Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/326131343a333863303a3130343a3a2f34382d3438203d3e20323135323438.roa
File: 326131343a333863303a3130343a3a2f34382d3438203d3e20323135323438.roa (raw, json)
Hash identifier: QZeJi0O4ini6QNF1syA5gZ8HehGzsGo0INWd9T4WodA=
Subject key identifier: 9D:13:E6:82:DD:CC:1E:FF:CE:B0:86:19:1E:D5:C8:A3:49:EE:EE:F6
Certificate issuer: /CN=5cdc04bb23eaa4cecc791dfe04bb028b7e797b68
Certificate serial: 0884897FAF52744300745CF827AA570D960FCD2F
Authority key identifier: 5C:DC:04:BB:23:EA:A4:CE:CC:79:1D:FE:04:BB:02:8B:7E:79:7B:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XNwEuyPqpM7MeR3-BLsCi355e2g.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/326131343a333863303a3130343a3a2f34382d3438203d3e20323135323438.roa
Signing time: Sun 31 Aug 2025 15:12:19 +0000
ROA not before: Sun 31 Aug 2025 15:07:19 +0000
ROA not after: Sun 30 Aug 2026 15:12:19 +0000
asID: 215248
IP address blocks: 2a14:38c0:104::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/5CDC04BB23EAA4CECC791DFE04BB028B7E797B68.crl
rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/5CDC04BB23EAA4CECC791DFE04BB028B7E797B68.mft
rsync://rpki.ripe.net/repository/DEFAULT/XNwEuyPqpM7MeR3-BLsCi355e2g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 15:19:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:84:89:7f:af:52:74:43:00:74:5c:f8:27:aa:57:0d:96:0f:cd:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cdc04bb23eaa4cecc791dfe04bb028b7e797b68
Validity
Not Before: Aug 31 15:07:19 2025 GMT
Not After : Aug 30 15:12:19 2026 GMT
Subject: CN=9D13E682DDCC1EFFCEB086191ED5C8A349EEEEF6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:0c:cd:d9:a9:86:bc:f3:75:2c:2f:0a:52:01:
12:01:dc:dd:4e:07:44:d2:d6:ca:91:c4:16:a7:fb:
80:a4:44:68:2a:80:25:b9:eb:8d:46:b1:09:35:c5:
75:f0:40:19:45:2c:ce:18:7a:7a:9b:4e:69:af:bc:
25:c0:79:c8:e5:4c:ae:bc:bc:41:da:ea:19:08:84:
1f:ac:d5:77:84:9e:fb:5a:f4:49:1b:c5:6b:29:89:
8d:37:7b:10:a6:00:ad:98:6d:17:c7:ac:39:86:ce:
29:c8:b3:7b:9c:8e:8f:d0:b2:b6:b1:87:e6:74:86:
1d:9d:29:4a:b8:db:3c:e3:66:b4:51:64:08:ce:80:
45:6b:8e:33:a9:60:b5:d1:57:c4:ee:d1:00:52:a1:
ef:35:33:59:e3:45:96:f0:d4:a0:73:4e:da:e4:e4:
b3:2e:1a:01:16:04:ed:08:77:ff:ea:db:69:c9:cb:
67:4c:be:11:85:bf:e5:96:36:66:1c:c3:60:43:52:
59:11:b5:28:87:32:cd:8b:1d:97:30:2c:fe:28:23:
52:6c:6e:34:0e:f0:6f:7d:ff:cb:c8:da:30:66:bf:
ea:db:82:0e:d0:a2:ae:e8:10:cc:b1:dc:55:2e:34:
8d:3d:d4:4e:b1:93:20:f4:cf:18:81:06:14:33:93:
57:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:13:E6:82:DD:CC:1E:FF:CE:B0:86:19:1E:D5:C8:A3:49:EE:EE:F6
X509v3 Authority Key Identifier:
keyid:5C:DC:04:BB:23:EA:A4:CE:CC:79:1D:FE:04:BB:02:8B:7E:79:7B:68
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/5CDC04BB23EAA4CECC791DFE04BB028B7E797B68.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XNwEuyPqpM7MeR3-BLsCi355e2g.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/326131343a333863303a3130343a3a2f34382d3438203d3e20323135323438.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:38c0:104::/48
Signature Algorithm: sha256WithRSAEncryption
79:c4:91:65:e0:3f:4b:e7:a9:94:4b:5f:55:52:72:1a:01:25:
d3:d7:0b:73:e4:a1:c3:2e:42:a4:2c:99:c8:92:ef:5a:40:f6:
a4:5f:c0:cc:ba:28:ba:76:76:6e:cc:ec:d1:ba:19:76:27:b2:
0f:58:8e:f3:83:fd:c0:7b:f0:f3:01:aa:e2:fc:2d:98:75:b5:
30:b8:16:91:e5:a3:37:cf:7d:80:9c:be:cc:16:f8:77:ec:b9:
08:00:f3:0c:a8:9b:95:bd:5d:ee:70:0e:72:0c:03:02:59:c4:
3e:20:23:3e:00:06:a2:d2:b0:5b:79:43:34:fd:03:21:81:4b:
e1:0e:47:44:28:c2:df:8e:e2:2a:a4:4d:fc:fe:65:14:84:74:
87:72:88:19:af:14:37:c9:f9:6b:71:3e:23:2b:fc:64:59:55:
fd:95:36:70:3e:94:34:7e:24:8e:e8:d5:fb:a8:79:36:0f:c2:
2d:fc:44:4b:f6:78:6f:1d:d7:b4:0b:e4:b1:ed:a6:c4:69:8f:
1e:b3:61:5a:6f:46:a0:21:62:70:44:2f:72:de:4f:32:b6:42:
56:1c:d8:58:cd:22:30:71:f0:0e:30:4c:f2:e5:47:5b:8b:42:
35:ad:d6:f0:96:ff:75:da:3e:65:90:42:b6:ca:c7:ce:bf:e8:
ab:24:cf:1b
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgIUCISJf69SdEMAdFz4J6pXDZYPzS8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWNkYzA0YmIyM2VhYTRjZWNjNzkxZGZlMDRiYjAyOGI3
ZTc5N2I2ODAeFw0yNTA4MzExNTA3MTlaFw0yNjA4MzAxNTEyMTlaMDMxMTAvBgNV
BAMTKDlEMTNFNjgyRERDQzFFRkZDRUIwODYxOTFFRDVDOEEzNDlFRUVFRjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDDM3ZqYa883UsLwpSARIB3N1O
B0TS1sqRxBan+4CkRGgqgCW5641GsQk1xXXwQBlFLM4YenqbTmmvvCXAecjlTK68
vEHa6hkIhB+s1XeEnvta9EkbxWspiY03exCmAK2YbRfHrDmGzinIs3ucjo/Qsrax
h+Z0hh2dKUq42zzjZrRRZAjOgEVrjjOpYLXRV8Tu0QBSoe81M1njRZbw1KBzTtrk
5LMuGgEWBO0Id//q22nJy2dMvhGFv+WWNmYcw2BDUlkRtSiHMs2LHZcwLP4oI1Js
bjQO8G99/8vI2jBmv+rbgg7Qoq7oEMyx3FUuNI091E6xkyD0zxiBBhQzk1f5AgMB
AAGjggJIMIICRDAdBgNVHQ4EFgQUnRPmgt3MHv/OsIYZHtXIo0nu7vYwHwYDVR0j
BBgwFoAUXNwEuyPqpM7MeR3+BLsCi355e2gwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2QxOWRiMjAtNDY1My00OGQ0LThmYzQtNTgwZDEzNjli
N2M0LzAvNUNEQzA0QkIyM0VBQTRDRUNDNzkxREZFMDRCQjAyOEI3RTc5N0I2OC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hOd0V1eVBxcE03TWVSMy1CTHNDaTM1
NWUyZy5jZXIwgbUGCCsGAQUFBwELBIGoMIGlMIGiBggrBgEFBQcwC4aBlXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2QxOWRiMjAt
NDY1My00OGQ0LThmYzQtNTgwZDEzNjliN2M0LzAvMzI2MTMxMzQzYTMzMzg2MzMw
M2EzMTMwMzQzYTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMjMxMzUzMjM0Mzgucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8E
AgACMAkDBwAqFDjAAQQwDQYJKoZIhvcNAQELBQADggEBAHnEkWXgP0vnqZRLX1VS
choBJdPXC3PkocMuQqQsmciS71pA9qRfwMy6KLp2dm7M7NG6GXYnsg9YjvOD/cB7
8PMBquL8LZh1tTC4FpHlozfPfYCcvswW+HfsuQgA8wyom5W9Xe5wDnIMAwJZxD4g
Iz4ABqLSsFt5QzT9AyGBS+EOR0Qowt+O4iqkTfz+ZRSEdIdyiBmvFDfJ+WtxPiMr
/GRZVf2VNnA+lDR+JI7o1fuoeTYPwi38REv2eG8d17QL5LHtpsRpjx6zYVpvRqAh
YnBEL3LeTzK2QlYc2FjNIjBx8A4wTPLlR1uLQjWt1vCW/3XaPmWQQrbKx86/6Ksk
zxs=
-----END CERTIFICATE-----
Generated at Mon Sep 8 05:11:14 2025 by rpki-client