Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e26eb136-4fe5-4e61-a4d8-f345f52bc25d/0/326130663a316363353a6630303a3a2f34302d3438203d3e20323130333532.roa
File: 326130663a316363353a6630303a3a2f34302d3438203d3e20323130333532.roa (raw, json)
Hash identifier: iQmIjSS34MBH0s/+nSwsAMtLHiibwoN+yHne70yG4xY=
Subject key identifier: 94:A9:EC:6C:89:14:1E:F8:2C:9C:C0:2A:D3:B4:60:89:23:62:06:2B
Certificate issuer: /CN=75a838e02c61800f73d3019de0a51f567b64bc0e
Certificate serial: 2D9F05BB71F02449C4AAD018FD7431D94608324A
Authority key identifier: 75:A8:38:E0:2C:61:80:0F:73:D3:01:9D:E0:A5:1F:56:7B:64:BC:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dag44CxhgA9z0wGd4KUfVntkvA4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e26eb136-4fe5-4e61-a4d8-f345f52bc25d/0/326130663a316363353a6630303a3a2f34302d3438203d3e20323130333532.roa
Signing time: Fri 24 Oct 2025 17:25:15 +0000
ROA not before: Fri 24 Oct 2025 17:20:15 +0000
ROA not after: Fri 23 Oct 2026 17:25:15 +0000
asID: 210352
IP address blocks: 2a0f:1cc5:f00::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e26eb136-4fe5-4e61-a4d8-f345f52bc25d/0/75A838E02C61800F73D3019DE0A51F567B64BC0E.crl
rsync://rsync.paas.rpki.ripe.net/repository/e26eb136-4fe5-4e61-a4d8-f345f52bc25d/0/75A838E02C61800F73D3019DE0A51F567B64BC0E.mft
rsync://rpki.ripe.net/repository/DEFAULT/dag44CxhgA9z0wGd4KUfVntkvA4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 26 Oct 2025 02:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:9f:05:bb:71:f0:24:49:c4:aa:d0:18:fd:74:31:d9:46:08:32:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75a838e02c61800f73d3019de0a51f567b64bc0e
Validity
Not Before: Oct 24 17:20:15 2025 GMT
Not After : Oct 23 17:25:15 2026 GMT
Subject: CN=94A9EC6C89141EF82C9CC02AD3B460892362062B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:b1:1d:95:fc:85:60:46:f1:57:4a:aa:57:20:
ff:6d:1b:3d:56:63:db:68:be:24:a2:62:6d:2c:f4:
95:be:3f:af:31:f0:78:a7:0f:5e:45:fd:7c:c2:87:
f9:02:ab:b1:05:c5:44:6f:21:75:8e:26:60:d3:c8:
ff:a0:fc:93:6a:70:8f:07:73:20:c4:ea:c8:bc:e9:
c1:05:9d:43:c8:8f:e3:7e:f9:35:48:a1:63:0f:99:
7a:4e:63:07:7f:e0:fd:bd:75:be:78:4e:b9:4d:22:
ad:46:dc:49:5b:5f:27:29:e6:dc:56:ca:87:f8:f2:
43:04:5a:e7:82:85:d9:8e:f5:46:3e:f8:f7:93:44:
f8:a0:97:ec:72:01:34:9f:06:b4:01:8d:90:ed:46:
b9:32:fd:de:6d:8c:23:13:05:7f:42:1c:98:54:85:
b0:87:8f:76:b2:b8:b3:7f:f8:34:d4:8e:00:ab:b4:
16:a4:64:db:70:fb:8b:31:30:0a:c6:e5:f0:e3:a5:
1b:4d:ee:8c:f1:21:dc:ad:19:bc:8e:94:9f:58:d8:
07:ff:b3:d4:0f:6e:d5:fa:72:36:5f:30:af:37:e3:
c9:f6:7d:6a:a6:98:70:19:25:a8:92:6a:b9:3d:8e:
a0:6c:65:c5:23:0d:b0:87:b0:05:f2:3f:a0:e2:1c:
78:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:A9:EC:6C:89:14:1E:F8:2C:9C:C0:2A:D3:B4:60:89:23:62:06:2B
X509v3 Authority Key Identifier:
keyid:75:A8:38:E0:2C:61:80:0F:73:D3:01:9D:E0:A5:1F:56:7B:64:BC:0E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e26eb136-4fe5-4e61-a4d8-f345f52bc25d/0/75A838E02C61800F73D3019DE0A51F567B64BC0E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dag44CxhgA9z0wGd4KUfVntkvA4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e26eb136-4fe5-4e61-a4d8-f345f52bc25d/0/326130663a316363353a6630303a3a2f34302d3438203d3e20323130333532.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1cc5:f00::/40
Signature Algorithm: sha256WithRSAEncryption
91:d5:25:b1:c4:69:1b:3d:5b:50:e0:81:7a:66:4d:f1:ad:4d:
15:3f:d8:3c:54:02:82:d7:50:54:36:c8:1c:8f:95:3b:8a:fc:
5f:0f:3e:b8:2e:f9:84:92:63:e0:20:69:21:02:35:6f:7f:a1:
ce:b9:c5:28:87:b6:97:52:42:bd:e5:a1:a7:3d:fa:8a:26:c2:
4e:13:01:64:c0:94:8e:6a:44:3d:a2:90:16:03:32:f1:a8:85:
3e:2c:0f:27:40:44:82:92:0f:b4:f5:e4:a0:24:9d:7e:72:c0:
1e:88:26:ce:c1:7e:42:5c:75:41:a9:fa:e8:94:2e:b2:87:63:
10:ec:52:26:c3:ba:41:d5:df:95:71:10:e3:d4:47:9f:29:2d:
1e:94:45:e8:65:22:bb:9b:4b:b6:e0:f6:92:0d:aa:a8:8f:e9:
bf:ec:ae:cd:67:cd:d0:30:e0:29:84:e1:9d:fa:95:73:85:6b:
eb:aa:74:74:00:7c:e6:43:a7:a6:ae:e9:95:f7:85:81:f6:6f:
75:a2:7b:79:cb:e8:7d:3f:56:3f:d0:a1:d1:db:96:23:dd:55:
af:26:f0:62:70:68:7f:7e:72:49:68:51:94:af:b0:9f:62:55:
e4:80:f3:e2:2d:e3:a5:04:b9:75:6e:99:61:00:1a:91:22:bd:
31:2e:2a:62
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIULZ8Fu3HwJEnEqtAY/XQx2UYIMkowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzVhODM4ZTAyYzYxODAwZjczZDMwMTlkZTBhNTFmNTY3
YjY0YmMwZTAeFw0yNTEwMjQxNzIwMTVaFw0yNjEwMjMxNzI1MTVaMDMxMTAvBgNV
BAMTKDk0QTlFQzZDODkxNDFFRjgyQzlDQzAyQUQzQjQ2MDg5MjM2MjA2MkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCusR2V/IVgRvFXSqpXIP9tGz1W
Y9toviSiYm0s9JW+P68x8HinD15F/XzCh/kCq7EFxURvIXWOJmDTyP+g/JNqcI8H
cyDE6si86cEFnUPIj+N++TVIoWMPmXpOYwd/4P29db54TrlNIq1G3ElbXycp5txW
yof48kMEWueChdmO9UY++PeTRPigl+xyATSfBrQBjZDtRrky/d5tjCMTBX9CHJhU
hbCHj3ayuLN/+DTUjgCrtBakZNtw+4sxMArG5fDjpRtN7ozxIdytGbyOlJ9Y2Af/
s9QPbtX6cjZfMK8348n2fWqmmHAZJaiSark9jqBsZcUjDbCHsAXyP6DiHHhPAgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQUlKnsbIkUHvgsnMAq07RgiSNiBiswHwYDVR0j
BBgwFoAUdag44CxhgA9z0wGd4KUfVntkvA4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTI2ZWIxMzYtNGZlNS00ZTYxLWE0ZDgtZjM0NWY1MmJj
MjVkLzAvNzVBODM4RTAyQzYxODAwRjczRDMwMTlERTBBNTFGNTY3QjY0QkMwRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2RhZzQ0Q3hoZ0E5ejB3R2Q0S1VmVm50
a3ZBNC5jZXIwgbUGCCsGAQUFBwELBIGoMIGlMIGiBggrBgEFBQcwC4aBlXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTI2ZWIxMzYt
NGZlNS00ZTYxLWE0ZDgtZjM0NWY1MmJjMjVkLzAvMzI2MTMwNjYzYTMxNjM2MzM1
M2E2NjMwMzAzYTNhMmYzNDMwMmQzNDM4MjAzZDNlMjAzMjMxMzAzMzM1MzIucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4E
AgACMAgDBgAqDxzFDzANBgkqhkiG9w0BAQsFAAOCAQEAkdUlscRpGz1bUOCBemZN
8a1NFT/YPFQCgtdQVDbIHI+VO4r8Xw8+uC75hJJj4CBpIQI1b3+hzrnFKIe2l1JC
veWhpz36iibCThMBZMCUjmpEPaKQFgMy8aiFPiwPJ0BEgpIPtPXkoCSdfnLAHogm
zsF+Qlx1Qan66JQusodjEOxSJsO6QdXflXEQ49RHnyktHpRF6GUiu5tLtuD2kg2q
qI/pv+yuzWfN0DDgKYThnfqVc4Vr66p0dAB85kOnpq7plfeFgfZvdaJ7ecvofT9W
P9Ch0duWI91VrybwYnBof35ySWhRlK+wn2JV5IDz4i3jpQS5dW6ZYQAakSK9MS4q
Yg==
-----END CERTIFICATE-----
Generated at Sat Oct 25 11:30:42 2025 by rpki-client