6:e2:3e:23:be:2d:
24:0c:d8:23:4a:1a:83:18:a2:24:66:22:e3:7c:9a:
55:14:ae:ae:00:56:ab:d6:06:26:cf:25:e2:31:7d:
a4:27:4b:a8:05:21:1b:41:b3:6a:5e:e4:23:c6:53:
c4:1b:18:65:fa:e4:c6:24:7a:b4:9a:7e:d6:ca:85:
14:dd:30:c3:6a:53:d0:c0:8c:8f:55:35:5e:97:68:
be:aa:18:cc:c1:71:43:72:10:56:78:24:eb:ae:0b:
68:b3:8e:7f:0a:03:eb:6e:a4:56:5a:db:e8:65:69:
35:73:97:be:c2:ce:ca:4e:9f:42:b7:21:2a:6e:31:
43:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:C7:65:08:72:33:7D:30:B3:F7:82:B0:59:9C:33:5D:B0:00:F1:6F
X509v3 Authority Key Identifier:
keyid:92:6C:B3:37:22:A3:49:32:16:28:3D:C8:0C:AE:0E:E9:D5:88:74:F2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/cce00cf9-04a5-43d1-8b89-edfa60cd8d4a/2/926CB33722A3493216283DC80CAE0EE9D58874F2.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kmyzNyKjSTIWKD3IDK4O6dWIdPI.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/cce00cf9-04a5-43d1-8b89-edfa60cd8d4a/2/323030313a3637633a313139303a626162653a3a2f36342d3634203d3e203537373832.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:1190:babe::/64
Signature Algorithm: sha256WithRSAEncryption
0e:6e:e6:09:f2:d7:a5:9c:a0:aa:2b:a9:35:8d:20:1f:2d:c6:
0c:8c:c1:26:87:06:b3:be:43:7b:83:a9:3c:ec:db:98:ae:0e:
d8:bd:f9:dd:7a:cf:6b:e3:2e:91:6b:34:54:4a:1b:f3:a7:4b:
0e:a5:38:b4:bc:2e:eb:dd:e4:fc:a5:07:a9:49:b4:50:36:5e:
f3:a9:f9:81:72:a6:2f:89:3e:dd:2b:a1:a5:96:11:55:48:23:
4d:91:91:7b:fe:e7:75:f2:0b:47:25:74:fd:64:b2:16:17:76:
d8:fa:4e:d6:70:19:25:c5:64:29:86:45:f5:c2:8b:8f:21:5a:
dd:e5:d5:62:43:41:10:5c:f7:7a:17:46:ef:d7:50:51:08:04:
ce:ad:cc:2d:72:7f:1f:77:f3:fb:8f:ca:ac:e8:1e:e7:99:c6:
10:dd:43:50:76:cb:38:57:c6:60:b9:be:dd:62:55:13:b4:6f:
cf:12:af:90:ac:d5:ab:92:f4:bc:0c:85:45:66:7f:bd:59:fa:
c6:f8:72:fb:98:81:31:b0:e7:86:aa:dd:ce:e0:45:e0:2f:ec:
24:47:f1:60:40:3d:45:19:90:1c:98:d8:cc:7a:d3:7c:cb:56:
7b:06:8d:da:2a:a3:f1:14:31:59:65:03:b8:05:63:04:10:6a:
a7:7a:db:92
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgIUddQct11RSBjq0gQGtBNeVEetpNcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTI2Y2IzMzcyMmEzNDkzMjE2MjgzZGM4MGNhZTBlZTlk
NTg4NzRmMjAeFw0yNTA5MjAwMDU3NTRaFw0yNjA5MTkwMTAyNTRaMDMxMTAvBgNV
BAMTKDk2Qzc2NTA4NzIzMzdEMzBCM0Y3ODJCMDU5OUMzMzVEQjAwMEYxNkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCT+HlOy+qlxAhZRzizeQWAq8xX
AtaMYs9Q5U+1ItrhRinybkXgqiGo0fLmP5c1cUTr6Ololcb74SpSZxu6WdLnuQwa
7Nh4n3h8N3+QY4M9wi7SRaYFYj1OjiaRzYKE/h2hEDKWjRpCDwcQS0VzYffprhtR
yt8mzkAdGZpSiMaOd+biPiO+LSQM2CNKGoMYoiRmIuN8mlUUrq4AVqvWBibPJeIx
faQnS6gFIRtBs2pe5CPGU8QbGGX65MYkerSaftbKhRTdMMNqU9DAjI9VNV6XaL6q
GMzBcUNyEFZ4JOuuC2izjn8KA+tupFZa2+hlaTVzl77CzspOn0K3ISpuMUMlAgMB
AAGjggJSMIICTjAdBgNVHQ4EFgQUlsdlCHIzfTCz94KwWZwzXbAA8W8wHwYDVR0j
BBgwFoAUkmyzNyKjSTIWKD3IDK4O6dWIdPIwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2NlMDBjZjktMDRhNS00M2QxLThiODktZWRmYTYwY2Q4
ZDRhLzIvOTI2Q0IzMzcyMkEzNDkzMjE2MjgzREM4MENBRTBFRTlENTg4NzRGMi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2tteXpOeUtqU1RJV0tEM0lESzRPNmRX
SWRQSS5jZXIwgb0GCCsGAQUFBwELBIGwMIGtMIGqBggrBgEFBQcwC4aBnXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2NlMDBjZjkt
MDRhNS00M2QxLThiODktZWRmYTYwY2Q4ZDRhLzIvMzIzMDMwMzEzYTM2Mzc2MzNh
MzEzMTM5MzAzYTYyNjE2MjY1M2EzYTJmMzYzNDJkMzYzNDIwM2QzZTIwMzUzNzM3
MzgzMi5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAkBggrBgEFBQcBBwEB
/wQVMBMwEQQCAAIwCwMJACABBnwRkLq+MA0GCSqGSIb3DQEBCwUAA4IBAQAObuYJ
8telnKCqK6k1jSAfLcYMjMEmhwazvkN7g6k87NuYrg7Yvfndes9r4y6RazRUShvz
p0sOpTi0vC7r3eT8pQepSbRQNl7zqfmBcqYviT7dK6GllhFVSCNNkZF7/ud18gtH
JXT9ZLIWF3bY+k7WcBklxWQphkX1wouPIVrd5dViQ0EQXPd6F0bv11BRCATOrcwt
cn8fd/P7j8qs6B7nmcYQ3UNQdss4V8Zgub7dYlUTtG/PEq+QrNWrkvS8DIVFZn+9
WfrG+HL7mIExsOeGqt3O4EXgL+wkR/FgQD1FGZAcmNjMetN8y1Z7Bo3aKqPxFDFZ
ZQO4BWMEEGqnetuS
-----END CERTIFICATE-----
Generated at Sat Oct 18 14:28:30 2025 by rpki-client