Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a32303a3a2f34342d3434203d3e20323034353138.roa
File: 326130663a316363353a32303a3a2f34342d3434203d3e20323034353138.roa (raw, json)
Hash identifier: xjwsjBr2SH1TOOLmrm6gjc7hw2EsrJzCSG9DhPfoWqc=
Subject key identifier: 56:14:6D:F4:61:9B:83:C0:8B:77:99:61:FE:CC:CB:DC:41:62:7E:14
Certificate issuer: /CN=1be240021a287f298973d9ea28dfc80735fd5800
Certificate serial: 343709A23D32027548D4E10524643CF4045EA40F
Authority key identifier: 1B:E2:40:02:1A:28:7F:29:89:73:D9:EA:28:DF:C8:07:35:FD:58:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a32303a3a2f34342d3434203d3e20323034353138.roa
Signing time: Tue 02 Jun 2026 12:18:16 +0000
ROA not before: Tue 02 Jun 2026 12:13:16 +0000
ROA not after: Tue 01 Jun 2027 12:18:16 +0000
asID: 204518
IP address blocks: 2a0f:1cc5:20::/44 maxlen: 44
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.crl
rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.mft
rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 22:39:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:37:09:a2:3d:32:02:75:48:d4:e1:05:24:64:3c:f4:04:5e:a4:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1be240021a287f298973d9ea28dfc80735fd5800
Validity
Not Before: Jun 2 12:13:16 2026 GMT
Not After : Jun 1 12:18:16 2027 GMT
Subject: CN=56146DF4619B83C08B779961FECCCBDC41627E14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:30:50:cf:da:48:71:8f:cc:75:00:5d:87:43:
cf:e4:90:ab:e1:78:04:2d:32:81:ff:52:28:69:40:
10:36:e4:67:ed:72:7e:9b:f9:bd:ac:74:a6:df:7e:
bc:2c:39:67:ab:68:51:34:47:a4:bd:94:45:a3:c6:
80:5e:ba:f9:46:b4:a1:2d:32:fc:4c:1c:58:f7:0b:
c6:2a:b9:46:7a:fc:36:e4:32:30:a6:61:fd:05:45:
2f:c1:18:3c:37:bb:c2:fa:84:fe:96:c1:7f:f2:82:
95:3f:94:f8:69:8d:6c:3a:40:2c:fc:12:fd:a8:bd:
4f:8b:fd:53:3a:1a:18:4b:11:9d:91:4a:bc:84:04:
a7:cb:8b:39:49:26:fb:b4:b3:c4:66:4f:29:45:d7:
6a:11:b6:a3:96:d7:6d:49:d7:b4:76:4a:95:79:bd:
59:8a:2f:33:5b:17:a4:c6:c7:63:d5:ea:ac:d2:b0:
ce:47:a5:78:6f:1d:5c:89:0a:7e:be:48:97:f2:b8:
ed:a9:01:cf:2d:24:15:73:7a:81:f7:5c:f7:a4:c5:
c7:ca:0a:db:6d:73:0d:b1:66:8f:35:60:88:71:ed:
2c:e9:60:23:05:3e:b4:53:3e:28:f5:c4:9b:d6:ab:
ee:27:b9:c5:fb:ab:7c:45:c0:01:4c:df:52:6d:83:
9e:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:14:6D:F4:61:9B:83:C0:8B:77:99:61:FE:CC:CB:DC:41:62:7E:14
X509v3 Authority Key Identifier:
keyid:1B:E2:40:02:1A:28:7F:29:89:73:D9:EA:28:DF:C8:07:35:FD:58:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a32303a3a2f34342d3434203d3e20323034353138.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1cc5:20::/44
Signature Algorithm: sha256WithRSAEncryption
64:b1:69:b3:94:2f:79:c3:5c:5b:79:cb:e7:6b:5f:88:75:44:
5a:0e:f6:fe:3a:6f:b2:23:57:b1:03:b8:23:48:23:c5:70:37:
9d:c5:5b:32:c0:78:65:90:68:95:65:08:23:95:40:dd:d5:e6:
85:49:03:0d:89:3c:d3:7a:30:2b:91:b1:f5:40:99:ee:bd:82:
62:e3:91:4f:14:81:bd:bb:2b:4d:e3:c8:82:06:ce:36:03:12:
78:d6:cc:3e:c1:3b:39:40:02:61:f8:be:e5:12:ae:84:d2:7a:
3d:18:a2:19:4b:21:07:40:9d:31:f5:94:37:ac:d7:69:0a:e9:
13:d0:56:25:cc:56:33:e2:df:0d:e2:57:6a:40:4e:5e:05:7b:
c4:93:6f:e7:9a:0b:c8:7f:fc:14:67:aa:0b:50:8f:a8:45:a2:
3d:49:b1:65:23:dc:52:c7:a1:13:c9:e2:19:0f:91:89:52:82:
bb:8b:d6:26:c5:46:65:9b:3c:c0:dc:5d:54:22:a2:7d:64:97:
9c:50:12:cb:1b:c7:ff:01:7e:36:55:ea:dc:8f:29:7c:9f:9d:
40:e8:94:12:81:df:ab:a4:97:f6:0c:54:52:85:d7:75:e1:44:
72:bb:80:05:33:b1:20:90:1e:f6:88:1c:05:d8:7b:a6:05:91:
33:aa:9e:da
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUNDcJoj0yAnVI1OEFJGQ89ARepA8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMWJlMjQwMDIxYTI4N2YyOTg5NzNkOWVhMjhkZmM4MDcz
NWZkNTgwMDAeFw0yNjA2MDIxMjEzMTZaFw0yNzA2MDExMjE4MTZaMDMxMTAvBgNV
BAMTKDU2MTQ2REY0NjE5QjgzQzA4Qjc3OTk2MUZFQ0NDQkRDNDE2MjdFMTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0MFDP2khxj8x1AF2HQ8/kkKvh
eAQtMoH/UihpQBA25Gftcn6b+b2sdKbffrwsOWeraFE0R6S9lEWjxoBeuvlGtKEt
MvxMHFj3C8YquUZ6/DbkMjCmYf0FRS/BGDw3u8L6hP6WwX/ygpU/lPhpjWw6QCz8
Ev2ovU+L/VM6GhhLEZ2RSryEBKfLizlJJvu0s8RmTylF12oRtqOW121J17R2SpV5
vVmKLzNbF6TGx2PV6qzSsM5HpXhvHVyJCn6+SJfyuO2pAc8tJBVzeoH3XPekxcfK
Ctttcw2xZo81YIhx7SzpYCMFPrRTPij1xJvWq+4nucX7q3xFwAFM31Jtg561AgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUVhRt9GGbg8CLd5lh/szL3EFifhQwHwYDVR0j
BBgwFoAUG+JAAhoofymJc9nqKN/IBzX9WAAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGFmYjVmZTItM2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0
ZjBlLzAvMUJFMjQwMDIxQTI4N0YyOTg5NzNEOUVBMjhERkM4MDczNUZENTgwMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0ctSkFBaG9vZnltSmM5bnFLTl9JQnpY
OVdBQS5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGFmYjVmZTIt
M2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0ZjBlLzAvMzI2MTMwNjYzYTMxNjM2MzM1
M2EzMjMwM2EzYTJmMzQzNDJkMzQzNDIwM2QzZTIwMzIzMDM0MzUzMTM4LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcEKg8cxQAgMA0GCSqGSIb3DQEBCwUAA4IBAQBksWmzlC95w1xbecvna1+I
dURaDvb+Om+yI1exA7gjSCPFcDedxVsywHhlkGiVZQgjlUDd1eaFSQMNiTzTejAr
kbH1QJnuvYJi45FPFIG9uytN48iCBs42AxJ41sw+wTs5QAJh+L7lEq6E0no9GKIZ
SyEHQJ0x9ZQ3rNdpCukT0FYlzFYz4t8N4ldqQE5eBXvEk2/nmgvIf/wUZ6oLUI+o
RaI9SbFlI9xSx6ETyeIZD5GJUoK7i9YmxUZlmzzA3F1UIqJ9ZJecUBLLG8f/AX42
Vercjyl8n51A6JQSgd+rpJf2DFRShdd14URyu4AFM7EgkB72iBwF2HumBZEzqp7a
-----END CERTIFICATE-----
Generated at Sat Jun 13 13:49:56 2026 by rpki-client