Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/326131333a653430323a3a2f33322d3332203d3e20323135343230.roa
File: 326131333a653430323a3a2f33322d3332203d3e20323135343230.roa (raw, json)
Hash identifier: mNEln2sQigg3u81rooykzeehSg2L9J2uWDrMwZzSFwU=
Subject key identifier: BE:F6:D2:DE:57:57:A0:91:2A:3A:3D:B0:F4:30:92:6F:B8:23:AD:E8
Certificate issuer: /CN=ff426f19ba67bc89de5ae6df487c1c8c1e752e27
Certificate serial: 69F99D2CD3933DE3AD8B6738012CFDE3BAC125C0
Authority key identifier: FF:42:6F:19:BA:67:BC:89:DE:5A:E6:DF:48:7C:1C:8C:1E:75:2E:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_0JvGbpnvIneWubfSHwcjB51Lic.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/326131333a653430323a3a2f33322d3332203d3e20323135343230.roa
Signing time: Mon 09 Feb 2026 18:55:37 +0000
ROA not before: Mon 09 Feb 2026 18:50:37 +0000
ROA not after: Mon 08 Feb 2027 18:55:37 +0000
asID: 215420
IP address blocks: 2a13:e402::/32 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/FF426F19BA67BC89DE5AE6DF487C1C8C1E752E27.crl
rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/FF426F19BA67BC89DE5AE6DF487C1C8C1E752E27.mft
rsync://rpki.ripe.net/repository/DEFAULT/_0JvGbpnvIneWubfSHwcjB51Lic.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:26:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:f9:9d:2c:d3:93:3d:e3:ad:8b:67:38:01:2c:fd:e3:ba:c1:25:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff426f19ba67bc89de5ae6df487c1c8c1e752e27
Validity
Not Before: Feb 9 18:50:37 2026 GMT
Not After : Feb 8 18:55:37 2027 GMT
Subject: CN=BEF6D2DE5757A0912A3A3DB0F430926FB823ADE8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:6c:e8:a8:6c:15:9d:49:47:63:e2:09:23:38:
1b:0d:a5:a5:da:85:55:60:3e:71:30:84:83:c4:77:
08:f5:be:ce:67:5b:d2:78:91:f4:5a:3c:a5:a2:2c:
c4:5c:ec:09:13:f6:70:e2:6c:10:28:12:3c:4e:59:
c3:48:af:d1:64:10:57:db:58:0e:d8:f5:86:d7:31:
ae:0a:d2:55:48:7e:b1:6e:6d:90:db:57:a9:94:c6:
7c:56:15:d4:b5:34:f7:ea:8c:cc:3e:31:4c:eb:6e:
ee:18:dc:3e:12:d7:ad:20:23:6f:4c:3f:9a:88:27:
7f:68:22:33:13:ce:07:68:0b:ea:40:bc:09:2a:5e:
76:6c:cd:e9:22:bc:3a:43:79:86:e9:c0:a4:a2:7d:
21:e4:5c:24:3c:71:6e:38:7b:ba:ff:21:8d:c5:88:
c4:79:ef:14:e1:08:76:1e:ea:84:c0:3f:f8:44:c5:
53:b3:a4:4a:f9:39:a0:02:7b:4d:37:1d:9e:63:6d:
bd:e4:a3:fd:28:4d:3d:a5:ca:20:10:14:e9:3a:da:
5d:3e:15:a9:56:a8:d4:ff:eb:47:df:45:fe:b2:0a:
c1:8b:39:9a:09:2e:72:8f:c5:15:1f:9c:ad:2f:e9:
f8:a7:09:20:21:2e:db:28:dc:c5:38:70:07:34:46:
4d:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:F6:D2:DE:57:57:A0:91:2A:3A:3D:B0:F4:30:92:6F:B8:23:AD:E8
X509v3 Authority Key Identifier:
keyid:FF:42:6F:19:BA:67:BC:89:DE:5A:E6:DF:48:7C:1C:8C:1E:75:2E:27
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/FF426F19BA67BC89DE5AE6DF487C1C8C1E752E27.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_0JvGbpnvIneWubfSHwcjB51Lic.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/326131333a653430323a3a2f33322d3332203d3e20323135343230.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:e402::/32
Signature Algorithm: sha256WithRSAEncryption
74:15:c3:b2:ac:80:4a:7d:34:15:70:d0:5f:c0:e7:c7:27:d1:
64:b1:86:0e:6f:f1:43:39:c4:db:15:76:04:d2:a9:1e:93:8b:
7a:f0:eb:2b:51:5c:ee:4d:f8:1e:f2:d3:4a:14:d7:31:5f:3e:
1b:a4:37:40:2b:e3:4e:7f:38:c0:48:8b:c2:e9:34:b0:23:79:
89:95:43:9a:73:1a:59:ac:5a:11:b0:af:8f:57:e3:08:7f:83:
ec:2e:50:75:57:32:9f:52:5a:73:6a:be:be:16:19:8f:06:9a:
aa:53:82:da:bd:78:95:77:38:c7:09:8e:3b:86:ea:1f:18:fc:
e2:be:a3:ca:1c:a8:4a:c3:24:54:b8:6d:f0:db:4c:28:bc:16:
59:a3:e3:4d:57:fe:0c:b7:c8:71:0e:c0:7b:f1:4d:16:32:dc:
f9:69:2a:7d:68:48:a9:8c:b9:af:65:cf:f8:35:5f:f0:a4:c0:
44:46:6e:87:4c:88:65:97:35:bc:dc:1e:14:5c:02:cd:50:66:
fd:92:f2:2d:c1:c6:c9:c5:4b:bf:45:3a:8b:d6:b2:2d:f8:1d:
6c:bc:6f:1e:e4:45:2f:c0:4f:d8:17:74:6e:7c:5b:ba:02:3c:
a1:71:dd:90:c5:81:09:91:cb:2c:72:b2:b2:ae:4f:c0:8c:59:
47:5a:ae:a1
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIUafmdLNOTPeOti2c4ASz947rBJcAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZmY0MjZmMTliYTY3YmM4OWRlNWFlNmRmNDg3YzFjOGMx
ZTc1MmUyNzAeFw0yNjAyMDkxODUwMzdaFw0yNzAyMDgxODU1MzdaMDMxMTAvBgNV
BAMTKEJFRjZEMkRFNTc1N0EwOTEyQTNBM0RCMEY0MzA5MjZGQjgyM0FERTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9bOiobBWdSUdj4gkjOBsNpaXa
hVVgPnEwhIPEdwj1vs5nW9J4kfRaPKWiLMRc7AkT9nDibBAoEjxOWcNIr9FkEFfb
WA7Y9YbXMa4K0lVIfrFubZDbV6mUxnxWFdS1NPfqjMw+MUzrbu4Y3D4S160gI29M
P5qIJ39oIjMTzgdoC+pAvAkqXnZszekivDpDeYbpwKSifSHkXCQ8cW44e7r/IY3F
iMR57xThCHYe6oTAP/hExVOzpEr5OaACe003HZ5jbb3ko/0oTT2lyiAQFOk62l0+
FalWqNT/60ffRf6yCsGLOZoJLnKPxRUfnK0v6finCSAhLtso3MU4cAc0Rk0VAgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQUvvbS3ldXoJEqOj2w9DCSb7gjregwHwYDVR0j
BBgwFoAU/0JvGbpnvIneWubfSHwcjB51LicwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNDY4YjA4MWUtYmE5My00NjVmLTliNmUtN2ZiZDYzYmRm
ZjYzLzAvRkY0MjZGMTlCQTY3QkM4OURFNUFFNkRGNDg3QzFDOEMxRTc1MkUyNy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL18wSnZHYnBudkluZVd1YmZTSHdjakI1
MUxpYy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNDY4YjA4MWUt
YmE5My00NjVmLTliNmUtN2ZiZDYzYmRmZjYzLzAvMzI2MTMxMzMzYTY1MzQzMDMy
M2EzYTJmMzMzMjJkMzMzMjIwM2QzZTIwMzIzMTM1MzQzMjMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUA
KhPkAjANBgkqhkiG9w0BAQsFAAOCAQEAdBXDsqyASn00FXDQX8DnxyfRZLGGDm/x
QznE2xV2BNKpHpOLevDrK1Fc7k34HvLTShTXMV8+G6Q3QCvjTn84wEiLwuk0sCN5
iZVDmnMaWaxaEbCvj1fjCH+D7C5QdVcyn1Jac2q+vhYZjwaaqlOC2r14lXc4xwmO
O4bqHxj84r6jyhyoSsMkVLht8NtMKLwWWaPjTVf+DLfIcQ7Ae/FNFjLc+WkqfWhI
qYy5r2XP+DVf8KTAREZuh0yIZZc1vNweFFwCzVBm/ZLyLcHGycVLv0U6i9ayLfgd
bLxvHuRFL8BP2Bd0bnxbugI8oXHdkMWBCZHLLHKysq5PwIxZR1quoQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 15:56:00 2026 by rpki-client