Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e26eb136-4fe5-4e61-a4d8-f345f52bc25d/0/326130663a316363353a31303a3a2f34342d3438203d3e20313533333736.roa
File: 326130663a316363353a31303a3a2f34342d3438203d3e20313533333736.roa (raw, json)
Hash identifier: nbwRx9WqOhyBtRMERDbvSdUK0ttelKjtK9W21b7svLM=
Subject key identifier: 53:C9:0F:FD:87:FF:07:AC:5E:11:AC:90:B8:8A:F2:30:28:B3:5F:47
Certificate issuer: /CN=75a838e02c61800f73d3019de0a51f567b64bc0e
Certificate serial: 795BA60FD79AD72112328EF4ED3EC781215CD8DD
Authority key identifier: 75:A8:38:E0:2C:61:80:0F:73:D3:01:9D:E0:A5:1F:56:7B:64:BC:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dag44CxhgA9z0wGd4KUfVntkvA4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e26eb136-4fe5-4e61-a4d8-f345f52bc25d/0/326130663a316363353a31303a3a2f34342d3438203d3e20313533333736.roa
Signing time: Fri 24 Oct 2025 17:56:42 +0000
ROA not before: Fri 24 Oct 2025 17:51:42 +0000
ROA not after: Fri 23 Oct 2026 17:56:42 +0000
asID: 153376
IP address blocks: 2a0f:1cc5:10::/44 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e26eb136-4fe5-4e61-a4d8-f345f52bc25d/0/75A838E02C61800F73D3019DE0A51F567B64BC0E.crl
rsync://rsync.paas.rpki.ripe.net/repository/e26eb136-4fe5-4e61-a4d8-f345f52bc25d/0/75A838E02C61800F73D3019DE0A51F567B64BC0E.mft
rsync://rpki.ripe.net/repository/DEFAULT/dag44CxhgA9z0wGd4KUfVntkvA4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 15:57:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:5b:a6:0f:d7:9a:d7:21:12:32:8e:f4:ed:3e:c7:81:21:5c:d8:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75a838e02c61800f73d3019de0a51f567b64bc0e
Validity
Not Before: Oct 24 17:51:42 2025 GMT
Not After : Oct 23 17:56:42 2026 GMT
Subject: CN=53C90FFD87FF07AC5E11AC90B88AF23028B35F47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:64:46:62:86:15:13:36:ef:18:64:c7:ae:7e:
02:71:18:c4:76:ad:06:37:3b:70:81:7e:ca:37:40:
da:d6:2d:45:2d:3f:6c:f5:f0:cb:7e:ca:29:d8:2e:
d6:18:9f:71:b5:45:57:d5:35:d8:0d:18:0a:cd:44:
a2:06:65:22:7b:f6:c5:8d:11:61:9e:cb:c6:0d:13:
10:83:44:7a:e7:9b:e7:fe:3f:8b:83:7f:55:74:1d:
7c:3b:0f:83:5c:cf:c9:ec:67:f3:33:fc:32:8e:cf:
ee:73:20:94:9e:69:3a:92:1e:e1:69:58:2a:c1:78:
e6:1d:b5:fa:a6:a1:ab:94:9e:78:15:0c:bc:80:a8:
48:a5:48:b2:c7:7e:3d:d9:56:cf:36:88:7e:ef:55:
e5:3d:66:f6:fa:38:be:0d:ae:39:78:71:5c:2d:d6:
70:d6:e8:d7:64:59:e0:32:64:58:43:93:38:70:93:
3b:13:b1:64:f9:7e:46:68:a0:40:5c:c6:8e:53:b6:
47:b7:12:a9:6c:be:53:75:2d:a5:4f:21:ac:75:c9:
d4:16:0a:c7:f8:40:a9:40:a2:3e:17:b3:98:8f:c5:
18:d0:26:b2:aa:de:f4:76:b8:46:1b:02:59:89:13:
cd:50:c1:a3:28:9c:92:9e:8f:b9:df:73:a8:a8:ca:
23:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:C9:0F:FD:87:FF:07:AC:5E:11:AC:90:B8:8A:F2:30:28:B3:5F:47
X509v3 Authority Key Identifier:
keyid:75:A8:38:E0:2C:61:80:0F:73:D3:01:9D:E0:A5:1F:56:7B:64:BC:0E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e26eb136-4fe5-4e61-a4d8-f345f52bc25d/0/75A838E02C61800F73D3019DE0A51F567B64BC0E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dag44CxhgA9z0wGd4KUfVntkvA4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e26eb136-4fe5-4e61-a4d8-f345f52bc25d/0/326130663a316363353a31303a3a2f34342d3438203d3e20313533333736.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1cc5:10::/44
Signature Algorithm: sha256WithRSAEncryption
82:e9:87:45:8b:35:e0:cd:2b:78:bb:71:b3:d2:17:f8:59:37:
07:df:84:a3:66:bf:00:33:4b:6d:e8:81:ba:01:7a:b7:88:64:
20:d2:a6:5d:61:3c:1a:6d:f1:ee:a3:0a:17:8e:14:c2:f5:fb:
c7:4e:6d:71:5a:5e:58:c5:71:5c:c0:5c:50:88:aa:2e:72:ba:
02:e5:a5:4c:e5:69:d7:30:30:ee:0e:36:e2:f6:c3:5e:35:28:
1b:dd:2c:4a:37:c3:dc:bc:bc:f1:c9:c2:f4:35:79:7a:79:8d:
fe:b3:64:c5:49:cf:cc:4d:a4:94:7d:4f:ef:7c:cf:ea:0d:66:
f9:ea:02:5c:9d:c6:63:7c:d4:6f:71:65:11:de:08:47:2d:19:
4e:63:6f:a3:2d:60:20:db:39:69:60:da:4c:b6:c7:2e:85:42:
3e:b7:b0:5b:d0:75:4e:23:47:9f:de:21:71:0b:c4:5e:68:54:
21:82:85:60:00:74:eb:1f:3d:39:f6:54:6a:72:71:c6:27:85:
79:f5:9f:52:9a:23:b0:93:06:c4:d6:5e:2f:fa:b5:67:4d:2b:
dc:4e:60:90:09:04:11:d8:9c:a1:85:a0:be:78:31:dd:f7:71:
6b:4e:9b:c9:76:ef:83:7d:50:74:4d:42:4c:e2:9b:81:45:ec:
fe:19:df:3a
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUeVumD9ea1yESMo707T7HgSFc2N0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzVhODM4ZTAyYzYxODAwZjczZDMwMTlkZTBhNTFmNTY3
YjY0YmMwZTAeFw0yNTEwMjQxNzUxNDJaFw0yNjEwMjMxNzU2NDJaMDMxMTAvBgNV
BAMTKDUzQzkwRkZEODdGRjA3QUM1RTExQUM5MEI4OEFGMjMwMjhCMzVGNDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUZEZihhUTNu8YZMeufgJxGMR2
rQY3O3CBfso3QNrWLUUtP2z18Mt+yinYLtYYn3G1RVfVNdgNGArNRKIGZSJ79sWN
EWGey8YNExCDRHrnm+f+P4uDf1V0HXw7D4Ncz8nsZ/Mz/DKOz+5zIJSeaTqSHuFp
WCrBeOYdtfqmoauUnngVDLyAqEilSLLHfj3ZVs82iH7vVeU9Zvb6OL4Nrjl4cVwt
1nDW6NdkWeAyZFhDkzhwkzsTsWT5fkZooEBcxo5Ttke3EqlsvlN1LaVPIax1ydQW
Csf4QKlAoj4Xs5iPxRjQJrKq3vR2uEYbAlmJE81QwaMonJKej7nfc6ioyiOZAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUU8kP/Yf/B6xeEayQuIryMCizX0cwHwYDVR0j
BBgwFoAUdag44CxhgA9z0wGd4KUfVntkvA4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTI2ZWIxMzYtNGZlNS00ZTYxLWE0ZDgtZjM0NWY1MmJj
MjVkLzAvNzVBODM4RTAyQzYxODAwRjczRDMwMTlERTBBNTFGNTY3QjY0QkMwRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2RhZzQ0Q3hoZ0E5ejB3R2Q0S1VmVm50
a3ZBNC5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTI2ZWIxMzYt
NGZlNS00ZTYxLWE0ZDgtZjM0NWY1MmJjMjVkLzAvMzI2MTMwNjYzYTMxNjM2MzM1
M2EzMTMwM2EzYTJmMzQzNDJkMzQzODIwM2QzZTIwMzEzNTMzMzMzNzM2LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcEKg8cxQAQMA0GCSqGSIb3DQEBCwUAA4IBAQCC6YdFizXgzSt4u3Gz0hf4
WTcH34SjZr8AM0tt6IG6AXq3iGQg0qZdYTwabfHuowoXjhTC9fvHTm1xWl5YxXFc
wFxQiKoucroC5aVM5WnXMDDuDjbi9sNeNSgb3SxKN8PcvLzxycL0NXl6eY3+s2TF
Sc/MTaSUfU/vfM/qDWb56gJcncZjfNRvcWUR3ghHLRlOY2+jLWAg2zlpYNpMtscu
hUI+t7Bb0HVOI0ef3iFxC8ReaFQhgoVgAHTrHz059lRqcnHGJ4V59Z9SmiOwkwbE
1l4v+rVnTSvcTmCQCQQR2JyhhaC+eDHd93FrTpvJdu+DfVB0TUJM4puBRez+Gd86
-----END CERTIFICATE-----
Generated at Tue Oct 28 00:11:01 2025 by rpki-client