Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/326130323a323633303a3a2f33322d3332203d3e203135343139.roa
File: 326130323a323633303a3a2f33322d3332203d3e203135343139.roa (raw, json)
Hash identifier: jli84J8TPjOOdHhktkVlx+DNU1JzPO7pUh03TSavr40=
Subject key identifier: DA:60:41:8F:86:AD:0E:58:D4:F9:EF:8B:89:84:BE:64:B9:17:E8:DF
Certificate issuer: /CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Certificate serial: 1B01B6E550A586724A0AD511D44E6D4C90472972
Authority key identifier: 9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/326130323a323633303a3a2f33322d3332203d3e203135343139.roa
Signing time: Fri 10 Apr 2026 10:11:00 +0000
ROA not before: Fri 10 Apr 2026 10:06:00 +0000
ROA not after: Fri 09 Apr 2027 10:11:00 +0000
asID: 15419
IP address blocks: 2a02:2630::/32 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 12:16:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:01:b6:e5:50:a5:86:72:4a:0a:d5:11:d4:4e:6d:4c:90:47:29:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Validity
Not Before: Apr 10 10:06:00 2026 GMT
Not After : Apr 9 10:11:00 2027 GMT
Subject: CN=DA60418F86AD0E58D4F9EF8B8984BE64B917E8DF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:12:a9:dc:29:e2:ce:cc:13:14:8b:7d:89:e8:
8d:e9:e9:cb:b0:72:86:72:3b:81:3d:9a:3d:7a:ee:
bf:85:76:aa:c7:78:9e:db:d5:a9:03:06:95:86:d5:
30:d3:fb:7e:e2:ee:6f:38:4a:3c:eb:4a:bd:c6:df:
f1:ed:04:f3:1d:5f:21:ad:8e:4f:d4:1e:88:38:d6:
6a:32:ec:55:ab:8b:e1:98:ef:9f:df:71:ac:6e:af:
15:39:00:44:84:07:c3:dd:7c:95:65:e8:07:46:18:
c9:06:ec:93:b1:ab:7a:b4:c8:ea:ab:dd:d6:b7:da:
2b:a9:19:09:02:65:83:d6:d8:fe:db:bf:66:68:83:
c4:91:64:14:70:05:d9:13:c1:4c:eb:c6:e7:03:4a:
77:4c:0f:02:6d:4c:7a:12:92:1a:1d:ea:6c:e8:39:
da:96:92:79:5c:de:81:a7:10:f4:3f:c7:c4:21:26:
55:f0:b7:aa:a0:bc:99:72:4d:d8:27:5d:3d:47:80:
6a:b3:6e:38:91:ff:91:e7:d5:f4:34:89:15:62:8a:
25:0b:97:68:d8:cd:b7:71:9b:42:69:27:d1:75:0a:
ad:2c:54:05:e9:4f:df:05:d3:6b:17:cf:1c:4a:47:
10:7c:4a:b0:09:33:4e:d6:b2:e7:e2:a5:bd:cf:f3:
49:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:60:41:8F:86:AD:0E:58:D4:F9:EF:8B:89:84:BE:64:B9:17:E8:DF
X509v3 Authority Key Identifier:
keyid:9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/326130323a323633303a3a2f33322d3332203d3e203135343139.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2630::/32
Signature Algorithm: sha256WithRSAEncryption
6b:ac:d1:7a:83:16:4d:b9:69:91:d1:a5:3d:2f:a6:e0:c5:87:
0e:3f:3e:3c:f3:b7:d5:75:89:8e:8d:7e:43:23:21:64:f2:56:
a5:58:ef:27:46:de:b9:0f:f4:6e:64:9c:a7:a8:fd:fd:31:93:
a3:33:ea:ab:cb:4b:c7:ec:8f:83:4a:cc:3a:5c:46:75:d1:59:
1b:75:3b:9f:9b:d1:bc:9b:1a:15:d7:92:39:e9:d0:cf:10:b3:
03:d5:e3:0e:ad:70:b6:0a:6c:47:1f:a5:b4:01:53:a4:9c:e6:
4f:24:c0:9b:52:52:5a:84:cb:f0:8f:da:14:44:3c:e2:73:92:
66:d8:b9:83:74:b4:23:54:d2:a2:ee:ac:bf:08:18:04:55:ba:
e8:15:3e:02:57:5d:d1:ff:dd:c6:6d:7b:52:27:86:d9:5b:c5:
1c:70:f1:7c:77:bb:27:f0:29:e2:95:83:a7:86:56:b0:9a:de:
56:d2:c4:ea:b4:b6:1c:bc:33:1e:fc:27:f9:b1:09:4d:17:d2:
e7:2d:27:95:eb:8d:32:20:ae:31:60:20:0f:79:6d:ee:ab:24:
f9:50:81:c4:7c:89:b2:35:0e:d2:40:b9:45:ce:46:d0:0d:fc:
a3:1c:78:6c:fa:32:c9:e5:9d:49:d7:9a:74:f1:1f:c7:fc:b4:
60:d7:2c:d6
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIUGwG25VClhnJKCtUR1E5tTJBHKXIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmODU5OTdiMWI5YjM1OGUxYzQzZjM2NzY1YWEwYTRh
MDIxNDRhZTAeFw0yNjA0MTAxMDA2MDBaFw0yNzA0MDkxMDExMDBaMDMxMTAvBgNV
BAMTKERBNjA0MThGODZBRDBFNThENEY5RUY4Qjg5ODRCRTY0QjkxN0U4REYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNEqncKeLOzBMUi32J6I3p6cuw
coZyO4E9mj167r+FdqrHeJ7b1akDBpWG1TDT+37i7m84SjzrSr3G3/HtBPMdXyGt
jk/UHog41moy7FWri+GY75/fcaxurxU5AESEB8PdfJVl6AdGGMkG7JOxq3q0yOqr
3da32iupGQkCZYPW2P7bv2Zog8SRZBRwBdkTwUzrxucDSndMDwJtTHoSkhod6mzo
OdqWknlc3oGnEPQ/x8QhJlXwt6qgvJlyTdgnXT1HgGqzbjiR/5Hn1fQ0iRViiiUL
l2jYzbdxm0JpJ9F1Cq0sVAXpT98F02sXzxxKRxB8SrAJM07Wsufipb3P80nlAgMB
AAGjggI8MIICODAdBgNVHQ4EFgQU2mBBj4atDljU+e+LiYS+ZLkX6N8wHwYDVR0j
BBgwFoAUnfhZl7G5s1jhxD82dlqgpKAhRK4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMtZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0
M2IxLzMvOURGODU5OTdCMUI5QjM1OEUxQzQzRjM2NzY1QUEwQTRBMDIxNDRBRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25maFpsN0c1czFqaHhEODJkbHFncEtB
aFJLNC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMt
ZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0M2IxLzMvMzI2MTMwMzIzYTMyMzYzMzMw
M2EzYTJmMzMzMjJkMzMzMjIwM2QzZTIwMzEzNTM0MzEzOS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoC
JjAwDQYJKoZIhvcNAQELBQADggEBAGus0XqDFk25aZHRpT0vpuDFhw4/Pjzzt9V1
iY6NfkMjIWTyVqVY7ydG3rkP9G5knKeo/f0xk6Mz6qvLS8fsj4NKzDpcRnXRWRt1
O5+b0bybGhXXkjnp0M8QswPV4w6tcLYKbEcfpbQBU6Sc5k8kwJtSUlqEy/CP2hRE
POJzkmbYuYN0tCNU0qLurL8IGARVuugVPgJXXdH/3cZte1InhtlbxRxw8Xx3uyfw
KeKVg6eGVrCa3lbSxOq0thy8Mx78J/mxCU0X0uctJ5XrjTIgrjFgIA95be6rJPlQ
gcR8ibI1DtJAuUXORtAN/KMceGz6MsnlnUnXmnTxH8f8tGDXLNY=
-----END CERTIFICATE-----
Generated at Sat Apr 18 01:42:00 2026 by rpki-client