Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/326130653a386630323a663030383a3a2f34382d3438203d3e20323132383434.roa
File: 326130653a386630323a663030383a3a2f34382d3438203d3e20323132383434.roa (raw, json)
Hash identifier: Bn4Wx2aaUcmu4gOes4mIQ9NlpOPCinCFdk07+pqYUto=
Subject key identifier: 53:93:D0:89:EA:85:D7:85:42:5F:39:C5:19:FD:D2:18:6B:E9:F7:B5
Certificate issuer: /CN=fac4708d7e265db1044f9bb0ee8728587f48b484
Certificate serial: 7F24ABADD0806A65751F11E49A7211C9C861C84D
Authority key identifier: FA:C4:70:8D:7E:26:5D:B1:04:4F:9B:B0:EE:87:28:58:7F:48:B4:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-sRwjX4mXbEET5uw7ocoWH9ItIQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/326130653a386630323a663030383a3a2f34382d3438203d3e20323132383434.roa
Signing time: Fri 03 Apr 2026 16:45:47 +0000
ROA not before: Fri 03 Apr 2026 16:40:47 +0000
ROA not after: Fri 02 Apr 2027 16:45:47 +0000
asID: 212844
IP address blocks: 2a0e:8f02:f008::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/FAC4708D7E265DB1044F9BB0EE8728587F48B484.crl
rsync://rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/FAC4708D7E265DB1044F9BB0EE8728587F48B484.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-sRwjX4mXbEET5uw7ocoWH9ItIQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 05:59:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:24:ab:ad:d0:80:6a:65:75:1f:11:e4:9a:72:11:c9:c8:61:c8:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fac4708d7e265db1044f9bb0ee8728587f48b484
Validity
Not Before: Apr 3 16:40:47 2026 GMT
Not After : Apr 2 16:45:47 2027 GMT
Subject: CN=5393D089EA85D785425F39C519FDD2186BE9F7B5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:7d:7c:1a:e0:b1:00:2c:9c:74:02:23:69:09:
f8:59:a2:ab:b2:21:9f:1d:9d:91:af:f6:5c:97:25:
e2:38:08:b0:49:d8:d0:a9:c1:c3:e4:42:21:2a:de:
43:eb:df:d9:8c:66:6f:54:79:e4:3c:21:0a:5a:35:
36:6e:e2:fb:b5:ca:f4:cc:e2:48:e3:2e:4e:7b:a1:
b7:74:43:30:f5:a3:27:ac:74:33:8b:cf:ff:be:5f:
06:47:c4:30:67:d6:10:5e:b0:4c:5f:32:b8:a6:97:
27:08:52:80:3b:b7:3f:db:bd:35:42:10:82:cd:0a:
1e:0a:ae:b6:84:36:61:8a:6a:08:f6:86:de:f1:00:
09:66:3b:e0:fa:c9:96:b0:9e:79:a8:22:02:44:38:
d0:33:9c:ab:d4:da:01:4a:29:0d:29:d4:65:99:0f:
d5:83:9e:61:00:76:b1:6f:14:22:67:04:0f:98:01:
21:57:ea:b8:46:62:16:9e:65:15:16:3d:97:9e:4c:
d0:86:2f:46:65:06:b0:74:a3:6e:0c:76:81:30:f8:
79:e8:a8:6b:cb:b2:ef:1e:61:6b:18:fb:24:4a:2c:
a1:f2:53:4b:29:96:53:dd:2e:97:d9:a0:10:96:fd:
00:aa:67:57:28:e2:52:7f:42:d7:02:06:f0:64:21:
c9:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:93:D0:89:EA:85:D7:85:42:5F:39:C5:19:FD:D2:18:6B:E9:F7:B5
X509v3 Authority Key Identifier:
keyid:FA:C4:70:8D:7E:26:5D:B1:04:4F:9B:B0:EE:87:28:58:7F:48:B4:84
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/FAC4708D7E265DB1044F9BB0EE8728587F48B484.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-sRwjX4mXbEET5uw7ocoWH9ItIQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/326130653a386630323a663030383a3a2f34382d3438203d3e20323132383434.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:f008::/48
Signature Algorithm: sha256WithRSAEncryption
98:df:c4:5a:d9:34:63:6c:29:dc:55:6b:de:ae:e2:9e:22:2e:
41:95:7c:68:3a:db:45:6c:25:0a:0e:d5:e7:2c:5f:24:cf:dd:
08:17:cb:4a:24:57:3f:38:48:82:43:51:83:b9:ff:9d:dc:5c:
31:d8:85:17:9d:61:c8:03:18:5a:9f:cb:e9:e3:cd:7a:16:05:
7e:a4:0f:cd:2b:55:91:16:d1:8f:2e:85:22:c8:3c:fe:22:0d:
f3:1e:6e:03:41:b0:4b:8d:f0:a2:2a:d5:7e:c3:81:63:71:f7:
c1:73:58:62:34:45:f6:7c:3b:c4:21:3c:5d:f1:24:d2:fb:1c:
06:d8:5a:22:43:bc:4d:1b:26:f9:4e:be:17:7b:be:66:54:b8:
e7:de:65:9a:97:49:c4:ae:41:14:12:96:6c:42:f4:06:e8:38:
d8:e6:c9:fe:74:28:a9:81:fb:39:b2:b3:9b:a4:38:a9:a0:89:
8a:53:50:d3:b4:1b:5a:18:1c:6d:b8:93:57:ae:85:64:2f:c8:
82:e1:22:33:95:4a:9a:9d:6e:0f:b1:de:a0:ea:27:4e:56:8e:
76:99:99:f3:6b:e7:de:ec:f5:85:41:d2:e4:fc:66:be:06:da:
9e:a2:f0:52:dc:d0:de:d9:76:e3:0d:72:b4:da:27:63:a5:4f:
bc:2c:97:c0
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgIUfySrrdCAamV1HxHkmnIRychhyE0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZmFjNDcwOGQ3ZTI2NWRiMTA0NGY5YmIwZWU4NzI4NTg3
ZjQ4YjQ4NDAeFw0yNjA0MDMxNjQwNDdaFw0yNzA0MDIxNjQ1NDdaMDMxMTAvBgNV
BAMTKDUzOTNEMDg5RUE4NUQ3ODU0MjVGMzlDNTE5RkREMjE4NkJFOUY3QjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3fXwa4LEALJx0AiNpCfhZoquy
IZ8dnZGv9lyXJeI4CLBJ2NCpwcPkQiEq3kPr39mMZm9UeeQ8IQpaNTZu4vu1yvTM
4kjjLk57obd0QzD1oyesdDOLz/++XwZHxDBn1hBesExfMrimlycIUoA7tz/bvTVC
EILNCh4KrraENmGKagj2ht7xAAlmO+D6yZawnnmoIgJEONAznKvU2gFKKQ0p1GWZ
D9WDnmEAdrFvFCJnBA+YASFX6rhGYhaeZRUWPZeeTNCGL0ZlBrB0o24MdoEw+Hno
qGvLsu8eYWsY+yRKLKHyU0spllPdLpfZoBCW/QCqZ1co4lJ/QtcCBvBkIckLAgMB
AAGjggJLMIICRzAdBgNVHQ4EFgQUU5PQieqF14VCXznFGf3SGGvp97UwHwYDVR0j
BBgwFoAU+sRwjX4mXbEET5uw7ocoWH9ItIQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNWI1OGU2NDYtZTdhMi00NjVjLTg3YzUtNDNjMzU5YWQ5
MzY5LzAvRkFDNDcwOEQ3RTI2NURCMTA0NEY5QkIwRUU4NzI4NTg3RjQ4QjQ4NC5j
cmwwZQYIKwYBBQUHAQEEWTBXMFUGCCsGAQUFBzAChklyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzEtc1J3alg0bVhiRUVUNXV3N29jb1dI
OUl0SVEuY2VyMIG3BggrBgEFBQcBCwSBqjCBpzCBpAYIKwYBBQUHMAuGgZdyc3lu
YzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzViNThlNjQ2
LWU3YTItNDY1Yy04N2M1LTQzYzM1OWFkOTM2OS8wLzMyNjEzMDY1M2EzODY2MzAz
MjNhNjYzMDMwMzgzYTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMjMxMzIzODM0MzQu
cm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzAR
MA8EAgACMAkDBwAqDo8C8AgwDQYJKoZIhvcNAQELBQADggEBAJjfxFrZNGNsKdxV
a96u4p4iLkGVfGg620VsJQoO1ecsXyTP3QgXy0okVz84SIJDUYO5/53cXDHYhRed
YcgDGFqfy+njzXoWBX6kD80rVZEW0Y8uhSLIPP4iDfMebgNBsEuN8KIq1X7DgWNx
98FzWGI0RfZ8O8QhPF3xJNL7HAbYWiJDvE0bJvlOvhd7vmZUuOfeZZqXScSuQRQS
lmxC9AboONjmyf50KKmB+zmys5ukOKmgiYpTUNO0G1oYHG24k1euhWQvyILhIjOV
Spqdbg+x3qDqJ05WjnaZmfNr597s9YVB0uT8Zr4G2p6i8FLc0N7ZduMNcrTaJ2Ol
T7wsl8A=
-----END CERTIFICATE-----
Generated at Fri Apr 17 19:10:14 2026 by rpki-client