Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563373a666530303a3a2f34302d3438203d3e20323135343637.roa
File: 326131343a316563373a666530303a3a2f34302d3438203d3e20323135343637.roa (raw, json)
Hash identifier: lKH4mtM4mbN517zmwoqLWw8tyiIkqEd3YjyFosJunqY=
Subject key identifier: D2:06:68:59:60:A8:2D:B9:43:01:94:BA:2B:78:F3:38:5B:FD:06:78
Certificate issuer: /CN=3134ee987e08d8b5583feef621a03150c4f35434
Certificate serial: 6BCEF07EDE85A254CB134FF4F0B598775F7B2CD0
Authority key identifier: 31:34:EE:98:7E:08:D8:B5:58:3F:EE:F6:21:A0:31:50:C4:F3:54:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563373a666530303a3a2f34302d3438203d3e20323135343637.roa
Signing time: Wed 15 Apr 2026 10:55:51 +0000
ROA not before: Wed 15 Apr 2026 10:50:51 +0000
ROA not after: Wed 14 Apr 2027 10:55:51 +0000
asID: 215467
IP address blocks: 2a14:1ec7:fe00::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.crl
rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.mft
rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:ce:f0:7e:de:85:a2:54:cb:13:4f:f4:f0:b5:98:77:5f:7b:2c:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3134ee987e08d8b5583feef621a03150c4f35434
Validity
Not Before: Apr 15 10:50:51 2026 GMT
Not After : Apr 14 10:55:51 2027 GMT
Subject: CN=D206685960A82DB9430194BA2B78F3385BFD0678
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:79:3c:1b:ba:4a:82:b7:13:81:46:19:43:03:
e0:62:be:1b:60:dd:31:eb:21:1c:0c:37:46:60:85:
6c:e2:98:10:43:85:35:0d:a8:05:9a:a2:ef:6f:8a:
fc:3c:43:fa:b3:dd:b4:56:57:32:0c:47:0c:bb:2a:
26:40:61:f6:16:5d:3a:dd:45:40:a1:f6:b5:9c:60:
41:ef:08:ee:f2:77:e4:a9:d3:5b:fe:45:2e:4d:cc:
86:91:8d:d0:fb:c7:6a:8f:19:dd:63:80:0b:b3:f1:
66:ec:3b:74:31:ca:9d:4f:d4:ee:6c:5e:3d:21:ea:
3c:b9:ee:47:fa:94:7d:8e:9f:98:3c:a0:67:49:eb:
8e:f9:f9:90:e1:73:1d:69:6f:8e:3a:c0:1d:34:ba:
0c:60:3d:0b:02:5c:8a:39:6e:1e:78:79:42:3c:fb:
d2:48:d8:0d:8d:3c:c8:e9:c5:03:11:34:70:df:69:
8f:c4:5a:93:48:5f:80:73:82:87:2e:df:29:d0:3f:
0c:33:78:7b:15:fe:9d:49:38:59:22:7e:d9:02:1a:
a1:3c:9c:69:a4:95:ca:8b:1c:a0:ea:82:ed:be:b8:
ff:3e:43:77:31:f9:d7:3c:4a:17:57:00:ea:3e:45:
8c:10:00:56:e9:be:2a:67:41:36:87:f7:3c:27:dd:
2a:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:06:68:59:60:A8:2D:B9:43:01:94:BA:2B:78:F3:38:5B:FD:06:78
X509v3 Authority Key Identifier:
keyid:31:34:EE:98:7E:08:D8:B5:58:3F:EE:F6:21:A0:31:50:C4:F3:54:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563373a666530303a3a2f34302d3438203d3e20323135343637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:1ec7:fe00::/40
Signature Algorithm: sha256WithRSAEncryption
4d:98:84:9b:1c:bd:14:60:da:90:66:65:5e:1e:a1:da:25:89:
65:64:6b:1d:e1:34:5a:44:a0:34:d9:06:3a:a6:92:31:2f:eb:
b9:ee:0e:82:68:01:05:6f:bf:18:0c:d8:02:11:03:3d:dd:f5:
72:f7:52:8e:80:29:0c:cb:24:3b:6b:13:f1:ef:fb:59:6c:12:
8a:87:38:49:42:50:7c:19:81:c2:2f:50:72:13:2d:d5:5c:1f:
88:a2:5d:83:8e:2b:ab:50:3e:49:1b:4e:5c:8a:f9:a0:4e:60:
d3:d6:0c:b5:31:fa:d2:e6:4e:77:36:f0:d8:82:86:f7:69:1e:
44:d7:bd:8d:27:b4:9f:11:ac:f6:c1:7f:ee:e3:03:7b:b2:2e:
1b:32:27:9b:4e:52:ef:1a:19:4d:e3:94:a5:66:25:6a:b2:5d:
36:46:ca:78:09:51:d1:9b:a6:d1:88:a6:1b:1b:72:87:e6:75:
b1:20:fb:48:90:0a:2c:ec:9a:cf:b4:46:5b:97:db:48:e0:72:
4c:6d:b8:9a:79:03:db:ca:2a:3e:45:79:a5:9d:d1:ae:79:2d:
7d:d3:d1:3c:a4:04:eb:9b:2e:2f:0f:fe:f2:d2:3a:0f:88:92:
dd:cd:ba:f8:13:3f:67:b7:63:99:83:1b:74:bd:45:9b:2e:6a:
ed:2a:62:2b
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIUa87wft6FolTLE0/08LWYd197LNAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzEzNGVlOTg3ZTA4ZDhiNTU4M2ZlZWY2MjFhMDMxNTBj
NGYzNTQzNDAeFw0yNjA0MTUxMDUwNTFaFw0yNzA0MTQxMDU1NTFaMDMxMTAvBgNV
BAMTKEQyMDY2ODU5NjBBODJEQjk0MzAxOTRCQTJCNzhGMzM4NUJGRDA2NzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDceTwbukqCtxOBRhlDA+Bivhtg
3THrIRwMN0ZghWzimBBDhTUNqAWaou9vivw8Q/qz3bRWVzIMRwy7KiZAYfYWXTrd
RUCh9rWcYEHvCO7yd+Sp01v+RS5NzIaRjdD7x2qPGd1jgAuz8WbsO3Qxyp1P1O5s
Xj0h6jy57kf6lH2On5g8oGdJ6475+ZDhcx1pb446wB00ugxgPQsCXIo5bh54eUI8
+9JI2A2NPMjpxQMRNHDfaY/EWpNIX4Bzgocu3ynQPwwzeHsV/p1JOFkiftkCGqE8
nGmklcqLHKDqgu2+uP8+Q3cx+dc8ShdXAOo+RYwQAFbpvipnQTaH9zwn3SrvAgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQU0gZoWWCoLblDAZS6K3jzOFv9BngwHwYDVR0j
BBgwFoAUMTTumH4I2LVYP+72IaAxUMTzVDQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWEzYmI5M2YtOThhNC00YzdlLWEwZTEtODA1N2E0ZjA4
NmM5LzAvMzEzNEVFOTg3RTA4RDhCNTU4M0ZFRUY2MjFBMDMxNTBDNEYzNTQzNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL01UVHVtSDRJMkxWWVAtNzJJYUF4VU1U
elZEUS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWEzYmI5M2Yt
OThhNC00YzdlLWEwZTEtODA1N2E0ZjA4NmM5LzAvMzI2MTMxMzQzYTMxNjU2MzM3
M2E2NjY1MzAzMDNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDMyMzEzNTM0MzYzNy5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw
DgQCAAIwCAMGACoUHsf+MA0GCSqGSIb3DQEBCwUAA4IBAQBNmISbHL0UYNqQZmVe
HqHaJYllZGsd4TRaRKA02QY6ppIxL+u57g6CaAEFb78YDNgCEQM93fVy91KOgCkM
yyQ7axPx7/tZbBKKhzhJQlB8GYHCL1ByEy3VXB+Iol2DjiurUD5JG05civmgTmDT
1gy1MfrS5k53NvDYgob3aR5E172NJ7SfEaz2wX/u4wN7si4bMiebTlLvGhlN45Sl
ZiVqsl02Rsp4CVHRm6bRiKYbG3KH5nWxIPtIkAos7JrPtEZbl9tI4HJMbbiaeQPb
yio+RXmlndGueS1909E8pATrmy4vD/7y0joPiJLdzbr4Ez9nt2OZgxt0vUWbLmrt
KmIr
-----END CERTIFICATE-----
Generated at Fri Apr 17 17:24:30 2026 by rpki-client