Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e26eb136-4fe5-4e61-a4d8-f345f52bc25d/0/326130663a316363353a6530303a3a2f34302d3438203d3e20323034353339.roa
File: 326130663a316363353a6530303a3a2f34302d3438203d3e20323034353339.roa (raw, json)
Hash identifier: egFgP8yYaSjaS5VDE5+uLtoXIKDL2ma41MOdLca3pro=
Subject key identifier: B2:06:EA:67:AE:DD:2C:30:C9:66:F8:3B:5C:89:46:4D:E9:DD:D5:C1
Certificate issuer: /CN=75a838e02c61800f73d3019de0a51f567b64bc0e
Certificate serial: 709F83FBD1A591BA5DAE1E4C3541B99C3FAF9301
Authority key identifier: 75:A8:38:E0:2C:61:80:0F:73:D3:01:9D:E0:A5:1F:56:7B:64:BC:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dag44CxhgA9z0wGd4KUfVntkvA4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e26eb136-4fe5-4e61-a4d8-f345f52bc25d/0/326130663a316363353a6530303a3a2f34302d3438203d3e20323034353339.roa
Signing time: Fri 24 Oct 2025 17:54:55 +0000
ROA not before: Fri 24 Oct 2025 17:49:55 +0000
ROA not after: Fri 23 Oct 2026 17:54:55 +0000
asID: 204539
IP address blocks: 2a0f:1cc5:e00::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e26eb136-4fe5-4e61-a4d8-f345f52bc25d/0/75A838E02C61800F73D3019DE0A51F567B64BC0E.crl
rsync://rsync.paas.rpki.ripe.net/repository/e26eb136-4fe5-4e61-a4d8-f345f52bc25d/0/75A838E02C61800F73D3019DE0A51F567B64BC0E.mft
rsync://rpki.ripe.net/repository/DEFAULT/dag44CxhgA9z0wGd4KUfVntkvA4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 15:57:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:9f:83:fb:d1:a5:91:ba:5d:ae:1e:4c:35:41:b9:9c:3f:af:93:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75a838e02c61800f73d3019de0a51f567b64bc0e
Validity
Not Before: Oct 24 17:49:55 2025 GMT
Not After : Oct 23 17:54:55 2026 GMT
Subject: CN=B206EA67AEDD2C30C966F83B5C89464DE9DDD5C1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:b8:aa:5e:f7:89:b4:40:63:8c:ef:fe:b8:80:
28:7b:b2:5f:32:08:de:28:14:90:04:62:23:40:49:
17:c2:3b:12:a6:67:b0:5f:a6:ad:ef:ef:3e:8f:2c:
bd:79:fc:d4:45:e6:b6:bc:a8:64:c8:4e:06:28:94:
64:b0:1a:81:3c:a1:4b:5c:2e:13:e5:98:1c:ad:e9:
71:f4:8b:f4:64:6d:00:0f:7e:bf:0d:f6:06:bc:f7:
6f:79:f4:a2:82:ec:0f:05:7e:45:33:1e:e3:1c:fc:
5d:b8:c7:62:d9:b9:21:5e:3f:82:d7:f4:21:27:98:
f8:53:16:ad:a1:72:b6:22:89:3a:c7:62:a5:90:ca:
98:d3:78:9a:a3:4e:a0:8f:02:f6:1b:a9:17:db:a9:
12:f1:28:83:14:a2:7b:c4:fe:45:19:92:52:c7:e1:
7e:2d:e8:aa:09:e0:18:3f:43:6f:7f:67:02:64:2c:
53:8a:69:88:aa:70:84:00:4a:b0:de:4e:03:f5:84:
4a:04:69:24:e4:d5:1b:9a:2b:74:cf:12:53:02:b5:
77:18:20:74:ca:36:ed:25:e7:30:67:1c:6d:d9:bf:
0d:db:c6:43:b9:39:f6:1e:79:a0:d8:7d:65:4c:3d:
e1:fa:af:6b:38:2f:ad:6a:46:22:fa:d6:60:6e:4c:
fb:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:06:EA:67:AE:DD:2C:30:C9:66:F8:3B:5C:89:46:4D:E9:DD:D5:C1
X509v3 Authority Key Identifier:
keyid:75:A8:38:E0:2C:61:80:0F:73:D3:01:9D:E0:A5:1F:56:7B:64:BC:0E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e26eb136-4fe5-4e61-a4d8-f345f52bc25d/0/75A838E02C61800F73D3019DE0A51F567B64BC0E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dag44CxhgA9z0wGd4KUfVntkvA4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e26eb136-4fe5-4e61-a4d8-f345f52bc25d/0/326130663a316363353a6530303a3a2f34302d3438203d3e20323034353339.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1cc5:e00::/40
Signature Algorithm: sha256WithRSAEncryption
7c:c3:84:7c:f1:94:7d:39:9f:f1:a9:62:e9:70:c3:81:fb:70:
6c:b8:d5:65:7f:2a:a6:ee:67:5c:f5:35:b1:2c:c6:a8:93:e8:
7f:2d:30:0e:b7:35:38:f5:b9:32:92:ad:55:41:02:af:4f:6c:
ac:32:d1:a0:8f:ec:87:01:36:c5:89:09:8f:19:19:ca:9c:f6:
15:49:ef:18:8f:76:d5:d8:70:27:67:74:bc:82:c7:44:da:09:
b1:35:4e:29:8a:25:90:77:3f:5c:7f:c3:ca:84:2d:15:d7:8d:
20:70:81:ac:94:a1:da:52:08:49:84:62:68:44:53:37:66:7b:
45:0f:64:0b:03:57:be:a4:38:86:cb:67:4a:f8:0b:f9:90:08:
82:0e:57:78:1c:ac:a2:83:0a:4b:c0:57:db:4b:c0:86:81:a1:
bb:cc:81:26:b7:86:db:a3:94:46:7f:7c:ec:07:fa:d1:63:97:
2c:20:07:6b:30:69:18:39:91:98:34:b2:fa:5f:aa:b5:5f:b4:
5d:a3:6f:89:43:32:99:fc:a2:7c:d3:b9:bc:cb:3d:1d:5e:e0:
98:1d:5d:5e:e8:b5:5d:c2:76:e8:4c:67:8f:7b:a5:d6:08:e1:
32:86:84:8f:64:67:42:62:32:d4:17:fb:d0:d1:44:5c:c5:8c:
3e:44:48:ba
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIUcJ+D+9Glkbpdrh5MNUG5nD+vkwEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzVhODM4ZTAyYzYxODAwZjczZDMwMTlkZTBhNTFmNTY3
YjY0YmMwZTAeFw0yNTEwMjQxNzQ5NTVaFw0yNjEwMjMxNzU0NTVaMDMxMTAvBgNV
BAMTKEIyMDZFQTY3QUVERDJDMzBDOTY2RjgzQjVDODk0NjRERTlEREQ1QzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDpuKpe94m0QGOM7/64gCh7sl8y
CN4oFJAEYiNASRfCOxKmZ7Bfpq3v7z6PLL15/NRF5ra8qGTITgYolGSwGoE8oUtc
LhPlmByt6XH0i/RkbQAPfr8N9ga892959KKC7A8FfkUzHuMc/F24x2LZuSFeP4LX
9CEnmPhTFq2hcrYiiTrHYqWQypjTeJqjTqCPAvYbqRfbqRLxKIMUonvE/kUZklLH
4X4t6KoJ4Bg/Q29/ZwJkLFOKaYiqcIQASrDeTgP1hEoEaSTk1RuaK3TPElMCtXcY
IHTKNu0l5zBnHG3Zvw3bxkO5OfYeeaDYfWVMPeH6r2s4L61qRiL61mBuTPsBAgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQUsgbqZ67dLDDJZvg7XIlGTend1cEwHwYDVR0j
BBgwFoAUdag44CxhgA9z0wGd4KUfVntkvA4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTI2ZWIxMzYtNGZlNS00ZTYxLWE0ZDgtZjM0NWY1MmJj
MjVkLzAvNzVBODM4RTAyQzYxODAwRjczRDMwMTlERTBBNTFGNTY3QjY0QkMwRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2RhZzQ0Q3hoZ0E5ejB3R2Q0S1VmVm50
a3ZBNC5jZXIwgbUGCCsGAQUFBwELBIGoMIGlMIGiBggrBgEFBQcwC4aBlXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTI2ZWIxMzYt
NGZlNS00ZTYxLWE0ZDgtZjM0NWY1MmJjMjVkLzAvMzI2MTMwNjYzYTMxNjM2MzM1
M2E2NTMwMzAzYTNhMmYzNDMwMmQzNDM4MjAzZDNlMjAzMjMwMzQzNTMzMzkucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4E
AgACMAgDBgAqDxzFDjANBgkqhkiG9w0BAQsFAAOCAQEAfMOEfPGUfTmf8ali6XDD
gftwbLjVZX8qpu5nXPU1sSzGqJPofy0wDrc1OPW5MpKtVUECr09srDLRoI/shwE2
xYkJjxkZypz2FUnvGI921dhwJ2d0vILHRNoJsTVOKYolkHc/XH/DyoQtFdeNIHCB
rJSh2lIISYRiaERTN2Z7RQ9kCwNXvqQ4hstnSvgL+ZAIgg5XeBysooMKS8BX20vA
hoGhu8yBJreG26OURn987Af60WOXLCAHazBpGDmRmDSy+l+qtV+0XaNviUMymfyi
fNO5vMs9HV7gmB1dXui1XcJ26Exnj3ul1gjhMoaEj2RnQmIy1Bf70NFEXMWMPkRI
ug==
-----END CERTIFICATE-----
Generated at Tue Oct 28 00:11:00 2025 by rpki-client