Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a3230303a3a2f34302d3438203d3e20323033313638.roa
File: 326130663a316363353a3230303a3a2f34302d3438203d3e20323033313638.roa (raw, json)
Hash identifier: oWWNhYeUqK5tX8A6hUKFeeajPybOXsVr35dNGCkercA=
Subject key identifier: CB:FE:1F:48:36:E3:DA:6A:AD:4D:9A:FE:F6:54:53:6F:1E:41:B6:F1
Certificate issuer: /CN=1be240021a287f298973d9ea28dfc80735fd5800
Certificate serial: 19ACC79267497F0EE4D0E6DED539B5DB7A606C20
Authority key identifier: 1B:E2:40:02:1A:28:7F:29:89:73:D9:EA:28:DF:C8:07:35:FD:58:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a3230303a3a2f34302d3438203d3e20323033313638.roa
Signing time: Tue 02 Jun 2026 12:18:11 +0000
ROA not before: Tue 02 Jun 2026 12:13:11 +0000
ROA not after: Tue 01 Jun 2027 12:18:11 +0000
asID: 203168
IP address blocks: 2a0f:1cc5:200::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.crl
rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.mft
rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 22:39:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:ac:c7:92:67:49:7f:0e:e4:d0:e6:de:d5:39:b5:db:7a:60:6c:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1be240021a287f298973d9ea28dfc80735fd5800
Validity
Not Before: Jun 2 12:13:11 2026 GMT
Not After : Jun 1 12:18:11 2027 GMT
Subject: CN=CBFE1F4836E3DA6AAD4D9AFEF654536F1E41B6F1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:d9:2e:ee:40:c5:d5:6d:9a:7d:65:19:a4:19:
75:d1:8f:e1:7d:de:4e:f1:f9:a8:9b:07:41:7d:bf:
8d:f5:1a:19:9a:46:9c:73:49:04:fc:06:d3:09:7f:
29:1b:ea:09:a9:6e:85:32:fa:53:24:36:e8:99:f5:
90:ef:4d:02:0e:06:57:58:03:4d:50:c5:f3:95:47:
78:c9:8c:83:fc:51:ea:57:50:07:d6:7e:67:97:cd:
16:80:08:91:a6:b4:41:39:d3:69:8f:90:a6:93:50:
2c:a4:e1:a0:3c:fa:e0:a2:41:63:04:a2:64:c1:7f:
53:30:0c:26:d9:0a:a4:ba:56:dc:7c:7e:84:78:84:
28:30:77:17:46:d2:83:91:99:44:b0:eb:69:b0:4e:
a0:5d:cc:8f:dd:dd:7b:ef:86:8a:b3:90:fe:48:31:
bc:8b:71:75:b7:d6:55:f2:62:bf:b5:44:69:0a:a3:
22:38:c4:af:d2:60:36:f0:c4:c0:4f:76:fe:5b:37:
7c:fd:ee:86:83:e8:b3:a4:db:73:27:bd:36:fa:da:
7e:25:ac:5f:b7:e7:89:67:34:c1:fa:fa:30:66:d9:
18:cc:45:b1:8c:b2:3f:c0:dd:7e:fb:57:9c:11:41:
a7:97:b1:1c:99:7b:55:66:04:d9:b3:4c:56:7c:f8:
ff:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:FE:1F:48:36:E3:DA:6A:AD:4D:9A:FE:F6:54:53:6F:1E:41:B6:F1
X509v3 Authority Key Identifier:
keyid:1B:E2:40:02:1A:28:7F:29:89:73:D9:EA:28:DF:C8:07:35:FD:58:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a3230303a3a2f34302d3438203d3e20323033313638.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1cc5:200::/40
Signature Algorithm: sha256WithRSAEncryption
52:22:62:da:54:15:bf:17:13:61:02:6b:8f:7a:72:d8:eb:b2:
40:a6:ee:a2:38:ce:43:d5:a1:0e:18:47:61:1f:44:d5:29:49:
ae:eb:75:ad:bc:a7:35:88:a3:b9:7d:ff:42:16:e0:0d:25:ec:
de:4c:9c:51:15:2b:52:34:56:a5:96:ac:51:c0:e0:64:f6:a3:
d4:bf:68:e3:b3:12:e6:d6:36:ab:58:e3:ad:46:7a:37:57:a2:
35:19:43:a6:f5:34:e7:6b:9f:89:5d:55:30:a1:57:58:09:d4:
b7:33:c3:09:c5:ac:ee:f5:5d:18:03:88:f2:3f:5f:ba:ae:78:
a0:81:8e:87:44:85:f3:d8:1d:94:e4:e8:6c:f8:1b:c4:cd:27:
9d:dc:c1:71:19:d6:23:f1:a7:13:a5:47:6a:e3:19:b4:e5:43:
5e:ba:a9:32:53:f9:b1:e5:25:f1:78:0f:79:87:16:08:00:75:
06:af:cc:23:83:ff:7c:e5:fc:36:3b:16:ce:8a:a4:3b:ef:a5:
97:87:20:94:4c:b5:9c:06:e2:b1:ce:7a:c6:12:48:b9:14:0c:
53:65:07:73:47:34:0f:30:1f:9c:f5:ad:6b:81:60:48:31:4a:
a9:81:38:b8:c5:93:21:28:2b:0b:b0:a2:5e:aa:08:e0:4c:14:
30:b4:b6:2a
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIUGazHkmdJfw7k0Obe1Tm123pgbCAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMWJlMjQwMDIxYTI4N2YyOTg5NzNkOWVhMjhkZmM4MDcz
NWZkNTgwMDAeFw0yNjA2MDIxMjEzMTFaFw0yNzA2MDExMjE4MTFaMDMxMTAvBgNV
BAMTKENCRkUxRjQ4MzZFM0RBNkFBRDREOUFGRUY2NTQ1MzZGMUU0MUI2RjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC42S7uQMXVbZp9ZRmkGXXRj+F9
3k7x+aibB0F9v431GhmaRpxzSQT8BtMJfykb6gmpboUy+lMkNuiZ9ZDvTQIOBldY
A01QxfOVR3jJjIP8UepXUAfWfmeXzRaACJGmtEE502mPkKaTUCyk4aA8+uCiQWME
omTBf1MwDCbZCqS6Vtx8foR4hCgwdxdG0oORmUSw62mwTqBdzI/d3XvvhoqzkP5I
MbyLcXW31lXyYr+1RGkKoyI4xK/SYDbwxMBPdv5bN3z97oaD6LOk23MnvTb62n4l
rF+354lnNMH6+jBm2RjMRbGMsj/A3X77V5wRQaeXsRyZe1VmBNmzTFZ8+P+vAgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQUy/4fSDbj2mqtTZr+9lRTbx5BtvEwHwYDVR0j
BBgwFoAUG+JAAhoofymJc9nqKN/IBzX9WAAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGFmYjVmZTItM2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0
ZjBlLzAvMUJFMjQwMDIxQTI4N0YyOTg5NzNEOUVBMjhERkM4MDczNUZENTgwMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0ctSkFBaG9vZnltSmM5bnFLTl9JQnpY
OVdBQS5jZXIwgbUGCCsGAQUFBwELBIGoMIGlMIGiBggrBgEFBQcwC4aBlXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGFmYjVmZTIt
M2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0ZjBlLzAvMzI2MTMwNjYzYTMxNjM2MzM1
M2EzMjMwMzAzYTNhMmYzNDMwMmQzNDM4MjAzZDNlMjAzMjMwMzMzMTM2Mzgucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4E
AgACMAgDBgAqDxzFAjANBgkqhkiG9w0BAQsFAAOCAQEAUiJi2lQVvxcTYQJrj3py
2OuyQKbuojjOQ9WhDhhHYR9E1SlJrut1rbynNYijuX3/QhbgDSXs3kycURUrUjRW
pZasUcDgZPaj1L9o47MS5tY2q1jjrUZ6N1eiNRlDpvU052ufiV1VMKFXWAnUtzPD
CcWs7vVdGAOI8j9fuq54oIGOh0SF89gdlOTobPgbxM0nndzBcRnWI/GnE6VHauMZ
tOVDXrqpMlP5seUl8XgPeYcWCAB1Bq/MI4P/fOX8NjsWzoqkO++ll4cglEy1nAbi
sc56xhJIuRQMU2UHc0c0DzAfnPWta4FgSDFKqYE4uMWTISgrC7CiXqoI4EwUMLS2
Kg==
-----END CERTIFICATE-----
Generated at Sat Jun 13 06:57:30 2026 by rpki-client