Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/326131333a653430333a3a2f33322d3332203d3e20323135343632.roa
File: 326131333a653430333a3a2f33322d3332203d3e20323135343632.roa (raw, json)
Hash identifier: Cz/6kKDUzshq0L4EXVzYnwGNuJcQnGuP6YcPqQJcMJ8=
Subject key identifier: 5A:D9:24:9A:5C:1A:85:16:2F:66:17:37:E8:2D:6A:AF:86:E4:2B:E5
Certificate issuer: /CN=ff426f19ba67bc89de5ae6df487c1c8c1e752e27
Certificate serial: 5E51B438EF4ADD81EF0C385FD628D150DDB30041
Authority key identifier: FF:42:6F:19:BA:67:BC:89:DE:5A:E6:DF:48:7C:1C:8C:1E:75:2E:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_0JvGbpnvIneWubfSHwcjB51Lic.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/326131333a653430333a3a2f33322d3332203d3e20323135343632.roa
Signing time: Mon 09 Feb 2026 18:55:37 +0000
ROA not before: Mon 09 Feb 2026 18:50:37 +0000
ROA not after: Mon 08 Feb 2027 18:55:37 +0000
asID: 215462
IP address blocks: 2a13:e403::/32 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/FF426F19BA67BC89DE5AE6DF487C1C8C1E752E27.crl
rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/FF426F19BA67BC89DE5AE6DF487C1C8C1E752E27.mft
rsync://rpki.ripe.net/repository/DEFAULT/_0JvGbpnvIneWubfSHwcjB51Lic.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:51:b4:38:ef:4a:dd:81:ef:0c:38:5f:d6:28:d1:50:dd:b3:00:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff426f19ba67bc89de5ae6df487c1c8c1e752e27
Validity
Not Before: Feb 9 18:50:37 2026 GMT
Not After : Feb 8 18:55:37 2027 GMT
Subject: CN=5AD9249A5C1A85162F661737E82D6AAF86E42BE5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:b5:13:5b:ab:a3:92:9e:c7:2a:34:40:95:76:
09:8a:61:e3:c8:41:52:6e:e0:ca:44:b2:39:a9:ac:
0e:3d:59:f3:40:d8:25:aa:40:a3:d1:08:a7:63:93:
e6:c0:dd:8b:f7:e7:b6:de:37:0c:e8:c5:4c:98:46:
e9:e6:3c:f9:46:d9:c9:8c:b9:c0:d2:94:5b:a0:2c:
8d:c9:4a:48:d8:89:ec:9d:46:9b:f5:79:75:6e:93:
15:79:cf:a5:88:9e:09:29:6a:ae:fc:56:02:72:1e:
cc:e0:d7:8f:df:e0:31:86:94:23:1a:74:79:9e:85:
a6:1d:15:39:86:11:71:b2:3f:05:68:9e:a6:d0:6b:
7d:e8:1e:c5:af:1d:87:f7:0f:46:22:a4:3b:c8:95:
af:62:b6:9d:e7:10:c1:64:e9:3a:50:db:22:21:96:
c5:4b:d6:6d:73:1f:3c:88:3f:fb:a4:8f:d7:6a:bb:
b5:fc:ce:e1:14:9c:6b:e6:c2:95:6e:b2:0a:33:75:
9b:6d:2f:c9:08:17:7b:0d:fb:16:a0:65:73:85:53:
0c:6f:28:6e:19:26:66:a1:05:69:6e:1c:34:79:68:
02:93:cf:ff:ed:9b:6f:7b:70:4c:72:2e:b6:c9:09:
3d:42:82:37:fc:db:87:1e:7a:6c:85:eb:09:66:4b:
85:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:D9:24:9A:5C:1A:85:16:2F:66:17:37:E8:2D:6A:AF:86:E4:2B:E5
X509v3 Authority Key Identifier:
keyid:FF:42:6F:19:BA:67:BC:89:DE:5A:E6:DF:48:7C:1C:8C:1E:75:2E:27
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/FF426F19BA67BC89DE5AE6DF487C1C8C1E752E27.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_0JvGbpnvIneWubfSHwcjB51Lic.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/326131333a653430333a3a2f33322d3332203d3e20323135343632.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:e403::/32
Signature Algorithm: sha256WithRSAEncryption
8a:a9:f7:4c:e9:a8:d2:70:c3:33:54:98:42:73:87:bd:a3:92:
18:10:97:cb:3e:7c:f4:90:d3:a2:d3:91:94:c3:a4:67:35:21:
c8:16:25:bd:ff:77:33:b8:05:9f:73:b3:4c:c1:35:a8:3e:bc:
a3:8e:05:e5:98:91:00:7a:a7:66:de:37:ff:79:e1:95:9b:5e:
7c:00:8d:51:a2:86:f0:45:07:13:e0:b2:da:fb:3f:1c:03:92:
6e:da:38:0c:1a:99:5b:6a:bf:6c:06:69:7f:4f:3e:6a:0a:cf:
96:13:26:97:cb:21:a8:b0:7f:e5:fe:80:0f:72:f7:cc:ce:ac:
ba:4e:cf:7e:01:22:a8:cf:64:2b:d8:f2:b8:32:d2:57:e2:d8:
52:92:21:51:87:97:00:4f:30:25:63:ff:10:16:36:0f:c0:01:
34:02:a1:a8:7c:af:8e:d4:f8:6a:d9:5a:56:21:3d:e3:32:c7:
36:fa:f8:d3:02:9d:22:75:83:45:aa:7b:96:29:06:21:1a:4b:
c6:68:6b:b7:44:f6:f7:7d:b2:3e:01:38:75:41:0c:0a:ee:16:
c0:c2:9d:68:7e:92:c1:01:ab:21:f1:2e:38:04:2b:c7:60:83:
0d:9a:38:4f:c5:77:bc:57:2f:3e:af:da:8f:de:bc:12:4e:b4:
b7:d6:25:d1
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIUXlG0OO9K3YHvDDhf1ijRUN2zAEEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZmY0MjZmMTliYTY3YmM4OWRlNWFlNmRmNDg3YzFjOGMx
ZTc1MmUyNzAeFw0yNjAyMDkxODUwMzdaFw0yNzAyMDgxODU1MzdaMDMxMTAvBgNV
BAMTKDVBRDkyNDlBNUMxQTg1MTYyRjY2MTczN0U4MkQ2QUFGODZFNDJCRTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOtRNbq6OSnscqNECVdgmKYePI
QVJu4MpEsjmprA49WfNA2CWqQKPRCKdjk+bA3Yv357beNwzoxUyYRunmPPlG2cmM
ucDSlFugLI3JSkjYieydRpv1eXVukxV5z6WIngkpaq78VgJyHszg14/f4DGGlCMa
dHmehaYdFTmGEXGyPwVonqbQa33oHsWvHYf3D0YipDvIla9itp3nEMFk6TpQ2yIh
lsVL1m1zHzyIP/ukj9dqu7X8zuEUnGvmwpVusgozdZttL8kIF3sN+xagZXOFUwxv
KG4ZJmahBWluHDR5aAKTz//tm297cExyLrbJCT1Cgjf824ceemyF6wlmS4VZAgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQUWtkkmlwahRYvZhc36C1qr4bkK+UwHwYDVR0j
BBgwFoAU/0JvGbpnvIneWubfSHwcjB51LicwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNDY4YjA4MWUtYmE5My00NjVmLTliNmUtN2ZiZDYzYmRm
ZjYzLzAvRkY0MjZGMTlCQTY3QkM4OURFNUFFNkRGNDg3QzFDOEMxRTc1MkUyNy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL18wSnZHYnBudkluZVd1YmZTSHdjakI1
MUxpYy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNDY4YjA4MWUt
YmE5My00NjVmLTliNmUtN2ZiZDYzYmRmZjYzLzAvMzI2MTMxMzMzYTY1MzQzMDMz
M2EzYTJmMzMzMjJkMzMzMjIwM2QzZTIwMzIzMTM1MzQzNjMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUA
KhPkAzANBgkqhkiG9w0BAQsFAAOCAQEAiqn3TOmo0nDDM1SYQnOHvaOSGBCXyz58
9JDTotORlMOkZzUhyBYlvf93M7gFn3OzTME1qD68o44F5ZiRAHqnZt43/3nhlZte
fACNUaKG8EUHE+Cy2vs/HAOSbto4DBqZW2q/bAZpf08+agrPlhMml8shqLB/5f6A
D3L3zM6suk7PfgEiqM9kK9jyuDLSV+LYUpIhUYeXAE8wJWP/EBY2D8ABNAKhqHyv
jtT4atlaViE94zLHNvr40wKdInWDRap7likGIRpLxmhrt0T2932yPgE4dUEMCu4W
wMKdaH6SwQGrIfEuOAQrx2CDDZo4T8V3vFcvPq/aj968Ek60t9Yl0Q==
-----END CERTIFICATE-----
Generated at Mon Mar 2 14:42:34 2026 by rpki-client