Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e97c29c1-31bd-4e09-81eb-7a199b3112a7/0/323030313a3637383a3132303a3a2f34382d3438203d3e20313534313835.roa
File: 323030313a3637383a3132303a3a2f34382d3438203d3e20313534313835.roa (raw, json)
Hash identifier: Rp2MKH6z0khzif342xCEUgF0/GeB2TkTxF1hVuECg7U=
Subject key identifier: 2A:24:9D:6D:BA:D6:4A:0B:99:6D:27:46:86:0F:48:59:1E:85:A9:02
Certificate issuer: /CN=6eec3f02205a4d34b05bb848e8b62b2ff5e50058
Certificate serial: 51A07F53A83FC5CCBD3F7F94D6A6CCDFA1818062
Authority key identifier: 6E:EC:3F:02:20:5A:4D:34:B0:5B:B8:48:E8:B6:2B:2F:F5:E5:00:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/buw_AiBaTTSwW7hI6LYrL_XlAFg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e97c29c1-31bd-4e09-81eb-7a199b3112a7/0/323030313a3637383a3132303a3a2f34382d3438203d3e20313534313835.roa
Signing time: Fri 29 Aug 2025 13:20:48 +0000
ROA not before: Fri 29 Aug 2025 13:15:48 +0000
ROA not after: Fri 28 Aug 2026 13:20:48 +0000
asID: 154185
IP address blocks: 2001:678:120::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e97c29c1-31bd-4e09-81eb-7a199b3112a7/0/6EEC3F02205A4D34B05BB848E8B62B2FF5E50058.crl
rsync://rsync.paas.rpki.ripe.net/repository/e97c29c1-31bd-4e09-81eb-7a199b3112a7/0/6EEC3F02205A4D34B05BB848E8B62B2FF5E50058.mft
rsync://rpki.ripe.net/repository/DEFAULT/buw_AiBaTTSwW7hI6LYrL_XlAFg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:a0:7f:53:a8:3f:c5:cc:bd:3f:7f:94:d6:a6:cc:df:a1:81:80:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6eec3f02205a4d34b05bb848e8b62b2ff5e50058
Validity
Not Before: Aug 29 13:15:48 2025 GMT
Not After : Aug 28 13:20:48 2026 GMT
Subject: CN=2A249D6DBAD64A0B996D2746860F48591E85A902
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:bd:f3:f1:a1:3e:7e:e6:be:dd:5e:32:23:d9:
46:54:62:0c:9c:cc:d6:55:49:65:f6:1f:1b:e3:75:
81:25:00:ec:fc:51:35:85:eb:5c:41:62:ef:a1:18:
95:a3:b6:47:78:ae:77:4f:52:5b:16:a6:74:30:3e:
fb:8c:d7:a4:6e:7f:0e:d2:90:36:03:0a:d1:56:5a:
b4:e6:8b:4f:c6:a9:63:df:fd:fc:f0:a1:c8:7c:7f:
01:81:e5:92:e0:ac:77:71:f4:1d:d0:a5:81:6c:d7:
bb:ad:2c:44:0b:67:c5:80:77:e6:71:88:f0:80:2b:
63:56:1d:58:46:34:78:25:e0:c8:52:3a:e5:85:68:
3b:85:e8:9d:ea:32:0f:fb:bb:c7:34:eb:d2:24:db:
19:10:91:9d:e2:a6:ef:e3:a0:e4:53:59:c1:7e:37:
1c:93:c9:22:ea:fb:67:18:46:3d:82:a6:3b:bd:6f:
31:75:5e:08:28:5a:ca:c4:4e:3b:a6:88:d5:de:75:
f3:c2:f9:19:e8:88:e4:c7:f1:7e:8a:24:d8:3a:a8:
f8:c2:f2:8b:09:81:33:84:49:02:b5:a6:ea:f8:ad:
23:fe:62:25:d1:c2:1e:0e:69:1b:e3:5a:46:4c:03:
c9:f4:4e:cc:f1:7e:67:31:aa:c8:9a:d6:0f:39:c4:
f8:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:24:9D:6D:BA:D6:4A:0B:99:6D:27:46:86:0F:48:59:1E:85:A9:02
X509v3 Authority Key Identifier:
keyid:6E:EC:3F:02:20:5A:4D:34:B0:5B:B8:48:E8:B6:2B:2F:F5:E5:00:58
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e97c29c1-31bd-4e09-81eb-7a199b3112a7/0/6EEC3F02205A4D34B05BB848E8B62B2FF5E50058.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/buw_AiBaTTSwW7hI6LYrL_XlAFg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e97c29c1-31bd-4e09-81eb-7a199b3112a7/0/323030313a3637383a3132303a3a2f34382d3438203d3e20313534313835.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:120::/48
Signature Algorithm: sha256WithRSAEncryption
b1:7c:fa:7b:ce:75:d4:25:c1:b8:f4:13:9d:f2:b7:6d:25:f1:
c5:c7:1f:5d:56:16:b1:85:b8:36:af:b8:7d:3a:ee:4f:47:a9:
dc:dd:e0:f0:9c:d2:4c:ef:2d:2d:0a:ea:60:fd:ca:f2:6d:2c:
1a:83:1c:a4:f2:b7:c4:fb:92:82:1b:b7:18:c4:ab:7c:41:a1:
5f:b1:89:8e:1a:12:2b:e4:6d:76:39:3e:8e:1f:ec:c8:9a:01:
86:ca:eb:da:4a:be:bd:06:b0:8a:4c:67:8b:83:28:48:0b:e7:
d4:54:85:fb:66:9c:44:21:40:ef:89:f8:26:d5:a1:cd:4e:1f:
d8:76:f4:c6:a0:a8:71:f7:05:92:70:cf:ac:37:36:de:65:a7:
f2:b5:c9:ed:0f:98:67:47:b4:29:86:d3:64:7b:9c:f4:ab:d8:
e6:d3:51:38:a9:24:05:9d:ef:d2:9e:19:6e:15:61:07:97:eb:
c2:29:d7:23:90:13:ef:51:31:44:9f:27:46:51:31:48:cb:9b:
14:fa:f4:71:c7:35:ec:2e:ac:23:c6:02:d4:55:7b:38:21:4e:
07:b8:64:59:1c:21:79:43:ad:74:c7:f2:ea:66:d0:49:7e:41:
35:1d:50:7a:60:1e:db:7f:96:b5:90:5b:ea:8a:1a:95:01:47:
37:91:5a:fc
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUUaB/U6g/xcy9P3+U1qbM36GBgGIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNmVlYzNmMDIyMDVhNGQzNGIwNWJiODQ4ZThiNjJiMmZm
NWU1MDA1ODAeFw0yNTA4MjkxMzE1NDhaFw0yNjA4MjgxMzIwNDhaMDMxMTAvBgNV
BAMTKDJBMjQ5RDZEQkFENjRBMEI5OTZEMjc0Njg2MEY0ODU5MUU4NUE5MDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIvfPxoT5+5r7dXjIj2UZUYgyc
zNZVSWX2HxvjdYElAOz8UTWF61xBYu+hGJWjtkd4rndPUlsWpnQwPvuM16Rufw7S
kDYDCtFWWrTmi0/GqWPf/fzwoch8fwGB5ZLgrHdx9B3QpYFs17utLEQLZ8WAd+Zx
iPCAK2NWHVhGNHgl4MhSOuWFaDuF6J3qMg/7u8c069Ik2xkQkZ3ipu/joORTWcF+
NxyTySLq+2cYRj2Cpju9bzF1XggoWsrETjumiNXedfPC+RnoiOTH8X6KJNg6qPjC
8osJgTOESQK1pur4rSP+YiXRwh4OaRvjWkZMA8n0Tszxfmcxqsia1g85xPhBAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUKiSdbbrWSguZbSdGhg9IWR6FqQIwHwYDVR0j
BBgwFoAUbuw/AiBaTTSwW7hI6LYrL/XlAFgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTk3YzI5YzEtMzFiZC00ZTA5LTgxZWItN2ExOTliMzEx
MmE3LzAvNkVFQzNGMDIyMDVBNEQzNEIwNUJCODQ4RThCNjJCMkZGNUU1MDA1OC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2J1d19BaUJhVFRTd1c3aEk2TFlyTF9Y
bEFGZy5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTk3YzI5YzEt
MzFiZC00ZTA5LTgxZWItN2ExOTliMzExMmE3LzAvMzIzMDMwMzEzYTM2MzczODNh
MzEzMjMwM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzEzNTM0MzEzODM1LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAIAEGeAEgMA0GCSqGSIb3DQEBCwUAA4IBAQCxfPp7znXUJcG49BOd8rdt
JfHFxx9dVhaxhbg2r7h9Ou5PR6nc3eDwnNJM7y0tCupg/crybSwagxyk8rfE+5KC
G7cYxKt8QaFfsYmOGhIr5G12OT6OH+zImgGGyuvaSr69BrCKTGeLgyhIC+fUVIX7
ZpxEIUDvifgm1aHNTh/YdvTGoKhx9wWScM+sNzbeZafytcntD5hnR7QphtNke5z0
q9jm01E4qSQFne/SnhluFWEHl+vCKdcjkBPvUTFEnydGUTFIy5sU+vRxxzXsLqwj
xgLUVXs4IU4HuGRZHCF5Q610x/LqZtBJfkE1HVB6YB7bf5a1kFvqihqVAUc3kVr8
-----END CERTIFICATE-----
Generated at Sun Sep 7 12:18:43 2025 by rpki-client