Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/326131333a653430313a3a2f33322d3332203d3e20323134393637.roa
File: 326131333a653430313a3a2f33322d3332203d3e20323134393637.roa (raw, json)
Hash identifier: I1y2rQjnLv18d7wE8+32fRo+wpfEuaxk8+JYmCwkLpU=
Subject key identifier: 68:C4:B8:C2:93:9C:27:D4:9C:ED:4A:C7:C6:94:70:6E:57:6B:08:85
Certificate issuer: /CN=ff426f19ba67bc89de5ae6df487c1c8c1e752e27
Certificate serial: 4B1EACBBC9A01CF072FA680161C2138E3DBA1205
Authority key identifier: FF:42:6F:19:BA:67:BC:89:DE:5A:E6:DF:48:7C:1C:8C:1E:75:2E:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_0JvGbpnvIneWubfSHwcjB51Lic.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/326131333a653430313a3a2f33322d3332203d3e20323134393637.roa
Signing time: Mon 09 Feb 2026 18:55:37 +0000
ROA not before: Mon 09 Feb 2026 18:50:37 +0000
ROA not after: Mon 08 Feb 2027 18:55:37 +0000
asID: 214967
IP address blocks: 2a13:e401::/32 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/FF426F19BA67BC89DE5AE6DF487C1C8C1E752E27.crl
rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/FF426F19BA67BC89DE5AE6DF487C1C8C1E752E27.mft
rsync://rpki.ripe.net/repository/DEFAULT/_0JvGbpnvIneWubfSHwcjB51Lic.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:26:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:1e:ac:bb:c9:a0:1c:f0:72:fa:68:01:61:c2:13:8e:3d:ba:12:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff426f19ba67bc89de5ae6df487c1c8c1e752e27
Validity
Not Before: Feb 9 18:50:37 2026 GMT
Not After : Feb 8 18:55:37 2027 GMT
Subject: CN=68C4B8C2939C27D49CED4AC7C694706E576B0885
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:fc:52:d0:1a:7b:53:17:77:41:d1:35:de:70:
ae:2a:0d:18:bc:e4:75:e9:ce:39:17:4d:25:ec:87:
1a:64:ba:e4:a6:90:b6:ff:50:48:c4:ec:17:7b:d5:
47:f5:3e:10:f7:b3:ec:b5:0a:be:a5:9e:78:af:f2:
86:65:14:2e:0a:01:ab:c6:07:e9:bf:64:b1:b4:64:
37:ac:1e:25:72:5a:9f:cf:60:58:c1:f0:ac:13:d8:
d7:ec:a7:39:25:a6:dd:d0:ba:2c:ad:01:64:1b:c0:
68:73:c2:e2:e9:8f:f4:e3:13:4b:a8:55:41:7c:67:
52:9c:50:05:f4:43:2d:b1:4d:d0:19:55:d9:56:c9:
ee:f0:bc:7c:fb:39:b2:0b:b5:5f:02:52:62:0c:d5:
15:7b:a1:45:3d:05:e3:e5:21:4d:59:36:51:3b:2f:
71:18:1e:c1:e2:7d:56:3d:3b:56:9d:5d:70:a7:45:
c5:ee:02:dc:cd:22:59:87:47:70:19:f6:43:d7:7f:
74:ae:c7:37:f4:40:e4:6e:34:59:d8:10:26:e9:3e:
6b:73:21:7b:23:d3:23:1f:48:07:2c:34:1a:a3:3a:
97:2b:c0:7d:be:c7:b2:6c:1c:3b:05:cc:01:ca:cd:
cd:5b:17:a0:b7:56:35:60:84:23:c7:c0:e0:c4:29:
64:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:C4:B8:C2:93:9C:27:D4:9C:ED:4A:C7:C6:94:70:6E:57:6B:08:85
X509v3 Authority Key Identifier:
keyid:FF:42:6F:19:BA:67:BC:89:DE:5A:E6:DF:48:7C:1C:8C:1E:75:2E:27
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/FF426F19BA67BC89DE5AE6DF487C1C8C1E752E27.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_0JvGbpnvIneWubfSHwcjB51Lic.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/326131333a653430313a3a2f33322d3332203d3e20323134393637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:e401::/32
Signature Algorithm: sha256WithRSAEncryption
a1:de:f9:f2:74:c0:c3:e5:d0:ce:93:62:fb:fd:2a:07:26:1f:
cc:4d:d4:51:28:2f:06:a1:3e:26:1b:87:6b:e7:04:81:b9:d3:
aa:47:6d:cc:18:7c:dd:ef:f4:03:2f:e4:19:45:12:9c:83:20:
e3:c1:4a:7f:b1:db:7c:28:7c:d1:6b:4b:6a:0a:ca:87:50:3d:
fc:a1:c9:3d:05:41:73:9e:1d:2d:9d:e6:d0:d9:d8:bc:95:ee:
2c:6c:b4:b3:3e:91:d7:37:bb:b3:e6:7e:5d:4f:bc:d4:75:8b:
3f:dc:91:fd:8f:aa:86:b1:53:3c:57:bf:2b:17:fb:62:16:db:
dc:98:5c:0d:4d:3d:8a:65:a3:72:a3:4b:49:d0:a6:aa:42:dd:
b5:46:ea:c3:12:da:2f:ae:a0:91:87:2c:6e:01:6c:2b:5f:f4:
fe:9d:b6:75:91:1f:4d:76:ad:9d:0c:64:23:e1:76:5b:e2:1b:
14:d1:b9:ca:01:7b:3d:1b:e9:2b:96:01:0c:64:66:7c:52:68:
e6:b0:2e:bc:76:2f:24:09:01:f5:da:0f:32:0b:85:12:8a:24:
3e:95:e7:6a:d6:09:56:e5:48:fb:dd:ed:86:3a:a1:de:2f:7d:
18:58:87:29:71:40:8a:8d:7b:bb:29:a3:8e:4e:7c:fc:54:a8:
2e:8a:32:e2
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIUSx6su8mgHPBy+mgBYcITjj26EgUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZmY0MjZmMTliYTY3YmM4OWRlNWFlNmRmNDg3YzFjOGMx
ZTc1MmUyNzAeFw0yNjAyMDkxODUwMzdaFw0yNzAyMDgxODU1MzdaMDMxMTAvBgNV
BAMTKDY4QzRCOEMyOTM5QzI3RDQ5Q0VENEFDN0M2OTQ3MDZFNTc2QjA4ODUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCx/FLQGntTF3dB0TXecK4qDRi8
5HXpzjkXTSXshxpkuuSmkLb/UEjE7Bd71Uf1PhD3s+y1Cr6lnniv8oZlFC4KAavG
B+m/ZLG0ZDesHiVyWp/PYFjB8KwT2Nfspzklpt3QuiytAWQbwGhzwuLpj/TjE0uo
VUF8Z1KcUAX0Qy2xTdAZVdlWye7wvHz7ObILtV8CUmIM1RV7oUU9BePlIU1ZNlE7
L3EYHsHifVY9O1adXXCnRcXuAtzNIlmHR3AZ9kPXf3Suxzf0QORuNFnYECbpPmtz
IXsj0yMfSAcsNBqjOpcrwH2+x7JsHDsFzAHKzc1bF6C3VjVghCPHwODEKWRhAgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQUaMS4wpOcJ9Sc7UrHxpRwbldrCIUwHwYDVR0j
BBgwFoAU/0JvGbpnvIneWubfSHwcjB51LicwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNDY4YjA4MWUtYmE5My00NjVmLTliNmUtN2ZiZDYzYmRm
ZjYzLzAvRkY0MjZGMTlCQTY3QkM4OURFNUFFNkRGNDg3QzFDOEMxRTc1MkUyNy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL18wSnZHYnBudkluZVd1YmZTSHdjakI1
MUxpYy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNDY4YjA4MWUt
YmE5My00NjVmLTliNmUtN2ZiZDYzYmRmZjYzLzAvMzI2MTMxMzMzYTY1MzQzMDMx
M2EzYTJmMzMzMjJkMzMzMjIwM2QzZTIwMzIzMTM0MzkzNjM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUA
KhPkATANBgkqhkiG9w0BAQsFAAOCAQEAod758nTAw+XQzpNi+/0qByYfzE3UUSgv
BqE+JhuHa+cEgbnTqkdtzBh83e/0Ay/kGUUSnIMg48FKf7HbfCh80WtLagrKh1A9
/KHJPQVBc54dLZ3m0NnYvJXuLGy0sz6R1ze7s+Z+XU+81HWLP9yR/Y+qhrFTPFe/
Kxf7Yhbb3JhcDU09imWjcqNLSdCmqkLdtUbqwxLaL66gkYcsbgFsK1/0/p22dZEf
TXatnQxkI+F2W+IbFNG5ygF7PRvpK5YBDGRmfFJo5rAuvHYvJAkB9doPMguFEook
PpXnatYJVuVI+93thjqh3i99GFiHKXFAio17uymjjk58/FSoLooy4g==
-----END CERTIFICATE-----
Generated at Mon Mar 2 16:11:32 2026 by rpki-client