Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a33383a3a2f34382d3438203d3e20323133373938.roa
File: 326131313a323963303a33383a3a2f34382d3438203d3e20323133373938.roa (raw, json)
Hash identifier: i8EC09twWmhSdmER5W+Z24urfVFf4wzUCBQlq8G5Ux4=
Subject key identifier: F8:CE:11:42:9D:0E:82:45:4C:0E:3C:E5:6F:AD:6A:2B:AA:A5:88:C7
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 421705F67532399A2D8644920E8F41DD393FF6F5
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a33383a3a2f34382d3438203d3e20323133373938.roa
Signing time: Wed 28 Jan 2026 09:42:08 +0000
ROA not before: Wed 28 Jan 2026 09:37:08 +0000
ROA not after: Wed 27 Jan 2027 09:42:08 +0000
asID: 213798
IP address blocks: 2a11:29c0:38::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:17:05:f6:75:32:39:9a:2d:86:44:92:0e:8f:41:dd:39:3f:f6:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: Jan 28 09:37:08 2026 GMT
Not After : Jan 27 09:42:08 2027 GMT
Subject: CN=F8CE11429D0E82454C0E3CE56FAD6A2BAAA588C7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:8f:a7:b6:75:f2:a3:07:a8:78:63:e9:d4:7c:
ea:32:57:d3:b9:8a:05:04:2c:65:9b:96:85:ec:85:
ba:2f:c4:50:1d:ab:0e:12:d1:ef:c6:08:8c:5c:55:
66:4b:73:90:2e:d5:6d:8c:ad:b1:b8:a1:0f:d2:0c:
25:95:e2:f2:79:7f:7a:e5:52:6d:41:93:cd:33:96:
95:ad:14:cf:0f:04:56:a0:44:93:cf:67:ba:b4:85:
9a:5d:f0:3e:eb:fd:7c:40:24:a9:09:16:51:cf:63:
c5:88:51:75:15:f6:43:ea:34:bd:a8:15:32:4c:d7:
2a:23:5d:fa:2a:dd:70:13:de:3a:95:19:4c:21:f8:
ed:7b:ee:20:9c:9a:dc:d3:c7:4d:ad:7a:53:12:c2:
b0:4f:c8:8d:7a:89:ab:b2:f9:95:f9:79:a9:d3:5f:
e8:2a:0d:3e:a2:b5:20:db:86:85:e3:f2:50:68:0d:
2e:9b:8b:9d:ab:b3:9d:f8:63:b5:35:63:b4:4a:fc:
63:c7:29:1b:c3:0c:2a:0d:c5:3a:e9:af:6b:52:7c:
0b:45:f0:2d:f1:59:61:6c:80:97:df:5b:9a:b1:12:
53:06:2c:02:97:d8:90:4d:84:74:f4:73:e8:4d:f7:
7e:2e:56:06:8e:c7:7f:28:f4:0d:c4:cf:51:88:17:
64:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:CE:11:42:9D:0E:82:45:4C:0E:3C:E5:6F:AD:6A:2B:AA:A5:88:C7
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a33383a3a2f34382d3438203d3e20323133373938.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:38::/48
Signature Algorithm: sha256WithRSAEncryption
77:59:a6:a9:6d:10:41:76:2c:9d:ab:cc:39:ab:29:b2:4d:fe:
ab:0d:9e:ab:9d:a8:e7:d3:5e:6a:d9:3d:5a:c2:21:44:5b:ce:
41:c8:41:b1:46:0a:ac:9e:82:92:90:bb:4b:82:97:63:53:c1:
6a:7a:5b:7a:98:a1:f8:48:38:c0:b7:bd:ed:0e:0e:dc:5e:6d:
2d:b3:2c:df:c1:74:9d:5c:5b:13:cb:f1:9e:15:ea:22:3f:26:
80:4b:22:78:bc:e4:16:19:83:39:1c:c7:a9:46:75:be:70:8e:
7b:32:8e:46:72:aa:0b:ec:6c:07:20:aa:12:72:dc:9d:27:02:
1d:0f:e7:0b:54:60:b5:22:b6:ed:bd:64:b4:b0:e4:ae:bf:81:
18:94:8d:08:07:6a:dd:e1:19:94:62:bf:89:a8:e0:37:5f:a3:
89:96:e4:2d:3f:c7:5a:67:74:c9:e4:2d:e8:48:cc:d8:98:6e:
90:48:42:0c:6c:2e:fd:a6:1f:c4:b3:af:a7:e2:1d:c3:4c:16:
28:34:c8:1d:73:c2:61:74:7e:25:07:21:a9:13:65:21:63:11:
cd:af:ec:62:cd:50:a6:7e:61:a8:7d:56:0e:88:b5:de:43:0e:
38:13:4c:b2:9b:11:c5:b1:2d:e9:09:5f:ac:a4:de:b8:93:67:
b9:09:0c:06
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUQhcF9nUyOZothkSSDo9B3Tk/9vUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNjAxMjgwOTM3MDhaFw0yNzAxMjcwOTQyMDhaMDMxMTAvBgNV
BAMTKEY4Q0UxMTQyOUQwRTgyNDU0QzBFM0NFNTZGQUQ2QTJCQUFBNTg4QzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBj6e2dfKjB6h4Y+nUfOoyV9O5
igUELGWbloXshbovxFAdqw4S0e/GCIxcVWZLc5Au1W2MrbG4oQ/SDCWV4vJ5f3rl
Um1Bk80zlpWtFM8PBFagRJPPZ7q0hZpd8D7r/XxAJKkJFlHPY8WIUXUV9kPqNL2o
FTJM1yojXfoq3XAT3jqVGUwh+O177iCcmtzTx02telMSwrBPyI16iauy+ZX5eanT
X+gqDT6itSDbhoXj8lBoDS6bi52rs534Y7U1Y7RK/GPHKRvDDCoNxTrpr2tSfAtF
8C3xWWFsgJffW5qxElMGLAKX2JBNhHT0c+hN934uVgaOx38o9A3Ez1GIF2TrAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQU+M4RQp0OgkVMDjzlb61qK6qliMcwHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzMzM4M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzMTMzMzczOTM4LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAKhEpwAA4MA0GCSqGSIb3DQEBCwUAA4IBAQB3WaapbRBBdiydq8w5qymy
Tf6rDZ6rnajn015q2T1awiFEW85ByEGxRgqsnoKSkLtLgpdjU8Fqelt6mKH4SDjA
t73tDg7cXm0tsyzfwXSdXFsTy/GeFeoiPyaASyJ4vOQWGYM5HMepRnW+cI57Mo5G
cqoL7GwHIKoSctydJwIdD+cLVGC1IrbtvWS0sOSuv4EYlI0IB2rd4RmUYr+JqOA3
X6OJluQtP8daZ3TJ5C3oSMzYmG6QSEIMbC79ph/Es6+n4h3DTBYoNMgdc8JhdH4l
ByGpE2UhYxHNr+xizVCmfmGofVYOiLXeQw44E0yymxHFsS3pCV+spN64k2e5CQwG
-----END CERTIFICATE-----
Generated at Mon Mar 2 11:21:05 2026 by rpki-client