Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/df49d7f7-bb3f-4187-be29-59ef2d89039a/0/323030313a3637383a6362303a3a2f34382d3438203d3e203630343331.roa
File: 323030313a3637383a6362303a3a2f34382d3438203d3e203630343331.roa (raw, json)
Hash identifier: utwrqG/1k6qyhjzxqxfsIfDkj33KE0HmwhjLx5CU12Y=
Subject key identifier: A7:00:B3:91:34:90:E0:5E:17:27:DF:C1:36:46:79:38:E9:DE:39:27
Certificate issuer: /CN=547bc28c92a229a5ac78c0de287d89ce37726409
Certificate serial: 5B11D0ADD52C6405CA6166471B042D2B8EED8FB3
Authority key identifier: 54:7B:C2:8C:92:A2:29:A5:AC:78:C0:DE:28:7D:89:CE:37:72:64:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VHvCjJKiKaWseMDeKH2JzjdyZAk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/df49d7f7-bb3f-4187-be29-59ef2d89039a/0/323030313a3637383a6362303a3a2f34382d3438203d3e203630343331.roa
Signing time: Mon 21 Jul 2025 16:45:38 +0000
ROA not before: Mon 21 Jul 2025 16:40:38 +0000
ROA not after: Mon 20 Jul 2026 16:45:38 +0000
asID: 60431
IP address blocks: 2001:678:cb0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/df49d7f7-bb3f-4187-be29-59ef2d89039a/0/547BC28C92A229A5AC78C0DE287D89CE37726409.crl
rsync://rsync.paas.rpki.ripe.net/repository/df49d7f7-bb3f-4187-be29-59ef2d89039a/0/547BC28C92A229A5AC78C0DE287D89CE37726409.mft
rsync://rpki.ripe.net/repository/DEFAULT/VHvCjJKiKaWseMDeKH2JzjdyZAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 02 Aug 2025 11:21:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:11:d0:ad:d5:2c:64:05:ca:61:66:47:1b:04:2d:2b:8e:ed:8f:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=547bc28c92a229a5ac78c0de287d89ce37726409
Validity
Not Before: Jul 21 16:40:38 2025 GMT
Not After : Jul 20 16:45:38 2026 GMT
Subject: CN=A700B3913490E05E1727DFC136467938E9DE3927
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:4e:8b:3e:74:c8:f2:a3:df:8d:83:49:d9:48:
37:17:23:bc:ee:53:23:bf:26:e7:a1:65:e2:43:bc:
03:71:61:19:d3:f3:f5:0c:05:bb:fb:a0:e9:b5:31:
fe:2f:81:7d:6b:ef:0f:46:88:a9:1f:f3:bc:67:8e:
31:e2:46:22:53:27:b8:6c:9e:9b:55:b9:9a:d9:c7:
2d:4d:12:21:a3:f8:df:f4:c1:6f:62:05:c5:29:cd:
51:c8:b8:c1:dd:aa:45:54:c4:4f:1d:e4:ce:cb:3d:
2f:49:82:41:e3:f4:44:61:ab:19:51:9f:5a:bd:e0:
b8:59:e8:66:f7:03:a3:e8:7e:e3:a3:6c:7e:b9:0a:
e2:e8:59:dd:95:64:38:fe:6c:be:c3:95:dd:6b:30:
49:2b:fb:48:7a:8f:57:fd:b8:99:8c:6e:0e:b1:dd:
0d:9c:0f:63:0d:71:c1:fa:04:52:6c:97:30:97:f7:
d1:60:11:ce:24:a7:56:e7:92:77:63:55:07:83:fb:
ee:99:6e:cf:96:20:dc:1e:07:de:74:da:19:88:65:
3b:96:b7:e2:18:21:d7:8e:11:d9:a7:1d:2f:66:64:
d2:d7:cd:d5:ed:e8:13:7f:d0:22:20:df:e2:83:e2:
6b:cf:d1:af:97:8e:97:02:96:8b:71:71:39:47:b9:
2e:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:00:B3:91:34:90:E0:5E:17:27:DF:C1:36:46:79:38:E9:DE:39:27
X509v3 Authority Key Identifier:
keyid:54:7B:C2:8C:92:A2:29:A5:AC:78:C0:DE:28:7D:89:CE:37:72:64:09
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/df49d7f7-bb3f-4187-be29-59ef2d89039a/0/547BC28C92A229A5AC78C0DE287D89CE37726409.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VHvCjJKiKaWseMDeKH2JzjdyZAk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/df49d7f7-bb3f-4187-be29-59ef2d89039a/0/323030313a3637383a6362303a3a2f34382d3438203d3e203630343331.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:cb0::/48
Signature Algorithm: sha256WithRSAEncryption
09:88:2f:2c:ee:35:7f:2d:88:8f:da:59:06:a3:c0:65:63:bc:
0f:8f:6a:76:7e:6d:a6:39:23:8f:e8:32:4c:02:56:6d:eb:2e:
fd:3b:ca:c5:b6:a5:78:73:61:d4:5d:f6:32:09:95:1e:22:51:
de:64:4e:f2:90:a8:0c:de:cb:f5:82:39:a6:a8:ad:79:52:28:
da:1d:ef:66:2f:f3:da:66:13:48:7f:4a:41:60:27:9c:6c:cd:
9c:55:83:ea:3c:06:88:9c:9c:9e:96:9f:9b:6f:45:9e:4f:ad:
ba:36:a6:33:ec:33:29:c4:4f:44:2a:14:17:40:61:ad:64:cc:
c5:57:49:ca:b9:d4:77:05:39:e9:25:79:82:36:e5:d8:4b:f0:
ec:9a:c5:2b:95:f8:c7:c9:f0:7e:fa:4c:f1:5d:94:48:78:de:
ba:c2:62:a6:89:7a:08:cc:3c:fc:69:d9:f7:1f:44:3d:c9:e8:
de:76:69:40:ba:f8:96:28:aa:bb:e8:90:b1:92:ad:12:92:af:
17:3d:8f:8a:9a:69:23:37:f9:26:94:c1:f1:22:53:f1:e5:9d:
38:b8:8b:11:c6:41:b8:21:f4:93:1f:51:8d:b1:8b:17:c1:c9:
7d:6a:d7:da:8c:29:c3:e4:d4:90:62:4d:e3:d6:41:80:aa:c2:
33:ab:c6:d0
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUWxHQrdUsZAXKYWZHGwQtK47tj7MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTQ3YmMyOGM5MmEyMjlhNWFjNzhjMGRlMjg3ZDg5Y2Uz
NzcyNjQwOTAeFw0yNTA3MjExNjQwMzhaFw0yNjA3MjAxNjQ1MzhaMDMxMTAvBgNV
BAMTKEE3MDBCMzkxMzQ5MEUwNUUxNzI3REZDMTM2NDY3OTM4RTlERTM5MjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDhTos+dMjyo9+Ng0nZSDcXI7zu
UyO/JuehZeJDvANxYRnT8/UMBbv7oOm1Mf4vgX1r7w9GiKkf87xnjjHiRiJTJ7hs
nptVuZrZxy1NEiGj+N/0wW9iBcUpzVHIuMHdqkVUxE8d5M7LPS9JgkHj9ERhqxlR
n1q94LhZ6Gb3A6PofuOjbH65CuLoWd2VZDj+bL7Dld1rMEkr+0h6j1f9uJmMbg6x
3Q2cD2MNccH6BFJslzCX99FgEc4kp1bnkndjVQeD++6Zbs+WINweB9502hmIZTuW
t+IYIdeOEdmnHS9mZNLXzdXt6BN/0CIg3+KD4mvP0a+XjpcClotxcTlHuS7rAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUpwCzkTSQ4F4XJ9/BNkZ5OOneOScwHwYDVR0j
BBgwFoAUVHvCjJKiKaWseMDeKH2JzjdyZAkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZGY0OWQ3ZjctYmIzZi00MTg3LWJlMjktNTllZjJkODkw
MzlhLzAvNTQ3QkMyOEM5MkEyMjlBNUFDNzhDMERFMjg3RDg5Q0UzNzcyNjQwOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1ZIdkNqSktpS2FXc2VNRGVLSDJKempk
eVpBay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZGY0OWQ3Zjct
YmIzZi00MTg3LWJlMjktNTllZjJkODkwMzlhLzAvMzIzMDMwMzEzYTM2MzczODNh
NjM2MjMwM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzYzMDM0MzMzMS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHACABBngMsDANBgkqhkiG9w0BAQsFAAOCAQEACYgvLO41fy2Ij9pZBqPAZWO8
D49qdn5tpjkjj+gyTAJWbesu/TvKxbaleHNh1F32MgmVHiJR3mRO8pCoDN7L9YI5
pqiteVIo2h3vZi/z2mYTSH9KQWAnnGzNnFWD6jwGiJycnpafm29Fnk+tujamM+wz
KcRPRCoUF0BhrWTMxVdJyrnUdwU56SV5gjbl2Evw7JrFK5X4x8nwfvpM8V2USHje
usJipol6CMw8/GnZ9x9EPcno3nZpQLr4liiqu+iQsZKtEpKvFz2PipppIzf5JpTB
8SJT8eWdOLiLEcZBuCH0kx9RjbGLF8HJfWrX2owpw+TUkGJN49ZBgKrCM6vG0A==
-----END CERTIFICATE-----
Generated at Fri Aug 1 18:11:46 2025 by rpki-client