Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a333130303a3a2f34302d3438203d3e20313939373530.roa
File: 326130663a316363353a333130303a3a2f34302d3438203d3e20313939373530.roa (raw, json)
Hash identifier: l0AyaZ1C1pK2Lk0P/omP+4d/9+GscMFoyiJmm/lCmDU=
Subject key identifier: 9A:8F:86:FB:7D:82:B8:67:77:20:37:48:8A:1F:5B:FA:66:00:77:6A
Certificate issuer: /CN=1be240021a287f298973d9ea28dfc80735fd5800
Certificate serial: 3C41F9495FD7C5E24ED605A829555E2760FB9C3F
Authority key identifier: 1B:E2:40:02:1A:28:7F:29:89:73:D9:EA:28:DF:C8:07:35:FD:58:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a333130303a3a2f34302d3438203d3e20313939373530.roa
Signing time: Tue 02 Jun 2026 12:18:03 +0000
ROA not before: Tue 02 Jun 2026 12:13:03 +0000
ROA not after: Tue 01 Jun 2027 12:18:03 +0000
asID: 199750
IP address blocks: 2a0f:1cc5:3100::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.crl
rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.mft
rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 22:39:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:41:f9:49:5f:d7:c5:e2:4e:d6:05:a8:29:55:5e:27:60:fb:9c:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1be240021a287f298973d9ea28dfc80735fd5800
Validity
Not Before: Jun 2 12:13:03 2026 GMT
Not After : Jun 1 12:18:03 2027 GMT
Subject: CN=9A8F86FB7D82B867772037488A1F5BFA6600776A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:06:ba:65:66:bc:a7:ed:03:ae:20:8d:ec:ff:
f8:8a:cd:6c:68:ab:dc:83:fd:a7:31:1a:d3:6d:f2:
ef:f7:d6:63:3d:78:f1:d5:a5:a2:ac:5c:18:8c:bb:
9b:1a:ef:b9:33:ae:4c:29:b1:95:21:a6:5e:23:78:
58:c5:9d:52:6f:73:09:46:dc:7e:a6:f5:f3:2c:e8:
34:f2:e5:eb:5d:0c:fe:6c:0e:f1:73:08:99:b6:2c:
bb:0e:47:00:8e:d2:0a:d2:5e:71:f8:e3:09:f9:fe:
0c:f3:6d:65:3c:ef:f4:f9:c3:7f:5a:a0:02:e9:b5:
6c:a0:73:1f:1e:e8:c0:0f:64:a9:ad:be:28:61:96:
b2:52:cb:bc:40:37:89:43:92:16:e5:5f:a3:9c:1a:
d9:f4:0f:32:38:d7:ce:d3:86:cc:aa:1a:81:74:ac:
27:7b:b7:46:15:2c:87:c2:4a:0b:24:78:98:1a:d3:
5d:b4:6e:12:a6:a1:7a:c9:93:c5:84:19:ca:98:68:
80:8c:44:80:9a:ac:20:84:8e:b0:6d:fc:3c:5f:d0:
31:05:dc:e7:48:b2:a6:18:01:21:11:b3:6d:55:f5:
bf:47:38:c8:7f:80:73:0f:3b:30:94:b4:d9:45:d2:
72:15:b6:05:6c:39:c8:38:19:ec:f2:65:e1:23:74:
52:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:8F:86:FB:7D:82:B8:67:77:20:37:48:8A:1F:5B:FA:66:00:77:6A
X509v3 Authority Key Identifier:
keyid:1B:E2:40:02:1A:28:7F:29:89:73:D9:EA:28:DF:C8:07:35:FD:58:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a333130303a3a2f34302d3438203d3e20313939373530.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1cc5:3100::/40
Signature Algorithm: sha256WithRSAEncryption
7e:ae:4c:a9:bb:81:59:91:c0:87:9f:a4:e5:4b:31:33:ef:ba:
17:d1:52:25:1b:3b:cd:8b:f5:f0:52:37:2c:89:70:0c:09:7a:
d5:e0:c8:a1:b0:d9:f0:34:ae:0e:63:d6:f6:76:19:aa:e1:5c:
7b:89:87:7c:17:16:0e:16:6f:a5:20:ec:39:b8:c8:45:a2:04:
89:98:2a:9f:8e:a1:2f:a7:73:f6:8b:7a:6a:81:63:80:ba:03:
a6:f7:db:57:a6:22:26:a4:27:80:c4:d4:c8:39:85:da:ea:31:
c9:fd:72:27:54:d3:49:2f:87:39:3f:e7:3c:4b:98:37:dc:49:
55:2d:29:18:e1:82:cb:df:3f:c7:dd:23:a2:67:06:10:31:2d:
94:3f:76:1e:81:f4:7e:a0:82:18:a6:77:05:83:97:32:dc:c9:
41:d5:e3:4c:a4:14:35:63:e0:c5:c1:47:4b:25:ed:01:d1:bd:
5b:01:5a:fd:68:a3:63:93:e9:e4:ac:a5:b6:c3:f9:99:85:6a:
43:4a:fb:7c:2d:b2:9a:6c:84:cc:26:d7:8d:70:06:89:24:b8:
3a:ef:a5:11:94:44:0e:3d:37:62:25:b5:bb:7a:bf:28:97:ce:
e4:78:e8:77:9b:da:d8:72:91:fa:0b:0f:20:5d:38:ef:55:53:
92:3a:b3:d5
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIUPEH5SV/XxeJO1gWoKVVeJ2D7nD8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMWJlMjQwMDIxYTI4N2YyOTg5NzNkOWVhMjhkZmM4MDcz
NWZkNTgwMDAeFw0yNjA2MDIxMjEzMDNaFw0yNzA2MDExMjE4MDNaMDMxMTAvBgNV
BAMTKDlBOEY4NkZCN0Q4MkI4Njc3NzIwMzc0ODhBMUY1QkZBNjYwMDc3NkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCWBrplZryn7QOuII3s//iKzWxo
q9yD/acxGtNt8u/31mM9ePHVpaKsXBiMu5sa77kzrkwpsZUhpl4jeFjFnVJvcwlG
3H6m9fMs6DTy5etdDP5sDvFzCJm2LLsORwCO0grSXnH44wn5/gzzbWU87/T5w39a
oALptWygcx8e6MAPZKmtvihhlrJSy7xAN4lDkhblX6OcGtn0DzI4187ThsyqGoF0
rCd7t0YVLIfCSgskeJga0120bhKmoXrJk8WEGcqYaICMRICarCCEjrBt/Dxf0DEF
3OdIsqYYASERs21V9b9HOMh/gHMPOzCUtNlF0nIVtgVsOcg4GezyZeEjdFKpAgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQUmo+G+32CuGd3IDdIih9b+mYAd2owHwYDVR0j
BBgwFoAUG+JAAhoofymJc9nqKN/IBzX9WAAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGFmYjVmZTItM2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0
ZjBlLzAvMUJFMjQwMDIxQTI4N0YyOTg5NzNEOUVBMjhERkM4MDczNUZENTgwMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0ctSkFBaG9vZnltSmM5bnFLTl9JQnpY
OVdBQS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGFmYjVmZTIt
M2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0ZjBlLzAvMzI2MTMwNjYzYTMxNjM2MzM1
M2EzMzMxMzAzMDNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDMxMzkzOTM3MzUzMC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw
DgQCAAIwCAMGACoPHMUxMA0GCSqGSIb3DQEBCwUAA4IBAQB+rkypu4FZkcCHn6Tl
SzEz77oX0VIlGzvNi/XwUjcsiXAMCXrV4MihsNnwNK4OY9b2dhmq4Vx7iYd8FxYO
Fm+lIOw5uMhFogSJmCqfjqEvp3P2i3pqgWOAugOm99tXpiImpCeAxNTIOYXa6jHJ
/XInVNNJL4c5P+c8S5g33ElVLSkY4YLL3z/H3SOiZwYQMS2UP3YegfR+oIIYpncF
g5cy3MlB1eNMpBQ1Y+DFwUdLJe0B0b1bAVr9aKNjk+nkrKW2w/mZhWpDSvt8LbKa
bITMJteNcAaJJLg676URlEQOPTdiJbW7er8ol87keOh3m9rYcpH6Cw8gXTjvVVOS
OrPV
-----END CERTIFICATE-----
Generated at Sat Jun 13 13:41:12 2026 by rpki-client