Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/326131333a646130343a3a2f33322d3332203d3e20323135333130.roa
File: 326131333a646130343a3a2f33322d3332203d3e20323135333130.roa (raw, json)
Hash identifier: ay+VpJAxhcK2h7cjcp2jQIWeYB+U5olryyBn7tyJvVg=
Subject key identifier: 44:12:70:1B:3A:2D:4E:EE:90:84:C7:28:38:69:D5:62:75:9E:5F:1C
Certificate issuer: /CN=ff426f19ba67bc89de5ae6df487c1c8c1e752e27
Certificate serial: 56A109A40A649D7A80DD672B5355C91B899084C2
Authority key identifier: FF:42:6F:19:BA:67:BC:89:DE:5A:E6:DF:48:7C:1C:8C:1E:75:2E:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_0JvGbpnvIneWubfSHwcjB51Lic.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/326131333a646130343a3a2f33322d3332203d3e20323135333130.roa
Signing time: Mon 09 Feb 2026 18:55:37 +0000
ROA not before: Mon 09 Feb 2026 18:50:37 +0000
ROA not after: Mon 08 Feb 2027 18:55:37 +0000
asID: 215310
IP address blocks: 2a13:da04::/32 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/FF426F19BA67BC89DE5AE6DF487C1C8C1E752E27.crl
rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/FF426F19BA67BC89DE5AE6DF487C1C8C1E752E27.mft
rsync://rpki.ripe.net/repository/DEFAULT/_0JvGbpnvIneWubfSHwcjB51Lic.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:26:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:a1:09:a4:0a:64:9d:7a:80:dd:67:2b:53:55:c9:1b:89:90:84:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff426f19ba67bc89de5ae6df487c1c8c1e752e27
Validity
Not Before: Feb 9 18:50:37 2026 GMT
Not After : Feb 8 18:55:37 2027 GMT
Subject: CN=4412701B3A2D4EEE9084C7283869D562759E5F1C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:ab:49:d5:40:b6:33:bb:4e:b6:d2:9b:c5:d0:
db:fa:ed:fd:4c:dc:02:32:e4:3a:6d:63:69:21:23:
bb:48:8f:6d:1b:e0:51:c3:07:e5:30:0d:62:bb:dd:
0f:67:a5:c2:b7:bc:29:79:2e:57:86:6e:eb:3a:a6:
76:0a:42:c3:22:11:8e:67:08:f5:c5:a5:71:b8:c7:
a9:20:8e:09:8d:38:bd:9a:c0:26:31:81:f5:f4:90:
fd:60:3c:85:a8:05:a5:bf:f7:f4:67:e3:c4:8f:4c:
a1:c8:2b:a5:fb:76:cf:3e:51:99:ea:9b:26:5e:f7:
3f:62:f1:88:29:41:31:e6:0b:d4:a7:a4:f9:32:5c:
28:ae:d3:be:b5:71:52:93:8c:97:22:78:f3:ce:ca:
dc:4c:a8:58:05:52:a3:95:c7:cd:7e:f4:cb:f5:25:
35:2a:cf:4c:17:69:87:36:fa:6d:1c:f4:20:bf:35:
f3:8e:11:56:17:57:6b:21:fe:10:02:c6:45:22:96:
f2:06:ad:2b:c1:7f:40:c0:57:ab:4c:ba:2d:c3:b8:
98:64:97:a5:03:7d:be:02:4e:7b:b0:a7:2a:14:bc:
35:9b:c0:23:09:9e:ac:1d:70:6e:56:c5:f7:06:70:
da:07:f6:01:ed:05:87:bf:bd:8a:8c:6c:80:a3:a2:
13:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:12:70:1B:3A:2D:4E:EE:90:84:C7:28:38:69:D5:62:75:9E:5F:1C
X509v3 Authority Key Identifier:
keyid:FF:42:6F:19:BA:67:BC:89:DE:5A:E6:DF:48:7C:1C:8C:1E:75:2E:27
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/FF426F19BA67BC89DE5AE6DF487C1C8C1E752E27.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_0JvGbpnvIneWubfSHwcjB51Lic.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/326131333a646130343a3a2f33322d3332203d3e20323135333130.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:da04::/32
Signature Algorithm: sha256WithRSAEncryption
0f:f3:50:82:6a:9a:de:c2:0e:1b:45:6e:73:43:25:b4:62:0a:
05:8b:b9:82:21:b1:a6:30:1a:ca:dc:fa:c3:f1:a9:a7:e5:ec:
d0:f5:33:f0:a6:cd:7f:c7:ee:f4:6a:fa:98:2c:8b:78:42:f1:
3e:3f:18:0c:6f:79:62:c7:aa:20:5f:ff:00:06:32:01:91:a4:
f3:66:35:94:f6:4b:a4:72:35:0e:6c:33:63:49:e6:70:26:de:
48:6e:4b:f9:dd:a6:23:61:f3:8e:3b:98:b6:ca:de:11:97:2a:
f5:e6:c9:14:43:a0:42:79:c9:9a:eb:a6:64:c1:a3:2d:00:53:
fd:89:ff:60:9f:7b:65:0d:3b:b2:ca:7c:f3:9f:2b:15:af:fb:
88:f9:1e:8d:0b:ad:db:4a:15:60:eb:75:ba:c5:8b:44:b3:79:
16:cf:8a:ef:25:4c:36:96:e4:df:cc:3a:96:a3:77:b4:68:43:
74:a8:3c:88:e7:ea:e5:f3:81:17:2c:87:f9:e2:f0:15:0f:42:
c0:e5:41:0f:21:84:e9:27:70:22:f4:f8:60:1a:c5:8c:8e:e5:
f0:54:fe:03:0e:5f:59:d2:42:cf:03:f4:6c:27:a4:1f:b1:21:
83:ec:e6:37:b1:d0:58:f2:4d:f9:5e:47:93:c6:a5:37:9f:67:
fe:88:71:e9
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIUVqEJpApknXqA3WcrU1XJG4mQhMIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZmY0MjZmMTliYTY3YmM4OWRlNWFlNmRmNDg3YzFjOGMx
ZTc1MmUyNzAeFw0yNjAyMDkxODUwMzdaFw0yNzAyMDgxODU1MzdaMDMxMTAvBgNV
BAMTKDQ0MTI3MDFCM0EyRDRFRUU5MDg0QzcyODM4NjlENTYyNzU5RTVGMUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCOq0nVQLYzu0620pvF0Nv67f1M
3AIy5DptY2khI7tIj20b4FHDB+UwDWK73Q9npcK3vCl5LleGbus6pnYKQsMiEY5n
CPXFpXG4x6kgjgmNOL2awCYxgfX0kP1gPIWoBaW/9/Rn48SPTKHIK6X7ds8+UZnq
myZe9z9i8YgpQTHmC9SnpPkyXCiu0761cVKTjJciePPOytxMqFgFUqOVx81+9Mv1
JTUqz0wXaYc2+m0c9CC/NfOOEVYXV2sh/hACxkUilvIGrSvBf0DAV6tMui3DuJhk
l6UDfb4CTnuwpyoUvDWbwCMJnqwdcG5WxfcGcNoH9gHtBYe/vYqMbICjohM9AgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQURBJwGzotTu6QhMcoOGnVYnWeXxwwHwYDVR0j
BBgwFoAU/0JvGbpnvIneWubfSHwcjB51LicwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNDY4YjA4MWUtYmE5My00NjVmLTliNmUtN2ZiZDYzYmRm
ZjYzLzAvRkY0MjZGMTlCQTY3QkM4OURFNUFFNkRGNDg3QzFDOEMxRTc1MkUyNy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL18wSnZHYnBudkluZVd1YmZTSHdjakI1
MUxpYy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNDY4YjA4MWUt
YmE5My00NjVmLTliNmUtN2ZiZDYzYmRmZjYzLzAvMzI2MTMxMzMzYTY0NjEzMDM0
M2EzYTJmMzMzMjJkMzMzMjIwM2QzZTIwMzIzMTM1MzMzMTMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUA
KhPaBDANBgkqhkiG9w0BAQsFAAOCAQEAD/NQgmqa3sIOG0Vuc0MltGIKBYu5giGx
pjAaytz6w/Gpp+Xs0PUz8KbNf8fu9Gr6mCyLeELxPj8YDG95YseqIF//AAYyAZGk
82Y1lPZLpHI1DmwzY0nmcCbeSG5L+d2mI2HzjjuYtsreEZcq9ebJFEOgQnnJmuum
ZMGjLQBT/Yn/YJ97ZQ07ssp8858rFa/7iPkejQut20oVYOt1usWLRLN5Fs+K7yVM
Npbk38w6lqN3tGhDdKg8iOfq5fOBFyyH+eLwFQ9CwOVBDyGE6SdwIvT4YBrFjI7l
8FT+Aw5fWdJCzwP0bCekH7Ehg+zmN7HQWPJN+V5Hk8alN59n/ohx6Q==
-----END CERTIFICATE-----
Generated at Mon Mar 2 17:27:43 2026 by rpki-client