Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/326130653a666434353a326636303a3a2f34382d3438203d3e20323037313038.roa
File: 326130653a666434353a326636303a3a2f34382d3438203d3e20323037313038.roa (raw, json)
Hash identifier: fin/tsFszyHjwEDVRVOEznFkN6ILbbdEP80VJIaXRto=
Subject key identifier: 77:59:81:E5:1D:49:95:49:B2:8D:0B:B5:89:B8:F2:77:97:1B:F9:4F
Certificate issuer: /CN=7f216f49a3b9a84a0e85e80a2c42874f09ea3985
Certificate serial: 4C2557D091641ECFF25C8377E40A8E79E89BFD79
Authority key identifier: 7F:21:6F:49:A3:B9:A8:4A:0E:85:E8:0A:2C:42:87:4F:09:EA:39:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fyFvSaO5qEoOhegKLEKHTwnqOYU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/326130653a666434353a326636303a3a2f34382d3438203d3e20323037313038.roa
Signing time: Fri 20 Feb 2026 08:49:14 +0000
ROA not before: Fri 20 Feb 2026 08:44:14 +0000
ROA not after: Fri 19 Feb 2027 08:49:14 +0000
asID: 207108
IP address blocks: 2a0e:fd45:2f60::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.crl
rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.mft
rsync://rpki.ripe.net/repository/DEFAULT/fyFvSaO5qEoOhegKLEKHTwnqOYU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 07:08:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:25:57:d0:91:64:1e:cf:f2:5c:83:77:e4:0a:8e:79:e8:9b:fd:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7f216f49a3b9a84a0e85e80a2c42874f09ea3985
Validity
Not Before: Feb 20 08:44:14 2026 GMT
Not After : Feb 19 08:49:14 2027 GMT
Subject: CN=775981E51D499549B28D0BB589B8F277971BF94F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:46:44:68:49:b1:c7:30:f6:4c:fc:c7:36:1a:
e9:e6:0c:44:d6:a5:9f:c9:d4:b7:d8:a8:64:41:fa:
6a:3f:57:bc:75:a8:02:86:3a:ff:ef:fd:af:1b:5f:
d9:ee:93:de:e1:c4:c5:23:d2:fe:82:38:30:37:a9:
82:b0:fd:3e:8a:71:26:67:bc:88:5b:e1:6e:84:d8:
38:65:5c:21:c4:d0:3d:82:6d:c0:1c:b1:5e:bb:2f:
f9:c3:72:c3:ea:57:ca:f1:ec:04:fb:32:09:27:49:
5c:c2:ba:20:e6:db:97:7e:6d:52:1f:e1:07:fa:b8:
7f:a9:b8:cb:04:29:4c:fa:85:d4:4a:04:31:80:9f:
4b:6d:35:88:69:35:e3:9b:ed:5f:f1:69:d5:70:56:
5e:b9:4a:68:1e:f7:e8:76:42:bc:f1:a7:9b:d1:d1:
03:de:4b:d0:17:9e:fa:50:2e:35:bc:54:93:be:1e:
44:ec:50:30:34:50:91:4f:38:19:a9:44:76:1a:1a:
1d:40:f5:05:9d:41:8e:16:67:2b:81:06:15:fe:ed:
9b:24:02:0d:0c:8a:67:2f:03:6d:2c:b3:e5:48:cb:
f0:e4:8b:24:fc:1c:6d:52:2f:2a:7e:3d:ff:eb:df:
69:c6:7c:1a:d9:09:dd:e6:d5:94:c6:a2:f4:3c:a2:
ec:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:59:81:E5:1D:49:95:49:B2:8D:0B:B5:89:B8:F2:77:97:1B:F9:4F
X509v3 Authority Key Identifier:
keyid:7F:21:6F:49:A3:B9:A8:4A:0E:85:E8:0A:2C:42:87:4F:09:EA:39:85
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fyFvSaO5qEoOhegKLEKHTwnqOYU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/326130653a666434353a326636303a3a2f34382d3438203d3e20323037313038.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:fd45:2f60::/48
Signature Algorithm: sha256WithRSAEncryption
1b:9d:05:8c:c7:16:82:29:e3:0e:21:b8:c0:4f:22:54:05:46:
c2:e0:58:92:3b:e1:20:52:04:1d:c1:b0:1f:1e:99:80:57:c0:
65:85:83:4b:55:d3:ae:bb:0b:5e:ee:12:a0:1b:14:da:37:a3:
d5:76:bd:b4:82:fb:e7:ce:42:42:dc:57:bd:16:2c:56:cd:6c:
7b:21:ee:98:ac:25:52:aa:a6:85:2b:c6:dd:00:45:12:6b:a3:
46:61:99:e8:59:43:1a:76:9e:22:8d:aa:27:bc:e3:84:9c:24:
41:32:d3:6e:0f:79:41:6a:9f:19:d6:b8:26:35:d9:e1:07:e1:
2c:87:8c:5f:01:57:0a:a1:4a:a9:fc:b8:fc:0f:29:de:41:50:
7b:78:4c:b8:65:90:e9:d1:8f:cd:39:16:81:4b:11:4d:6c:cb:
b7:6a:bc:69:d5:16:a3:da:7b:f9:58:78:7e:25:84:41:f3:e1:
01:f1:5f:f1:95:8d:a5:f2:2e:32:74:03:ee:fe:f3:ca:80:64:
a3:b5:fa:3a:a4:15:78:67:df:3d:8e:41:39:9f:2a:0d:5f:24:
08:48:47:5c:25:31:a1:e9:be:cf:4d:a6:ab:cf:22:16:11:3a:
66:3e:09:f3:30:9c:e0:ec:b1:ef:b8:4a:e0:75:8d:35:f2:e0:
d4:4f:a2:a4
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUTCVX0JFkHs/yXIN35AqOeeib/XkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2YyMTZmNDlhM2I5YTg0YTBlODVlODBhMmM0Mjg3NGYw
OWVhMzk4NTAeFw0yNjAyMjAwODQ0MTRaFw0yNzAyMTkwODQ5MTRaMDMxMTAvBgNV
BAMTKDc3NTk4MUU1MUQ0OTk1NDlCMjhEMEJCNTg5QjhGMjc3OTcxQkY5NEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0RkRoSbHHMPZM/Mc2GunmDETW
pZ/J1LfYqGRB+mo/V7x1qAKGOv/v/a8bX9nuk97hxMUj0v6CODA3qYKw/T6KcSZn
vIhb4W6E2DhlXCHE0D2CbcAcsV67L/nDcsPqV8rx7AT7MgknSVzCuiDm25d+bVIf
4Qf6uH+puMsEKUz6hdRKBDGAn0ttNYhpNeOb7V/xadVwVl65Smge9+h2Qrzxp5vR
0QPeS9AXnvpQLjW8VJO+HkTsUDA0UJFPOBmpRHYaGh1A9QWdQY4WZyuBBhX+7Zsk
Ag0MimcvA20ss+VIy/DkiyT8HG1SLyp+Pf/r32nGfBrZCd3m1ZTGovQ8oux9AgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUd1mB5R1JlUmyjQu1ibjyd5cb+U8wHwYDVR0j
BBgwFoAUfyFvSaO5qEoOhegKLEKHTwnqOYUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmRmYjMwY2EtZTFjMi00OTIxLWIwNTQtZDRhZjA5MTY1
YWYxLzAvN0YyMTZGNDlBM0I5QTg0QTBFODVFODBBMkM0Mjg3NEYwOUVBMzk4NS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Z5RnZTYU81cUVvT2hlZ0tMRUtIVHdu
cU9ZVS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmRmYjMwY2Et
ZTFjMi00OTIxLWIwNTQtZDRhZjA5MTY1YWYxLzAvMzI2MTMwNjUzYTY2NjQzNDM1
M2EzMjY2MzYzMDNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAzNzMxMzAzOC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoO/UUvYDANBgkqhkiG9w0BAQsFAAOCAQEAG50FjMcWginjDiG4
wE8iVAVGwuBYkjvhIFIEHcGwHx6ZgFfAZYWDS1XTrrsLXu4SoBsU2jej1Xa9tIL7
585CQtxXvRYsVs1seyHumKwlUqqmhSvG3QBFEmujRmGZ6FlDGnaeIo2qJ7zjhJwk
QTLTbg95QWqfGda4JjXZ4QfhLIeMXwFXCqFKqfy4/A8p3kFQe3hMuGWQ6dGPzTkW
gUsRTWzLt2q8adUWo9p7+Vh4fiWEQfPhAfFf8ZWNpfIuMnQD7v7zyoBko7X6OqQV
eGffPY5BOZ8qDV8kCEhHXCUxoem+z02mq88iFhE6Zj4J8zCc4Oyx77hK4HWNNfLg
1E+ipA==
-----END CERTIFICATE-----
Generated at Sun Mar 1 22:53:15 2026 by rpki-client