Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a323630303a3a2f34302d3438203d3e20323032333335.roa
File: 326130663a316363353a323630303a3a2f34302d3438203d3e20323032333335.roa (raw, json)
Hash identifier: yIUQg03FJKKY/+tiMq1brT89zAR2oGZByM7+Y8QtHtg=
Subject key identifier: 5A:DC:52:7B:B2:64:24:8E:99:8A:29:05:AA:60:71:33:5F:FD:48:8C
Certificate issuer: /CN=1be240021a287f298973d9ea28dfc80735fd5800
Certificate serial: 270449694BCFD78D3E7628D42A9562F8FE6FD773
Authority key identifier: 1B:E2:40:02:1A:28:7F:29:89:73:D9:EA:28:DF:C8:07:35:FD:58:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a323630303a3a2f34302d3438203d3e20323032333335.roa
Signing time: Tue 02 Jun 2026 12:18:15 +0000
ROA not before: Tue 02 Jun 2026 12:13:15 +0000
ROA not after: Tue 01 Jun 2027 12:18:15 +0000
asID: 202335
IP address blocks: 2a0f:1cc5:2600::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.crl
rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.mft
rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 22:39:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:04:49:69:4b:cf:d7:8d:3e:76:28:d4:2a:95:62:f8:fe:6f:d7:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1be240021a287f298973d9ea28dfc80735fd5800
Validity
Not Before: Jun 2 12:13:15 2026 GMT
Not After : Jun 1 12:18:15 2027 GMT
Subject: CN=5ADC527BB264248E998A2905AA6071335FFD488C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:eb:af:66:f2:d8:37:38:21:10:e0:ec:58:15:
33:5f:ff:79:f3:a9:74:09:04:17:9b:08:d3:62:dd:
7d:3f:e6:b9:e6:06:59:eb:d6:bd:10:45:dd:3b:2e:
ce:0a:5e:28:7f:e8:81:85:e3:59:92:21:f9:a0:3b:
f5:53:51:10:63:12:27:7f:4c:70:10:11:c2:20:5f:
43:60:9e:7e:5b:88:dd:cd:2f:08:36:e9:39:6c:3a:
0b:c9:7e:57:fd:6d:01:7d:f5:74:07:1a:8c:fd:44:
13:52:3c:6c:ab:ac:54:f4:42:cf:f3:7b:17:a1:e1:
a5:27:39:c1:c8:73:f2:6a:e8:69:f4:75:96:62:29:
3c:95:00:72:d8:d2:4c:27:e4:bb:76:5e:b8:79:e2:
bb:6f:38:ef:15:93:7d:1b:65:9c:23:66:3b:e8:4c:
df:8a:25:a0:21:c9:c4:b6:b1:86:5c:6c:28:cd:e2:
dc:4c:3a:1a:a8:94:e4:63:38:95:b3:3a:fd:c0:ac:
0f:4b:09:67:c6:4b:ea:1f:d3:f5:e9:0e:f7:ec:8b:
ea:82:d6:bf:b7:49:08:d7:1a:86:38:ab:11:a4:d6:
6a:fa:93:64:64:ad:67:35:cc:42:dc:4d:2a:8a:d2:
97:ee:71:ab:fb:1c:f9:17:71:8c:e4:16:dd:c4:2e:
12:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:DC:52:7B:B2:64:24:8E:99:8A:29:05:AA:60:71:33:5F:FD:48:8C
X509v3 Authority Key Identifier:
keyid:1B:E2:40:02:1A:28:7F:29:89:73:D9:EA:28:DF:C8:07:35:FD:58:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a323630303a3a2f34302d3438203d3e20323032333335.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1cc5:2600::/40
Signature Algorithm: sha256WithRSAEncryption
60:19:c4:b7:36:a2:99:97:0e:a9:63:a4:ed:eb:22:3c:4e:09:
72:6e:58:69:91:a4:45:bd:c7:3d:db:e5:b6:31:92:7c:c4:76:
17:fe:22:0c:14:06:12:f1:40:5e:d7:ae:99:60:04:9c:e0:ce:
42:34:51:f9:9a:d9:96:83:c4:86:13:8f:00:60:4e:53:84:b9:
e8:5a:46:62:9f:c3:b6:a8:73:5c:10:5c:29:38:bc:f8:e1:78:
b9:60:46:e0:86:60:f0:94:78:79:0a:46:4f:d8:41:57:8c:21:
63:54:61:2a:34:2a:f8:c0:e9:db:a3:56:05:05:7f:fb:2a:a2:
86:13:da:c0:61:34:c9:91:28:a1:a4:9d:9e:db:e0:93:f3:75:
6d:5d:00:40:1e:98:6d:38:8e:ba:f9:38:50:9d:ba:9a:4b:56:
70:9c:36:be:da:a1:6e:84:11:e8:c7:07:38:a8:fb:74:26:76:
5e:01:f1:f6:64:49:a6:6a:0f:b0:00:da:23:ca:d5:b1:e0:63:
74:cc:8b:8a:b4:3c:d8:dd:e7:38:a0:9a:0e:90:f2:7a:50:1f:
0e:45:58:55:e9:a0:d1:79:d7:01:4f:ef:2d:9c:aa:9c:d9:38:
e4:c1:27:55:2a:e1:d4:23:5c:35:89:91:d4:ba:96:c7:eb:2a:
90:e0:1d:af
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIUJwRJaUvP140+dijUKpVi+P5v13MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMWJlMjQwMDIxYTI4N2YyOTg5NzNkOWVhMjhkZmM4MDcz
NWZkNTgwMDAeFw0yNjA2MDIxMjEzMTVaFw0yNzA2MDExMjE4MTVaMDMxMTAvBgNV
BAMTKDVBREM1MjdCQjI2NDI0OEU5OThBMjkwNUFBNjA3MTMzNUZGRDQ4OEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj669m8tg3OCEQ4OxYFTNf/3nz
qXQJBBebCNNi3X0/5rnmBlnr1r0QRd07Ls4KXih/6IGF41mSIfmgO/VTURBjEid/
THAQEcIgX0Ngnn5biN3NLwg26TlsOgvJflf9bQF99XQHGoz9RBNSPGyrrFT0Qs/z
exeh4aUnOcHIc/Jq6Gn0dZZiKTyVAHLY0kwn5Lt2Xrh54rtvOO8Vk30bZZwjZjvo
TN+KJaAhycS2sYZcbCjN4txMOhqolORjOJWzOv3ArA9LCWfGS+of0/XpDvfsi+qC
1r+3SQjXGoY4qxGk1mr6k2RkrWc1zELcTSqK0pfucav7HPkXcYzkFt3ELhIRAgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQUWtxSe7JkJI6ZiikFqmBxM1/9SIwwHwYDVR0j
BBgwFoAUG+JAAhoofymJc9nqKN/IBzX9WAAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGFmYjVmZTItM2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0
ZjBlLzAvMUJFMjQwMDIxQTI4N0YyOTg5NzNEOUVBMjhERkM4MDczNUZENTgwMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0ctSkFBaG9vZnltSmM5bnFLTl9JQnpY
OVdBQS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGFmYjVmZTIt
M2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0ZjBlLzAvMzI2MTMwNjYzYTMxNjM2MzM1
M2EzMjM2MzAzMDNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDMyMzAzMjMzMzMzNS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw
DgQCAAIwCAMGACoPHMUmMA0GCSqGSIb3DQEBCwUAA4IBAQBgGcS3NqKZlw6pY6Tt
6yI8TglyblhpkaRFvcc92+W2MZJ8xHYX/iIMFAYS8UBe166ZYASc4M5CNFH5mtmW
g8SGE48AYE5ThLnoWkZin8O2qHNcEFwpOLz44Xi5YEbghmDwlHh5CkZP2EFXjCFj
VGEqNCr4wOnbo1YFBX/7KqKGE9rAYTTJkSihpJ2e2+CT83VtXQBAHphtOI66+ThQ
nbqaS1ZwnDa+2qFuhBHoxwc4qPt0JnZeAfH2ZEmmag+wANojytWx4GN0zIuKtDzY
3ec4oJoOkPJ6UB8ORVhV6aDRedcBT+8tnKqc2TjkwSdVKuHUI1w1iZHUupbH6yqQ
4B2v
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:53:38 2026 by rpki-client