Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563373a666666633a3a2f34382d3438203d3e20323136333339.roa
File: 326131343a316563373a666666633a3a2f34382d3438203d3e20323136333339.roa (raw, json)
Hash identifier: CW97iqZhXof9oXzh23WU9MPYgheevo+XAjJxWsnvTm8=
Subject key identifier: FB:7A:EB:BF:8C:44:73:41:B4:B6:DB:4D:71:EE:BD:FD:9B:13:9B:CF
Certificate issuer: /CN=3134ee987e08d8b5583feef621a03150c4f35434
Certificate serial: 762ADB8BB1BB89F3B25ABE96BC58A3E78AFB760C
Authority key identifier: 31:34:EE:98:7E:08:D8:B5:58:3F:EE:F6:21:A0:31:50:C4:F3:54:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563373a666666633a3a2f34382d3438203d3e20323136333339.roa
Signing time: Sun 01 Feb 2026 16:55:50 +0000
ROA not before: Sun 01 Feb 2026 16:50:50 +0000
ROA not after: Sun 31 Jan 2027 16:55:50 +0000
asID: 216339
IP address blocks: 2a14:1ec7:fffc::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.crl
rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.mft
rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:2a:db:8b:b1:bb:89:f3:b2:5a:be:96:bc:58:a3:e7:8a:fb:76:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3134ee987e08d8b5583feef621a03150c4f35434
Validity
Not Before: Feb 1 16:50:50 2026 GMT
Not After : Jan 31 16:55:50 2027 GMT
Subject: CN=FB7AEBBF8C447341B4B6DB4D71EEBDFD9B139BCF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:1c:6a:a6:4a:4f:9c:8a:54:b4:fe:6b:70:71:
3d:34:e1:bc:d7:b2:e8:5c:be:56:cd:9d:60:74:d7:
05:06:3a:da:63:a7:db:f6:92:c2:35:e7:35:4b:02:
ed:a9:e0:a8:ad:f1:ad:89:6b:bf:5d:a2:3d:4e:0b:
19:b8:c6:f1:f8:4a:43:28:74:0e:85:d1:46:4e:aa:
23:82:3d:d8:25:c8:49:d3:3a:ba:1b:a0:e2:4a:c4:
85:17:c8:25:3a:10:8d:e8:af:ed:c0:53:c3:8f:02:
cf:08:dc:ea:bb:31:4d:57:69:de:64:ee:7f:7a:14:
3b:85:27:61:b5:94:b9:5f:ce:67:6d:4e:8c:d3:c4:
7f:fc:9b:1d:9d:27:ce:4c:68:da:6d:8e:0c:08:b9:
fb:fa:2a:b7:ce:62:ed:9d:33:f7:1d:aa:03:55:04:
a9:fd:d4:e2:0a:01:ea:2f:f9:c3:a1:73:93:bd:29:
a1:c6:70:1a:c2:48:eb:cb:a9:94:2e:61:43:4c:cb:
46:3a:6a:26:1e:15:5c:68:92:24:00:80:77:11:da:
65:87:fc:e3:e9:46:ba:94:c3:fa:3c:8c:53:10:27:
0a:2d:6a:ff:02:06:8f:60:a5:64:c4:be:79:68:af:
4a:7c:86:be:9c:1b:22:e5:5e:f0:b9:e7:a8:49:83:
37:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:7A:EB:BF:8C:44:73:41:B4:B6:DB:4D:71:EE:BD:FD:9B:13:9B:CF
X509v3 Authority Key Identifier:
keyid:31:34:EE:98:7E:08:D8:B5:58:3F:EE:F6:21:A0:31:50:C4:F3:54:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563373a666666633a3a2f34382d3438203d3e20323136333339.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:1ec7:fffc::/48
Signature Algorithm: sha256WithRSAEncryption
5c:f2:a1:4b:11:35:ee:4c:6f:f7:0a:c3:19:63:7a:f3:85:e1:
2d:49:a7:27:cd:83:ec:90:f5:77:17:26:55:84:a9:99:eb:a1:
bc:4e:93:6d:83:46:27:3b:e6:eb:3f:74:62:28:1e:d4:12:9e:
64:00:96:af:e8:b7:56:3c:a4:79:21:d5:00:bc:08:12:d2:f1:
a9:5f:b5:93:d0:03:a5:21:0f:8d:c3:f2:95:6f:96:7f:07:f2:
0f:be:af:b6:b6:90:61:2f:e3:8b:8e:c5:32:0d:46:aa:2b:a0:
53:39:1a:7e:7a:1f:76:eb:c7:08:f7:76:61:99:64:b9:c4:3f:
58:db:e8:22:b5:67:24:90:55:0b:b3:4c:08:13:15:ee:b5:e9:
32:b8:de:8e:ba:2b:e2:50:b5:9c:ac:28:ad:47:fc:3f:db:4b:
40:8b:67:f5:22:16:2e:97:27:12:47:33:14:ab:49:57:6b:59:
54:50:82:4c:6d:86:03:3a:eb:08:47:72:f7:a4:17:eb:3e:7f:
8f:ab:e1:d6:34:0d:3b:66:60:6a:81:2d:32:ce:d0:90:66:fc:
58:40:0f:1b:f3:de:89:a4:74:90:56:cb:92:30:e8:2c:f6:b2:
7a:a8:c0:c1:38:45:f9:b7:e6:0b:e0:47:0e:ee:5d:8a:7b:4b:
59:58:31:7b
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUdirbi7G7ifOyWr6WvFij54r7dgwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzEzNGVlOTg3ZTA4ZDhiNTU4M2ZlZWY2MjFhMDMxNTBj
NGYzNTQzNDAeFw0yNjAyMDExNjUwNTBaFw0yNzAxMzExNjU1NTBaMDMxMTAvBgNV
BAMTKEZCN0FFQkJGOEM0NDczNDFCNEI2REI0RDcxRUVCREZEOUIxMzlCQ0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXHGqmSk+cilS0/mtwcT004bzX
suhcvlbNnWB01wUGOtpjp9v2ksI15zVLAu2p4Kit8a2Ja79doj1OCxm4xvH4SkMo
dA6F0UZOqiOCPdglyEnTOroboOJKxIUXyCU6EI3or+3AU8OPAs8I3Oq7MU1Xad5k
7n96FDuFJ2G1lLlfzmdtTozTxH/8mx2dJ85MaNptjgwIufv6KrfOYu2dM/cdqgNV
BKn91OIKAeov+cOhc5O9KaHGcBrCSOvLqZQuYUNMy0Y6aiYeFVxokiQAgHcR2mWH
/OPpRrqUw/o8jFMQJwotav8CBo9gpWTEvnlor0p8hr6cGyLlXvC556hJgzd1AgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQU+3rrv4xEc0G0tttNce69/ZsTm88wHwYDVR0j
BBgwFoAUMTTumH4I2LVYP+72IaAxUMTzVDQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWEzYmI5M2YtOThhNC00YzdlLWEwZTEtODA1N2E0ZjA4
NmM5LzAvMzEzNEVFOTg3RTA4RDhCNTU4M0ZFRUY2MjFBMDMxNTBDNEYzNTQzNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL01UVHVtSDRJMkxWWVAtNzJJYUF4VU1U
elZEUS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWEzYmI5M2Yt
OThhNC00YzdlLWEwZTEtODA1N2E0ZjA4NmM5LzAvMzI2MTMxMzQzYTMxNjU2MzM3
M2E2NjY2NjY2MzNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzNjMzMzMzOS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoUHsf//DANBgkqhkiG9w0BAQsFAAOCAQEAXPKhSxE17kxv9wrD
GWN684XhLUmnJ82D7JD1dxcmVYSpmeuhvE6TbYNGJzvm6z90Yige1BKeZACWr+i3
VjykeSHVALwIEtLxqV+1k9ADpSEPjcPylW+WfwfyD76vtraQYS/ji47FMg1Gqiug
UzkafnofduvHCPd2YZlkucQ/WNvoIrVnJJBVC7NMCBMV7rXpMrjejror4lC1nKwo
rUf8P9tLQItn9SIWLpcnEkczFKtJV2tZVFCCTG2GAzrrCEdy96QX6z5/j6vh1jQN
O2ZgaoEtMs7QkGb8WEAPG/PeiaR0kFbLkjDoLPayeqjAwThF+bfmC+BHDu5dintL
WVgxew==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:10:48 2026 by rpki-client