Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/69bbfdcf-35cd-4524-8ffa-3005b0b69a29/0/326131343a313463303a313a3a2f34382d3438203d3e20323037343837.roa
File: 326131343a313463303a313a3a2f34382d3438203d3e20323037343837.roa (raw, json)
Hash identifier: NlN3fbd4xPs8oXDjI1+pTaPhc7vLifacDO0nMI7gkYc=
Subject key identifier: CE:09:6E:72:34:55:AD:EA:E5:AF:AA:EE:DA:58:00:DC:1C:2A:D0:79
Certificate issuer: /CN=25827d84056b8444cc2a7842759035354b8416bc
Certificate serial: 1392AC37DFEE88EC7BDEB7DD193BE144469B97F4
Authority key identifier: 25:82:7D:84:05:6B:84:44:CC:2A:78:42:75:90:35:35:4B:84:16:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JYJ9hAVrhETMKnhCdZA1NUuEFrw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/69bbfdcf-35cd-4524-8ffa-3005b0b69a29/0/326131343a313463303a313a3a2f34382d3438203d3e20323037343837.roa
Signing time: Thu 02 Apr 2026 20:00:50 +0000
ROA not before: Thu 02 Apr 2026 19:55:50 +0000
ROA not after: Thu 01 Apr 2027 20:00:50 +0000
asID: 207487
IP address blocks: 2a14:14c0:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/69bbfdcf-35cd-4524-8ffa-3005b0b69a29/0/25827D84056B8444CC2A7842759035354B8416BC.crl
rsync://rsync.paas.rpki.ripe.net/repository/69bbfdcf-35cd-4524-8ffa-3005b0b69a29/0/25827D84056B8444CC2A7842759035354B8416BC.mft
rsync://rpki.ripe.net/repository/DEFAULT/JYJ9hAVrhETMKnhCdZA1NUuEFrw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 05:41:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:92:ac:37:df:ee:88:ec:7b:de:b7:dd:19:3b:e1:44:46:9b:97:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25827d84056b8444cc2a7842759035354b8416bc
Validity
Not Before: Apr 2 19:55:50 2026 GMT
Not After : Apr 1 20:00:50 2027 GMT
Subject: CN=CE096E723455ADEAE5AFAAEEDA5800DC1C2AD079
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:bd:3b:fe:c6:bd:f5:3e:91:e0:87:a3:b2:95:
ec:63:75:64:4b:13:78:4a:a1:cd:8e:b8:1f:50:82:
9e:75:b7:f3:35:7d:e7:ec:ff:cf:0c:b2:13:bd:5f:
9d:0e:33:5d:d3:4c:e6:8c:52:96:99:7c:9a:c3:24:
77:1f:04:17:ec:b3:d9:21:55:7c:2f:fe:63:f0:43:
e1:51:9b:61:90:cb:6e:a5:39:f0:02:53:88:99:54:
f6:2b:1b:64:48:e2:f0:1a:80:87:a7:01:c0:40:b7:
0b:9c:2f:fb:3d:d0:c4:e2:d8:c4:68:58:75:7b:ea:
f0:4f:71:7d:be:aa:e5:5a:6c:f8:2a:bb:a7:fe:bc:
f3:51:8b:39:54:0f:f8:82:9e:32:da:39:2f:12:94:
03:c8:9f:ea:e3:8a:80:0d:b3:8d:c1:17:4f:10:fa:
8e:83:6f:a0:03:b3:aa:13:43:8c:61:46:36:c5:46:
43:2a:01:4d:41:76:87:45:6b:0f:28:95:70:25:51:
e7:67:a4:f8:08:4e:99:eb:61:e5:53:ae:8d:ad:f7:
07:e2:46:4d:34:d8:84:95:09:9f:95:2d:f3:af:ae:
6c:30:d4:c4:2d:40:77:03:c6:f9:b2:aa:7a:9f:33:
9b:fa:fb:a8:9f:94:b4:41:b4:39:17:c1:59:f7:96:
85:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:09:6E:72:34:55:AD:EA:E5:AF:AA:EE:DA:58:00:DC:1C:2A:D0:79
X509v3 Authority Key Identifier:
keyid:25:82:7D:84:05:6B:84:44:CC:2A:78:42:75:90:35:35:4B:84:16:BC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/69bbfdcf-35cd-4524-8ffa-3005b0b69a29/0/25827D84056B8444CC2A7842759035354B8416BC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JYJ9hAVrhETMKnhCdZA1NUuEFrw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/69bbfdcf-35cd-4524-8ffa-3005b0b69a29/0/326131343a313463303a313a3a2f34382d3438203d3e20323037343837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:14c0:1::/48
Signature Algorithm: sha256WithRSAEncryption
04:9b:2a:1c:ad:68:d9:61:53:e7:6b:3c:2b:25:17:4a:f9:a0:
57:97:6e:aa:b4:43:e1:73:8d:f1:42:86:67:f3:1a:95:ff:ec:
b1:42:a3:d5:86:b1:53:89:02:53:05:cd:bb:43:53:c7:5b:50:
b2:01:27:e0:3c:2b:37:e0:7c:9a:f5:8a:bd:42:bc:24:38:29:
f2:50:58:df:16:f5:50:ac:24:31:53:93:3e:fd:9e:c8:5b:eb:
33:96:9f:41:b6:47:0a:d2:a6:38:95:62:db:1c:6c:c1:ec:58:
ad:ab:0a:00:de:18:96:8e:1a:8b:c6:ef:3b:26:2c:55:36:d7:
52:08:4a:a8:cc:a4:bb:99:db:12:c4:e2:7e:0a:b6:cf:6e:28:
49:1d:7f:df:72:2b:8e:db:12:53:23:1b:83:9d:da:69:ed:f5:
90:1d:e8:6f:f6:26:73:c4:45:7e:94:fb:15:e5:21:68:87:0c:
4a:05:3d:c9:fe:5c:61:d7:ee:13:33:ee:f1:8c:00:bc:ce:21:
68:d5:f7:0c:d7:70:8d:ea:cd:9c:50:4c:9a:68:93:16:e5:7b:
6a:f1:5e:5f:49:74:68:bf:5b:68:c9:11:34:27:23:2e:88:99:
7c:36:c9:07:9c:cf:4a:b8:0f:07:d5:92:f3:5a:59:26:cb:a9:
95:48:ee:55
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUE5KsN9/uiOx73rfdGTvhREabl/QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjU4MjdkODQwNTZiODQ0NGNjMmE3ODQyNzU5MDM1MzU0
Yjg0MTZiYzAeFw0yNjA0MDIxOTU1NTBaFw0yNzA0MDEyMDAwNTBaMDMxMTAvBgNV
BAMTKENFMDk2RTcyMzQ1NUFERUFFNUFGQUFFRURBNTgwMERDMUMyQUQwNzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2vTv+xr31PpHgh6OylexjdWRL
E3hKoc2OuB9Qgp51t/M1fefs/88MshO9X50OM13TTOaMUpaZfJrDJHcfBBfss9kh
VXwv/mPwQ+FRm2GQy26lOfACU4iZVPYrG2RI4vAagIenAcBAtwucL/s90MTi2MRo
WHV76vBPcX2+quVabPgqu6f+vPNRizlUD/iCnjLaOS8SlAPIn+rjioANs43BF08Q
+o6Db6ADs6oTQ4xhRjbFRkMqAU1BdodFaw8olXAlUednpPgITpnrYeVTro2t9wfi
Rk002ISVCZ+VLfOvrmww1MQtQHcDxvmyqnqfM5v6+6iflLRBtDkXwVn3loXdAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUzglucjRVrerlr6ru2lgA3Bwq0HkwHwYDVR0j
BBgwFoAUJYJ9hAVrhETMKnhCdZA1NUuEFrwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNjliYmZkY2YtMzVjZC00NTI0LThmZmEtMzAwNWIwYjY5
YTI5LzAvMjU4MjdEODQwNTZCODQ0NENDMkE3ODQyNzU5MDM1MzU0Qjg0MTZCQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0pZSjloQVZyaEVUTUtuaENkWkExTlV1
RUZydy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNjliYmZkY2Yt
MzVjZC00NTI0LThmZmEtMzAwNWIwYjY5YTI5LzAvMzI2MTMxMzQzYTMxMzQ2MzMw
M2EzMTNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAzNzM0MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHACoUFMAAATANBgkqhkiG9w0BAQsFAAOCAQEABJsqHK1o2WFT52s8KyUXSvmg
V5duqrRD4XON8UKGZ/Malf/ssUKj1YaxU4kCUwXNu0NTx1tQsgEn4DwrN+B8mvWK
vUK8JDgp8lBY3xb1UKwkMVOTPv2eyFvrM5afQbZHCtKmOJVi2xxswexYrasKAN4Y
lo4ai8bvOyYsVTbXUghKqMyku5nbEsTifgq2z24oSR1/33IrjtsSUyMbg53aae31
kB3ob/Ymc8RFfpT7FeUhaIcMSgU9yf5cYdfuEzPu8YwAvM4haNX3DNdwjerNnFBM
mmiTFuV7avFeX0l0aL9baMkRNCcjLoiZfDbJB5zPSrgPB9WS81pZJsuplUjuVQ==
-----END CERTIFICATE-----
Generated at Fri Apr 17 14:59:56 2026 by rpki-client