Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a3230383a3a2f34382d3438203d3e20343031383034.roa
File: 326130663a316363353a3230383a3a2f34382d3438203d3e20343031383034.roa (raw, json)
Hash identifier: EQpCRpN9ibDfHgTaJHEYJFB6B1hk2QAmeIReX+XIClo=
Subject key identifier: BB:0E:D2:C0:D4:98:57:58:69:CB:60:07:82:DD:D9:4B:96:A1:86:FC
Certificate issuer: /CN=411e2d411d687bcb4449c3df45beedc041007d94
Certificate serial: 17110660F37D31DEAC4F514661B065A2081FF425
Authority key identifier: 41:1E:2D:41:1D:68:7B:CB:44:49:C3:DF:45:BE:ED:C0:41:00:7D:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a3230383a3a2f34382d3438203d3e20343031383034.roa
Signing time: Sat 28 Feb 2026 15:07:05 +0000
ROA not before: Sat 28 Feb 2026 15:02:05 +0000
ROA not after: Sat 27 Feb 2027 15:07:05 +0000
asID: 401804
IP address blocks: 2a0f:1cc5:208::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.crl
rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.mft
rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 09:38:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:11:06:60:f3:7d:31:de:ac:4f:51:46:61:b0:65:a2:08:1f:f4:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=411e2d411d687bcb4449c3df45beedc041007d94
Validity
Not Before: Feb 28 15:02:05 2026 GMT
Not After : Feb 27 15:07:05 2027 GMT
Subject: CN=BB0ED2C0D498575869CB600782DDD94B96A186FC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:60:b5:0c:aa:0d:61:de:ab:d8:08:19:09:28:
9e:ad:4b:ab:83:42:0a:a8:58:6a:20:4d:36:59:12:
d8:a8:06:56:58:e9:6f:97:70:e7:48:35:b4:40:e4:
11:1c:a0:e2:0f:a2:dc:f4:57:ee:fb:de:b0:28:81:
35:79:65:e4:b6:ab:c7:e1:d2:5d:46:88:50:65:40:
31:c8:11:e7:2a:09:23:9b:7f:00:76:0f:d6:6b:68:
c9:d2:bf:10:4e:14:8d:cf:04:78:bc:71:d6:12:be:
29:51:14:b0:fd:16:9b:f6:9a:0d:38:aa:fe:2b:d0:
0a:4e:e9:11:07:55:32:ad:27:eb:e4:db:11:09:9f:
8d:b0:6d:df:11:ac:c0:18:95:4d:50:d5:20:4a:93:
86:83:b5:70:b1:c1:ae:3c:82:e3:80:d4:93:84:96:
73:80:3c:8f:8f:b1:77:e6:3e:74:ab:57:7f:d1:47:
23:5f:f9:2a:4f:2e:13:de:d4:b2:9b:9f:56:aa:e1:
a1:bc:00:70:fa:a1:ad:3f:e2:90:5e:60:8e:fd:56:
83:0e:3c:63:03:8c:24:77:5a:53:3b:ef:7a:e3:bd:
c4:ff:dd:1c:24:6e:97:1f:7b:5e:ac:cf:fd:4e:f1:
1e:9d:bf:f3:cc:2b:e7:24:f8:c9:3f:71:c1:3a:75:
ee:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:0E:D2:C0:D4:98:57:58:69:CB:60:07:82:DD:D9:4B:96:A1:86:FC
X509v3 Authority Key Identifier:
keyid:41:1E:2D:41:1D:68:7B:CB:44:49:C3:DF:45:BE:ED:C0:41:00:7D:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a3230383a3a2f34382d3438203d3e20343031383034.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1cc5:208::/48
Signature Algorithm: sha256WithRSAEncryption
95:8a:c1:8f:d6:c3:5b:72:40:76:b8:fc:81:03:1d:22:a5:5e:
7b:9c:74:48:e0:65:14:44:2a:ce:2e:b0:d2:f6:2b:7e:2c:ea:
80:4b:6a:07:ae:c7:0c:f3:32:67:54:0b:3b:68:88:df:65:38:
21:c1:e8:fd:dd:ce:80:4e:36:f8:72:92:27:f1:3f:0b:64:d8:
57:65:69:66:a0:99:43:98:4c:5a:4d:34:c8:78:b3:2d:b5:a8:
a1:b2:36:76:01:0e:2e:5f:74:e9:62:ec:fa:92:d6:37:7a:fd:
5c:fb:04:04:9c:2b:32:81:7c:a6:eb:e3:79:44:60:65:16:40:
d8:78:e8:d1:30:0b:f1:ef:fa:cb:59:4c:0e:73:3d:19:7f:f1:
8e:51:d9:19:67:3c:80:32:dc:ed:fc:15:c7:e8:5d:14:77:e1:
49:4c:e1:91:90:e6:2b:f3:c9:5f:c5:5a:4c:97:6e:eb:48:7e:
a2:b5:87:ad:01:e8:17:cf:8a:45:1d:00:24:bf:7b:e9:4f:5a:
b2:85:8e:b4:2a:db:4a:a1:e7:a4:0a:62:76:64:9c:b6:d2:d6:
27:64:2d:54:6f:4f:0d:38:f7:6f:6c:fb:0b:32:60:56:a2:38:
64:35:e2:35:b8:9c:2e:8f:be:0d:40:9d:c4:83:12:33:31:d9:
13:87:3a:cf
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgIUFxEGYPN9Md6sT1FGYbBloggf9CUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDExZTJkNDExZDY4N2JjYjQ0NDljM2RmNDViZWVkYzA0
MTAwN2Q5NDAeFw0yNjAyMjgxNTAyMDVaFw0yNzAyMjcxNTA3MDVaMDMxMTAvBgNV
BAMTKEJCMEVEMkMwRDQ5ODU3NTg2OUNCNjAwNzgyREREOTRCOTZBMTg2RkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgYLUMqg1h3qvYCBkJKJ6tS6uD
QgqoWGogTTZZEtioBlZY6W+XcOdINbRA5BEcoOIPotz0V+773rAogTV5ZeS2q8fh
0l1GiFBlQDHIEecqCSObfwB2D9ZraMnSvxBOFI3PBHi8cdYSvilRFLD9Fpv2mg04
qv4r0ApO6REHVTKtJ+vk2xEJn42wbd8RrMAYlU1Q1SBKk4aDtXCxwa48guOA1JOE
lnOAPI+PsXfmPnSrV3/RRyNf+SpPLhPe1LKbn1aq4aG8AHD6oa0/4pBeYI79VoMO
PGMDjCR3WlM773rjvcT/3Rwkbpcfe16sz/1O8R6dv/PMK+ck+Mk/ccE6de75AgMB
AAGjggJIMIICRDAdBgNVHQ4EFgQUuw7SwNSYV1hpy2AHgt3ZS5ahhvwwHwYDVR0j
BBgwFoAUQR4tQR1oe8tEScPfRb7twEEAfZQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGFmYjVmZTItM2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0
ZjBlLzAvNDExRTJENDExRDY4N0JDQjQ0NDlDM0RGNDVCRUVEQzA0MTAwN0Q5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1FSNHRRUjFvZTh0RVNjUGZSYjd0d0VF
QWZaUS5jZXIwgbUGCCsGAQUFBwELBIGoMIGlMIGiBggrBgEFBQcwC4aBlXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGFmYjVmZTIt
M2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0ZjBlLzAvMzI2MTMwNjYzYTMxNjM2MzM1
M2EzMjMwMzgzYTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzNDMwMzEzODMwMzQucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8E
AgACMAkDBwAqDxzFAggwDQYJKoZIhvcNAQELBQADggEBAJWKwY/Ww1tyQHa4/IED
HSKlXnucdEjgZRREKs4usNL2K34s6oBLageuxwzzMmdUCztoiN9lOCHB6P3dzoBO
NvhykifxPwtk2FdlaWagmUOYTFpNNMh4sy21qKGyNnYBDi5fdOli7PqS1jd6/Vz7
BAScKzKBfKbr43lEYGUWQNh46NEwC/Hv+stZTA5zPRl/8Y5R2RlnPIAy3O38Fcfo
XRR34UlM4ZGQ5ivzyV/FWkyXbutIfqK1h60B6BfPikUdACS/e+lPWrKFjrQq20qh
56QKYnZknLbS1idkLVRvTw04929s+wsyYFaiOGQ14jW4nC6Pvg1AncSDEjMx2ROH
Os8=
-----END CERTIFICATE-----
Generated at Sun Mar 1 20:07:01 2026 by rpki-client