Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563373a653030303a3a2f33362d3430203d3e20323135343637.roa
File: 326131343a316563373a653030303a3a2f33362d3430203d3e20323135343637.roa (raw, json)
Hash identifier: 8zn5/SYYTxV7VwG8yZqKVCEQWHP2snDfA0WDaiSQRAU=
Subject key identifier: 39:CE:86:75:86:FC:5F:EE:54:BF:7D:9D:8C:CE:DA:02:AE:11:06:20
Certificate issuer: /CN=3134ee987e08d8b5583feef621a03150c4f35434
Certificate serial: 630ADC94E2F4D059E3C8A6C6233B43CB06E46167
Authority key identifier: 31:34:EE:98:7E:08:D8:B5:58:3F:EE:F6:21:A0:31:50:C4:F3:54:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563373a653030303a3a2f33362d3430203d3e20323135343637.roa
Signing time: Sun 01 Mar 2026 15:43:15 +0000
ROA not before: Sun 01 Mar 2026 15:38:15 +0000
ROA not after: Sun 28 Feb 2027 15:43:15 +0000
asID: 215467
IP address blocks: 2a14:1ec7:e000::/36 maxlen: 40
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.crl
rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.mft
rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:19:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:0a:dc:94:e2:f4:d0:59:e3:c8:a6:c6:23:3b:43:cb:06:e4:61:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3134ee987e08d8b5583feef621a03150c4f35434
Validity
Not Before: Mar 1 15:38:15 2026 GMT
Not After : Feb 28 15:43:15 2027 GMT
Subject: CN=39CE867586FC5FEE54BF7D9D8CCEDA02AE110620
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:70:8d:08:87:e8:2b:37:79:19:16:d6:e6:3e:
a4:5f:ce:99:53:6b:0a:a6:7b:eb:fe:a2:fd:27:2a:
3c:02:41:c0:16:de:47:ef:c8:ca:e8:ed:90:92:da:
ca:c9:b2:81:73:9e:52:65:1e:58:e5:a7:55:e3:9a:
f2:e3:24:41:10:c2:96:d9:78:bb:42:0c:71:28:f2:
5a:a7:16:7d:af:1d:11:e5:36:f5:92:cd:32:6c:43:
ee:d5:43:aa:0a:51:bc:31:e9:11:0f:e3:2c:ca:d4:
40:d9:1e:69:5e:cd:eb:29:5e:8b:4b:29:7e:a4:b9:
bd:ec:4b:b5:77:fd:ec:97:0a:4b:69:62:a9:1b:44:
51:45:9d:ea:23:2b:5e:19:90:6a:9e:f1:2b:42:0e:
37:72:c6:e1:b4:ec:21:58:13:cf:00:45:6a:14:ad:
45:28:6c:9a:31:5b:55:ec:15:c9:00:5b:88:17:e4:
df:43:e2:8f:c6:05:e1:cc:b6:9a:e3:00:e9:7d:f3:
58:97:35:72:b7:f6:6b:c9:5a:bb:04:9f:d1:da:bc:
01:07:a8:57:e9:f0:8f:fd:ce:31:90:ba:77:c1:1c:
6d:ad:a9:f2:62:17:a9:7b:7e:f5:32:7e:cd:0b:a0:
c6:9a:8a:8d:1b:f4:19:75:09:c8:96:89:dc:4d:64:
c5:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:CE:86:75:86:FC:5F:EE:54:BF:7D:9D:8C:CE:DA:02:AE:11:06:20
X509v3 Authority Key Identifier:
keyid:31:34:EE:98:7E:08:D8:B5:58:3F:EE:F6:21:A0:31:50:C4:F3:54:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563373a653030303a3a2f33362d3430203d3e20323135343637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:1ec7:e000::/36
Signature Algorithm: sha256WithRSAEncryption
65:db:78:9c:fd:f7:ae:27:90:22:85:f3:81:07:91:ec:82:e2:
4c:22:ed:ef:80:61:dc:f1:2a:67:15:ea:a5:46:e0:3a:ce:78:
94:0d:9a:6a:ff:c2:9d:79:59:0a:dc:2d:0c:9f:e6:b7:21:fe:
59:b1:7f:d1:af:55:b6:98:9c:3f:40:91:47:55:37:a9:bb:83:
ce:cf:b0:95:9c:6f:05:f3:5e:c6:4c:e6:e3:1e:87:a6:d5:10:
c6:de:59:c7:44:5d:a2:13:fd:a7:55:ac:a7:99:12:6f:ae:12:
f1:53:d0:d3:65:e0:93:ae:db:ed:b8:fb:c6:00:85:37:42:63:
7f:ac:6e:14:1e:cd:a6:e6:8d:21:79:88:71:06:7f:89:f0:b2:
b4:b4:05:c5:d1:29:c7:7d:3b:14:2b:f4:77:9b:79:d9:f3:6b:
f3:6b:fe:d1:f8:c6:b9:4d:ba:e0:b7:1b:6e:43:da:3d:7e:04:
fe:95:1c:3e:84:ab:3c:5e:6e:98:b9:72:7d:7c:f4:6c:46:e1:
c7:e4:ca:1a:75:b9:65:2f:85:65:04:4b:c7:dd:a1:4e:d4:1d:
b0:aa:5e:ff:9e:54:4b:54:51:e0:d5:7c:ed:3a:ef:93:eb:e9:
c9:30:65:3c:0f:fc:b5:cc:7f:ad:cf:81:a2:c9:36:ae:7a:6c:
21:5b:17:94
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIUYwrclOL00FnjyKbGIztDywbkYWcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzEzNGVlOTg3ZTA4ZDhiNTU4M2ZlZWY2MjFhMDMxNTBj
NGYzNTQzNDAeFw0yNjAzMDExNTM4MTVaFw0yNzAyMjgxNTQzMTVaMDMxMTAvBgNV
BAMTKDM5Q0U4Njc1ODZGQzVGRUU1NEJGN0Q5RDhDQ0VEQTAyQUUxMTA2MjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvcI0Ih+grN3kZFtbmPqRfzplT
awqme+v+ov0nKjwCQcAW3kfvyMro7ZCS2srJsoFznlJlHljlp1XjmvLjJEEQwpbZ
eLtCDHEo8lqnFn2vHRHlNvWSzTJsQ+7VQ6oKUbwx6REP4yzK1EDZHmlezespXotL
KX6kub3sS7V3/eyXCktpYqkbRFFFneojK14ZkGqe8StCDjdyxuG07CFYE88ARWoU
rUUobJoxW1XsFckAW4gX5N9D4o/GBeHMtprjAOl981iXNXK39mvJWrsEn9HavAEH
qFfp8I/9zjGQunfBHG2tqfJiF6l7fvUyfs0LoMaaio0b9Bl1CciWidxNZMX7AgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQUOc6GdYb8X+5Uv32djM7aAq4RBiAwHwYDVR0j
BBgwFoAUMTTumH4I2LVYP+72IaAxUMTzVDQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWEzYmI5M2YtOThhNC00YzdlLWEwZTEtODA1N2E0ZjA4
NmM5LzAvMzEzNEVFOTg3RTA4RDhCNTU4M0ZFRUY2MjFBMDMxNTBDNEYzNTQzNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL01UVHVtSDRJMkxWWVAtNzJJYUF4VU1U
elZEUS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWEzYmI5M2Yt
OThhNC00YzdlLWEwZTEtODA1N2E0ZjA4NmM5LzAvMzI2MTMxMzQzYTMxNjU2MzM3
M2E2NTMwMzAzMDNhM2EyZjMzMzYyZDM0MzAyMDNkM2UyMDMyMzEzNTM0MzYzNy5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw
DgQCAAIwCAMGBCoUHsfgMA0GCSqGSIb3DQEBCwUAA4IBAQBl23ic/feuJ5AihfOB
B5HsguJMIu3vgGHc8SpnFeqlRuA6zniUDZpq/8KdeVkK3C0Mn+a3If5ZsX/Rr1W2
mJw/QJFHVTepu4POz7CVnG8F817GTObjHoem1RDG3lnHRF2iE/2nVaynmRJvrhLx
U9DTZeCTrtvtuPvGAIU3QmN/rG4UHs2m5o0heYhxBn+J8LK0tAXF0SnHfTsUK/R3
m3nZ82vza/7R+Ma5TbrgtxtuQ9o9fgT+lRw+hKs8Xm6YuXJ9fPRsRuHH5Moadbll
L4VlBEvH3aFO1B2wql7/nlRLVFHg1XztOu+T6+nJMGU8D/y1zH+tz4GiyTauemwh
WxeU
-----END CERTIFICATE-----
Generated at Mon Mar 2 16:04:59 2026 by rpki-client