Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/df49d7f7-bb3f-4187-be29-59ef2d89039a/0/323030313a3637383a6362303a3a2f34382d3438203d3e20323034393331.roa
File: 323030313a3637383a6362303a3a2f34382d3438203d3e20323034393331.roa (raw, json)
Hash identifier: dHqMpXO8Fn1QmdwMgzIUNohViMqf6+wcagP7yILYRFI=
Subject key identifier: 8C:AF:62:AD:B3:65:ED:A4:2F:96:F6:35:E6:24:6B:7E:6B:3D:ED:ED
Certificate issuer: /CN=547bc28c92a229a5ac78c0de287d89ce37726409
Certificate serial: 29F9E8E0EA6E010493D07C1D93D8EDCFD1BE8CB8
Authority key identifier: 54:7B:C2:8C:92:A2:29:A5:AC:78:C0:DE:28:7D:89:CE:37:72:64:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VHvCjJKiKaWseMDeKH2JzjdyZAk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/df49d7f7-bb3f-4187-be29-59ef2d89039a/0/323030313a3637383a6362303a3a2f34382d3438203d3e20323034393331.roa
Signing time: Mon 21 Jul 2025 16:45:38 +0000
ROA not before: Mon 21 Jul 2025 16:40:38 +0000
ROA not after: Mon 20 Jul 2026 16:45:38 +0000
asID: 204931
IP address blocks: 2001:678:cb0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/df49d7f7-bb3f-4187-be29-59ef2d89039a/0/547BC28C92A229A5AC78C0DE287D89CE37726409.crl
rsync://rsync.paas.rpki.ripe.net/repository/df49d7f7-bb3f-4187-be29-59ef2d89039a/0/547BC28C92A229A5AC78C0DE287D89CE37726409.mft
rsync://rpki.ripe.net/repository/DEFAULT/VHvCjJKiKaWseMDeKH2JzjdyZAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 02 Aug 2025 11:21:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:f9:e8:e0:ea:6e:01:04:93:d0:7c:1d:93:d8:ed:cf:d1:be:8c:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=547bc28c92a229a5ac78c0de287d89ce37726409
Validity
Not Before: Jul 21 16:40:38 2025 GMT
Not After : Jul 20 16:45:38 2026 GMT
Subject: CN=8CAF62ADB365EDA42F96F635E6246B7E6B3DEDED
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:ec:53:68:c8:d7:58:8d:64:d4:87:31:2e:63:
20:5b:4a:70:f3:5d:a9:44:33:bc:43:16:e7:3d:ca:
16:3d:0b:4b:c5:02:3a:27:2d:8c:37:93:6a:d3:a3:
a7:af:c0:75:f8:35:e2:81:6d:07:ab:df:98:55:67:
bd:a9:07:65:89:c5:da:1c:7d:39:97:bd:06:c2:d5:
bb:da:91:30:ec:8b:e7:ae:d1:72:0e:4b:5a:9d:9d:
4c:f2:91:27:9d:d2:a6:99:43:05:e4:68:c4:2d:51:
c2:3d:2a:4c:72:fe:1e:d9:69:2a:61:b0:4e:33:0d:
c1:08:e8:23:c6:0a:bc:40:b4:c7:a2:e0:e9:9e:1c:
68:69:b1:19:b2:e4:03:1a:31:0a:d4:f4:78:87:d0:
ce:9d:fb:88:b5:0f:c1:4a:0f:b5:d1:8c:ed:64:e8:
6a:36:c1:b5:7f:9f:3e:9f:b0:6b:59:38:f5:f2:dd:
3e:dc:6d:bb:29:e7:d9:73:91:fe:97:cd:f3:ec:29:
8c:31:6f:76:7a:0a:79:a0:07:be:2b:85:5a:e6:d5:
12:9b:5a:9a:61:0b:2b:81:28:72:8a:52:f6:24:40:
90:64:5c:d4:60:90:14:0a:1c:76:b5:9e:11:b8:fe:
6f:68:2f:a2:c4:33:b7:6f:de:38:97:d9:c4:1f:c1:
8c:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:AF:62:AD:B3:65:ED:A4:2F:96:F6:35:E6:24:6B:7E:6B:3D:ED:ED
X509v3 Authority Key Identifier:
keyid:54:7B:C2:8C:92:A2:29:A5:AC:78:C0:DE:28:7D:89:CE:37:72:64:09
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/df49d7f7-bb3f-4187-be29-59ef2d89039a/0/547BC28C92A229A5AC78C0DE287D89CE37726409.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VHvCjJKiKaWseMDeKH2JzjdyZAk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/df49d7f7-bb3f-4187-be29-59ef2d89039a/0/323030313a3637383a6362303a3a2f34382d3438203d3e20323034393331.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:cb0::/48
Signature Algorithm: sha256WithRSAEncryption
10:03:21:9d:4f:3a:ac:dc:e2:10:15:6f:b4:34:20:b9:bf:dc:
6d:dc:0b:62:22:28:92:89:88:ed:b2:0d:5e:13:14:1a:b7:c8:
a4:40:6c:c0:9d:6b:5a:a3:eb:6e:3f:b5:37:ff:7d:36:f7:03:
85:ce:56:ba:ed:66:cd:32:fb:bf:20:4f:7c:a1:a9:1c:42:72:
bb:1c:e3:b7:75:02:77:d0:e4:dd:de:89:a3:26:c9:b1:00:b7:
42:98:10:9a:56:59:59:f5:85:b9:74:a1:15:a7:0f:65:f1:30:
13:9f:27:4c:fe:b2:c8:05:b1:df:7d:36:bc:00:68:b1:56:c7:
86:4e:19:22:44:39:9c:57:3d:f0:e2:95:a7:1d:ca:09:22:6a:
af:fa:67:47:c1:c0:ae:1a:90:ae:7c:43:95:b3:a1:1e:aa:76:
7f:aa:04:93:10:1a:e9:67:79:21:33:6d:93:f1:9e:cd:2b:c0:
53:b0:e3:f1:00:eb:4d:cf:de:d6:58:ca:0e:09:10:6e:48:5a:
78:a1:de:32:23:f3:ef:3c:73:e6:97:19:25:da:56:f0:b3:5d:
51:99:bc:8e:8f:70:de:3d:26:cb:81:a3:05:43:09:5f:b5:c6:
8f:4b:9c:51:f6:d4:b2:34:98:61:2a:8b:26:36:43:41:e9:de:
b0:a8:c7:db
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUKfno4OpuAQST0Hwdk9jtz9G+jLgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTQ3YmMyOGM5MmEyMjlhNWFjNzhjMGRlMjg3ZDg5Y2Uz
NzcyNjQwOTAeFw0yNTA3MjExNjQwMzhaFw0yNjA3MjAxNjQ1MzhaMDMxMTAvBgNV
BAMTKDhDQUY2MkFEQjM2NUVEQTQyRjk2RjYzNUU2MjQ2QjdFNkIzREVERUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCr7FNoyNdYjWTUhzEuYyBbSnDz
XalEM7xDFuc9yhY9C0vFAjonLYw3k2rTo6evwHX4NeKBbQer35hVZ72pB2WJxdoc
fTmXvQbC1bvakTDsi+eu0XIOS1qdnUzykSed0qaZQwXkaMQtUcI9Kkxy/h7ZaSph
sE4zDcEI6CPGCrxAtMei4OmeHGhpsRmy5AMaMQrU9HiH0M6d+4i1D8FKD7XRjO1k
6Go2wbV/nz6fsGtZOPXy3T7cbbsp59lzkf6XzfPsKYwxb3Z6CnmgB74rhVrm1RKb
WpphCyuBKHKKUvYkQJBkXNRgkBQKHHa1nhG4/m9oL6LEM7dv3jiX2cQfwYx9AgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUjK9irbNl7aQvlvY15iRrfms97e0wHwYDVR0j
BBgwFoAUVHvCjJKiKaWseMDeKH2JzjdyZAkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZGY0OWQ3ZjctYmIzZi00MTg3LWJlMjktNTllZjJkODkw
MzlhLzAvNTQ3QkMyOEM5MkEyMjlBNUFDNzhDMERFMjg3RDg5Q0UzNzcyNjQwOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1ZIdkNqSktpS2FXc2VNRGVLSDJKempk
eVpBay5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZGY0OWQ3Zjct
YmIzZi00MTg3LWJlMjktNTllZjJkODkwMzlhLzAvMzIzMDMwMzEzYTM2MzczODNh
NjM2MjMwM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzMDM0MzkzMzMxLnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAIAEGeAywMA0GCSqGSIb3DQEBCwUAA4IBAQAQAyGdTzqs3OIQFW+0NCC5
v9xt3AtiIiiSiYjtsg1eExQat8ikQGzAnWtao+tuP7U3/3029wOFzla67WbNMvu/
IE98oakcQnK7HOO3dQJ30OTd3omjJsmxALdCmBCaVllZ9YW5dKEVpw9l8TATnydM
/rLIBbHffTa8AGixVseGThkiRDmcVz3w4pWnHcoJImqv+mdHwcCuGpCufEOVs6Ee
qnZ/qgSTEBrpZ3khM22T8Z7NK8BTsOPxAOtNz97WWMoOCRBuSFp4od4yI/PvPHPm
lxkl2lbws11RmbyOj3DePSbLgaMFQwlftcaPS5xR9tSyNJhhKosmNkNB6d6wqMfb
-----END CERTIFICATE-----
Generated at Fri Aug 1 18:11:29 2025 by rpki-client