Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/3130332e34392e3133302e302f32342d3234203d3e20383334.roa
File: 3130332e34392e3133302e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: CtfZNk2OmNMTOjyPsIN0I2X6FYZK/4s1k/jK21vwNP4=
Subject key identifier: 6A:73:BA:03:0B:46:E2:29:17:DE:B3:84:50:BF:87:5C:2B:45:E9:8C
Certificate issuer: /CN=c770f43358b97ba0aa9bdc62bbd511e90aeab29d
Certificate serial: 6FA26C89000A1751F306D587B3B336BF44AC32F8
Authority key identifier: C7:70:F4:33:58:B9:7B:A0:AA:9B:DC:62:BB:D5:11:E9:0A:EA:B2:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x3D0M1i5e6Cqm9xiu9UR6Qrqsp0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/3130332e34392e3133302e302f32342d3234203d3e20383334.roa
Signing time: Sun 17 May 2026 05:48:46 +0000
ROA not before: Sun 17 May 2026 05:43:46 +0000
ROA not after: Sun 16 May 2027 05:48:46 +0000
asID: 834
IP address blocks: 103.49.130.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/C770F43358B97BA0AA9BDC62BBD511E90AEAB29D.crl
rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/C770F43358B97BA0AA9BDC62BBD511E90AEAB29D.mft
rsync://rpki.ripe.net/repository/DEFAULT/x3D0M1i5e6Cqm9xiu9UR6Qrqsp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 05 Jun 2026 00:20:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:a2:6c:89:00:0a:17:51:f3:06:d5:87:b3:b3:36:bf:44:ac:32:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c770f43358b97ba0aa9bdc62bbd511e90aeab29d
Validity
Not Before: May 17 05:43:46 2026 GMT
Not After : May 16 05:48:46 2027 GMT
Subject: CN=6A73BA030B46E22917DEB38450BF875C2B45E98C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:fd:cf:6f:0f:65:97:25:24:f3:42:7b:c9:fd:
fc:db:8e:4e:22:70:59:01:97:c9:b1:bd:10:78:ec:
41:9e:8c:b3:c0:9c:1a:ae:a9:b5:83:6b:12:86:33:
c8:42:8e:f8:c3:7c:d4:85:fe:8d:1a:d9:d1:af:41:
bb:2e:4c:d2:6c:a0:e7:1d:a2:aa:f3:6d:9b:ca:91:
04:f6:48:2f:0b:54:44:b5:81:0f:4d:a9:cd:ed:10:
0b:91:82:75:fe:07:06:28:67:83:fe:fd:00:71:cc:
f2:b8:9a:ad:b8:cd:46:d4:5f:c7:15:b3:f3:d4:00:
af:39:6b:c1:15:71:60:83:12:2e:87:d7:21:2f:45:
35:df:14:69:e9:25:ec:14:66:fd:f6:e6:d7:1f:02:
78:db:86:d6:64:c7:9a:2e:b6:6f:0f:a4:44:d3:f9:
cc:ea:36:33:aa:20:6c:42:6d:71:02:89:57:27:96:
73:0b:5f:73:d1:33:e8:05:03:2f:6b:0f:55:33:4f:
cf:9d:29:cb:89:5a:c3:49:83:bc:18:51:e8:12:b1:
2a:26:f1:ee:6e:6b:d4:ff:85:96:ff:5c:28:9e:72:
cb:47:fe:c1:b6:e1:65:89:47:16:01:e5:d3:e2:c1:
7e:53:76:90:22:33:ec:8a:e0:4d:9f:e2:f3:5c:c8:
1f:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:73:BA:03:0B:46:E2:29:17:DE:B3:84:50:BF:87:5C:2B:45:E9:8C
X509v3 Authority Key Identifier:
keyid:C7:70:F4:33:58:B9:7B:A0:AA:9B:DC:62:BB:D5:11:E9:0A:EA:B2:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/C770F43358B97BA0AA9BDC62BBD511E90AEAB29D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x3D0M1i5e6Cqm9xiu9UR6Qrqsp0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/3130332e34392e3133302e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.49.130.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:72:db:ad:d7:ad:72:72:ef:25:63:93:57:c0:8c:f0:b1:ec:
ea:5f:78:7a:f1:68:e0:79:eb:ea:58:71:7b:6c:f0:a2:63:f7:
04:bf:6f:8b:ab:5d:7b:09:27:a2:00:ee:8d:45:17:a0:c8:3a:
42:b0:8a:22:54:2f:b2:e2:f0:3f:68:93:7d:ff:af:34:2d:41:
13:fb:eb:6f:e5:c1:7a:9e:3d:3c:bd:b9:2e:21:e3:16:e0:db:
89:16:ba:65:21:e2:ca:e0:e5:4a:5f:45:5e:5e:92:e5:6c:26:
44:f8:3e:0f:28:23:f6:49:88:3c:9e:c6:86:d5:67:ad:4a:3b:
4e:c6:d4:00:bc:2c:5c:02:da:86:dc:9c:36:0f:6d:8a:76:1e:
a5:b4:dc:b0:37:ae:f7:8a:b0:b3:1c:6d:ed:29:51:ae:c1:f9:
d6:3c:f0:43:9f:60:ff:4a:05:66:7e:d0:c2:c1:f1:e0:08:37:
67:bb:b8:ad:67:11:b0:71:d5:7f:84:6c:3f:41:a7:09:f7:d5:
5d:cf:c4:9e:ed:46:39:da:8d:e1:06:f1:04:1a:13:73:f0:15:
32:33:f5:e6:f5:35:da:b0:1c:5c:7c:9e:a2:ac:bf:5d:84:56:
c0:3a:52:b5:17:9e:d6:67:8f:7c:98:a7:52:c9:8b:d5:b1:d8:
9a:40:07:d7
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUb6JsiQAKF1HzBtWHs7M2v0SsMvgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzc3MGY0MzM1OGI5N2JhMGFhOWJkYzYyYmJkNTExZTkw
YWVhYjI5ZDAeFw0yNjA1MTcwNTQzNDZaFw0yNzA1MTYwNTQ4NDZaMDMxMTAvBgNV
BAMTKDZBNzNCQTAzMEI0NkUyMjkxN0RFQjM4NDUwQkY4NzVDMkI0NUU5OEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCu/c9vD2WXJSTzQnvJ/fzbjk4i
cFkBl8mxvRB47EGejLPAnBquqbWDaxKGM8hCjvjDfNSF/o0a2dGvQbsuTNJsoOcd
oqrzbZvKkQT2SC8LVES1gQ9Nqc3tEAuRgnX+BwYoZ4P+/QBxzPK4mq24zUbUX8cV
s/PUAK85a8EVcWCDEi6H1yEvRTXfFGnpJewUZv325tcfAnjbhtZkx5outm8PpETT
+czqNjOqIGxCbXECiVcnlnMLX3PRM+gFAy9rD1UzT8+dKcuJWsNJg7wYUegSsSom
8e5ua9T/hZb/XCiecstH/sG24WWJRxYB5dPiwX5TdpAiM+yK4E2f4vNcyB/jAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUanO6AwtG4ikX3rOEUL+HXCtF6YwwHwYDVR0j
BBgwFoAUx3D0M1i5e6Cqm9xiu9UR6Qrqsp0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZWFmZWJkYjQtNmYwYi00MDRiLTk4ZTItYTI2YmU5NGE2
NjIwLzAvQzc3MEY0MzM1OEI5N0JBMEFBOUJEQzYyQkJENTExRTkwQUVBQjI5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3gzRDBNMWk1ZTZDcW05eGl1OVVSNlFy
cXNwMC5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZWFmZWJkYjQt
NmYwYi00MDRiLTk4ZTItYTI2YmU5NGE2NjIwLzAvMzEzMDMzMmUzNDM5MmUzMTMz
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABnMYIw
DQYJKoZIhvcNAQELBQADggEBAJ5y263XrXJy7yVjk1fAjPCx7OpfeHrxaOB56+pY
cXts8KJj9wS/b4urXXsJJ6IA7o1FF6DIOkKwiiJUL7Li8D9ok33/rzQtQRP762/l
wXqePTy9uS4h4xbg24kWumUh4srg5UpfRV5ekuVsJkT4Pg8oI/ZJiDyexobVZ61K
O07G1AC8LFwC2obcnDYPbYp2HqW03LA3rveKsLMcbe0pUa7B+dY88EOfYP9KBWZ+
0MLB8eAIN2e7uK1nEbBx1X+EbD9Bpwn31V3PxJ7tRjnajeEG8QQaE3PwFTIz9eb1
NdqwHFx8nqKsv12EVsA6UrUXntZnj3yYp1LJi9Wx2JpAB9c=
-----END CERTIFICATE-----
Generated at Thu Jun 4 13:07:06 2026 by rpki-client