Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/326131333a646130313a3a2f33322d3332203d3e20323134393637.roa
File: 326131333a646130313a3a2f33322d3332203d3e20323134393637.roa (raw, json)
Hash identifier: h+2AnEvh4aG7gOBRETVZO5ExBSI+bmaVuuXvVVF7vHs=
Subject key identifier: FD:29:A3:61:47:D3:05:11:82:82:4E:7F:4D:B7:E0:F4:0D:78:63:EB
Certificate issuer: /CN=ff426f19ba67bc89de5ae6df487c1c8c1e752e27
Certificate serial: 5E091BDC3212C764FFB8738C12320D100064502F
Authority key identifier: FF:42:6F:19:BA:67:BC:89:DE:5A:E6:DF:48:7C:1C:8C:1E:75:2E:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_0JvGbpnvIneWubfSHwcjB51Lic.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/326131333a646130313a3a2f33322d3332203d3e20323134393637.roa
Signing time: Mon 09 Feb 2026 18:55:37 +0000
ROA not before: Mon 09 Feb 2026 18:50:37 +0000
ROA not after: Mon 08 Feb 2027 18:55:37 +0000
asID: 214967
IP address blocks: 2a13:da01::/32 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/FF426F19BA67BC89DE5AE6DF487C1C8C1E752E27.crl
rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/FF426F19BA67BC89DE5AE6DF487C1C8C1E752E27.mft
rsync://rpki.ripe.net/repository/DEFAULT/_0JvGbpnvIneWubfSHwcjB51Lic.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:09:1b:dc:32:12:c7:64:ff:b8:73:8c:12:32:0d:10:00:64:50:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff426f19ba67bc89de5ae6df487c1c8c1e752e27
Validity
Not Before: Feb 9 18:50:37 2026 GMT
Not After : Feb 8 18:55:37 2027 GMT
Subject: CN=FD29A36147D3051182824E7F4DB7E0F40D7863EB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:53:ad:31:24:27:22:45:f8:0c:9e:01:4e:3f:
97:9c:58:0e:00:3d:22:12:bd:db:77:f7:66:b1:6b:
90:12:40:b3:ad:61:58:b3:9b:e5:6b:78:47:cd:dd:
6b:61:d7:86:f5:f1:bf:76:cc:52:9d:56:78:6d:f4:
e0:c0:a1:af:bc:8d:82:22:55:12:ed:8b:60:9b:c1:
e7:b0:b4:56:71:79:33:95:bb:70:58:33:03:06:f4:
e5:b4:e9:99:ed:fa:c4:9a:1d:d0:4c:85:da:61:1d:
ba:a5:a3:52:f0:52:82:62:29:9b:3d:ed:b1:6e:ff:
25:4d:26:56:3a:76:06:31:7a:ef:2c:e1:a9:86:25:
1b:8a:1d:cc:d6:de:52:50:e1:22:de:18:47:38:a0:
a3:01:05:66:36:80:4d:f4:e0:13:08:4f:4f:3f:2c:
24:98:c2:67:67:6a:7d:06:c5:e2:e6:d7:f3:e2:d6:
ab:35:de:3b:4e:6c:a3:39:d0:b2:c7:ec:e0:5c:64:
d1:85:61:5f:3a:f0:fa:d7:9f:11:64:0e:01:5a:e8:
e9:0c:65:68:7b:13:8a:88:fc:01:3c:ae:d3:9a:f8:
14:7a:e4:f1:09:cc:4f:9a:a6:33:ea:8d:7c:72:bb:
1f:14:e8:94:01:b1:7c:4b:d1:6f:29:2f:55:e3:9b:
c3:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:29:A3:61:47:D3:05:11:82:82:4E:7F:4D:B7:E0:F4:0D:78:63:EB
X509v3 Authority Key Identifier:
keyid:FF:42:6F:19:BA:67:BC:89:DE:5A:E6:DF:48:7C:1C:8C:1E:75:2E:27
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/FF426F19BA67BC89DE5AE6DF487C1C8C1E752E27.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_0JvGbpnvIneWubfSHwcjB51Lic.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/326131333a646130313a3a2f33322d3332203d3e20323134393637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:da01::/32
Signature Algorithm: sha256WithRSAEncryption
11:e2:c9:0d:db:04:0e:45:cb:52:28:4e:11:3d:ae:8f:0e:94:
87:3a:9c:86:52:19:df:3f:2d:f1:c1:08:05:e8:44:a1:04:8c:
f0:89:1c:9f:d4:b9:73:b9:da:d1:99:1f:35:5b:3b:c6:52:38:
46:d5:3d:25:12:b7:b0:a2:be:47:58:83:ed:a0:6d:c5:6b:a1:
05:4e:cc:07:f2:46:67:6a:be:b5:b4:23:d8:13:8e:33:e8:aa:
ad:53:a3:e4:bc:f7:df:11:1a:b2:40:35:a5:f5:5e:c5:b9:d4:
90:09:24:87:9d:47:52:86:a6:ec:17:86:08:68:64:01:28:2d:
af:ef:8b:5b:d4:a8:b1:ad:bd:b0:bb:63:e0:b1:f2:e2:9e:9a:
41:5e:d0:26:5b:26:17:f9:ea:f0:02:61:d9:72:4a:e3:58:7f:
2f:bc:85:c5:b0:00:71:b4:20:63:04:86:c7:67:03:a5:44:62:
37:8a:72:bf:d3:e8:d0:9a:3c:31:ed:37:07:04:d7:f2:12:1f:
54:fe:e6:23:37:f3:9b:20:bc:87:b3:8c:86:99:8c:09:5e:ec:
88:b1:86:1a:21:b8:83:8d:8e:a6:0a:85:02:d0:ba:a5:b6:0a:
74:3c:4c:d8:a6:01:ea:90:09:7c:bf:74:bc:a5:03:f2:61:3f:
83:7a:c7:6c
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIUXgkb3DISx2T/uHOMEjINEABkUC8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZmY0MjZmMTliYTY3YmM4OWRlNWFlNmRmNDg3YzFjOGMx
ZTc1MmUyNzAeFw0yNjAyMDkxODUwMzdaFw0yNzAyMDgxODU1MzdaMDMxMTAvBgNV
BAMTKEZEMjlBMzYxNDdEMzA1MTE4MjgyNEU3RjREQjdFMEY0MEQ3ODYzRUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrU60xJCciRfgMngFOP5ecWA4A
PSISvdt392axa5ASQLOtYVizm+VreEfN3Wth14b18b92zFKdVnht9ODAoa+8jYIi
VRLti2CbweewtFZxeTOVu3BYMwMG9OW06Znt+sSaHdBMhdphHbqlo1LwUoJiKZs9
7bFu/yVNJlY6dgYxeu8s4amGJRuKHczW3lJQ4SLeGEc4oKMBBWY2gE304BMIT08/
LCSYwmdnan0GxeLm1/Pi1qs13jtObKM50LLH7OBcZNGFYV868PrXnxFkDgFa6OkM
ZWh7E4qI/AE8rtOa+BR65PEJzE+apjPqjXxyux8U6JQBsXxL0W8pL1Xjm8OfAgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQU/SmjYUfTBRGCgk5/Tbfg9A14Y+swHwYDVR0j
BBgwFoAU/0JvGbpnvIneWubfSHwcjB51LicwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNDY4YjA4MWUtYmE5My00NjVmLTliNmUtN2ZiZDYzYmRm
ZjYzLzAvRkY0MjZGMTlCQTY3QkM4OURFNUFFNkRGNDg3QzFDOEMxRTc1MkUyNy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL18wSnZHYnBudkluZVd1YmZTSHdjakI1
MUxpYy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNDY4YjA4MWUt
YmE5My00NjVmLTliNmUtN2ZiZDYzYmRmZjYzLzAvMzI2MTMxMzMzYTY0NjEzMDMx
M2EzYTJmMzMzMjJkMzMzMjIwM2QzZTIwMzIzMTM0MzkzNjM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUA
KhPaATANBgkqhkiG9w0BAQsFAAOCAQEAEeLJDdsEDkXLUihOET2ujw6UhzqchlIZ
3z8t8cEIBehEoQSM8Ikcn9S5c7na0ZkfNVs7xlI4RtU9JRK3sKK+R1iD7aBtxWuh
BU7MB/JGZ2q+tbQj2BOOM+iqrVOj5Lz33xEaskA1pfVexbnUkAkkh51HUoam7BeG
CGhkASgtr++LW9Sosa29sLtj4LHy4p6aQV7QJlsmF/nq8AJh2XJK41h/L7yFxbAA
cbQgYwSGx2cDpURiN4pyv9Po0Jo8Me03BwTX8hIfVP7mIzfzmyC8h7OMhpmMCV7s
iLGGGiG4g42OpgqFAtC6pbYKdDxM2KYB6pAJfL90vKUD8mE/g3rHbA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 13:53:15 2026 by rpki-client