Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ff7a989-ecdf-43d6-86e1-f6c3935b9b3d/4/326131343a366634303a3a2f32392d3438203d3e20323030323432.roa
File: 326131343a366634303a3a2f32392d3438203d3e20323030323432.roa (raw, json)
Hash identifier: mS5RESR9XXqVKPaYaMF0sfDr7VCVwv8ZCbbv5XYwaoY=
Subject key identifier: B2:0B:0C:86:5E:7E:D8:D7:43:16:1E:58:E1:A9:C7:32:1C:3B:EC:F6
Certificate issuer: /CN=3eeebb946a8d21d4083c93dc09cee557bb2ac32e
Certificate serial: 5FA7AA6FB85F4459CA292E5F3632DE4D12BF513B
Authority key identifier: 3E:EE:BB:94:6A:8D:21:D4:08:3C:93:DC:09:CE:E5:57:BB:2A:C3:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pu67lGqNIdQIPJPcCc7lV7sqwy4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ff7a989-ecdf-43d6-86e1-f6c3935b9b3d/4/326131343a366634303a3a2f32392d3438203d3e20323030323432.roa
Signing time: Tue 02 Jun 2026 18:50:40 +0000
ROA not before: Tue 02 Jun 2026 18:45:40 +0000
ROA not after: Tue 01 Jun 2027 18:50:40 +0000
asID: 200242
IP address blocks: 2a14:6f40::/29 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ff7a989-ecdf-43d6-86e1-f6c3935b9b3d/4/3EEEBB946A8D21D4083C93DC09CEE557BB2AC32E.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ff7a989-ecdf-43d6-86e1-f6c3935b9b3d/4/3EEEBB946A8D21D4083C93DC09CEE557BB2AC32E.mft
rsync://rpki.ripe.net/repository/DEFAULT/Pu67lGqNIdQIPJPcCc7lV7sqwy4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 17:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:a7:aa:6f:b8:5f:44:59:ca:29:2e:5f:36:32:de:4d:12:bf:51:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3eeebb946a8d21d4083c93dc09cee557bb2ac32e
Validity
Not Before: Jun 2 18:45:40 2026 GMT
Not After : Jun 1 18:50:40 2027 GMT
Subject: CN=B20B0C865E7ED8D743161E58E1A9C7321C3BECF6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:5b:6b:7f:e0:3b:e6:b9:ab:1f:c7:00:4e:5c:
49:5f:40:37:27:28:41:54:3b:54:0a:d7:dd:ef:bd:
47:a1:79:3c:e5:a4:a7:c1:34:b1:39:15:94:e6:99:
ec:cd:02:63:6e:d1:57:a9:42:ea:ca:73:be:d6:3c:
8a:9a:90:69:f5:f7:89:19:fa:c9:11:4e:b7:d0:97:
27:e4:5b:d5:83:a8:a5:e9:fe:67:b7:40:39:ff:f6:
8c:b6:7a:a6:c0:a8:f2:be:f4:54:e9:90:89:a0:4e:
dc:b4:a9:f9:4f:2a:a5:3a:e5:79:b0:e9:d8:ba:19:
7b:ec:24:1e:ce:d7:14:84:c0:40:47:26:af:86:25:
a5:3f:21:e4:fb:bd:4a:0a:5d:9a:00:82:82:26:2b:
49:78:1b:a2:76:1a:5b:c2:f0:e7:c9:d3:e8:a0:fc:
79:c7:15:18:11:9d:96:f3:39:16:84:f6:fa:71:fb:
ef:9a:da:fc:1b:50:e0:57:7d:f2:5f:93:8d:10:ad:
2c:ce:60:2f:37:c7:86:ed:54:7e:95:26:d6:48:68:
51:88:2a:7e:59:93:ec:43:f2:80:0a:fe:59:1a:11:
66:fe:e2:56:13:28:1c:59:5e:3b:3e:58:6d:fe:42:
16:0a:bd:a1:37:af:c1:ac:31:9d:16:a3:6f:42:7f:
15:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:0B:0C:86:5E:7E:D8:D7:43:16:1E:58:E1:A9:C7:32:1C:3B:EC:F6
X509v3 Authority Key Identifier:
keyid:3E:EE:BB:94:6A:8D:21:D4:08:3C:93:DC:09:CE:E5:57:BB:2A:C3:2E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ff7a989-ecdf-43d6-86e1-f6c3935b9b3d/4/3EEEBB946A8D21D4083C93DC09CEE557BB2AC32E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pu67lGqNIdQIPJPcCc7lV7sqwy4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ff7a989-ecdf-43d6-86e1-f6c3935b9b3d/4/326131343a366634303a3a2f32392d3438203d3e20323030323432.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:6f40::/29
Signature Algorithm: sha256WithRSAEncryption
63:b4:40:39:e8:b7:cc:f1:52:5d:39:7c:d0:6e:33:0b:ee:c5:
63:90:1b:14:6a:cd:e6:58:c5:b9:d9:96:6d:d8:14:7c:f2:02:
80:c9:df:65:61:9f:f3:1f:1d:af:e7:ed:f4:1c:c8:a2:e6:2e:
67:59:d6:c6:7f:8e:2a:b0:22:87:5b:3a:f7:46:9b:17:58:27:
ae:e8:d3:93:ff:08:b7:c8:fb:9d:81:f5:ac:04:8b:a4:13:66:
a6:66:18:0c:31:3a:61:d7:f4:a6:98:71:f8:13:42:13:8c:6a:
01:49:a0:42:c0:2b:2f:be:96:0f:b1:39:b8:ef:77:6f:41:09:
b7:72:a2:08:b8:7f:36:45:52:fa:85:f2:d1:df:f1:69:d0:d1:
a5:44:ea:26:b3:23:f0:44:3a:53:d5:64:c9:5f:cd:ec:5d:03:
0f:d9:4e:2a:ae:3d:e1:7a:14:7c:34:61:e5:e1:d2:e6:3a:78:
f1:c3:4a:25:f7:97:97:c4:32:60:a4:fc:c7:23:27:9f:23:4d:
c3:96:bf:7f:8c:b1:98:68:f0:f5:19:b2:8e:56:24:04:6d:b9:
bc:70:a0:89:46:cb:26:0b:74:4b:be:e1:90:4b:6e:ee:ec:9b:
ca:d1:84:a7:d1:30:ab:f6:22:c7:2c:30:d3:4d:5c:c1:67:86:
21:42:19:79
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIUX6eqb7hfRFnKKS5fNjLeTRK/UTswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2VlZWJiOTQ2YThkMjFkNDA4M2M5M2RjMDljZWU1NTdi
YjJhYzMyZTAeFw0yNjA2MDIxODQ1NDBaFw0yNzA2MDExODUwNDBaMDMxMTAvBgNV
BAMTKEIyMEIwQzg2NUU3RUQ4RDc0MzE2MUU1OEUxQTlDNzMyMUMzQkVDRjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFW2t/4DvmuasfxwBOXElfQDcn
KEFUO1QK193vvUeheTzlpKfBNLE5FZTmmezNAmNu0VepQurKc77WPIqakGn194kZ
+skRTrfQlyfkW9WDqKXp/me3QDn/9oy2eqbAqPK+9FTpkImgTty0qflPKqU65Xmw
6di6GXvsJB7O1xSEwEBHJq+GJaU/IeT7vUoKXZoAgoImK0l4G6J2GlvC8OfJ0+ig
/HnHFRgRnZbzORaE9vpx+++a2vwbUOBXffJfk40QrSzOYC83x4btVH6VJtZIaFGI
Kn5Zk+xD8oAK/lkaEWb+4lYTKBxZXjs+WG3+QhYKvaE3r8GsMZ0Wo29CfxVJAgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQUsgsMhl5+2NdDFh5Y4anHMhw77PYwHwYDVR0j
BBgwFoAUPu67lGqNIdQIPJPcCc7lV7sqwy4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmZmN2E5ODktZWNkZi00M2Q2LTg2ZTEtZjZjMzkzNWI5
YjNkLzQvM0VFRUJCOTQ2QThEMjFENDA4M0M5M0RDMDlDRUU1NTdCQjJBQzMyRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1B1NjdsR3FOSWRRSVBKUGNDYzdsVjdz
cXd5NC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmZmN2E5ODkt
ZWNkZi00M2Q2LTg2ZTEtZjZjMzkzNWI5YjNkLzQvMzI2MTMxMzQzYTM2NjYzNDMw
M2EzYTJmMzIzOTJkMzQzODIwM2QzZTIwMzIzMDMwMzIzNDMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUD
KhRvQDANBgkqhkiG9w0BAQsFAAOCAQEAY7RAOei3zPFSXTl80G4zC+7FY5AbFGrN
5ljFudmWbdgUfPICgMnfZWGf8x8dr+ft9BzIouYuZ1nWxn+OKrAih1s690abF1gn
rujTk/8It8j7nYH1rASLpBNmpmYYDDE6Ydf0pphx+BNCE4xqAUmgQsArL76WD7E5
uO93b0EJt3KiCLh/NkVS+oXy0d/xadDRpUTqJrMj8EQ6U9VkyV/N7F0DD9lOKq49
4XoUfDRh5eHS5jp48cNKJfeXl8QyYKT8xyMnnyNNw5a/f4yxmGjw9RmyjlYkBG25
vHCgiUbLJgt0S77hkEtu7uybytGEp9Ewq/Yixyww001cwWeGIUIZeQ==
-----END CERTIFICATE-----
Generated at Sun Jun 14 00:57:06 2026 by rpki-client