Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/326131333a646130323a3a2f33322d3332203d3e20323135343230.roa
File: 326131333a646130323a3a2f33322d3332203d3e20323135343230.roa (raw, json)
Hash identifier: xYbQlUPKxSQoHiHG8XgS+jBzfXDA0HmlH23UWrEEgRM=
Subject key identifier: 00:5F:66:02:79:18:CD:0D:55:06:45:CC:C0:67:D7:AF:12:03:0E:74
Certificate issuer: /CN=ff426f19ba67bc89de5ae6df487c1c8c1e752e27
Certificate serial: 105940DF31AA704ADE3EEC133D4E872D64CA2E16
Authority key identifier: FF:42:6F:19:BA:67:BC:89:DE:5A:E6:DF:48:7C:1C:8C:1E:75:2E:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_0JvGbpnvIneWubfSHwcjB51Lic.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/326131333a646130323a3a2f33322d3332203d3e20323135343230.roa
Signing time: Mon 09 Feb 2026 18:55:37 +0000
ROA not before: Mon 09 Feb 2026 18:50:37 +0000
ROA not after: Mon 08 Feb 2027 18:55:37 +0000
asID: 215420
IP address blocks: 2a13:da02::/32 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/FF426F19BA67BC89DE5AE6DF487C1C8C1E752E27.crl
rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/FF426F19BA67BC89DE5AE6DF487C1C8C1E752E27.mft
rsync://rpki.ripe.net/repository/DEFAULT/_0JvGbpnvIneWubfSHwcjB51Lic.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:59:40:df:31:aa:70:4a:de:3e:ec:13:3d:4e:87:2d:64:ca:2e:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff426f19ba67bc89de5ae6df487c1c8c1e752e27
Validity
Not Before: Feb 9 18:50:37 2026 GMT
Not After : Feb 8 18:55:37 2027 GMT
Subject: CN=005F66027918CD0D550645CCC067D7AF12030E74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:03:9f:21:e8:b7:cf:f2:40:28:2b:e9:d8:f7:
ed:03:0e:f2:25:a0:06:65:90:24:86:b6:a8:d4:b0:
22:b8:59:2e:af:41:d6:9d:e1:3b:4f:3a:de:43:b4:
e3:52:f8:59:44:b4:02:8a:6b:07:a5:2c:aa:f0:16:
9e:04:fa:ea:43:e2:ac:f9:d1:fc:31:4f:39:b0:51:
23:bc:d9:aa:76:d8:99:36:83:2b:84:4b:e6:c0:83:
ff:21:45:27:e5:8f:64:be:f8:fd:52:83:60:01:57:
07:a8:67:50:29:f4:35:ac:b2:2e:2a:6f:2e:a4:1f:
ef:01:5a:24:30:49:09:da:06:e9:67:04:f4:9b:fd:
55:66:ff:d2:74:3a:95:71:f1:0a:92:19:49:21:6f:
f3:28:28:c8:cf:41:56:62:c8:b3:8b:81:02:35:eb:
f2:a1:ce:30:6a:ed:04:25:ba:d3:e7:e6:cc:05:b6:
65:56:91:9a:82:0d:a4:2e:a6:01:c1:dd:d9:c3:e1:
55:56:33:23:0e:ad:a7:8e:f8:bc:f3:b8:0d:55:93:
e6:bd:4f:f7:a6:33:40:06:f1:9d:20:ef:53:47:cf:
cf:8c:1e:84:b8:38:b2:96:bd:03:79:e5:1b:bd:d5:
be:eb:22:93:18:97:d4:9b:4b:58:17:af:4e:54:d0:
5e:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:5F:66:02:79:18:CD:0D:55:06:45:CC:C0:67:D7:AF:12:03:0E:74
X509v3 Authority Key Identifier:
keyid:FF:42:6F:19:BA:67:BC:89:DE:5A:E6:DF:48:7C:1C:8C:1E:75:2E:27
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/FF426F19BA67BC89DE5AE6DF487C1C8C1E752E27.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_0JvGbpnvIneWubfSHwcjB51Lic.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/326131333a646130323a3a2f33322d3332203d3e20323135343230.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:da02::/32
Signature Algorithm: sha256WithRSAEncryption
45:34:13:6d:37:b7:a3:8c:8f:22:ff:8b:93:21:35:20:46:63:
87:b9:54:c7:58:91:23:dd:a0:e4:19:68:e3:8f:9f:b8:80:48:
5a:cf:7d:8c:eb:e5:64:6e:d9:8f:f2:e1:b7:fc:53:12:63:76:
ae:19:3d:ca:a8:25:7e:ff:9e:46:26:d9:11:df:80:6b:4c:db:
b3:35:cc:f0:c6:06:d5:d3:37:30:65:f7:77:44:0e:04:31:12:
e8:27:a3:fe:09:16:9a:b9:38:ae:a2:94:07:d4:0e:1e:92:b4:
04:89:ac:e9:a0:34:2f:11:30:21:48:c8:3e:e4:e8:cd:5a:b5:
65:a6:44:a0:21:e2:18:ef:65:4a:5e:ca:9c:71:bc:27:a0:a9:
66:48:a9:c6:d9:91:6c:5f:ad:5f:80:1b:7d:25:a3:eb:a4:20:
c0:9c:bd:98:08:cd:0f:77:e0:29:bd:dc:83:dd:3e:20:8e:38:
81:10:ab:7a:36:46:4d:6c:d8:64:cc:26:87:a2:85:1f:ff:21:
08:9f:46:24:41:12:26:55:31:8c:6b:6c:f4:0f:07:47:f3:26:
bf:7c:49:75:47:72:75:9b:52:a9:52:e6:b9:49:3a:cc:35:0d:
90:8c:41:14:95:27:39:93:45:9e:67:56:b8:03:d3:67:42:11:
79:c1:42:75
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIUEFlA3zGqcErePuwTPU6HLWTKLhYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZmY0MjZmMTliYTY3YmM4OWRlNWFlNmRmNDg3YzFjOGMx
ZTc1MmUyNzAeFw0yNjAyMDkxODUwMzdaFw0yNzAyMDgxODU1MzdaMDMxMTAvBgNV
BAMTKDAwNUY2NjAyNzkxOENEMEQ1NTA2NDVDQ0MwNjdEN0FGMTIwMzBFNzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYA58h6LfP8kAoK+nY9+0DDvIl
oAZlkCSGtqjUsCK4WS6vQdad4TtPOt5DtONS+FlEtAKKawelLKrwFp4E+upD4qz5
0fwxTzmwUSO82ap22Jk2gyuES+bAg/8hRSflj2S++P1Sg2ABVweoZ1Ap9DWssi4q
by6kH+8BWiQwSQnaBulnBPSb/VVm/9J0OpVx8QqSGUkhb/MoKMjPQVZiyLOLgQI1
6/KhzjBq7QQlutPn5swFtmVWkZqCDaQupgHB3dnD4VVWMyMOraeO+LzzuA1Vk+a9
T/emM0AG8Z0g71NHz8+MHoS4OLKWvQN55Ru91b7rIpMYl9SbS1gXr05U0F57AgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQUAF9mAnkYzQ1VBkXMwGfXrxIDDnQwHwYDVR0j
BBgwFoAU/0JvGbpnvIneWubfSHwcjB51LicwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNDY4YjA4MWUtYmE5My00NjVmLTliNmUtN2ZiZDYzYmRm
ZjYzLzAvRkY0MjZGMTlCQTY3QkM4OURFNUFFNkRGNDg3QzFDOEMxRTc1MkUyNy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL18wSnZHYnBudkluZVd1YmZTSHdjakI1
MUxpYy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNDY4YjA4MWUt
YmE5My00NjVmLTliNmUtN2ZiZDYzYmRmZjYzLzAvMzI2MTMxMzMzYTY0NjEzMDMy
M2EzYTJmMzMzMjJkMzMzMjIwM2QzZTIwMzIzMTM1MzQzMjMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUA
KhPaAjANBgkqhkiG9w0BAQsFAAOCAQEARTQTbTe3o4yPIv+LkyE1IEZjh7lUx1iR
I92g5Blo44+fuIBIWs99jOvlZG7Zj/Lht/xTEmN2rhk9yqglfv+eRibZEd+Aa0zb
szXM8MYG1dM3MGX3d0QOBDES6Cej/gkWmrk4rqKUB9QOHpK0BIms6aA0LxEwIUjI
PuTozVq1ZaZEoCHiGO9lSl7KnHG8J6CpZkipxtmRbF+tX4AbfSWj66QgwJy9mAjN
D3fgKb3cg90+II44gRCrejZGTWzYZMwmh6KFH/8hCJ9GJEESJlUxjGts9A8HR/Mm
v3xJdUdydZtSqVLmuUk6zDUNkIxBFJUnOZNFnmdWuAPTZ0IRecFCdQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 13:37:54 2026 by rpki-client