Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/69bbfdcf-35cd-4524-8ffa-3005b0b69a29/0/326131343a313463303a323a3a2f34382d3438203d3e20323037343837.roa
File: 326131343a313463303a323a3a2f34382d3438203d3e20323037343837.roa (raw, json)
Hash identifier: dHA6HLPOR3IQCPs+KBxka5EoTXTVzS3+Rk/fPIxN15o=
Subject key identifier: 03:77:66:E5:19:82:5E:37:C4:52:57:0D:E1:1C:B4:A5:81:38:9F:24
Certificate issuer: /CN=25827d84056b8444cc2a7842759035354b8416bc
Certificate serial: 2D7B1549D72BD3AFDC53BDBD49D6956112544AD4
Authority key identifier: 25:82:7D:84:05:6B:84:44:CC:2A:78:42:75:90:35:35:4B:84:16:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JYJ9hAVrhETMKnhCdZA1NUuEFrw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/69bbfdcf-35cd-4524-8ffa-3005b0b69a29/0/326131343a313463303a323a3a2f34382d3438203d3e20323037343837.roa
Signing time: Thu 02 Apr 2026 20:00:50 +0000
ROA not before: Thu 02 Apr 2026 19:55:50 +0000
ROA not after: Thu 01 Apr 2027 20:00:50 +0000
asID: 207487
IP address blocks: 2a14:14c0:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/69bbfdcf-35cd-4524-8ffa-3005b0b69a29/0/25827D84056B8444CC2A7842759035354B8416BC.crl
rsync://rsync.paas.rpki.ripe.net/repository/69bbfdcf-35cd-4524-8ffa-3005b0b69a29/0/25827D84056B8444CC2A7842759035354B8416BC.mft
rsync://rpki.ripe.net/repository/DEFAULT/JYJ9hAVrhETMKnhCdZA1NUuEFrw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 05:41:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:7b:15:49:d7:2b:d3:af:dc:53:bd:bd:49:d6:95:61:12:54:4a:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25827d84056b8444cc2a7842759035354b8416bc
Validity
Not Before: Apr 2 19:55:50 2026 GMT
Not After : Apr 1 20:00:50 2027 GMT
Subject: CN=037766E519825E37C452570DE11CB4A581389F24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:98:fd:60:c3:87:42:ec:25:25:56:23:c2:b0:
e8:d7:17:e6:a9:e0:88:08:a1:f9:7b:cf:b3:42:dd:
23:ec:8e:d8:1b:d8:85:71:68:99:9b:64:ec:d1:9a:
7b:ee:a9:fa:a1:32:0c:38:91:36:f1:80:44:40:cf:
a3:f6:c7:b8:15:88:a3:77:38:93:ef:4d:a9:ca:ec:
70:4b:bb:ab:b4:1d:f5:36:c8:e0:5a:3d:ac:64:db:
3c:73:50:2e:12:0c:b9:7c:a5:7d:79:53:6d:d7:a2:
aa:9b:c7:3d:0c:58:f3:74:ed:55:e1:c3:dd:b9:fe:
b8:15:48:fd:eb:b5:3b:fa:b1:5c:d0:6e:2e:4b:b9:
46:84:48:04:b9:d3:c5:a0:36:66:51:48:c0:fb:b0:
d5:50:14:ec:5b:ef:46:9a:55:a2:c8:ee:de:3b:de:
71:14:a0:42:65:ca:6d:5e:c3:22:51:e9:30:a9:a5:
c9:ca:51:b5:dd:8d:ad:58:33:67:15:27:00:19:64:
56:3f:47:1f:e0:cf:9f:6b:3a:44:ea:f1:53:15:f5:
ce:c9:46:99:57:f6:69:1b:13:75:dd:63:fd:0e:1f:
b3:cc:31:83:b2:2a:47:08:69:83:a0:63:eb:05:57:
18:9c:8b:4e:4d:d3:45:cf:c8:4f:bb:3c:73:fb:49:
75:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:77:66:E5:19:82:5E:37:C4:52:57:0D:E1:1C:B4:A5:81:38:9F:24
X509v3 Authority Key Identifier:
keyid:25:82:7D:84:05:6B:84:44:CC:2A:78:42:75:90:35:35:4B:84:16:BC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/69bbfdcf-35cd-4524-8ffa-3005b0b69a29/0/25827D84056B8444CC2A7842759035354B8416BC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JYJ9hAVrhETMKnhCdZA1NUuEFrw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/69bbfdcf-35cd-4524-8ffa-3005b0b69a29/0/326131343a313463303a323a3a2f34382d3438203d3e20323037343837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:14c0:2::/48
Signature Algorithm: sha256WithRSAEncryption
5d:ae:7a:3f:ce:89:b3:4d:d5:ec:b9:98:be:fc:23:e1:eb:55:
eb:e4:ec:85:ec:a7:5d:bd:a0:7c:03:a1:ac:90:8b:85:37:a5:
67:54:3b:a2:89:02:6e:70:30:04:56:51:c8:17:1d:c4:08:1d:
41:c6:d2:39:39:f9:b6:d3:33:dc:d4:7f:00:1f:1f:9f:77:84:
a7:f4:96:b8:f9:e6:0e:a8:da:d8:fe:af:49:f2:e4:af:9c:13:
11:7a:07:93:f9:8f:6e:7a:fe:00:e5:02:83:64:e2:7a:2b:3b:
22:d1:5d:02:1d:7a:59:56:51:f1:ea:c3:a3:82:4b:cb:d0:01:
5f:a6:80:f7:a5:22:ee:b3:0c:71:86:14:2c:60:5b:72:44:74:
21:e1:e1:22:09:0c:5e:a3:fc:37:f2:e0:e3:18:eb:04:bc:81:
bb:49:07:20:f5:79:81:f3:12:4b:da:8f:4a:21:af:b4:ef:21:
d2:f1:5e:e6:31:dd:12:c2:36:11:a6:0b:91:80:8e:b9:b2:c5:
4c:46:84:71:85:b8:18:03:8b:09:1e:f9:5d:ef:6e:f0:5e:f4:
62:db:d2:f8:21:95:c2:24:5d:0e:14:4f:9b:62:48:d5:fe:84:
f2:a2:62:12:d7:2e:38:b9:4a:ad:71:d7:4a:f8:6e:20:3c:f6:
91:1b:75:16
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIULXsVSdcr06/cU729SdaVYRJUStQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjU4MjdkODQwNTZiODQ0NGNjMmE3ODQyNzU5MDM1MzU0
Yjg0MTZiYzAeFw0yNjA0MDIxOTU1NTBaFw0yNzA0MDEyMDAwNTBaMDMxMTAvBgNV
BAMTKDAzNzc2NkU1MTk4MjVFMzdDNDUyNTcwREUxMUNCNEE1ODEzODlGMjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1mP1gw4dC7CUlViPCsOjXF+ap
4IgIofl7z7NC3SPsjtgb2IVxaJmbZOzRmnvuqfqhMgw4kTbxgERAz6P2x7gViKN3
OJPvTanK7HBLu6u0HfU2yOBaPaxk2zxzUC4SDLl8pX15U23Xoqqbxz0MWPN07VXh
w925/rgVSP3rtTv6sVzQbi5LuUaESAS508WgNmZRSMD7sNVQFOxb70aaVaLI7t47
3nEUoEJlym1ewyJR6TCppcnKUbXdja1YM2cVJwAZZFY/Rx/gz59rOkTq8VMV9c7J
RplX9mkbE3XdY/0OH7PMMYOyKkcIaYOgY+sFVxici05N00XPyE+7PHP7SXUPAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUA3dm5RmCXjfEUlcN4Ry0pYE4nyQwHwYDVR0j
BBgwFoAUJYJ9hAVrhETMKnhCdZA1NUuEFrwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNjliYmZkY2YtMzVjZC00NTI0LThmZmEtMzAwNWIwYjY5
YTI5LzAvMjU4MjdEODQwNTZCODQ0NENDMkE3ODQyNzU5MDM1MzU0Qjg0MTZCQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0pZSjloQVZyaEVUTUtuaENkWkExTlV1
RUZydy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNjliYmZkY2Yt
MzVjZC00NTI0LThmZmEtMzAwNWIwYjY5YTI5LzAvMzI2MTMxMzQzYTMxMzQ2MzMw
M2EzMjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAzNzM0MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHACoUFMAAAjANBgkqhkiG9w0BAQsFAAOCAQEAXa56P86Js03V7LmYvvwj4etV
6+TsheynXb2gfAOhrJCLhTelZ1Q7ookCbnAwBFZRyBcdxAgdQcbSOTn5ttMz3NR/
AB8fn3eEp/SWuPnmDqja2P6vSfLkr5wTEXoHk/mPbnr+AOUCg2Tieis7ItFdAh16
WVZR8erDo4JLy9ABX6aA96Ui7rMMcYYULGBbckR0IeHhIgkMXqP8N/Lg4xjrBLyB
u0kHIPV5gfMSS9qPSiGvtO8h0vFe5jHdEsI2EaYLkYCOubLFTEaEcYW4GAOLCR75
Xe9u8F70YtvS+CGVwiRdDhRPm2JI1f6E8qJiEtcuOLlKrXHXSvhuIDz2kRt1Fg==
-----END CERTIFICATE-----
Generated at Fri Apr 17 20:15:24 2026 by rpki-client