Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/326130653a386630323a663031333a3a2f34382d3438203d3e20323132323739.roa
File: 326130653a386630323a663031333a3a2f34382d3438203d3e20323132323739.roa (raw, json)
Hash identifier: 4eYk1Ty5EDOQqQLmR52pun6zKGW8+gK9rNv5BFC9wpc=
Subject key identifier: 50:79:7B:0B:8B:84:44:02:DC:75:CD:6F:AA:56:DB:B0:0E:87:17:14
Certificate issuer: /CN=fac4708d7e265db1044f9bb0ee8728587f48b484
Certificate serial: 73D7FAA7BD6831AA9D0A97BCA089A605E552B13C
Authority key identifier: FA:C4:70:8D:7E:26:5D:B1:04:4F:9B:B0:EE:87:28:58:7F:48:B4:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-sRwjX4mXbEET5uw7ocoWH9ItIQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/326130653a386630323a663031333a3a2f34382d3438203d3e20323132323739.roa
Signing time: Mon 16 Feb 2026 10:55:33 +0000
ROA not before: Mon 16 Feb 2026 10:50:33 +0000
ROA not after: Mon 15 Feb 2027 10:55:33 +0000
asID: 212279
IP address blocks: 2a0e:8f02:f013::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/FAC4708D7E265DB1044F9BB0EE8728587F48B484.crl
rsync://rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/FAC4708D7E265DB1044F9BB0EE8728587F48B484.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-sRwjX4mXbEET5uw7ocoWH9ItIQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 07:03:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:d7:fa:a7:bd:68:31:aa:9d:0a:97:bc:a0:89:a6:05:e5:52:b1:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fac4708d7e265db1044f9bb0ee8728587f48b484
Validity
Not Before: Feb 16 10:50:33 2026 GMT
Not After : Feb 15 10:55:33 2027 GMT
Subject: CN=50797B0B8B844402DC75CD6FAA56DBB00E871714
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:21:fb:41:d4:d1:d3:85:a3:be:4a:d3:2f:77:
5d:ac:c5:f9:fe:e8:1a:50:e9:88:8b:fb:90:10:37:
6f:14:3d:8e:b0:f3:c1:ae:7d:5a:56:06:84:8f:1f:
47:f2:9c:d0:f9:48:ab:b2:45:59:ac:29:44:95:9d:
1d:04:df:3d:4d:db:5d:8e:3d:2b:07:7e:27:4b:88:
bb:9a:90:57:5f:4f:43:a8:56:d4:54:a1:cf:05:86:
e5:0e:be:fe:ac:8c:b4:38:59:ac:0e:df:48:53:1f:
36:ec:6b:e0:1b:8d:55:4b:c9:9b:c9:1c:aa:46:cc:
c4:01:fa:1c:9f:f6:28:db:49:8e:5b:8b:a8:ff:d1:
05:05:78:f2:4a:e5:cb:65:64:26:c2:13:a8:36:47:
cc:d6:7c:ee:bd:8d:66:aa:7d:1e:61:4c:a2:34:61:
4a:6e:cf:a5:fb:f7:ba:15:1f:55:a5:d0:79:9e:a3:
84:fd:7b:87:b9:14:1d:97:0e:39:9a:2d:0e:e5:2d:
f0:fd:24:83:f3:c5:cf:f7:16:99:c8:b1:43:8f:6b:
4b:fe:77:1f:ea:2a:e7:ea:c4:08:25:94:4e:64:58:
b7:35:3d:de:c6:b2:fc:0b:69:7e:ab:3f:dc:cf:f6:
fd:00:62:55:ab:22:e9:b0:bc:ec:91:b5:87:a7:4f:
84:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:79:7B:0B:8B:84:44:02:DC:75:CD:6F:AA:56:DB:B0:0E:87:17:14
X509v3 Authority Key Identifier:
keyid:FA:C4:70:8D:7E:26:5D:B1:04:4F:9B:B0:EE:87:28:58:7F:48:B4:84
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/FAC4708D7E265DB1044F9BB0EE8728587F48B484.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-sRwjX4mXbEET5uw7ocoWH9ItIQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/326130653a386630323a663031333a3a2f34382d3438203d3e20323132323739.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:f013::/48
Signature Algorithm: sha256WithRSAEncryption
14:c0:89:61:de:55:a8:5f:ff:6c:26:45:85:e0:63:a8:c2:9e:
e2:55:fa:23:60:ba:e9:c7:db:24:35:62:04:16:78:19:85:3d:
a2:e1:b1:58:d3:28:a8:b1:9d:a9:af:1d:a6:87:2a:fa:d1:98:
79:bc:50:5e:79:6c:cc:09:6a:42:48:97:01:37:74:66:d8:2c:
33:44:29:b3:24:66:cc:c6:73:7a:66:7e:6f:25:9a:28:38:cb:
9d:7e:1f:10:63:17:22:8b:8d:0b:cb:82:3e:78:48:7a:29:a1:
cd:6a:ff:69:97:0e:49:a1:c0:09:ff:14:34:56:d2:56:0d:02:
9b:cf:56:32:21:ec:eb:1a:9b:12:50:e7:13:d1:07:6c:56:49:
16:1c:72:c3:c2:86:f6:7c:8c:f6:95:12:07:22:90:5c:85:14:
83:06:1d:cb:9c:e9:0d:36:4c:84:16:89:b1:fc:80:43:69:f3:
43:92:74:85:bb:55:2f:21:5a:db:d8:b6:7e:9c:9c:32:04:c0:
f0:2f:91:4f:1e:70:d7:b2:65:8c:a7:f9:3e:50:cf:d2:41:58:
17:86:ab:1b:d9:29:f6:b1:47:0f:54:c6:ce:be:1d:bc:dd:ba:
f6:76:16:a4:90:0b:dd:38:53:73:55:ad:7e:49:d2:32:c1:ad:
5e:64:61:37
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgIUc9f6p71oMaqdCpe8oImmBeVSsTwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZmFjNDcwOGQ3ZTI2NWRiMTA0NGY5YmIwZWU4NzI4NTg3
ZjQ4YjQ4NDAeFw0yNjAyMTYxMDUwMzNaFw0yNzAyMTUxMDU1MzNaMDMxMTAvBgNV
BAMTKDUwNzk3QjBCOEI4NDQ0MDJEQzc1Q0Q2RkFBNTZEQkIwMEU4NzE3MTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgIftB1NHThaO+StMvd12sxfn+
6BpQ6YiL+5AQN28UPY6w88GufVpWBoSPH0fynND5SKuyRVmsKUSVnR0E3z1N212O
PSsHfidLiLuakFdfT0OoVtRUoc8FhuUOvv6sjLQ4WawO30hTHzbsa+AbjVVLyZvJ
HKpGzMQB+hyf9ijbSY5bi6j/0QUFePJK5ctlZCbCE6g2R8zWfO69jWaqfR5hTKI0
YUpuz6X797oVH1Wl0Hmeo4T9e4e5FB2XDjmaLQ7lLfD9JIPzxc/3FpnIsUOPa0v+
dx/qKufqxAgllE5kWLc1Pd7GsvwLaX6rP9zP9v0AYlWrIumwvOyRtYenT4RRAgMB
AAGjggJLMIICRzAdBgNVHQ4EFgQUUHl7C4uERALcdc1vqlbbsA6HFxQwHwYDVR0j
BBgwFoAU+sRwjX4mXbEET5uw7ocoWH9ItIQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNWI1OGU2NDYtZTdhMi00NjVjLTg3YzUtNDNjMzU5YWQ5
MzY5LzAvRkFDNDcwOEQ3RTI2NURCMTA0NEY5QkIwRUU4NzI4NTg3RjQ4QjQ4NC5j
cmwwZQYIKwYBBQUHAQEEWTBXMFUGCCsGAQUFBzAChklyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzEtc1J3alg0bVhiRUVUNXV3N29jb1dI
OUl0SVEuY2VyMIG3BggrBgEFBQcBCwSBqjCBpzCBpAYIKwYBBQUHMAuGgZdyc3lu
YzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzViNThlNjQ2
LWU3YTItNDY1Yy04N2M1LTQzYzM1OWFkOTM2OS8wLzMyNjEzMDY1M2EzODY2MzAz
MjNhNjYzMDMxMzMzYTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMjMxMzIzMjM3Mzku
cm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzAR
MA8EAgACMAkDBwAqDo8C8BMwDQYJKoZIhvcNAQELBQADggEBABTAiWHeVahf/2wm
RYXgY6jCnuJV+iNguunH2yQ1YgQWeBmFPaLhsVjTKKixnamvHaaHKvrRmHm8UF55
bMwJakJIlwE3dGbYLDNEKbMkZszGc3pmfm8lmig4y51+HxBjFyKLjQvLgj54SHop
oc1q/2mXDkmhwAn/FDRW0lYNApvPVjIh7OsamxJQ5xPRB2xWSRYccsPChvZ8jPaV
EgcikFyFFIMGHcuc6Q02TIQWibH8gENp80OSdIW7VS8hWtvYtn6cnDIEwPAvkU8e
cNeyZYyn+T5Qz9JBWBeGqxvZKfaxRw9Uxs6+HbzduvZ2FqSQC904U3NVrX5J0jLB
rV5kYTc=
-----END CERTIFICATE-----
Generated at Sun Mar 1 20:52:21 2026 by rpki-client