Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a3335303a3a2f34342d3438203d3e203331383938.roa
File: 326130663a316363353a3335303a3a2f34342d3438203d3e203331383938.roa (raw, json)
Hash identifier: VOnEpmujarDmk5tC7DC4HsTlejPlD2H4H6sb5vbQMbs=
Subject key identifier: 26:D7:47:0C:C6:99:E1:DC:7A:62:98:87:A8:BE:52:3B:37:9A:56:D7
Certificate issuer: /CN=1be240021a287f298973d9ea28dfc80735fd5800
Certificate serial: 0481683DA5BDFA73F1E4F9FA49B807B357932646
Authority key identifier: 1B:E2:40:02:1A:28:7F:29:89:73:D9:EA:28:DF:C8:07:35:FD:58:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a3335303a3a2f34342d3438203d3e203331383938.roa
Signing time: Tue 02 Jun 2026 12:18:08 +0000
ROA not before: Tue 02 Jun 2026 12:13:08 +0000
ROA not after: Tue 01 Jun 2027 12:18:08 +0000
asID: 31898
IP address blocks: 2a0f:1cc5:350::/44 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.crl
rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.mft
rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 22:39:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:81:68:3d:a5:bd:fa:73:f1:e4:f9:fa:49:b8:07:b3:57:93:26:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1be240021a287f298973d9ea28dfc80735fd5800
Validity
Not Before: Jun 2 12:13:08 2026 GMT
Not After : Jun 1 12:18:08 2027 GMT
Subject: CN=26D7470CC699E1DC7A629887A8BE523B379A56D7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:51:0f:62:ad:83:9d:63:eb:bf:ee:2b:17:0c:
2f:39:fb:4b:5d:a1:fb:ad:8f:6d:89:75:0a:18:1a:
e8:30:80:4f:4f:9c:21:c5:5b:d0:03:9c:90:32:59:
3b:04:80:a6:31:91:25:ad:90:af:dd:b9:6d:0a:97:
fc:56:f1:10:8a:46:07:ad:8c:52:34:29:2c:a8:0d:
89:68:0f:cf:dc:b9:56:73:20:5b:a4:e1:3f:a8:a8:
2d:ae:df:09:91:26:64:d4:0f:f7:80:ea:e9:f7:3c:
bd:db:4d:e1:ee:0b:d2:73:fa:ee:b6:c2:ab:e1:14:
8c:b5:ca:ed:ac:ef:d3:d3:f6:ef:e9:52:62:78:5f:
9a:c3:19:94:66:c8:0e:a5:e3:3d:dc:3a:e5:12:80:
e7:b5:11:64:4e:a4:e8:56:f3:3d:67:30:36:ea:4e:
c3:10:16:63:b8:36:32:79:e3:63:ce:30:51:c1:76:
af:15:d8:bd:bc:8a:95:f7:a8:c5:76:a7:d8:b2:23:
1a:42:4f:ac:02:0c:1f:08:4f:4b:c3:74:d7:65:2a:
30:ad:e0:ef:16:db:bd:b2:1c:b1:61:b0:11:38:64:
4d:2c:2d:52:d5:85:da:ff:12:29:b9:c2:71:bb:a6:
b3:3c:f7:ee:21:18:15:58:e4:ff:f4:89:f4:86:28:
8d:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:D7:47:0C:C6:99:E1:DC:7A:62:98:87:A8:BE:52:3B:37:9A:56:D7
X509v3 Authority Key Identifier:
keyid:1B:E2:40:02:1A:28:7F:29:89:73:D9:EA:28:DF:C8:07:35:FD:58:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a3335303a3a2f34342d3438203d3e203331383938.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1cc5:350::/44
Signature Algorithm: sha256WithRSAEncryption
1a:ab:1f:cc:9e:79:01:be:61:94:be:22:4e:c6:84:67:05:6a:
67:26:e4:b8:0d:07:e7:16:fd:14:fb:66:47:cd:d7:31:b5:d2:
33:aa:6e:d0:06:d4:86:6f:d8:3d:f7:6e:f1:8a:08:13:d4:68:
68:a9:47:7c:3c:01:65:20:0b:e3:a8:d3:94:2b:1c:a5:64:ee:
55:69:f0:69:56:e6:bd:fc:59:42:9b:0f:a6:50:e7:9a:9f:95:
1c:0e:ae:71:88:49:f5:cf:7d:75:c7:ce:13:be:e4:44:f2:f7:
9a:9d:ae:cf:69:8a:12:cb:95:43:1a:40:b9:8b:6f:a4:7d:c8:
bb:19:a8:ee:40:89:da:c7:46:bf:fe:7e:de:eb:15:8e:c1:f4:
92:d6:62:42:dc:28:2f:51:54:04:b2:e5:0e:2d:1d:f6:4f:5a:
c5:f9:c7:b2:77:b1:d2:a5:81:94:a6:7a:2b:58:a2:b9:3d:fe:
76:49:b4:71:64:44:ca:d9:b3:72:fe:69:b7:fd:91:bf:72:29:
e0:45:3a:7e:58:cf:1a:9a:bb:2e:b3:50:f1:05:36:90:9d:7b:
4d:b2:4c:f2:21:1a:0c:f1:36:2c:7d:4b:18:76:ff:53:7a:9c:
81:dc:05:1e:75:63:1f:e7:b4:fc:39:b1:2e:9d:d1:27:c0:fb:
03:1a:8b:a8
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUBIFoPaW9+nPx5Pn6SbgHs1eTJkYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMWJlMjQwMDIxYTI4N2YyOTg5NzNkOWVhMjhkZmM4MDcz
NWZkNTgwMDAeFw0yNjA2MDIxMjEzMDhaFw0yNzA2MDExMjE4MDhaMDMxMTAvBgNV
BAMTKDI2RDc0NzBDQzY5OUUxREM3QTYyOTg4N0E4QkU1MjNCMzc5QTU2RDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdUQ9irYOdY+u/7isXDC85+0td
ofutj22JdQoYGugwgE9PnCHFW9ADnJAyWTsEgKYxkSWtkK/duW0Kl/xW8RCKRget
jFI0KSyoDYloD8/cuVZzIFuk4T+oqC2u3wmRJmTUD/eA6un3PL3bTeHuC9Jz+u62
wqvhFIy1yu2s79PT9u/pUmJ4X5rDGZRmyA6l4z3cOuUSgOe1EWROpOhW8z1nMDbq
TsMQFmO4NjJ542POMFHBdq8V2L28ipX3qMV2p9iyIxpCT6wCDB8IT0vDdNdlKjCt
4O8W272yHLFhsBE4ZE0sLVLVhdr/Eim5wnG7prM89+4hGBVY5P/0ifSGKI3jAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUJtdHDMaZ4dx6YpiHqL5SOzeaVtcwHwYDVR0j
BBgwFoAUG+JAAhoofymJc9nqKN/IBzX9WAAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGFmYjVmZTItM2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0
ZjBlLzAvMUJFMjQwMDIxQTI4N0YyOTg5NzNEOUVBMjhERkM4MDczNUZENTgwMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0ctSkFBaG9vZnltSmM5bnFLTl9JQnpY
OVdBQS5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGFmYjVmZTIt
M2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0ZjBlLzAvMzI2MTMwNjYzYTMxNjM2MzM1
M2EzMzM1MzAzYTNhMmYzNDM0MmQzNDM4MjAzZDNlMjAzMzMxMzgzOTM4LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcEKg8cxQNQMA0GCSqGSIb3DQEBCwUAA4IBAQAaqx/MnnkBvmGUviJOxoRn
BWpnJuS4DQfnFv0U+2ZHzdcxtdIzqm7QBtSGb9g9927xiggT1GhoqUd8PAFlIAvj
qNOUKxylZO5VafBpVua9/FlCmw+mUOean5UcDq5xiEn1z311x84TvuRE8veana7P
aYoSy5VDGkC5i2+kfci7GajuQInax0a//n7e6xWOwfSS1mJC3CgvUVQEsuUOLR32
T1rF+ceyd7HSpYGUpnorWKK5Pf52SbRxZETK2bNy/mm3/ZG/cingRTp+WM8amrsu
s1DxBTaQnXtNskzyIRoM8TYsfUsYdv9TepyB3AUedWMf57T8ObEundEnwPsDGouo
-----END CERTIFICATE-----
Generated at Sat Jun 13 14:03:08 2026 by rpki-client