Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a3730303a3a2f34302d3438203d3e20323034303731.roa
File: 326130663a316363353a3730303a3a2f34302d3438203d3e20323034303731.roa (raw, json)
Hash identifier: TIXVmk+bS1W/yN8i4zJ9MbOG3+t0wKiPmm9nUHmrpTI=
Subject key identifier: 29:A5:21:87:2E:85:0B:11:92:09:09:FA:6B:83:21:40:10:83:48:B2
Certificate issuer: /CN=1be240021a287f298973d9ea28dfc80735fd5800
Certificate serial: 255C10ED5683504487A9766473C26651E9F43A36
Authority key identifier: 1B:E2:40:02:1A:28:7F:29:89:73:D9:EA:28:DF:C8:07:35:FD:58:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a3730303a3a2f34302d3438203d3e20323034303731.roa
Signing time: Tue 02 Jun 2026 12:18:24 +0000
ROA not before: Tue 02 Jun 2026 12:13:24 +0000
ROA not after: Tue 01 Jun 2027 12:18:24 +0000
asID: 204071
IP address blocks: 2a0f:1cc5:700::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.crl
rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.mft
rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 22:39:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:5c:10:ed:56:83:50:44:87:a9:76:64:73:c2:66:51:e9:f4:3a:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1be240021a287f298973d9ea28dfc80735fd5800
Validity
Not Before: Jun 2 12:13:24 2026 GMT
Not After : Jun 1 12:18:24 2027 GMT
Subject: CN=29A521872E850B11920909FA6B832140108348B2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:d8:2d:e1:00:9f:b5:d4:ac:12:24:47:25:9d:
79:7a:be:d6:9f:f2:08:8f:96:12:f2:c5:24:3f:66:
53:44:c9:01:64:e3:e9:b4:b0:a7:b5:dd:e1:94:bc:
76:ee:cb:4c:d5:7d:56:03:d0:18:53:69:6b:36:cc:
83:20:e2:d7:52:d4:75:e9:64:95:1c:98:b5:b5:f7:
69:19:f4:b2:fe:be:fc:85:8e:42:de:c1:42:b8:a3:
e9:16:8b:cc:36:5e:2e:b6:b0:6e:17:ac:86:59:ed:
5a:19:f0:f5:39:00:27:7f:3c:9d:c1:8d:6c:e6:9c:
6b:0b:28:7c:12:76:4f:2c:52:af:bd:4b:34:0a:24:
1d:b0:31:b3:56:d6:d6:75:3b:b4:08:12:89:a5:e5:
0f:06:79:5d:da:49:f5:5d:9d:33:ec:c6:37:36:de:
67:94:35:72:eb:47:4a:e1:30:1b:b5:a8:6e:0b:34:
11:b0:9f:4f:e8:4e:5c:9f:fc:de:81:bc:dd:b2:ef:
35:00:62:e2:03:b0:bf:d8:b2:a3:eb:3e:69:7f:b5:
97:74:4f:2f:8d:77:39:b2:fb:b5:12:e9:79:82:89:
29:da:80:6c:89:fe:fc:e6:47:4a:fa:8f:92:f8:a1:
8c:64:29:8f:a5:78:7a:62:84:35:85:9e:1d:86:4b:
b4:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:A5:21:87:2E:85:0B:11:92:09:09:FA:6B:83:21:40:10:83:48:B2
X509v3 Authority Key Identifier:
keyid:1B:E2:40:02:1A:28:7F:29:89:73:D9:EA:28:DF:C8:07:35:FD:58:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a3730303a3a2f34302d3438203d3e20323034303731.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1cc5:700::/40
Signature Algorithm: sha256WithRSAEncryption
2e:97:39:3d:19:a0:43:49:ee:8d:d5:90:96:89:f8:e1:b1:e6:
98:8a:d0:ba:c3:61:b5:46:e1:45:fe:4a:7f:ce:cf:81:e5:00:
03:1f:1b:c5:4e:57:fe:68:06:b4:a1:ff:c6:a1:b5:73:cb:dc:
fc:85:17:85:63:99:24:1d:3e:51:94:13:f7:f4:6e:bc:50:a1:
8d:02:8e:9a:07:87:71:20:88:61:cd:1d:fb:7d:20:a2:5d:c7:
99:13:13:d5:df:7c:b1:c8:dc:e9:4a:05:4e:12:85:76:ca:95:
80:2b:a2:05:b3:72:4c:51:99:20:35:b6:76:15:da:b5:f2:37:
d7:72:0a:e6:61:ff:38:35:38:d6:98:55:8d:b9:66:49:e5:7a:
77:c2:9f:6b:b1:79:a4:5b:e1:ee:eb:67:a9:a7:6c:c7:a9:3a:
fa:75:79:a8:86:ba:92:7e:99:81:aa:11:a7:47:52:d3:91:3a:
00:f1:5f:8c:68:61:bb:79:97:fa:d7:b7:bf:6d:27:44:9c:f8:
89:fa:89:cb:c7:73:dc:f6:8d:f2:c0:8c:41:81:51:39:e6:ed:
e8:b3:b9:28:91:d1:53:4f:44:b1:fc:27:97:e3:dc:41:ef:60:
c4:a2:29:5f:67:df:21:b5:33:e3:4d:75:59:4a:f5:49:e4:02:
42:3b:24:dd
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIUJVwQ7VaDUESHqXZkc8JmUen0OjYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMWJlMjQwMDIxYTI4N2YyOTg5NzNkOWVhMjhkZmM4MDcz
NWZkNTgwMDAeFw0yNjA2MDIxMjEzMjRaFw0yNzA2MDExMjE4MjRaMDMxMTAvBgNV
BAMTKDI5QTUyMTg3MkU4NTBCMTE5MjA5MDlGQTZCODMyMTQwMTA4MzQ4QjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDK2C3hAJ+11KwSJEclnXl6vtaf
8giPlhLyxSQ/ZlNEyQFk4+m0sKe13eGUvHbuy0zVfVYD0BhTaWs2zIMg4tdS1HXp
ZJUcmLW192kZ9LL+vvyFjkLewUK4o+kWi8w2Xi62sG4XrIZZ7VoZ8PU5ACd/PJ3B
jWzmnGsLKHwSdk8sUq+9SzQKJB2wMbNW1tZ1O7QIEoml5Q8GeV3aSfVdnTPsxjc2
3meUNXLrR0rhMBu1qG4LNBGwn0/oTlyf/N6BvN2y7zUAYuIDsL/YsqPrPml/tZd0
Ty+Ndzmy+7US6XmCiSnagGyJ/vzmR0r6j5L4oYxkKY+leHpihDWFnh2GS7SBAgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQUKaUhhy6FCxGSCQn6a4MhQBCDSLIwHwYDVR0j
BBgwFoAUG+JAAhoofymJc9nqKN/IBzX9WAAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGFmYjVmZTItM2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0
ZjBlLzAvMUJFMjQwMDIxQTI4N0YyOTg5NzNEOUVBMjhERkM4MDczNUZENTgwMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0ctSkFBaG9vZnltSmM5bnFLTl9JQnpY
OVdBQS5jZXIwgbUGCCsGAQUFBwELBIGoMIGlMIGiBggrBgEFBQcwC4aBlXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGFmYjVmZTIt
M2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0ZjBlLzAvMzI2MTMwNjYzYTMxNjM2MzM1
M2EzNzMwMzAzYTNhMmYzNDMwMmQzNDM4MjAzZDNlMjAzMjMwMzQzMDM3MzEucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4E
AgACMAgDBgAqDxzFBzANBgkqhkiG9w0BAQsFAAOCAQEALpc5PRmgQ0nujdWQlon4
4bHmmIrQusNhtUbhRf5Kf87PgeUAAx8bxU5X/mgGtKH/xqG1c8vc/IUXhWOZJB0+
UZQT9/RuvFChjQKOmgeHcSCIYc0d+30gol3HmRMT1d98scjc6UoFThKFdsqVgCui
BbNyTFGZIDW2dhXatfI313IK5mH/ODU41phVjblmSeV6d8Kfa7F5pFvh7utnqads
x6k6+nV5qIa6kn6ZgaoRp0dS05E6APFfjGhhu3mX+te3v20nRJz4ifqJy8dz3PaN
8sCMQYFROebt6LO5KJHRU09Esfwnl+PcQe9gxKIpX2ffIbUz4011WUr1SeQCQjsk
3Q==
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:58:04 2026 by rpki-client