Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/326131313a353730373a61613a3a2f34382d3438203d3e203438303730.roa
File: 326131313a353730373a61613a3a2f34382d3438203d3e203438303730.roa (raw, json)
Hash identifier: JswRhPyDtXHdt3LcnGr0rU+2WVgkSTrzy91w1+vHXG0=
Subject key identifier: 4F:DC:32:EC:A0:0C:4E:76:BA:04:58:68:9B:06:78:B1:F9:51:EB:0B
Certificate issuer: /CN=98a87cad5b710890a9528f166f4202393824e6b8
Certificate serial: 6456B994D2443D805B4920445FFFB5A034C0EBD5
Authority key identifier: 98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/326131313a353730373a61613a3a2f34382d3438203d3e203438303730.roa
Signing time: Tue 14 Oct 2025 10:37:38 +0000
ROA not before: Tue 14 Oct 2025 10:32:38 +0000
ROA not after: Tue 13 Oct 2026 10:37:38 +0000
asID: 48070
IP address blocks: 2a11:5707:aa::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl
rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.mft
rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Oct 2025 13:26:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:56:b9:94:d2:44:3d:80:5b:49:20:44:5f:ff:b5:a0:34:c0:eb:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98a87cad5b710890a9528f166f4202393824e6b8
Validity
Not Before: Oct 14 10:32:38 2025 GMT
Not After : Oct 13 10:37:38 2026 GMT
Subject: CN=4FDC32ECA00C4E76BA0458689B0678B1F951EB0B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:83:d8:b4:81:dc:58:df:8c:9a:33:12:8d:a4:
27:3b:39:e4:8a:12:1e:43:a4:6b:45:f1:f4:45:a8:
9e:a1:e6:bb:e8:12:4e:71:7e:c4:9d:95:ae:fa:73:
f1:50:9d:e9:04:0b:e1:e2:27:4b:7c:1c:83:fa:56:
78:bf:9e:8a:bc:55:54:d7:b0:92:7d:aa:83:5b:f1:
4b:82:59:98:27:63:d0:ad:19:45:94:92:2b:ab:82:
54:81:97:4a:bc:72:5d:0e:e0:da:eb:11:1a:9d:ec:
91:b0:bc:60:96:db:07:90:51:ee:44:6d:b9:7c:81:
81:69:68:8c:b8:6c:77:6b:b8:ce:4b:2b:7e:08:e7:
57:0d:8d:72:ca:e9:85:20:95:7b:ab:fa:14:c4:21:
a3:9c:f9:2e:30:7b:a1:5c:88:10:c7:a0:5d:82:48:
2c:e9:56:ac:ad:a0:c5:c5:37:ed:f1:5a:5f:88:5a:
74:40:65:af:af:3d:80:17:d1:b5:82:5d:1a:15:4b:
87:f0:27:ab:83:66:09:78:37:6f:83:ec:bd:5f:20:
e6:65:ee:03:f9:5a:54:fd:bb:b2:05:2c:c0:dc:b2:
3a:99:27:ad:fb:4c:f4:03:7e:51:2e:52:3b:53:d4:
67:69:60:10:27:b7:48:6c:c9:8d:c2:d3:e7:c6:71:
f5:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:DC:32:EC:A0:0C:4E:76:BA:04:58:68:9B:06:78:B1:F9:51:EB:0B
X509v3 Authority Key Identifier:
keyid:98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/326131313a353730373a61613a3a2f34382d3438203d3e203438303730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:5707:aa::/48
Signature Algorithm: sha256WithRSAEncryption
17:97:5f:f6:0c:1e:ec:ea:20:73:bc:0c:a1:9a:a5:72:3d:8a:
da:e1:bf:96:e5:cc:d9:17:4f:d3:c8:0a:6e:7a:33:ad:98:84:
fd:71:76:f5:fb:4e:72:07:66:be:13:49:5e:43:06:77:f0:0e:
cf:35:c5:fa:46:e4:19:27:93:55:a5:d3:a0:fb:77:cf:27:b1:
6c:fd:64:ff:5d:eb:ba:d1:e1:e0:d8:e4:74:c7:2a:ba:02:84:
c4:fa:1d:70:de:19:e1:95:e2:a1:7d:cb:4c:f9:06:02:f5:11:
c6:93:92:a3:21:14:77:26:18:6e:3e:09:2c:98:cb:89:8f:05:
20:1e:f6:e1:61:68:af:b9:cb:e3:c5:8d:64:b0:11:29:83:cb:
99:17:6b:79:67:0c:87:ce:43:8f:b1:15:00:f7:4e:e5:a0:6d:
bb:f4:f2:8d:a5:02:da:64:87:7c:82:6a:20:11:4f:f5:d0:7e:
a8:d3:37:df:18:ce:7b:81:9b:1a:b3:1b:94:c8:9d:57:4b:86:
7b:64:df:e6:af:0f:88:22:6d:f8:e4:2a:a7:e3:19:24:6c:e4:
7b:da:54:03:1b:2d:4a:07:7a:01:74:4e:83:c5:f2:8f:2f:48:
cb:1c:51:5d:74:5c:2e:df:b1:e5:9f:e8:e2:af:b7:ad:ea:ef:
26:56:a1:54
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUZFa5lNJEPYBbSSBEX/+1oDTA69UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOThhODdjYWQ1YjcxMDg5MGE5NTI4ZjE2NmY0MjAyMzkz
ODI0ZTZiODAeFw0yNTEwMTQxMDMyMzhaFw0yNjEwMTMxMDM3MzhaMDMxMTAvBgNV
BAMTKDRGREMzMkVDQTAwQzRFNzZCQTA0NTg2ODlCMDY3OEIxRjk1MUVCMEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkg9i0gdxY34yaMxKNpCc7OeSK
Eh5DpGtF8fRFqJ6h5rvoEk5xfsSdla76c/FQnekEC+HiJ0t8HIP6Vni/noq8VVTX
sJJ9qoNb8UuCWZgnY9CtGUWUkiurglSBl0q8cl0O4NrrERqd7JGwvGCW2weQUe5E
bbl8gYFpaIy4bHdruM5LK34I51cNjXLK6YUglXur+hTEIaOc+S4we6FciBDHoF2C
SCzpVqytoMXFN+3xWl+IWnRAZa+vPYAX0bWCXRoVS4fwJ6uDZgl4N2+D7L1fIOZl
7gP5WlT9u7IFLMDcsjqZJ637TPQDflEuUjtT1GdpYBAnt0hsyY3C0+fGcfWxAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUT9wy7KAMTna6BFhomwZ4sflR6wswHwYDVR0j
BBgwFoAUmKh8rVtxCJCpUo8Wb0ICOTgk5rgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZGNlMTk2ZmUtNGIxYS00NmVhLTljOTUtNGFmMTI5NjRh
NDlkLzAvOThBODdDQUQ1QjcxMDg5MEE5NTI4RjE2NkY0MjAyMzkzODI0RTZCOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL21LaDhyVnR4Q0pDcFVvOFdiMElDT1Rn
azVyZy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZGNlMTk2ZmUt
NGIxYS00NmVhLTljOTUtNGFmMTI5NjRhNDlkLzAvMzI2MTMxMzEzYTM1MzczMDM3
M2E2MTYxM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzQzODMwMzczMC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHACoRVwcAqjANBgkqhkiG9w0BAQsFAAOCAQEAF5df9gwe7Oogc7wMoZqlcj2K
2uG/luXM2RdP08gKbnozrZiE/XF29ftOcgdmvhNJXkMGd/AOzzXF+kbkGSeTVaXT
oPt3zyexbP1k/13rutHh4NjkdMcqugKExPodcN4Z4ZXioX3LTPkGAvURxpOSoyEU
dyYYbj4JLJjLiY8FIB724WFor7nL48WNZLARKYPLmRdreWcMh85Dj7EVAPdO5aBt
u/TyjaUC2mSHfIJqIBFP9dB+qNM33xjOe4GbGrMblMidV0uGe2Tf5q8PiCJt+OQq
p+MZJGzke9pUAxstSgd6AXROg8Xyjy9IyxxRXXRcLt+x5Z/o4q+3rervJlahVA==
-----END CERTIFICATE-----
Generated at Fri Oct 17 20:31:22 2025 by rpki-client