Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/326130393a626534303a323830303a3a2f34302d3438203d3e20313939393530.roa
File: 326130393a626534303a323830303a3a2f34302d3438203d3e20313939393530.roa (raw, json)
Hash identifier: E/KKQIBIvXrHxntg1Xf36BIIDrbcHQG7BGnX7lqe1ts=
Subject key identifier: 17:E6:30:36:18:BA:3C:31:0F:5E:DB:EA:65:0F:A4:A9:5B:E5:17:65
Certificate issuer: /CN=7f216f49a3b9a84a0e85e80a2c42874f09ea3985
Certificate serial: 7F3CC65E2702A13E35DF105D71E5B46E6123A690
Authority key identifier: 7F:21:6F:49:A3:B9:A8:4A:0E:85:E8:0A:2C:42:87:4F:09:EA:39:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fyFvSaO5qEoOhegKLEKHTwnqOYU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/326130393a626534303a323830303a3a2f34302d3438203d3e20313939393530.roa
Signing time: Thu 05 Feb 2026 23:39:34 +0000
ROA not before: Thu 05 Feb 2026 23:34:34 +0000
ROA not after: Thu 04 Feb 2027 23:39:34 +0000
asID: 199950
IP address blocks: 2a09:be40:2800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.crl
rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.mft
rsync://rpki.ripe.net/repository/DEFAULT/fyFvSaO5qEoOhegKLEKHTwnqOYU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 07:08:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:3c:c6:5e:27:02:a1:3e:35:df:10:5d:71:e5:b4:6e:61:23:a6:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7f216f49a3b9a84a0e85e80a2c42874f09ea3985
Validity
Not Before: Feb 5 23:34:34 2026 GMT
Not After : Feb 4 23:39:34 2027 GMT
Subject: CN=17E6303618BA3C310F5EDBEA650FA4A95BE51765
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:9c:76:17:8c:d1:46:06:10:f2:a7:02:be:e8:
08:70:32:e2:55:ef:65:5e:f9:4b:34:9c:63:18:97:
b7:8d:9a:e9:e7:5d:62:f8:0a:e5:d1:d1:be:be:03:
99:7b:5d:0c:cd:cc:02:1c:53:c8:be:59:84:04:54:
dc:71:a0:db:3b:cd:38:80:db:c2:61:50:e0:06:55:
05:71:93:c8:74:06:9e:ef:75:42:81:b8:72:50:d2:
d5:9b:ac:f1:67:e2:8a:50:0f:10:c5:74:57:94:db:
8e:7d:21:1b:4c:d5:d1:d6:f2:3f:67:f4:58:15:ac:
c7:6a:5a:8b:69:da:4d:fb:7f:a2:87:f3:be:af:9d:
b5:3e:b7:d7:e9:7a:37:2a:bd:f0:b0:34:1b:60:41:
56:bd:5c:db:2b:fa:84:41:6f:b9:5a:11:69:9d:96:
02:18:2e:f2:9f:f7:c2:61:e8:5e:6b:87:67:47:79:
7d:70:5d:e0:f5:b3:70:d6:2f:33:f2:9a:35:37:2f:
ef:11:5d:ac:72:b4:73:3a:be:e1:a3:d3:b9:3a:29:
fd:91:34:ee:7d:1b:01:20:a7:e3:80:c6:fd:04:32:
01:ca:07:0d:c8:f2:70:3b:db:d7:fb:6a:28:88:cb:
e7:30:cb:38:52:3c:45:21:dc:cc:16:72:b2:6c:1a:
b4:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:E6:30:36:18:BA:3C:31:0F:5E:DB:EA:65:0F:A4:A9:5B:E5:17:65
X509v3 Authority Key Identifier:
keyid:7F:21:6F:49:A3:B9:A8:4A:0E:85:E8:0A:2C:42:87:4F:09:EA:39:85
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fyFvSaO5qEoOhegKLEKHTwnqOYU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/326130393a626534303a323830303a3a2f34302d3438203d3e20313939393530.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:be40:2800::/40
Signature Algorithm: sha256WithRSAEncryption
5e:cd:22:31:76:82:cf:0f:36:8e:e0:5f:15:fc:55:2a:aa:54:
aa:26:14:1c:27:54:7f:13:8d:cf:6e:8e:9c:e3:db:a3:57:25:
51:01:a6:57:c9:8a:34:5e:d6:37:37:09:d5:93:9a:83:16:5a:
1c:43:45:5c:36:ef:e9:9a:07:5a:51:19:22:ce:de:f3:ab:50:
64:bc:f4:f9:38:09:43:a1:1c:e4:45:08:42:1e:d5:ea:ca:29:
b6:8f:1d:ea:ae:b7:c9:b9:53:29:05:eb:59:3e:66:5f:3d:ff:
b8:f3:59:e4:9f:c1:f1:e0:02:ca:9c:99:ce:9a:ca:7b:6e:71:
45:8b:e8:3e:3f:5d:74:6b:00:69:52:2b:92:ca:8b:d5:df:b6:
74:b2:a3:ea:1a:51:9d:29:23:a2:cc:24:27:88:8f:3b:ec:06:
85:76:ea:3e:59:ba:9d:d7:77:5b:aa:89:9d:33:5d:ca:02:7a:
b3:65:4e:7a:94:aa:3b:42:fc:cb:e3:5d:99:d8:7d:6f:ad:91:
2e:d2:16:37:24:67:eb:f0:5d:61:b7:82:4d:5a:71:30:19:58:
84:b2:d9:a1:e1:56:b1:ef:19:85:fd:b2:6b:2d:c8:a7:93:3c:
38:0b:80:97:4e:06:d6:10:11:bd:57:13:64:8b:e9:09:ac:e9:
a9:11:38:14
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIUfzzGXicCoT413xBdceW0bmEjppAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2YyMTZmNDlhM2I5YTg0YTBlODVlODBhMmM0Mjg3NGYw
OWVhMzk4NTAeFw0yNjAyMDUyMzM0MzRaFw0yNzAyMDQyMzM5MzRaMDMxMTAvBgNV
BAMTKDE3RTYzMDM2MThCQTNDMzEwRjVFREJFQTY1MEZBNEE5NUJFNTE3NjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2nHYXjNFGBhDypwK+6AhwMuJV
72Ve+Us0nGMYl7eNmunnXWL4CuXR0b6+A5l7XQzNzAIcU8i+WYQEVNxxoNs7zTiA
28JhUOAGVQVxk8h0Bp7vdUKBuHJQ0tWbrPFn4opQDxDFdFeU2459IRtM1dHW8j9n
9FgVrMdqWotp2k37f6KH876vnbU+t9fpejcqvfCwNBtgQVa9XNsr+oRBb7laEWmd
lgIYLvKf98Jh6F5rh2dHeX1wXeD1s3DWLzPymjU3L+8RXaxytHM6vuGj07k6Kf2R
NO59GwEgp+OAxv0EMgHKBw3I8nA729f7aiiIy+cwyzhSPEUh3MwWcrJsGrTdAgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQUF+YwNhi6PDEPXtvqZQ+kqVvlF2UwHwYDVR0j
BBgwFoAUfyFvSaO5qEoOhegKLEKHTwnqOYUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmRmYjMwY2EtZTFjMi00OTIxLWIwNTQtZDRhZjA5MTY1
YWYxLzAvN0YyMTZGNDlBM0I5QTg0QTBFODVFODBBMkM0Mjg3NEYwOUVBMzk4NS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Z5RnZTYU81cUVvT2hlZ0tMRUtIVHdu
cU9ZVS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmRmYjMwY2Et
ZTFjMi00OTIxLWIwNTQtZDRhZjA5MTY1YWYxLzAvMzI2MTMwMzkzYTYyNjUzNDMw
M2EzMjM4MzAzMDNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDMxMzkzOTM5MzUzMC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw
DgQCAAIwCAMGACoJvkAoMA0GCSqGSIb3DQEBCwUAA4IBAQBezSIxdoLPDzaO4F8V
/FUqqlSqJhQcJ1R/E43Pbo6c49ujVyVRAaZXyYo0XtY3NwnVk5qDFlocQ0VcNu/p
mgdaURkizt7zq1BkvPT5OAlDoRzkRQhCHtXqyim2jx3qrrfJuVMpBetZPmZfPf+4
81nkn8Hx4ALKnJnOmsp7bnFFi+g+P110awBpUiuSyovV37Z0sqPqGlGdKSOizCQn
iI877AaFduo+Wbqd13dbqomdM13KAnqzZU56lKo7QvzL412Z2H1vrZEu0hY3JGfr
8F1ht4JNWnEwGViEstmh4Vax7xmF/bJrLcinkzw4C4CXTgbWEBG9VxNki+kJrOmp
ETgU
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:12:34 2026 by rpki-client