Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/326131333a653430343a3a2f33322d3332203d3e20323135333130.roa
File: 326131333a653430343a3a2f33322d3332203d3e20323135333130.roa (raw, json)
Hash identifier: qfYLsiXeU6PfA9fVBBtYwxz+ovi/EvnjjY5itv6zZZY=
Subject key identifier: C7:95:C1:B5:F4:02:75:72:C7:0B:90:1D:8A:5B:50:FA:FA:7D:9E:2F
Certificate issuer: /CN=ff426f19ba67bc89de5ae6df487c1c8c1e752e27
Certificate serial: 26D87CF45C98381180F1178CD6F6EBEE010BD726
Authority key identifier: FF:42:6F:19:BA:67:BC:89:DE:5A:E6:DF:48:7C:1C:8C:1E:75:2E:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_0JvGbpnvIneWubfSHwcjB51Lic.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/326131333a653430343a3a2f33322d3332203d3e20323135333130.roa
Signing time: Mon 09 Feb 2026 18:55:37 +0000
ROA not before: Mon 09 Feb 2026 18:50:37 +0000
ROA not after: Mon 08 Feb 2027 18:55:37 +0000
asID: 215310
IP address blocks: 2a13:e404::/32 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/FF426F19BA67BC89DE5AE6DF487C1C8C1E752E27.crl
rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/FF426F19BA67BC89DE5AE6DF487C1C8C1E752E27.mft
rsync://rpki.ripe.net/repository/DEFAULT/_0JvGbpnvIneWubfSHwcjB51Lic.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:d8:7c:f4:5c:98:38:11:80:f1:17:8c:d6:f6:eb:ee:01:0b:d7:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff426f19ba67bc89de5ae6df487c1c8c1e752e27
Validity
Not Before: Feb 9 18:50:37 2026 GMT
Not After : Feb 8 18:55:37 2027 GMT
Subject: CN=C795C1B5F4027572C70B901D8A5B50FAFA7D9E2F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:a6:c0:7b:15:f4:2e:f6:ec:6b:d4:11:3d:ac:
a0:f7:83:72:ae:a1:38:38:72:62:5b:96:eb:e9:fd:
a6:93:ab:3b:35:89:fa:5c:2a:d8:9f:8e:a4:05:f3:
19:12:ae:94:10:b2:d1:a9:9d:47:cf:dc:fb:d1:28:
ed:a5:4f:d6:d7:3e:4e:e9:14:1e:ae:38:dd:87:91:
58:c0:94:3a:7a:7d:7a:29:28:b6:a4:27:98:d5:9f:
48:5d:1e:29:f7:3c:a1:0b:b1:1c:71:cb:b6:33:30:
84:47:b9:6a:41:17:e2:20:14:6b:f4:01:81:99:24:
2d:48:c3:42:8a:6d:3c:c0:60:47:b0:b3:65:99:7f:
fb:0b:52:e1:4d:80:62:3f:d3:b7:34:2d:b0:99:1c:
35:1e:4a:8a:7b:8b:cf:64:0a:3b:9e:07:b2:f0:58:
bf:09:46:c2:b8:f1:74:cf:f3:46:73:fc:4d:57:cb:
26:1e:db:f7:f9:4c:4d:79:0d:54:a2:6e:d2:dc:65:
7f:2a:b6:99:81:92:11:15:1f:b0:79:98:70:e9:3d:
4c:cf:ed:3b:c0:ea:63:49:81:38:ab:ac:3e:3d:c7:
07:56:99:9e:92:5c:dc:54:3e:3e:f4:8f:ed:b9:8f:
15:bd:c6:f1:1c:0b:c1:bd:81:65:f4:81:94:f9:d8:
41:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:95:C1:B5:F4:02:75:72:C7:0B:90:1D:8A:5B:50:FA:FA:7D:9E:2F
X509v3 Authority Key Identifier:
keyid:FF:42:6F:19:BA:67:BC:89:DE:5A:E6:DF:48:7C:1C:8C:1E:75:2E:27
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/FF426F19BA67BC89DE5AE6DF487C1C8C1E752E27.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_0JvGbpnvIneWubfSHwcjB51Lic.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/326131333a653430343a3a2f33322d3332203d3e20323135333130.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:e404::/32
Signature Algorithm: sha256WithRSAEncryption
30:fc:ba:81:92:7c:ed:9e:75:71:9d:6f:ec:9b:3e:0d:87:82:
f3:92:69:78:9f:4f:d7:4b:53:3a:fa:1a:17:ff:95:d0:7b:47:
bc:71:16:86:eb:6e:29:78:a0:81:0a:9d:67:32:29:e0:4d:2e:
57:bb:21:0c:25:a0:ef:2a:94:ba:32:df:ff:2d:d1:c1:85:1a:
d6:b7:f3:ff:30:18:36:8a:e0:cb:da:53:5b:ad:1b:e0:c4:03:
78:fd:23:fb:5f:7b:54:75:0c:b9:d4:17:4e:1c:f1:4d:a3:86:
12:33:73:a7:d9:a3:1b:99:ea:03:98:1c:fc:cf:5d:01:85:3f:
3d:49:18:0a:1f:20:9d:9a:af:e8:55:91:6f:a8:71:4d:a6:e0:
e2:04:93:63:90:96:4b:d7:9c:ab:41:d7:42:be:41:79:b6:b9:
50:01:e1:7b:1d:61:48:31:72:93:ea:f3:42:12:13:f3:a5:80:
5f:ee:66:4e:15:e6:a8:a1:ff:b7:d5:a7:49:6d:a0:f3:d7:64:
96:89:88:bd:e4:8e:29:10:a5:12:34:ea:91:29:05:a8:5d:7c:
00:54:98:53:30:93:0a:b5:60:9c:14:e2:bf:77:1b:53:a9:88:
bc:8c:fa:ea:3c:56:67:52:80:44:c1:cb:27:4e:a3:e3:49:ba:
30:4c:b7:e1
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIUJth89FyYOBGA8ReM1vbr7gEL1yYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZmY0MjZmMTliYTY3YmM4OWRlNWFlNmRmNDg3YzFjOGMx
ZTc1MmUyNzAeFw0yNjAyMDkxODUwMzdaFw0yNzAyMDgxODU1MzdaMDMxMTAvBgNV
BAMTKEM3OTVDMUI1RjQwMjc1NzJDNzBCOTAxRDhBNUI1MEZBRkE3RDlFMkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKpsB7FfQu9uxr1BE9rKD3g3Ku
oTg4cmJbluvp/aaTqzs1ifpcKtifjqQF8xkSrpQQstGpnUfP3PvRKO2lT9bXPk7p
FB6uON2HkVjAlDp6fXopKLakJ5jVn0hdHin3PKELsRxxy7YzMIRHuWpBF+IgFGv0
AYGZJC1Iw0KKbTzAYEews2WZf/sLUuFNgGI/07c0LbCZHDUeSop7i89kCjueB7Lw
WL8JRsK48XTP80Zz/E1XyyYe2/f5TE15DVSibtLcZX8qtpmBkhEVH7B5mHDpPUzP
7TvA6mNJgTirrD49xwdWmZ6SXNxUPj70j+25jxW9xvEcC8G9gWX0gZT52EHTAgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQUx5XBtfQCdXLHC5AdiltQ+vp9ni8wHwYDVR0j
BBgwFoAU/0JvGbpnvIneWubfSHwcjB51LicwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNDY4YjA4MWUtYmE5My00NjVmLTliNmUtN2ZiZDYzYmRm
ZjYzLzAvRkY0MjZGMTlCQTY3QkM4OURFNUFFNkRGNDg3QzFDOEMxRTc1MkUyNy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL18wSnZHYnBudkluZVd1YmZTSHdjakI1
MUxpYy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNDY4YjA4MWUt
YmE5My00NjVmLTliNmUtN2ZiZDYzYmRmZjYzLzAvMzI2MTMxMzMzYTY1MzQzMDM0
M2EzYTJmMzMzMjJkMzMzMjIwM2QzZTIwMzIzMTM1MzMzMTMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUA
KhPkBDANBgkqhkiG9w0BAQsFAAOCAQEAMPy6gZJ87Z51cZ1v7Js+DYeC85JpeJ9P
10tTOvoaF/+V0HtHvHEWhutuKXiggQqdZzIp4E0uV7shDCWg7yqUujLf/y3RwYUa
1rfz/zAYNorgy9pTW60b4MQDeP0j+197VHUMudQXThzxTaOGEjNzp9mjG5nqA5gc
/M9dAYU/PUkYCh8gnZqv6FWRb6hxTabg4gSTY5CWS9ecq0HXQr5Beba5UAHhex1h
SDFyk+rzQhIT86WAX+5mThXmqKH/t9WnSW2g89dklomIveSOKRClEjTqkSkFqF18
AFSYUzCTCrVgnBTiv3cbU6mIvIz66jxWZ1KARMHLJ06j40m6MEy34Q==
-----END CERTIFICATE-----
Generated at Mon Mar 2 11:45:23 2026 by rpki-client