Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563373a666666643a3a2f34382d3438203d3e20323038343533.roa
File: 326131343a316563373a666666643a3a2f34382d3438203d3e20323038343533.roa (raw, json)
Hash identifier: 5YTG/aX/q14ztW70EmkvpbUisFMjDuHcQHuueFeo4BU=
Subject key identifier: F6:BF:67:BE:D8:6C:FC:7E:58:9C:6B:D3:16:E1:CA:CA:02:EB:F9:0A
Certificate issuer: /CN=3134ee987e08d8b5583feef621a03150c4f35434
Certificate serial: 60AF9C38420EEB555C792521E6D67BA89FC8E6C7
Authority key identifier: 31:34:EE:98:7E:08:D8:B5:58:3F:EE:F6:21:A0:31:50:C4:F3:54:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563373a666666643a3a2f34382d3438203d3e20323038343533.roa
Signing time: Fri 23 Jan 2026 20:55:49 +0000
ROA not before: Fri 23 Jan 2026 20:50:49 +0000
ROA not after: Fri 22 Jan 2027 20:55:49 +0000
asID: 208453
IP address blocks: 2a14:1ec7:fffd::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.crl
rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.mft
rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:af:9c:38:42:0e:eb:55:5c:79:25:21:e6:d6:7b:a8:9f:c8:e6:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3134ee987e08d8b5583feef621a03150c4f35434
Validity
Not Before: Jan 23 20:50:49 2026 GMT
Not After : Jan 22 20:55:49 2027 GMT
Subject: CN=F6BF67BED86CFC7E589C6BD316E1CACA02EBF90A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:e3:74:ce:5b:14:44:85:32:fd:5f:2e:e6:86:
bb:1e:e8:93:66:15:5e:30:00:ff:90:ee:f4:7b:5e:
fb:9f:8d:3c:54:ba:d4:a6:77:bc:4b:34:a1:5e:c2:
cc:2f:6c:f3:c3:e8:e6:8f:5e:e5:60:70:a5:e4:ce:
91:b6:ff:f3:8f:f6:d6:6a:07:7b:48:b5:15:42:7b:
2d:bf:97:69:a5:6c:2e:a2:24:00:7e:5c:a0:d2:2e:
1d:77:b5:83:2e:27:6e:e1:cc:eb:de:5d:4c:b3:32:
f2:dd:0c:3a:88:5c:09:12:00:8d:48:02:93:dd:1b:
c1:cf:e9:34:fe:52:02:8b:c7:f8:8e:8d:20:f6:d4:
3b:2a:c4:fc:ae:fe:75:23:3c:c7:fa:ab:1b:c0:d3:
17:ab:ec:09:b7:8b:89:ed:0d:e6:4a:2f:15:25:11:
f9:50:8b:2d:fe:c3:a3:1d:71:fe:17:ba:b4:47:1b:
45:0e:6f:81:d9:41:c1:7b:99:32:f5:3d:a0:ac:2b:
43:27:10:21:8a:e4:68:51:f7:7e:40:c6:bc:35:bb:
92:ff:f5:27:67:e2:58:75:d2:d9:ca:98:28:5e:1e:
8d:4b:8d:49:b5:7b:bf:2e:81:7e:59:3c:f9:54:6d:
16:0b:8a:b4:a8:bf:3d:c0:30:4c:1b:b2:d0:e8:98:
70:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:BF:67:BE:D8:6C:FC:7E:58:9C:6B:D3:16:E1:CA:CA:02:EB:F9:0A
X509v3 Authority Key Identifier:
keyid:31:34:EE:98:7E:08:D8:B5:58:3F:EE:F6:21:A0:31:50:C4:F3:54:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563373a666666643a3a2f34382d3438203d3e20323038343533.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:1ec7:fffd::/48
Signature Algorithm: sha256WithRSAEncryption
98:69:e5:48:ab:b3:99:4c:61:82:74:13:b3:0e:aa:32:26:61:
3d:6e:7c:1c:9e:9d:3d:91:34:77:e5:3f:59:41:6f:3e:1f:ad:
12:53:a0:0d:b0:09:b0:ad:1c:c9:c9:9b:e8:f7:40:26:81:30:
42:63:e1:18:4d:7b:9e:31:f2:b5:41:48:28:41:58:89:49:6d:
c9:80:81:15:59:e2:fa:ab:92:91:9b:d2:c6:4f:2b:f4:59:ab:
0b:22:c1:bc:aa:07:58:95:51:01:ed:a7:11:f1:39:bf:a0:02:
79:a9:b1:ef:bc:3a:e4:68:73:44:6d:8d:19:57:0b:bd:cc:78:
2a:20:7b:f6:8a:54:b3:fb:40:12:88:c9:f3:a8:3f:7a:ea:36:
c3:fb:ec:44:5a:33:21:22:3b:c4:26:d1:f7:d9:54:1a:95:0a:
c4:ed:66:e1:1e:cc:ae:1e:47:f0:2d:78:e0:1c:e1:b8:b0:4d:
10:f8:98:4e:ed:df:72:cf:a9:f5:a9:37:4e:36:5e:a4:05:22:
ea:48:30:77:0e:7e:42:d2:13:44:94:5e:8c:35:2a:4f:a2:d5:
1f:f3:00:b4:ec:fd:86:dc:02:d1:c8:7d:15:f1:ef:0b:ab:91:
90:2f:92:d6:50:87:b4:c4:ff:46:40:a9:ce:95:43:ce:b7:24:
f1:a3:98:ee
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUYK+cOEIO61VceSUh5tZ7qJ/I5scwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzEzNGVlOTg3ZTA4ZDhiNTU4M2ZlZWY2MjFhMDMxNTBj
NGYzNTQzNDAeFw0yNjAxMjMyMDUwNDlaFw0yNzAxMjIyMDU1NDlaMDMxMTAvBgNV
BAMTKEY2QkY2N0JFRDg2Q0ZDN0U1ODlDNkJEMzE2RTFDQUNBMDJFQkY5MEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDO43TOWxREhTL9Xy7mhrse6JNm
FV4wAP+Q7vR7XvufjTxUutSmd7xLNKFewswvbPPD6OaPXuVgcKXkzpG2//OP9tZq
B3tItRVCey2/l2mlbC6iJAB+XKDSLh13tYMuJ27hzOveXUyzMvLdDDqIXAkSAI1I
ApPdG8HP6TT+UgKLx/iOjSD21DsqxPyu/nUjPMf6qxvA0xer7Am3i4ntDeZKLxUl
EflQiy3+w6Mdcf4XurRHG0UOb4HZQcF7mTL1PaCsK0MnECGK5GhR935Axrw1u5L/
9Sdn4lh10tnKmCheHo1LjUm1e78ugX5ZPPlUbRYLirSovz3AMEwbstDomHBNAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQU9r9nvths/H5YnGvTFuHKygLr+QowHwYDVR0j
BBgwFoAUMTTumH4I2LVYP+72IaAxUMTzVDQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWEzYmI5M2YtOThhNC00YzdlLWEwZTEtODA1N2E0ZjA4
NmM5LzAvMzEzNEVFOTg3RTA4RDhCNTU4M0ZFRUY2MjFBMDMxNTBDNEYzNTQzNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL01UVHVtSDRJMkxWWVAtNzJJYUF4VU1U
elZEUS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWEzYmI5M2Yt
OThhNC00YzdlLWEwZTEtODA1N2E0ZjA4NmM5LzAvMzI2MTMxMzQzYTMxNjU2MzM3
M2E2NjY2NjY2NDNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAzODM0MzUzMy5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoUHsf//TANBgkqhkiG9w0BAQsFAAOCAQEAmGnlSKuzmUxhgnQT
sw6qMiZhPW58HJ6dPZE0d+U/WUFvPh+tElOgDbAJsK0cycmb6PdAJoEwQmPhGE17
njHytUFIKEFYiUltyYCBFVni+quSkZvSxk8r9FmrCyLBvKoHWJVRAe2nEfE5v6AC
eamx77w65GhzRG2NGVcLvcx4KiB79opUs/tAEojJ86g/euo2w/vsRFozISI7xCbR
99lUGpUKxO1m4R7Mrh5H8C144BzhuLBNEPiYTu3fcs+p9ak3TjZepAUi6kgwdw5+
QtITRJRejDUqT6LVH/MAtOz9htwC0ch9FfHvC6uRkC+S1lCHtMT/RkCpzpVDzrck
8aOY7g==
-----END CERTIFICATE-----
Generated at Mon Mar 2 12:48:33 2026 by rpki-client