Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/5/326130313a6234303a3a2f32392d3438203d3e203438373030.roa
File: 326130313a6234303a3a2f32392d3438203d3e203438373030.roa (raw, json)
Hash identifier: zprKAfMxuhh44vBmZdJyS4oUsSHm80ESOd6bFepuvfw=
Subject key identifier: 02:EA:A6:9B:57:D1:62:13:4C:42:8D:62:C9:4D:CC:46:0D:B9:6B:9C
Certificate issuer: /CN=295b60bb0cbb4a53d9545bc20b774ffa036b4a46
Certificate serial: 44BA65C667359F4C87B96959A2138B8A29C96FF7
Authority key identifier: 29:5B:60:BB:0C:BB:4A:53:D9:54:5B:C2:0B:77:4F:FA:03:6B:4A:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KVtguwy7SlPZVFvCC3dP-gNrSkY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/5/326130313a6234303a3a2f32392d3438203d3e203438373030.roa
Signing time: Thu 04 Jun 2026 12:23:19 +0000
ROA not before: Thu 04 Jun 2026 12:18:19 +0000
ROA not after: Thu 03 Jun 2027 12:23:19 +0000
asID: 48700
IP address blocks: 2a01:b40::/29 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/5/295B60BB0CBB4A53D9545BC20B774FFA036B4A46.crl
rsync://rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/5/295B60BB0CBB4A53D9545BC20B774FFA036B4A46.mft
rsync://rpki.ripe.net/repository/DEFAULT/KVtguwy7SlPZVFvCC3dP-gNrSkY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 23:59:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:ba:65:c6:67:35:9f:4c:87:b9:69:59:a2:13:8b:8a:29:c9:6f:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=295b60bb0cbb4a53d9545bc20b774ffa036b4a46
Validity
Not Before: Jun 4 12:18:19 2026 GMT
Not After : Jun 3 12:23:19 2027 GMT
Subject: CN=02EAA69B57D162134C428D62C94DCC460DB96B9C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:9d:b2:77:18:aa:b1:18:98:64:7b:c8:07:d2:
ab:cc:86:19:bc:19:f8:5e:66:31:ff:3e:9e:94:b1:
11:45:80:04:b0:93:a5:ea:45:7d:af:f0:a5:37:04:
56:43:5c:e2:4d:be:9f:5f:2f:06:31:4d:10:b5:79:
66:d1:2b:3c:52:ff:0f:45:ce:94:68:12:fd:0f:53:
ae:c8:c6:f8:4a:a2:90:a6:92:c0:b2:73:91:ac:da:
93:a6:ce:64:87:a4:79:35:15:9a:fc:03:36:2d:d4:
1c:7a:1d:a8:ab:64:5f:cb:f6:27:8e:85:c6:79:6e:
f5:a5:b2:fb:6b:de:e2:2a:f8:e7:1c:46:da:81:1e:
0a:fc:ff:c5:fc:68:ed:80:9c:8f:64:b4:0e:ea:6d:
05:2f:ba:26:9a:81:e8:11:65:8f:dd:10:6b:01:12:
d6:d8:30:cf:ac:71:15:48:8f:fd:9d:ce:a8:3f:55:
aa:7d:bf:a6:d6:d6:1f:ff:81:2d:58:b8:d4:f2:09:
78:fe:35:cb:60:6c:f2:5c:a0:5c:f2:cb:c8:83:a3:
45:dd:fb:3e:51:e1:a0:33:60:af:a0:11:09:91:89:
fa:8b:38:10:ce:66:17:18:23:53:35:91:77:0d:e5:
d0:cf:30:49:b0:5b:6c:22:c6:6c:53:83:3a:4a:c3:
c8:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:EA:A6:9B:57:D1:62:13:4C:42:8D:62:C9:4D:CC:46:0D:B9:6B:9C
X509v3 Authority Key Identifier:
keyid:29:5B:60:BB:0C:BB:4A:53:D9:54:5B:C2:0B:77:4F:FA:03:6B:4A:46
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/5/295B60BB0CBB4A53D9545BC20B774FFA036B4A46.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KVtguwy7SlPZVFvCC3dP-gNrSkY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/5/326130313a6234303a3a2f32392d3438203d3e203438373030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:b40::/29
Signature Algorithm: sha256WithRSAEncryption
44:ee:5c:74:64:0b:82:ff:36:a3:48:a3:cd:5f:23:41:e4:f1:
5b:6b:51:5c:1c:ad:a8:0b:d1:9b:d1:eb:7b:e4:1d:95:8c:b6:
36:c1:28:20:95:e7:57:0a:04:39:52:89:f6:b5:4e:31:6c:38:
cb:87:25:d5:84:09:30:5d:05:16:0d:0a:dd:1f:20:ab:7a:f4:
77:d5:a4:88:81:57:5b:3d:e6:ca:08:26:0e:8f:30:2b:25:43:
5a:75:df:a9:81:a3:b3:21:8b:00:63:7d:94:0a:c4:3d:de:d3:
64:2a:72:70:10:77:60:1a:ac:af:10:d4:73:3f:bd:b7:7d:15:
b8:e9:02:db:a4:2d:5e:d6:7b:68:3c:9a:6e:42:5d:a7:4b:8c:
da:00:53:e8:e5:6d:1f:33:60:3d:db:e1:7d:91:6e:70:fd:46:
41:ea:d2:30:6f:14:c3:d1:7f:58:ad:a0:82:2c:69:d1:2e:5e:
d2:ad:ab:8b:7f:3c:2c:af:47:c9:28:26:14:7c:c9:f4:18:eb:
18:c3:39:a2:db:64:58:61:56:ab:c7:f6:b1:0d:1c:ea:b7:fc:
61:23:27:1b:94:28:5f:3b:ea:db:d1:1b:2b:5a:c3:6b:fa:c6:
02:3c:6f:3a:d3:f0:4d:13:34:21:4e:c3:d3:25:45:2a:ae:4a:
7d:82:b0:9e
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgIURLplxmc1n0yHuWlZohOLiinJb/cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjk1YjYwYmIwY2JiNGE1M2Q5NTQ1YmMyMGI3NzRmZmEw
MzZiNGE0NjAeFw0yNjA2MDQxMjE4MTlaFw0yNzA2MDMxMjIzMTlaMDMxMTAvBgNV
BAMTKDAyRUFBNjlCNTdEMTYyMTM0QzQyOEQ2MkM5NERDQzQ2MERCOTZCOUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2nbJ3GKqxGJhke8gH0qvMhhm8
GfheZjH/Pp6UsRFFgASwk6XqRX2v8KU3BFZDXOJNvp9fLwYxTRC1eWbRKzxS/w9F
zpRoEv0PU67IxvhKopCmksCyc5Gs2pOmzmSHpHk1FZr8AzYt1Bx6HairZF/L9ieO
hcZ5bvWlsvtr3uIq+OccRtqBHgr8/8X8aO2AnI9ktA7qbQUvuiaagegRZY/dEGsB
EtbYMM+scRVIj/2dzqg/Vap9v6bW1h//gS1YuNTyCXj+NctgbPJcoFzyy8iDo0Xd
+z5R4aAzYK+gEQmRifqLOBDOZhcYI1M1kXcN5dDPMEmwW2wixmxTgzpKw8j5AgMB
AAGjggI6MIICNjAdBgNVHQ4EFgQUAuqmm1fRYhNMQo1iyU3MRg25a5wwHwYDVR0j
BBgwFoAUKVtguwy7SlPZVFvCC3dP+gNrSkYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmFmNzNhOWMtMjA1OC00M2JiLTlhYzYtNWFiNDJkZmJm
NDA5LzUvMjk1QjYwQkIwQ0JCNEE1M0Q5NTQ1QkMyMEI3NzRGRkEwMzZCNEE0Ni5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0tWdGd1d3k3U2xQWlZGdkNDM2RQLWdO
clNrWS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmFmNzNhOWMt
MjA1OC00M2JiLTlhYzYtNWFiNDJkZmJmNDA5LzUvMzI2MTMwMzEzYTYyMzQzMDNh
M2EyZjMyMzkyZDM0MzgyMDNkM2UyMDM0MzgzNzMwMzAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQMqAQtA
MA0GCSqGSIb3DQEBCwUAA4IBAQBE7lx0ZAuC/zajSKPNXyNB5PFba1FcHK2oC9Gb
0et75B2VjLY2wSggledXCgQ5Uon2tU4xbDjLhyXVhAkwXQUWDQrdHyCrevR31aSI
gVdbPebKCCYOjzArJUNadd+pgaOzIYsAY32UCsQ93tNkKnJwEHdgGqyvENRzP723
fRW46QLbpC1e1ntoPJpuQl2nS4zaAFPo5W0fM2A92+F9kW5w/UZB6tIwbxTD0X9Y
raCCLGnRLl7SrauLfzwsr0fJKCYUfMn0GOsYwzmi22RYYVarx/axDRzqt/xhIycb
lChfO+rb0RsrWsNr+sYCPG860/BNEzQhTsPTJUUqrkp9grCe
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:02:34 2026 by rpki-client