Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/326130393a626534303a323830303a3a2f34302d3438203d3e20323133313730.roa
File: 326130393a626534303a323830303a3a2f34302d3438203d3e20323133313730.roa (raw, json)
Hash identifier: 5klqSoppwsu6NOWd6DdkFO/NkJ4F93qo8ByoAVMNmBw=
Subject key identifier: E7:15:FA:11:D9:7A:F4:6B:5E:24:07:EF:F0:5C:4D:C4:CE:03:AD:35
Certificate issuer: /CN=7f216f49a3b9a84a0e85e80a2c42874f09ea3985
Certificate serial: 0D88A068F2E8F4B2BEDC578221F4D74E6BA4F052
Authority key identifier: 7F:21:6F:49:A3:B9:A8:4A:0E:85:E8:0A:2C:42:87:4F:09:EA:39:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fyFvSaO5qEoOhegKLEKHTwnqOYU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/326130393a626534303a323830303a3a2f34302d3438203d3e20323133313730.roa
Signing time: Thu 05 Feb 2026 23:39:34 +0000
ROA not before: Thu 05 Feb 2026 23:34:34 +0000
ROA not after: Thu 04 Feb 2027 23:39:34 +0000
asID: 213170
IP address blocks: 2a09:be40:2800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.crl
rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.mft
rsync://rpki.ripe.net/repository/DEFAULT/fyFvSaO5qEoOhegKLEKHTwnqOYU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 07:08:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:88:a0:68:f2:e8:f4:b2:be:dc:57:82:21:f4:d7:4e:6b:a4:f0:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7f216f49a3b9a84a0e85e80a2c42874f09ea3985
Validity
Not Before: Feb 5 23:34:34 2026 GMT
Not After : Feb 4 23:39:34 2027 GMT
Subject: CN=E715FA11D97AF46B5E2407EFF05C4DC4CE03AD35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:7c:cc:c7:81:d0:fc:98:c4:71:1d:08:d8:4a:
d3:52:97:21:1d:7c:03:94:ef:a2:e5:9c:1d:d6:ec:
fb:90:a7:c5:10:00:33:50:a4:bb:3b:10:37:8c:e3:
4e:f3:f5:ff:4a:4e:96:c8:36:8f:b7:a9:5d:5e:00:
43:de:38:62:90:d3:5e:6d:b0:31:ca:14:5c:c5:37:
fb:59:ba:ce:6d:9f:31:c4:bb:64:3c:88:1d:75:34:
81:fa:5c:26:1f:41:09:13:43:50:5c:66:09:0f:09:
46:ea:1d:fc:19:8f:ae:4b:11:17:ec:c5:4c:b4:12:
1f:e4:c0:83:df:41:bf:b1:0c:58:dd:db:39:0b:6a:
71:00:27:f5:da:5a:38:9c:d0:9b:da:1b:16:fc:8c:
9d:3c:f6:ef:d0:88:a0:29:e2:45:fb:2c:99:72:de:
12:db:d8:12:c7:16:11:aa:21:fd:22:f9:c8:65:8a:
96:3e:ee:d2:24:31:1c:6c:ab:9a:9a:cc:aa:1f:ee:
6a:27:65:6f:47:de:cb:2a:57:f7:52:cb:5b:0c:6b:
a9:69:12:50:28:b7:d7:a6:1f:96:1a:8a:bb:45:60:
f6:38:87:ff:63:44:c4:09:79:8c:11:14:e2:33:48:
e0:ff:80:bc:68:d4:8c:7a:ab:6c:6a:8f:67:4b:57:
28:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:15:FA:11:D9:7A:F4:6B:5E:24:07:EF:F0:5C:4D:C4:CE:03:AD:35
X509v3 Authority Key Identifier:
keyid:7F:21:6F:49:A3:B9:A8:4A:0E:85:E8:0A:2C:42:87:4F:09:EA:39:85
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fyFvSaO5qEoOhegKLEKHTwnqOYU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/326130393a626534303a323830303a3a2f34302d3438203d3e20323133313730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:be40:2800::/40
Signature Algorithm: sha256WithRSAEncryption
2f:1f:25:c3:f8:24:df:76:1a:1f:6b:77:d5:38:0a:d5:84:4d:
a6:d8:dd:c8:74:cc:ac:f1:bc:e5:3b:d4:76:3f:95:b2:03:59:
55:1a:c3:4e:71:2a:96:73:27:e5:4d:2b:c9:1e:2d:30:20:a0:
3f:44:16:37:0b:e1:74:ce:ac:b8:e3:2f:6c:42:60:f4:91:93:
69:b7:f0:e7:11:78:6f:be:73:d5:35:76:af:e8:03:36:c6:0f:
2b:bc:3f:69:6a:0b:08:52:22:76:ff:d4:3d:00:bd:ec:a7:ab:
93:e9:5e:e7:0f:94:6e:a8:95:a7:e3:68:5e:85:85:34:40:91:
91:10:01:b2:85:74:21:24:1c:68:ba:69:b5:f5:8f:17:26:24:
19:6b:70:27:88:c5:1e:7d:ce:ba:8d:46:dd:5c:bb:89:d7:db:
84:61:b2:e8:6c:11:0d:3c:7b:e9:79:bb:d1:d8:5e:6b:5a:f9:
87:e4:85:36:18:e1:5a:68:6b:e5:ed:4d:8f:6f:e0:ff:34:f3:
91:76:08:04:11:d8:de:05:4d:34:2a:fc:d6:2f:ad:2e:86:b9:
d1:d9:13:62:83:e6:12:57:67:80:c9:ea:a8:98:0b:61:c9:ce:
93:87:66:ee:4b:cc:de:1b:cc:44:ae:54:4e:04:ec:aa:1b:87:
58:0b:c9:dd
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIUDYigaPLo9LK+3FeCIfTXTmuk8FIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2YyMTZmNDlhM2I5YTg0YTBlODVlODBhMmM0Mjg3NGYw
OWVhMzk4NTAeFw0yNjAyMDUyMzM0MzRaFw0yNzAyMDQyMzM5MzRaMDMxMTAvBgNV
BAMTKEU3MTVGQTExRDk3QUY0NkI1RTI0MDdFRkYwNUM0REM0Q0UwM0FEMzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYfMzHgdD8mMRxHQjYStNSlyEd
fAOU76LlnB3W7PuQp8UQADNQpLs7EDeM407z9f9KTpbINo+3qV1eAEPeOGKQ015t
sDHKFFzFN/tZus5tnzHEu2Q8iB11NIH6XCYfQQkTQ1BcZgkPCUbqHfwZj65LERfs
xUy0Eh/kwIPfQb+xDFjd2zkLanEAJ/XaWjic0JvaGxb8jJ089u/QiKAp4kX7LJly
3hLb2BLHFhGqIf0i+chlipY+7tIkMRxsq5qazKof7monZW9H3ssqV/dSy1sMa6lp
ElAot9emH5YairtFYPY4h/9jRMQJeYwRFOIzSOD/gLxo1Ix6q2xqj2dLVyjTAgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQU5xX6Edl69GteJAfv8FxNxM4DrTUwHwYDVR0j
BBgwFoAUfyFvSaO5qEoOhegKLEKHTwnqOYUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmRmYjMwY2EtZTFjMi00OTIxLWIwNTQtZDRhZjA5MTY1
YWYxLzAvN0YyMTZGNDlBM0I5QTg0QTBFODVFODBBMkM0Mjg3NEYwOUVBMzk4NS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Z5RnZTYU81cUVvT2hlZ0tMRUtIVHdu
cU9ZVS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmRmYjMwY2Et
ZTFjMi00OTIxLWIwNTQtZDRhZjA5MTY1YWYxLzAvMzI2MTMwMzkzYTYyNjUzNDMw
M2EzMjM4MzAzMDNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDMyMzEzMzMxMzczMC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw
DgQCAAIwCAMGACoJvkAoMA0GCSqGSIb3DQEBCwUAA4IBAQAvHyXD+CTfdhofa3fV
OArVhE2m2N3IdMys8bzlO9R2P5WyA1lVGsNOcSqWcyflTSvJHi0wIKA/RBY3C+F0
zqy44y9sQmD0kZNpt/DnEXhvvnPVNXav6AM2xg8rvD9pagsIUiJ2/9Q9AL3sp6uT
6V7nD5RuqJWn42hehYU0QJGREAGyhXQhJBxoumm19Y8XJiQZa3AniMUefc66jUbd
XLuJ19uEYbLobBENPHvpebvR2F5rWvmH5IU2GOFaaGvl7U2Pb+D/NPORdggEEdje
BU00KvzWL60uhrnR2RNig+YSV2eAyeqomAthyc6Th2buS8zeG8xErlROBOyqG4dY
C8nd
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:16:27 2026 by rpki-client