Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/326131343a333863303a3130343a3a2f34382d3438203d3e20333936303634.roa
File: 326131343a333863303a3130343a3a2f34382d3438203d3e20333936303634.roa (raw, json)
Hash identifier: uQC+ycpajw6LG1MwmEH2bQGDaDjqft9mY/Ula5mB0Rs=
Subject key identifier: 92:81:F0:3E:76:A6:2F:9D:60:65:E1:38:90:34:B4:8A:CC:A8:C5:80
Certificate issuer: /CN=5cdc04bb23eaa4cecc791dfe04bb028b7e797b68
Certificate serial: 53C061D5FEBF054499F35A0222F027537365F7B3
Authority key identifier: 5C:DC:04:BB:23:EA:A4:CE:CC:79:1D:FE:04:BB:02:8B:7E:79:7B:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XNwEuyPqpM7MeR3-BLsCi355e2g.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/326131343a333863303a3130343a3a2f34382d3438203d3e20333936303634.roa
Signing time: Sun 31 Aug 2025 15:12:28 +0000
ROA not before: Sun 31 Aug 2025 15:07:28 +0000
ROA not after: Sun 30 Aug 2026 15:12:28 +0000
asID: 396064
IP address blocks: 2a14:38c0:104::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/5CDC04BB23EAA4CECC791DFE04BB028B7E797B68.crl
rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/5CDC04BB23EAA4CECC791DFE04BB028B7E797B68.mft
rsync://rpki.ripe.net/repository/DEFAULT/XNwEuyPqpM7MeR3-BLsCi355e2g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 15:19:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:c0:61:d5:fe:bf:05:44:99:f3:5a:02:22:f0:27:53:73:65:f7:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cdc04bb23eaa4cecc791dfe04bb028b7e797b68
Validity
Not Before: Aug 31 15:07:28 2025 GMT
Not After : Aug 30 15:12:28 2026 GMT
Subject: CN=9281F03E76A62F9D6065E1389034B48ACCA8C580
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:9d:00:2f:c6:38:c4:f3:a5:9e:47:dc:79:76:
37:d4:8a:25:b5:e3:b1:af:66:1d:23:95:ec:94:9c:
10:a7:21:a8:73:26:ac:af:32:21:42:39:49:5a:f0:
3a:6f:b5:9f:d8:4b:da:be:fe:53:b9:0d:fe:01:6d:
ff:b3:25:ff:a1:3e:fb:66:d1:3f:dc:07:f4:f0:e4:
80:ad:02:43:d5:85:6d:9d:6d:98:a8:00:f3:c5:79:
fe:25:b8:5a:b8:70:8f:68:d4:f9:9c:3e:7b:ce:55:
6c:a7:99:48:fd:4c:8c:1c:60:47:46:6c:b3:b5:b2:
06:3e:e2:65:6e:fa:40:00:40:d6:3f:c1:fc:c6:b0:
41:48:28:22:32:e9:b5:c9:ed:9a:46:84:15:70:0c:
fb:d2:5f:0b:f3:94:de:ca:2a:a3:cb:db:0c:d7:27:
6b:06:cb:a4:84:77:27:41:6e:0f:1f:41:6f:89:95:
e6:06:cd:55:63:24:05:70:06:ac:79:01:b5:50:4d:
61:6f:0f:52:b7:d4:ca:b2:54:a5:f5:43:8b:ee:ed:
4f:d4:66:22:47:13:00:88:f0:3a:59:a0:39:55:6c:
70:d7:67:5d:67:d3:ee:0d:9c:b5:9c:a2:d8:66:b9:
af:a4:f5:95:f1:4d:b2:ad:98:4d:de:91:7d:9b:f4:
ff:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:81:F0:3E:76:A6:2F:9D:60:65:E1:38:90:34:B4:8A:CC:A8:C5:80
X509v3 Authority Key Identifier:
keyid:5C:DC:04:BB:23:EA:A4:CE:CC:79:1D:FE:04:BB:02:8B:7E:79:7B:68
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/5CDC04BB23EAA4CECC791DFE04BB028B7E797B68.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XNwEuyPqpM7MeR3-BLsCi355e2g.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/326131343a333863303a3130343a3a2f34382d3438203d3e20333936303634.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:38c0:104::/48
Signature Algorithm: sha256WithRSAEncryption
8d:3d:8a:9e:c4:40:77:22:f6:6f:29:4a:5d:eb:a7:63:7e:ad:
4f:0f:f5:0b:b5:ee:e9:1d:7b:88:f6:ca:7e:76:1a:40:9b:66:
bb:0e:24:03:4a:c2:9a:3b:f7:e1:81:a7:30:79:ac:e7:6b:bc:
3c:a4:c6:1f:b5:2f:37:4f:3d:52:ed:5f:11:3d:dd:c0:61:d1:
d6:62:5e:c0:15:e4:cf:e1:ec:98:de:1f:eb:ec:47:5f:0d:2e:
6f:20:61:05:76:de:f6:71:aa:7a:2b:f7:ae:66:37:9c:12:bc:
f4:74:fd:27:57:6e:76:2e:77:2a:a4:46:22:9e:d8:c3:76:76:
55:a9:cb:8c:63:cf:34:df:08:1e:8c:62:7a:b9:b5:03:08:1e:
2e:54:7d:19:f3:cb:4b:ad:45:99:88:9a:62:f4:30:96:07:61:
83:17:c8:9b:f6:91:aa:f2:35:a6:15:63:f8:2f:e5:b3:07:47:
8a:7f:57:c4:85:be:90:f8:29:48:cb:30:f6:ea:37:b5:aa:37:
71:26:34:bc:90:72:aa:0f:3a:29:9d:6d:50:d9:c2:7e:a2:0a:
b9:df:ba:85:e9:ff:92:26:19:a8:71:55:6b:fc:39:38:7a:58:
8d:ff:09:39:d7:9a:16:91:45:08:13:2d:93:0e:48:cf:52:ef:
c6:91:d0:f5
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgIUU8Bh1f6/BUSZ81oCIvAnU3Nl97MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWNkYzA0YmIyM2VhYTRjZWNjNzkxZGZlMDRiYjAyOGI3
ZTc5N2I2ODAeFw0yNTA4MzExNTA3MjhaFw0yNjA4MzAxNTEyMjhaMDMxMTAvBgNV
BAMTKDkyODFGMDNFNzZBNjJGOUQ2MDY1RTEzODkwMzRCNDhBQ0NBOEM1ODAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtnQAvxjjE86WeR9x5djfUiiW1
47GvZh0jleyUnBCnIahzJqyvMiFCOUla8DpvtZ/YS9q+/lO5Df4Bbf+zJf+hPvtm
0T/cB/Tw5ICtAkPVhW2dbZioAPPFef4luFq4cI9o1PmcPnvOVWynmUj9TIwcYEdG
bLO1sgY+4mVu+kAAQNY/wfzGsEFIKCIy6bXJ7ZpGhBVwDPvSXwvzlN7KKqPL2wzX
J2sGy6SEdydBbg8fQW+JleYGzVVjJAVwBqx5AbVQTWFvD1K31MqyVKX1Q4vu7U/U
ZiJHEwCI8DpZoDlVbHDXZ11n0+4NnLWcothmua+k9ZXxTbKtmE3ekX2b9P97AgMB
AAGjggJIMIICRDAdBgNVHQ4EFgQUkoHwPnamL51gZeE4kDS0isyoxYAwHwYDVR0j
BBgwFoAUXNwEuyPqpM7MeR3+BLsCi355e2gwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2QxOWRiMjAtNDY1My00OGQ0LThmYzQtNTgwZDEzNjli
N2M0LzAvNUNEQzA0QkIyM0VBQTRDRUNDNzkxREZFMDRCQjAyOEI3RTc5N0I2OC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hOd0V1eVBxcE03TWVSMy1CTHNDaTM1
NWUyZy5jZXIwgbUGCCsGAQUFBwELBIGoMIGlMIGiBggrBgEFBQcwC4aBlXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2QxOWRiMjAt
NDY1My00OGQ0LThmYzQtNTgwZDEzNjliN2M0LzAvMzI2MTMxMzQzYTMzMzg2MzMw
M2EzMTMwMzQzYTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMzM5MzYzMDM2MzQucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8E
AgACMAkDBwAqFDjAAQQwDQYJKoZIhvcNAQELBQADggEBAI09ip7EQHci9m8pSl3r
p2N+rU8P9Qu17ukde4j2yn52GkCbZrsOJANKwpo79+GBpzB5rOdrvDykxh+1LzdP
PVLtXxE93cBh0dZiXsAV5M/h7JjeH+vsR18NLm8gYQV23vZxqnor965mN5wSvPR0
/SdXbnYudyqkRiKe2MN2dlWpy4xjzzTfCB6MYnq5tQMIHi5UfRnzy0utRZmImmL0
MJYHYYMXyJv2karyNaYVY/gv5bMHR4p/V8SFvpD4KUjLMPbqN7WqN3EmNLyQcqoP
OimdbVDZwn6iCrnfuoXp/5ImGahxVWv8OTh6WI3/CTnXmhaRRQgTLZMOSM9S78aR
0PU=
-----END CERTIFICATE-----
Generated at Mon Sep 8 05:11:19 2025 by rpki-client