Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ebf04c7c-f82d-471d-85ad-98c65de1c912/0/323030313a3637633a3638383a3a2f34382d3438203d3e20323135393536.roa
File: 323030313a3637633a3638383a3a2f34382d3438203d3e20323135393536.roa (raw, json)
Hash identifier: 36j2xsn00r7W1b+6ZfhyLbreLpWSsmIr79rmz3LWLAU=
Subject key identifier: F7:A9:DF:8B:AE:05:E8:82:D4:B8:76:A8:19:E0:29:FC:EE:FB:52:C3
Certificate issuer: /CN=b3b9360c0dda3d688f4dbe53e2b6d3cef47fe825
Certificate serial: 07EC41CF24AC7DF1FBCBF7E161D458B72E37FBBD
Authority key identifier: B3:B9:36:0C:0D:DA:3D:68:8F:4D:BE:53:E2:B6:D3:CE:F4:7F:E8:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s7k2DA3aPWiPTb5T4rbTzvR_6CU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ebf04c7c-f82d-471d-85ad-98c65de1c912/0/323030313a3637633a3638383a3a2f34382d3438203d3e20323135393536.roa
Signing time: Sun 28 Jun 2026 16:10:11 +0000
ROA not before: Sun 28 Jun 2026 16:05:11 +0000
ROA not after: Sun 27 Jun 2027 16:10:11 +0000
asID: 215956
IP address blocks: 2001:67c:688::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ebf04c7c-f82d-471d-85ad-98c65de1c912/0/B3B9360C0DDA3D688F4DBE53E2B6D3CEF47FE825.crl
rsync://rsync.paas.rpki.ripe.net/repository/ebf04c7c-f82d-471d-85ad-98c65de1c912/0/B3B9360C0DDA3D688F4DBE53E2B6D3CEF47FE825.mft
rsync://rpki.ripe.net/repository/DEFAULT/s7k2DA3aPWiPTb5T4rbTzvR_6CU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 29 Jun 2026 18:36:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:ec:41:cf:24:ac:7d:f1:fb:cb:f7:e1:61:d4:58:b7:2e:37:fb:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3b9360c0dda3d688f4dbe53e2b6d3cef47fe825
Validity
Not Before: Jun 28 16:05:11 2026 GMT
Not After : Jun 27 16:10:11 2027 GMT
Subject: CN=F7A9DF8BAE05E882D4B876A819E029FCEEFB52C3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:d7:0c:d8:5a:61:60:56:0e:41:dd:d6:76:79:
80:54:68:65:6e:c0:18:16:b9:e5:52:08:d2:44:32:
f9:f3:0f:e1:54:d4:80:05:8c:0f:db:24:33:03:44:
5f:be:81:03:e9:f8:66:41:a3:76:96:00:ea:22:db:
1d:26:9e:60:8e:5c:d0:e0:44:68:30:61:77:95:34:
e4:cf:2e:4d:04:89:ab:97:0d:29:30:5e:9b:e9:60:
e5:71:9d:26:51:bd:8e:81:a1:d0:cf:ed:48:3c:2e:
bb:da:01:e9:a3:5d:2f:b3:96:48:27:5b:5c:6e:26:
25:76:08:7c:1c:ef:ce:a4:8d:82:3d:2d:2a:2f:dc:
38:e0:4d:7d:7d:b5:85:5c:bd:1b:13:3e:f2:0b:19:
d0:d9:1a:57:9f:b0:a7:62:3c:b5:97:5b:2f:17:a1:
e9:0a:41:c6:a5:c5:fd:3c:82:8e:f3:09:91:13:90:
fb:e3:b4:3a:0e:b9:aa:fb:de:af:29:2c:04:fb:c9:
63:4b:62:0f:92:2d:3e:8f:b0:be:52:c6:40:ec:d1:
8e:0f:72:6c:29:52:32:08:19:65:01:98:f2:a5:61:
19:3d:25:7e:9d:e0:38:b0:1e:77:50:f7:b1:05:ea:
33:8b:b3:26:21:da:1c:0b:06:0f:e5:88:31:6e:db:
ee:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:A9:DF:8B:AE:05:E8:82:D4:B8:76:A8:19:E0:29:FC:EE:FB:52:C3
X509v3 Authority Key Identifier:
keyid:B3:B9:36:0C:0D:DA:3D:68:8F:4D:BE:53:E2:B6:D3:CE:F4:7F:E8:25
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ebf04c7c-f82d-471d-85ad-98c65de1c912/0/B3B9360C0DDA3D688F4DBE53E2B6D3CEF47FE825.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s7k2DA3aPWiPTb5T4rbTzvR_6CU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ebf04c7c-f82d-471d-85ad-98c65de1c912/0/323030313a3637633a3638383a3a2f34382d3438203d3e20323135393536.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:688::/48
Signature Algorithm: sha256WithRSAEncryption
68:41:05:9e:1b:2d:02:d0:e7:92:f5:ba:25:14:4c:8e:1a:20:
6e:f9:6c:41:e9:91:3e:df:f6:01:95:9d:59:9c:48:fd:9d:fd:
e8:f9:82:3c:ce:4a:8e:b6:48:31:1f:88:7e:f4:2c:c7:d9:e9:
25:a8:b3:d9:ff:1f:5b:c7:44:ff:6b:18:dd:f1:d7:1d:54:f0:
32:e3:2c:00:5e:6d:f9:26:3f:04:d3:52:16:92:eb:25:e7:64:
51:6d:98:37:33:a9:30:1d:7f:92:a7:ff:f1:5d:f4:94:f4:12:
7d:72:c6:eb:bd:b9:8c:8d:09:3d:d3:e2:28:8c:04:2c:44:3c:
1a:17:ea:ad:0e:f5:c7:95:bd:a7:1e:8b:93:69:89:6e:82:f0:
d6:c5:44:10:b2:26:c9:7d:79:44:f5:0d:7b:3f:41:37:69:3f:
f3:bb:ea:aa:37:8f:92:b7:e5:30:2e:f2:a0:8f:89:d3:ad:d0:
18:bd:55:b4:7c:75:d9:ed:d4:bd:9d:a7:c4:bb:fe:42:a4:6f:
80:44:2d:80:71:de:bb:1d:dd:24:2b:bf:7d:42:6d:78:9b:b1:
7e:26:b2:76:2a:42:fc:2f:ac:4b:3e:e5:bc:0d:8d:02:a7:ea:
21:c1:8e:fa:b3:c2:4d:13:98:0f:21:11:fe:c6:5b:ca:f8:a5:
f3:a1:f3:45
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUB+xBzySsffH7y/fhYdRYty43+70wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjNiOTM2MGMwZGRhM2Q2ODhmNGRiZTUzZTJiNmQzY2Vm
NDdmZTgyNTAeFw0yNjA2MjgxNjA1MTFaFw0yNzA2MjcxNjEwMTFaMDMxMTAvBgNV
BAMTKEY3QTlERjhCQUUwNUU4ODJENEI4NzZBODE5RTAyOUZDRUVGQjUyQzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCX1wzYWmFgVg5B3dZ2eYBUaGVu
wBgWueVSCNJEMvnzD+FU1IAFjA/bJDMDRF++gQPp+GZBo3aWAOoi2x0mnmCOXNDg
RGgwYXeVNOTPLk0EiauXDSkwXpvpYOVxnSZRvY6BodDP7Ug8LrvaAemjXS+zlkgn
W1xuJiV2CHwc786kjYI9LSov3DjgTX19tYVcvRsTPvILGdDZGlefsKdiPLWXWy8X
oekKQcalxf08go7zCZETkPvjtDoOuar73q8pLAT7yWNLYg+SLT6PsL5SxkDs0Y4P
cmwpUjIIGWUBmPKlYRk9JX6d4DiwHndQ97EF6jOLsyYh2hwLBg/liDFu2+7/AgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQU96nfi64F6ILUuHaoGeAp/O77UsMwHwYDVR0j
BBgwFoAUs7k2DA3aPWiPTb5T4rbTzvR/6CUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZWJmMDRjN2MtZjgyZC00NzFkLTg1YWQtOThjNjVkZTFj
OTEyLzAvQjNCOTM2MEMwRERBM0Q2ODhGNERCRTUzRTJCNkQzQ0VGNDdGRTgyNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3M3azJEQTNhUFdpUFRiNVQ0cmJUenZS
XzZDVS5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZWJmMDRjN2Mt
ZjgyZC00NzFkLTg1YWQtOThjNjVkZTFjOTEyLzAvMzIzMDMwMzEzYTM2Mzc2MzNh
MzYzODM4M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzMTM1MzkzNTM2LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAIAEGfAaIMA0GCSqGSIb3DQEBCwUAA4IBAQBoQQWeGy0C0OeS9bolFEyO
GiBu+WxB6ZE+3/YBlZ1ZnEj9nf3o+YI8zkqOtkgxH4h+9CzH2eklqLPZ/x9bx0T/
axjd8dcdVPAy4ywAXm35Jj8E01IWkusl52RRbZg3M6kwHX+Sp//xXfSU9BJ9csbr
vbmMjQk90+IojAQsRDwaF+qtDvXHlb2nHouTaYlugvDWxUQQsibJfXlE9Q17P0E3
aT/zu+qqN4+St+UwLvKgj4nTrdAYvVW0fHXZ7dS9nafEu/5CpG+ARC2Acd67Hd0k
K799Qm14m7F+JrJ2KkL8L6xLPuW8DY0Cp+ohwY76s8JNE5gPIRH+xlvK+KXzofNF
-----END CERTIFICATE-----
Generated at Mon Jun 29 11:40:11 2026 by rpki-client