Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a3230303a3a2f34302d3438203d3e20323135313732.roa
File: 326130663a316363353a3230303a3a2f34302d3438203d3e20323135313732.roa (raw, json)
Hash identifier: PRSYLwFF4xwAEb5r/6xUu4LMv7PMKy0ruO343WmGdUw=
Subject key identifier: 38:18:30:D0:B7:43:CB:06:1F:E6:49:43:D4:B4:8C:ED:73:AE:43:15
Certificate issuer: /CN=1be240021a287f298973d9ea28dfc80735fd5800
Certificate serial: 6B89AF26A674B34FBB39F29A711AD28525185BBA
Authority key identifier: 1B:E2:40:02:1A:28:7F:29:89:73:D9:EA:28:DF:C8:07:35:FD:58:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a3230303a3a2f34302d3438203d3e20323135313732.roa
Signing time: Tue 02 Jun 2026 12:18:20 +0000
ROA not before: Tue 02 Jun 2026 12:13:20 +0000
ROA not after: Tue 01 Jun 2027 12:18:20 +0000
asID: 215172
IP address blocks: 2a0f:1cc5:200::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.crl
rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.mft
rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:89:af:26:a6:74:b3:4f:bb:39:f2:9a:71:1a:d2:85:25:18:5b:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1be240021a287f298973d9ea28dfc80735fd5800
Validity
Not Before: Jun 2 12:13:20 2026 GMT
Not After : Jun 1 12:18:20 2027 GMT
Subject: CN=381830D0B743CB061FE64943D4B48CED73AE4315
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:eb:28:0d:d7:cf:6c:5a:d0:b5:d8:52:a4:f2:
f7:d1:35:45:dc:d5:83:87:00:a1:7a:fd:1c:71:d5:
91:fd:d5:9a:08:a1:a1:ed:d5:a4:a4:87:4a:15:7a:
69:36:51:35:db:70:fb:a8:62:fc:f3:3e:bd:e9:4b:
05:43:64:52:37:9c:2b:71:cd:04:99:e4:a3:6e:c8:
32:cc:92:c3:ad:e9:33:ea:db:55:47:5e:f3:63:11:
30:bd:31:76:5b:60:54:17:91:63:d6:9e:56:a5:cc:
23:57:80:33:c4:c8:cd:c0:7d:84:ef:7b:ab:27:47:
dc:11:d8:8f:08:df:f8:fc:73:21:50:59:41:ed:63:
a9:75:0a:85:cb:2a:b7:48:6d:26:03:62:e2:5a:e2:
c3:fb:78:e3:ba:c0:e1:8e:83:ca:c9:30:e3:77:3f:
7d:56:7e:07:1a:a0:50:41:f3:fd:c3:00:da:38:bb:
e6:52:92:a3:94:33:7f:85:1e:50:83:66:b3:17:2b:
fa:13:89:9a:f4:d8:22:22:92:a9:7f:f4:f0:04:a1:
ff:d7:da:8c:8a:b7:73:d9:f9:32:f6:9a:a4:7f:ca:
af:fb:c9:07:60:1f:dc:cf:d3:0e:1c:fb:83:aa:f2:
20:55:9c:02:c4:b3:ce:03:07:e3:c1:7f:59:a3:1d:
80:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:18:30:D0:B7:43:CB:06:1F:E6:49:43:D4:B4:8C:ED:73:AE:43:15
X509v3 Authority Key Identifier:
keyid:1B:E2:40:02:1A:28:7F:29:89:73:D9:EA:28:DF:C8:07:35:FD:58:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a3230303a3a2f34302d3438203d3e20323135313732.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1cc5:200::/40
Signature Algorithm: sha256WithRSAEncryption
20:08:81:3e:19:da:9d:0a:ba:53:30:bc:41:99:61:4d:a3:38:
3c:95:70:22:dc:07:fd:27:69:f9:9e:3f:26:ae:85:86:57:a9:
f4:58:a3:17:e9:5e:1b:34:ef:98:90:97:09:c0:f9:9d:02:49:
2a:0e:b9:31:ec:71:4b:0a:32:51:29:61:22:a5:9a:e7:65:a3:
cd:d4:87:75:60:e5:9b:08:54:35:c2:94:d6:60:3e:1a:94:9f:
47:32:4d:6e:aa:c0:7a:ed:8a:1d:92:17:c5:cb:ef:6e:63:48:
5e:a8:24:01:3f:d8:63:a4:fd:4e:95:89:83:ee:37:33:92:31:
c3:1d:96:51:4a:7b:d8:d3:6f:61:1a:45:8c:5f:b6:e7:d3:95:
a5:a5:6e:11:a9:7f:89:45:7e:19:a2:55:d8:cd:97:a0:80:aa:
dd:80:b2:b4:75:eb:f2:cd:94:da:2e:85:32:ad:97:96:75:33:
d5:62:a9:b2:31:4f:94:69:96:94:c6:13:a4:d5:1f:e5:42:53:
e4:07:f2:ca:30:e4:90:7c:09:92:6b:11:71:ae:8d:23:32:e3:
7f:b9:6f:74:a8:59:a7:5a:ab:ca:d1:4c:30:93:9b:f6:55:8e:
ac:28:70:3d:10:da:6a:0f:07:5d:9d:60:88:df:47:a6:61:57:
8e:c1:d9:11
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIUa4mvJqZ0s0+7OfKacRrShSUYW7owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMWJlMjQwMDIxYTI4N2YyOTg5NzNkOWVhMjhkZmM4MDcz
NWZkNTgwMDAeFw0yNjA2MDIxMjEzMjBaFw0yNzA2MDExMjE4MjBaMDMxMTAvBgNV
BAMTKDM4MTgzMEQwQjc0M0NCMDYxRkU2NDk0M0Q0QjQ4Q0VENzNBRTQzMTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDH6ygN189sWtC12FKk8vfRNUXc
1YOHAKF6/Rxx1ZH91ZoIoaHt1aSkh0oVemk2UTXbcPuoYvzzPr3pSwVDZFI3nCtx
zQSZ5KNuyDLMksOt6TPq21VHXvNjETC9MXZbYFQXkWPWnlalzCNXgDPEyM3AfYTv
e6snR9wR2I8I3/j8cyFQWUHtY6l1CoXLKrdIbSYDYuJa4sP7eOO6wOGOg8rJMON3
P31WfgcaoFBB8/3DANo4u+ZSkqOUM3+FHlCDZrMXK/oTiZr02CIikql/9PAEof/X
2oyKt3PZ+TL2mqR/yq/7yQdgH9zP0w4c+4Oq8iBVnALEs84DB+PBf1mjHYCJAgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQUOBgw0LdDywYf5klD1LSM7XOuQxUwHwYDVR0j
BBgwFoAUG+JAAhoofymJc9nqKN/IBzX9WAAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGFmYjVmZTItM2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0
ZjBlLzAvMUJFMjQwMDIxQTI4N0YyOTg5NzNEOUVBMjhERkM4MDczNUZENTgwMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0ctSkFBaG9vZnltSmM5bnFLTl9JQnpY
OVdBQS5jZXIwgbUGCCsGAQUFBwELBIGoMIGlMIGiBggrBgEFBQcwC4aBlXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGFmYjVmZTIt
M2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0ZjBlLzAvMzI2MTMwNjYzYTMxNjM2MzM1
M2EzMjMwMzAzYTNhMmYzNDMwMmQzNDM4MjAzZDNlMjAzMjMxMzUzMTM3MzIucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4E
AgACMAgDBgAqDxzFAjANBgkqhkiG9w0BAQsFAAOCAQEAIAiBPhnanQq6UzC8QZlh
TaM4PJVwItwH/Sdp+Z4/Jq6Fhlep9FijF+leGzTvmJCXCcD5nQJJKg65MexxSwoy
USlhIqWa52WjzdSHdWDlmwhUNcKU1mA+GpSfRzJNbqrAeu2KHZIXxcvvbmNIXqgk
AT/YY6T9TpWJg+43M5Ixwx2WUUp72NNvYRpFjF+259OVpaVuEal/iUV+GaJV2M2X
oICq3YCytHXr8s2U2i6FMq2XlnUz1WKpsjFPlGmWlMYTpNUf5UJT5AfyyjDkkHwJ
kmsRca6NIzLjf7lvdKhZp1qrytFMMJOb9lWOrChwPRDaag8HXZ1giN9HpmFXjsHZ
EQ==
-----END CERTIFICATE-----
Generated at Sat Jun 13 15:27:47 2026 by rpki-client