Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363313a3a2f33322d3438203d3e20323033333134.roa
File: 326130663a316363313a3a2f33322d3438203d3e20323033333134.roa (raw, json)
Hash identifier: XausgE/zmUsL/WWaCo12XSmzCTXl+X2v27QH5i6aliU=
Subject key identifier: 0F:49:8D:12:D3:D5:83:36:F0:65:66:40:55:EC:52:37:51:DD:BF:46
Certificate issuer: /CN=1be240021a287f298973d9ea28dfc80735fd5800
Certificate serial: 462320AC52792B0BD40E93DA9AF1166E8D54D674
Authority key identifier: 1B:E2:40:02:1A:28:7F:29:89:73:D9:EA:28:DF:C8:07:35:FD:58:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363313a3a2f33322d3438203d3e20323033333134.roa
Signing time: Tue 02 Jun 2026 12:18:09 +0000
ROA not before: Tue 02 Jun 2026 12:13:09 +0000
ROA not after: Tue 01 Jun 2027 12:18:09 +0000
asID: 203314
IP address blocks: 2a0f:1cc1::/32 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.crl
rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.mft
rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 22:39:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:23:20:ac:52:79:2b:0b:d4:0e:93:da:9a:f1:16:6e:8d:54:d6:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1be240021a287f298973d9ea28dfc80735fd5800
Validity
Not Before: Jun 2 12:13:09 2026 GMT
Not After : Jun 1 12:18:09 2027 GMT
Subject: CN=0F498D12D3D58336F065664055EC523751DDBF46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:4d:61:04:6b:35:d6:a5:11:4f:64:be:3a:0e:
dc:4f:21:57:52:79:fa:cd:10:3b:ae:3d:17:63:91:
ed:96:77:2d:a2:80:9b:0d:bf:b0:e2:c1:c5:7a:ac:
80:47:c5:a1:d6:80:b0:79:3a:29:fc:4b:8d:5f:a4:
51:bb:f2:0b:3e:c6:35:50:e2:aa:b6:fb:77:0a:67:
7c:25:e7:47:24:31:94:1d:04:50:9e:37:96:72:2e:
6a:54:c6:c0:09:50:96:7f:d6:f3:b2:93:ae:5f:ac:
76:f5:26:d9:b6:7c:b3:0e:99:8b:1d:72:ac:12:41:
e9:84:03:29:9a:5f:e0:c2:97:e9:de:60:64:99:b6:
e8:0c:87:5a:42:fe:4f:dd:73:1b:8e:4c:b6:c0:f6:
c2:1f:10:cd:53:56:0b:6b:3a:4c:b6:1b:11:54:14:
5f:c4:ce:73:ff:7a:70:55:98:b2:3f:c4:45:b3:3e:
40:40:71:84:f2:04:fd:0b:9b:8a:26:64:58:63:9c:
c0:68:0e:c0:15:d1:3d:30:e2:d3:05:db:47:2d:c6:
6e:d3:46:34:c2:eb:ef:49:a7:48:41:13:2f:66:4f:
6b:a8:bf:96:5f:c8:c1:b9:0d:d4:1b:d7:2c:4c:3e:
84:67:df:b9:3b:bd:20:c4:45:f5:33:a1:73:5d:f3:
be:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:49:8D:12:D3:D5:83:36:F0:65:66:40:55:EC:52:37:51:DD:BF:46
X509v3 Authority Key Identifier:
keyid:1B:E2:40:02:1A:28:7F:29:89:73:D9:EA:28:DF:C8:07:35:FD:58:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363313a3a2f33322d3438203d3e20323033333134.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1cc1::/32
Signature Algorithm: sha256WithRSAEncryption
5a:87:ff:74:6e:85:05:0a:83:81:f7:55:48:31:96:01:ee:db:
5b:f5:6b:01:ab:0d:f6:cb:1a:d3:ff:4d:47:dc:0c:31:3e:93:
71:32:92:fc:e1:ce:c9:14:1e:eb:ed:bf:5d:89:c4:71:99:34:
1e:55:63:fb:3e:81:ab:04:7e:ce:11:3d:3b:e4:be:7c:f9:84:
02:f4:37:ab:71:e3:4a:c1:f9:c5:49:78:e3:80:19:64:42:cf:
5a:b4:89:f7:28:04:c3:1b:93:38:11:d0:b2:69:14:07:45:70:
8b:be:76:27:a9:6c:fd:c7:90:69:9c:1c:46:21:21:3a:51:82:
9b:05:10:20:d3:db:a1:80:2f:3a:8d:9f:79:a6:da:26:e7:b0:
40:fe:bc:10:6f:59:69:5d:fd:00:6c:4b:96:9e:21:ba:c1:3f:
66:0e:83:cb:5d:7f:d0:ca:c0:f6:28:d3:32:a3:d7:ea:b9:37:
e8:f4:ed:73:10:70:0b:50:96:cb:bb:f3:55:37:a6:65:8d:b0:
39:c8:cd:d6:39:8c:37:f7:e5:45:ef:6d:0f:e3:d0:3c:3e:c6:
e4:a6:17:49:77:0c:20:db:3c:3a:b9:71:43:2f:18:4f:23:d3:
03:4b:1d:c9:18:98:70:7e:40:d0:2f:cb:39:8d:f0:d2:53:23:
1f:30:f5:bb
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIURiMgrFJ5KwvUDpPamvEWbo1U1nQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMWJlMjQwMDIxYTI4N2YyOTg5NzNkOWVhMjhkZmM4MDcz
NWZkNTgwMDAeFw0yNjA2MDIxMjEzMDlaFw0yNzA2MDExMjE4MDlaMDMxMTAvBgNV
BAMTKDBGNDk4RDEyRDNENTgzMzZGMDY1NjY0MDU1RUM1MjM3NTFEREJGNDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCHTWEEazXWpRFPZL46DtxPIVdS
efrNEDuuPRdjke2Wdy2igJsNv7DiwcV6rIBHxaHWgLB5Oin8S41fpFG78gs+xjVQ
4qq2+3cKZ3wl50ckMZQdBFCeN5ZyLmpUxsAJUJZ/1vOyk65frHb1Jtm2fLMOmYsd
cqwSQemEAymaX+DCl+neYGSZtugMh1pC/k/dcxuOTLbA9sIfEM1TVgtrOky2GxFU
FF/EznP/enBVmLI/xEWzPkBAcYTyBP0Lm4omZFhjnMBoDsAV0T0w4tMF20ctxm7T
RjTC6+9Jp0hBEy9mT2uov5ZfyMG5DdQb1yxMPoRn37k7vSDERfUzoXNd876hAgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQUD0mNEtPVgzbwZWZAVexSN1Hdv0YwHwYDVR0j
BBgwFoAUG+JAAhoofymJc9nqKN/IBzX9WAAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGFmYjVmZTItM2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0
ZjBlLzAvMUJFMjQwMDIxQTI4N0YyOTg5NzNEOUVBMjhERkM4MDczNUZENTgwMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0ctSkFBaG9vZnltSmM5bnFLTl9JQnpY
OVdBQS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGFmYjVmZTIt
M2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0ZjBlLzAvMzI2MTMwNjYzYTMxNjM2MzMx
M2EzYTJmMzMzMjJkMzQzODIwM2QzZTIwMzIzMDMzMzMzMTM0LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUA
Kg8cwTANBgkqhkiG9w0BAQsFAAOCAQEAWof/dG6FBQqDgfdVSDGWAe7bW/VrAasN
9ssa0/9NR9wMMT6TcTKS/OHOyRQe6+2/XYnEcZk0HlVj+z6BqwR+zhE9O+S+fPmE
AvQ3q3HjSsH5xUl444AZZELPWrSJ9ygEwxuTOBHQsmkUB0Vwi752J6ls/ceQaZwc
RiEhOlGCmwUQINPboYAvOo2feabaJuewQP68EG9ZaV39AGxLlp4husE/Zg6Dy11/
0MrA9ijTMqPX6rk36PTtcxBwC1CWy7vzVTemZY2wOcjN1jmMN/flRe9tD+PQPD7G
5KYXSXcMINs8OrlxQy8YTyPTA0sdyRiYcH5A0C/LOY3w0lMjHzD1uw==
-----END CERTIFICATE-----
Generated at Sat Jun 13 13:22:03 2026 by rpki-client