Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/df49d7f7-bb3f-4187-be29-59ef2d89039a/0/323030313a3637383a6362303a3a2f34382d3438203d3e20323034393331.roa
File: 323030313a3637383a6362303a3a2f34382d3438203d3e20323034393331.roa (raw, json)
Hash identifier: fpn0FYUuBVhZxpN+e/uKOZM61WsCnlf3Qa38+ln9ad8=
Subject key identifier: 52:E0:37:86:34:65:3E:F0:CE:00:7D:8A:1E:CF:74:A7:7D:5E:E6:BF
Certificate issuer: /CN=547bc28c92a229a5ac78c0de287d89ce37726409
Certificate serial: 3FCFFCB130D3DB066428A882839749F9EDC6DD3A
Authority key identifier: 54:7B:C2:8C:92:A2:29:A5:AC:78:C0:DE:28:7D:89:CE:37:72:64:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VHvCjJKiKaWseMDeKH2JzjdyZAk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/df49d7f7-bb3f-4187-be29-59ef2d89039a/0/323030313a3637383a6362303a3a2f34382d3438203d3e20323034393331.roa
Signing time: Mon 22 Jun 2026 16:55:18 +0000
ROA not before: Mon 22 Jun 2026 16:50:18 +0000
ROA not after: Mon 21 Jun 2027 16:55:18 +0000
asID: 204931
IP address blocks: 2001:678:cb0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/df49d7f7-bb3f-4187-be29-59ef2d89039a/0/547BC28C92A229A5AC78C0DE287D89CE37726409.crl
rsync://rsync.paas.rpki.ripe.net/repository/df49d7f7-bb3f-4187-be29-59ef2d89039a/0/547BC28C92A229A5AC78C0DE287D89CE37726409.mft
rsync://rpki.ripe.net/repository/DEFAULT/VHvCjJKiKaWseMDeKH2JzjdyZAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 25 Jun 2026 23:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:cf:fc:b1:30:d3:db:06:64:28:a8:82:83:97:49:f9:ed:c6:dd:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=547bc28c92a229a5ac78c0de287d89ce37726409
Validity
Not Before: Jun 22 16:50:18 2026 GMT
Not After : Jun 21 16:55:18 2027 GMT
Subject: CN=52E0378634653EF0CE007D8A1ECF74A77D5EE6BF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:63:48:71:a5:8e:f7:51:50:e0:28:a7:86:ee:
60:0e:f6:55:2a:3c:ee:8e:56:fc:d9:06:d9:dd:c6:
4b:20:2c:1d:76:1f:be:5c:d4:83:06:d3:5b:9f:cd:
0f:22:ea:d0:43:56:2b:40:74:72:37:63:a4:e0:8f:
2d:cd:25:20:d1:70:85:4f:8a:ae:d6:79:af:46:03:
ee:f9:3b:8e:d3:6f:c1:87:dd:02:4c:f6:e6:74:3f:
04:1f:98:ab:03:1e:80:4c:eb:b4:70:08:17:26:79:
a6:47:af:19:b9:30:62:79:9f:58:e9:04:1f:8f:e3:
d6:aa:64:33:56:52:07:a1:06:9a:57:ab:6b:04:46:
5f:39:37:1c:d1:53:eb:c7:6f:e3:c6:79:2a:ca:6c:
74:13:9c:64:e7:d5:2c:c7:8b:43:d1:07:b5:c0:3e:
40:42:c4:54:6d:ea:7d:7d:0a:cb:76:11:9f:3a:6c:
22:6b:84:6d:ff:0f:6c:72:04:07:6f:fc:3f:50:0a:
d1:e0:e3:5a:a2:21:88:61:72:47:3a:db:ec:c5:23:
e7:92:6c:cd:17:1f:46:38:df:57:68:7d:1f:a4:d6:
71:ed:a0:35:cd:5a:43:d3:ad:cb:cd:92:aa:2b:b5:
29:b6:a8:b2:0a:da:4a:f0:6c:47:83:3a:a8:c2:05:
39:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:E0:37:86:34:65:3E:F0:CE:00:7D:8A:1E:CF:74:A7:7D:5E:E6:BF
X509v3 Authority Key Identifier:
keyid:54:7B:C2:8C:92:A2:29:A5:AC:78:C0:DE:28:7D:89:CE:37:72:64:09
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/df49d7f7-bb3f-4187-be29-59ef2d89039a/0/547BC28C92A229A5AC78C0DE287D89CE37726409.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VHvCjJKiKaWseMDeKH2JzjdyZAk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/df49d7f7-bb3f-4187-be29-59ef2d89039a/0/323030313a3637383a6362303a3a2f34382d3438203d3e20323034393331.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:cb0::/48
Signature Algorithm: sha256WithRSAEncryption
7b:8f:10:83:45:99:23:dd:96:0e:cd:35:aa:16:c3:f1:6e:ad:
e0:c1:d0:15:7a:be:8f:f6:f8:9c:10:94:55:63:83:64:2b:09:
6b:c5:10:08:fa:be:c2:4b:44:a8:5d:45:06:d5:93:b9:34:46:
90:e6:e9:1c:6e:84:ba:32:df:58:92:3d:e8:85:dd:d7:b3:02:
17:4e:3e:a5:54:78:f0:5d:e1:df:2b:84:5f:9d:08:46:24:ef:
9d:3e:40:f8:09:86:15:cb:20:88:e2:86:ee:61:e2:98:35:43:
49:ee:b7:ae:d6:1f:d5:a6:00:39:36:1f:b6:75:42:04:c7:1a:
c1:2c:7f:a2:c7:10:4f:80:71:2d:d4:2b:77:3f:c0:d4:4e:33:
c5:10:77:a8:4a:1f:34:1f:16:42:86:bb:80:ec:47:a1:33:3f:
19:1f:ec:fd:b3:99:07:03:99:ea:2e:74:c8:e1:3b:e0:f8:8a:
85:bd:5d:5b:47:d1:f9:45:05:48:4e:67:41:bd:93:4c:29:be:
7c:8c:fb:66:54:43:73:50:87:13:3b:ba:24:66:5e:02:41:57:
c4:88:33:e2:06:67:4d:10:50:5d:71:b6:1a:17:5a:78:8c:0e:
ae:07:72:e5:80:1c:6d:d8:57:ea:0b:f1:14:8f:27:d8:2c:11:
6c:cf:e1:f5
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUP8/8sTDT2wZkKKiCg5dJ+e3G3TowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTQ3YmMyOGM5MmEyMjlhNWFjNzhjMGRlMjg3ZDg5Y2Uz
NzcyNjQwOTAeFw0yNjA2MjIxNjUwMThaFw0yNzA2MjExNjU1MThaMDMxMTAvBgNV
BAMTKDUyRTAzNzg2MzQ2NTNFRjBDRTAwN0Q4QTFFQ0Y3NEE3N0Q1RUU2QkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6Y0hxpY73UVDgKKeG7mAO9lUq
PO6OVvzZBtndxksgLB12H75c1IMG01ufzQ8i6tBDVitAdHI3Y6Tgjy3NJSDRcIVP
iq7Wea9GA+75O47Tb8GH3QJM9uZ0PwQfmKsDHoBM67RwCBcmeaZHrxm5MGJ5n1jp
BB+P49aqZDNWUgehBppXq2sERl85NxzRU+vHb+PGeSrKbHQTnGTn1SzHi0PRB7XA
PkBCxFRt6n19Cst2EZ86bCJrhG3/D2xyBAdv/D9QCtHg41qiIYhhckc62+zFI+eS
bM0XH0Y431dofR+k1nHtoDXNWkPTrcvNkqortSm2qLIK2krwbEeDOqjCBTkDAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUUuA3hjRlPvDOAH2KHs90p31e5r8wHwYDVR0j
BBgwFoAUVHvCjJKiKaWseMDeKH2JzjdyZAkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZGY0OWQ3ZjctYmIzZi00MTg3LWJlMjktNTllZjJkODkw
MzlhLzAvNTQ3QkMyOEM5MkEyMjlBNUFDNzhDMERFMjg3RDg5Q0UzNzcyNjQwOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1ZIdkNqSktpS2FXc2VNRGVLSDJKempk
eVpBay5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZGY0OWQ3Zjct
YmIzZi00MTg3LWJlMjktNTllZjJkODkwMzlhLzAvMzIzMDMwMzEzYTM2MzczODNh
NjM2MjMwM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzMDM0MzkzMzMxLnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAIAEGeAywMA0GCSqGSIb3DQEBCwUAA4IBAQB7jxCDRZkj3ZYOzTWqFsPx
bq3gwdAVer6P9vicEJRVY4NkKwlrxRAI+r7CS0SoXUUG1ZO5NEaQ5ukcboS6Mt9Y
kj3ohd3XswIXTj6lVHjwXeHfK4RfnQhGJO+dPkD4CYYVyyCI4obuYeKYNUNJ7reu
1h/VpgA5Nh+2dUIExxrBLH+ixxBPgHEt1Ct3P8DUTjPFEHeoSh80HxZChruA7Eeh
Mz8ZH+z9s5kHA5nqLnTI4Tvg+IqFvV1bR9H5RQVITmdBvZNMKb58jPtmVENzUIcT
O7okZl4CQVfEiDPiBmdNEFBdcbYaF1p4jA6uB3LlgBxt2FfqC/EUjyfYLBFsz+H1
-----END CERTIFICATE-----
Generated at Thu Jun 25 06:04:19 2026 by rpki-client