Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a316130303a3a2f34302d3438203d3e20323030343535.roa
File: 326130663a316363353a316130303a3a2f34302d3438203d3e20323030343535.roa (raw, json)
Hash identifier: pFBJLhy/8/i2+lFt7VjErGMv2PrWoTFKWca3PSkeG+M=
Subject key identifier: D4:EB:AD:D9:BF:EA:F7:18:C5:71:1B:B1:A9:A3:EA:F9:89:3B:97:10
Certificate issuer: /CN=1be240021a287f298973d9ea28dfc80735fd5800
Certificate serial: 10414D41E215BFA247B8BEFB5C8CF62FE2FE70AA
Authority key identifier: 1B:E2:40:02:1A:28:7F:29:89:73:D9:EA:28:DF:C8:07:35:FD:58:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a316130303a3a2f34302d3438203d3e20323030343535.roa
Signing time: Tue 02 Jun 2026 12:18:22 +0000
ROA not before: Tue 02 Jun 2026 12:13:22 +0000
ROA not after: Tue 01 Jun 2027 12:18:22 +0000
asID: 200455
IP address blocks: 2a0f:1cc5:1a00::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.crl
rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.mft
rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 22:39:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:41:4d:41:e2:15:bf:a2:47:b8:be:fb:5c:8c:f6:2f:e2:fe:70:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1be240021a287f298973d9ea28dfc80735fd5800
Validity
Not Before: Jun 2 12:13:22 2026 GMT
Not After : Jun 1 12:18:22 2027 GMT
Subject: CN=D4EBADD9BFEAF718C5711BB1A9A3EAF9893B9710
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:e0:ac:4f:d9:2e:1f:28:38:0a:4b:48:e6:3f:
21:e8:25:9d:25:ed:48:e4:8d:cf:67:1e:26:01:9d:
d0:50:c1:a4:41:ba:a3:7a:52:58:e9:bd:f8:e8:65:
bc:7d:93:3b:ee:a2:ca:02:df:01:29:5b:d5:44:3e:
2e:32:2b:db:58:81:22:c9:62:ff:89:6a:c8:1c:05:
4a:eb:3f:09:59:4d:98:60:36:7f:d6:7b:82:6c:15:
91:b9:14:cd:7d:e2:e8:2a:6a:c0:66:29:41:61:0c:
9f:78:b9:56:68:7e:24:24:fb:98:f0:ba:a5:7b:5a:
47:b5:fc:35:9b:69:ed:d7:31:a8:2f:11:db:13:5f:
43:28:7a:77:90:cd:18:13:25:b8:4e:b6:4e:90:58:
74:87:8a:07:af:c7:ae:10:56:19:11:fc:e6:e3:b1:
f3:4c:62:66:96:56:73:65:06:f6:fe:bc:85:a7:58:
81:49:9b:28:06:dd:29:06:2b:82:c0:ca:26:d6:9b:
8d:28:25:df:cd:8a:ef:e0:3d:ff:10:b6:ee:0a:0f:
56:e1:b6:02:8f:e7:02:70:49:d3:93:4d:ef:8c:ab:
45:81:61:e1:e0:b2:e2:ba:b0:92:3c:e3:cb:f0:51:
73:fe:c3:97:6c:a9:82:1c:14:4a:7b:17:2e:f3:6f:
fe:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:EB:AD:D9:BF:EA:F7:18:C5:71:1B:B1:A9:A3:EA:F9:89:3B:97:10
X509v3 Authority Key Identifier:
keyid:1B:E2:40:02:1A:28:7F:29:89:73:D9:EA:28:DF:C8:07:35:FD:58:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a316130303a3a2f34302d3438203d3e20323030343535.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1cc5:1a00::/40
Signature Algorithm: sha256WithRSAEncryption
36:6e:70:01:73:89:6f:16:48:bb:d3:da:a9:12:3a:12:5d:50:
f1:be:15:cd:60:02:15:59:cf:bd:45:73:1a:79:58:76:84:80:
65:74:93:db:2e:ff:54:ee:21:d1:3e:f8:8c:4e:95:24:1f:83:
64:b5:59:ed:e3:a2:a3:18:da:24:6d:80:4e:26:81:5e:d1:2b:
0e:8e:71:9e:41:56:6d:ec:c9:cb:75:92:2c:3e:4c:6c:77:b9:
db:b9:73:c6:55:8e:23:19:a4:06:c1:32:9b:8a:ea:67:43:36:
2b:30:66:1d:56:84:60:5e:e3:e5:e0:22:03:ea:1a:bb:27:a0:
5c:6d:d4:4b:70:40:77:d5:d3:84:65:df:3b:43:d7:14:8c:52:
cd:6e:09:6c:cb:a0:92:07:43:cc:21:a3:56:cb:2d:dc:4f:c4:
d2:e3:5d:85:16:0f:34:43:ec:17:14:0d:4c:8d:05:1c:08:ee:
06:ed:c6:5f:60:22:0d:31:3d:5b:cf:d2:57:82:cd:80:b0:c5:
f1:f5:04:e0:e1:64:36:e2:3c:13:57:43:fa:cf:28:81:51:df:
87:bc:8c:2d:dd:c8:94:0c:da:89:3f:c9:d5:a4:13:72:42:ef:
6e:b6:d8:e8:e0:b2:74:43:b2:37:61:86:7c:26:98:69:f2:82:
2c:cd:dd:f5
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIUEEFNQeIVv6JHuL77XIz2L+L+cKowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMWJlMjQwMDIxYTI4N2YyOTg5NzNkOWVhMjhkZmM4MDcz
NWZkNTgwMDAeFw0yNjA2MDIxMjEzMjJaFw0yNzA2MDExMjE4MjJaMDMxMTAvBgNV
BAMTKEQ0RUJBREQ5QkZFQUY3MThDNTcxMUJCMUE5QTNFQUY5ODkzQjk3MTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCb4KxP2S4fKDgKS0jmPyHoJZ0l
7Ujkjc9nHiYBndBQwaRBuqN6UljpvfjoZbx9kzvuosoC3wEpW9VEPi4yK9tYgSLJ
Yv+JasgcBUrrPwlZTZhgNn/We4JsFZG5FM194ugqasBmKUFhDJ94uVZofiQk+5jw
uqV7Wke1/DWbae3XMagvEdsTX0MoeneQzRgTJbhOtk6QWHSHigevx64QVhkR/Obj
sfNMYmaWVnNlBvb+vIWnWIFJmygG3SkGK4LAyibWm40oJd/Niu/gPf8Qtu4KD1bh
tgKP5wJwSdOTTe+Mq0WBYeHgsuK6sJI848vwUXP+w5dsqYIcFEp7Fy7zb/4VAgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQU1Out2b/q9xjFcRuxqaPq+Yk7lxAwHwYDVR0j
BBgwFoAUG+JAAhoofymJc9nqKN/IBzX9WAAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGFmYjVmZTItM2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0
ZjBlLzAvMUJFMjQwMDIxQTI4N0YyOTg5NzNEOUVBMjhERkM4MDczNUZENTgwMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0ctSkFBaG9vZnltSmM5bnFLTl9JQnpY
OVdBQS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGFmYjVmZTIt
M2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0ZjBlLzAvMzI2MTMwNjYzYTMxNjM2MzM1
M2EzMTYxMzAzMDNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDMyMzAzMDM0MzUzNS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw
DgQCAAIwCAMGACoPHMUaMA0GCSqGSIb3DQEBCwUAA4IBAQA2bnABc4lvFki709qp
EjoSXVDxvhXNYAIVWc+9RXMaeVh2hIBldJPbLv9U7iHRPviMTpUkH4NktVnt46Kj
GNokbYBOJoFe0SsOjnGeQVZt7MnLdZIsPkxsd7nbuXPGVY4jGaQGwTKbiupnQzYr
MGYdVoRgXuPl4CID6hq7J6BcbdRLcEB31dOEZd87Q9cUjFLNbglsy6CSB0PMIaNW
yy3cT8TS412FFg80Q+wXFA1MjQUcCO4G7cZfYCINMT1bz9JXgs2AsMXx9QTg4WQ2
4jwTV0P6zyiBUd+HvIwt3ciUDNqJP8nVpBNyQu9uttjo4LJ0Q7I3YYZ8Jphp8oIs
zd31
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:36:26 2026 by rpki-client