Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a316230303a3a2f34302d3438203d3e20323033313638.roa
File: 326130663a316363353a316230303a3a2f34302d3438203d3e20323033313638.roa (raw, json)
Hash identifier: n/FrxaUizucxu/IouUmXrF5T2EknQZGPu7MIFZUO6D4=
Subject key identifier: 68:6C:6A:AB:01:6B:79:80:21:9F:D2:77:7F:B1:EB:AF:3F:DF:22:14
Certificate issuer: /CN=1be240021a287f298973d9ea28dfc80735fd5800
Certificate serial: 2A693CAEC4640AF67C8271A3D222481FBE1A8778
Authority key identifier: 1B:E2:40:02:1A:28:7F:29:89:73:D9:EA:28:DF:C8:07:35:FD:58:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a316230303a3a2f34302d3438203d3e20323033313638.roa
Signing time: Tue 02 Jun 2026 12:18:10 +0000
ROA not before: Tue 02 Jun 2026 12:13:10 +0000
ROA not after: Tue 01 Jun 2027 12:18:10 +0000
asID: 203168
IP address blocks: 2a0f:1cc5:1b00::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.crl
rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.mft
rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 22:39:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:69:3c:ae:c4:64:0a:f6:7c:82:71:a3:d2:22:48:1f:be:1a:87:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1be240021a287f298973d9ea28dfc80735fd5800
Validity
Not Before: Jun 2 12:13:10 2026 GMT
Not After : Jun 1 12:18:10 2027 GMT
Subject: CN=686C6AAB016B7980219FD2777FB1EBAF3FDF2214
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:58:f4:b3:d9:bc:ef:c9:8d:c1:66:ce:e2:4f:
cb:ba:b2:83:ec:74:f6:99:7b:90:39:4c:2c:53:42:
ee:b4:5a:fd:ac:c3:bc:45:79:f6:5d:f4:a1:9c:f4:
59:00:8b:17:d0:5b:67:ce:75:0a:51:58:63:73:51:
60:f3:22:88:30:75:8a:c4:50:7d:37:08:ba:f6:78:
b2:1b:b2:86:78:e4:6f:02:cb:b4:4c:e8:49:99:11:
7e:d4:42:ef:b7:4a:8a:5c:4c:91:1e:69:0f:99:45:
5e:e4:f5:81:13:7b:ec:6f:c0:73:0e:61:81:52:a2:
00:a8:0c:69:f0:e4:02:0c:1c:91:94:5f:44:23:3c:
9e:de:cf:ea:15:c6:45:07:30:1d:55:71:c0:e0:bc:
2f:3b:2c:0d:1f:95:b8:05:5b:e4:86:fb:9a:09:67:
c8:7d:b1:58:88:40:4c:9d:d8:82:08:3f:a5:9e:d7:
78:d4:3d:a1:9c:01:93:a7:c6:0b:ec:77:1f:4c:1c:
e8:6f:df:48:9a:b3:3b:8a:ce:cd:a3:63:59:8c:08:
45:a9:89:65:7d:2f:e0:fa:26:ba:7a:6a:cf:a7:fd:
a4:9d:2e:e2:61:51:89:98:cf:4f:60:52:71:07:ec:
43:fd:3e:25:4a:dc:e6:31:8e:59:5f:9d:85:19:bd:
cb:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:6C:6A:AB:01:6B:79:80:21:9F:D2:77:7F:B1:EB:AF:3F:DF:22:14
X509v3 Authority Key Identifier:
keyid:1B:E2:40:02:1A:28:7F:29:89:73:D9:EA:28:DF:C8:07:35:FD:58:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a316230303a3a2f34302d3438203d3e20323033313638.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1cc5:1b00::/40
Signature Algorithm: sha256WithRSAEncryption
30:84:cb:4e:d8:e2:b5:f0:21:c0:9e:4a:49:fc:ce:d2:cb:08:
e7:ec:60:35:02:d0:50:36:65:e6:f6:39:33:3b:e4:b3:41:bd:
a6:0c:df:08:7e:86:1f:2d:03:68:0a:d8:81:73:41:26:68:21:
27:8a:b3:ac:59:36:23:82:f0:e0:1b:94:7c:4f:6c:02:c9:9a:
6b:86:3d:ed:b6:51:c8:9a:06:60:99:06:2c:1b:f8:98:2e:d4:
af:be:29:60:57:90:24:34:9c:d8:20:4a:af:9b:93:76:a5:98:
9f:29:92:ba:01:f0:a0:09:c7:58:14:51:8f:ed:a0:18:c4:2e:
0e:6f:a7:77:a3:9e:fb:ac:ec:e2:d6:dd:7e:de:32:67:47:82:
8b:3c:27:0c:5c:43:45:f0:1d:06:e9:03:ba:a7:63:c7:2c:e5:
da:bb:71:33:17:2b:0a:ad:c5:20:1d:be:c6:41:d8:0f:f6:58:
56:b8:79:3c:16:1f:97:34:84:36:1c:78:ef:0c:fc:69:d9:98:
c0:e5:04:f2:a9:ea:88:38:38:ba:04:37:85:37:0f:44:e2:b5:
ba:ff:87:0a:c6:eb:dc:57:0f:55:4b:df:39:c1:51:9e:14:9c:
fc:2c:ef:71:86:95:12:34:d3:e4:2a:a9:e3:48:94:e9:f2:a6:
02:e0:17:ba
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIUKmk8rsRkCvZ8gnGj0iJIH74ah3gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMWJlMjQwMDIxYTI4N2YyOTg5NzNkOWVhMjhkZmM4MDcz
NWZkNTgwMDAeFw0yNjA2MDIxMjEzMTBaFw0yNzA2MDExMjE4MTBaMDMxMTAvBgNV
BAMTKDY4NkM2QUFCMDE2Qjc5ODAyMTlGRDI3NzdGQjFFQkFGM0ZERjIyMTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCUWPSz2bzvyY3BZs7iT8u6soPs
dPaZe5A5TCxTQu60Wv2sw7xFefZd9KGc9FkAixfQW2fOdQpRWGNzUWDzIogwdYrE
UH03CLr2eLIbsoZ45G8Cy7RM6EmZEX7UQu+3SopcTJEeaQ+ZRV7k9YETe+xvwHMO
YYFSogCoDGnw5AIMHJGUX0QjPJ7ez+oVxkUHMB1VccDgvC87LA0flbgFW+SG+5oJ
Z8h9sViIQEyd2IIIP6We13jUPaGcAZOnxgvsdx9MHOhv30iaszuKzs2jY1mMCEWp
iWV9L+D6Jrp6as+n/aSdLuJhUYmYz09gUnEH7EP9PiVK3OYxjllfnYUZvcszAgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQUaGxqqwFreYAhn9J3f7Hrrz/fIhQwHwYDVR0j
BBgwFoAUG+JAAhoofymJc9nqKN/IBzX9WAAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGFmYjVmZTItM2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0
ZjBlLzAvMUJFMjQwMDIxQTI4N0YyOTg5NzNEOUVBMjhERkM4MDczNUZENTgwMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0ctSkFBaG9vZnltSmM5bnFLTl9JQnpY
OVdBQS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGFmYjVmZTIt
M2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0ZjBlLzAvMzI2MTMwNjYzYTMxNjM2MzM1
M2EzMTYyMzAzMDNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDMyMzAzMzMxMzYzOC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw
DgQCAAIwCAMGACoPHMUbMA0GCSqGSIb3DQEBCwUAA4IBAQAwhMtO2OK18CHAnkpJ
/M7Sywjn7GA1AtBQNmXm9jkzO+SzQb2mDN8IfoYfLQNoCtiBc0EmaCEnirOsWTYj
gvDgG5R8T2wCyZprhj3ttlHImgZgmQYsG/iYLtSvvilgV5AkNJzYIEqvm5N2pZif
KZK6AfCgCcdYFFGP7aAYxC4Ob6d3o577rOzi1t1+3jJnR4KLPCcMXENF8B0G6QO6
p2PHLOXau3EzFysKrcUgHb7GQdgP9lhWuHk8Fh+XNIQ2HHjvDPxp2ZjA5QTyqeqI
ODi6BDeFNw9E4rW6/4cKxuvcVw9VS985wVGeFJz8LO9xhpUSNNPkKqnjSJTp8qYC
4Be6
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:34:22 2026 by rpki-client