Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b3f2aaae-23cf-4a37-9403-743b15ec2a8e/0/326130613a643638373a663130303a3a2f34342d3438203d3e20313937323133.roa
File: 326130613a643638373a663130303a3a2f34342d3438203d3e20313937323133.roa (raw, json)
Hash identifier: bHHSi5wagGdCluZPsKdv0VQ8BFQU3w+P+YxMSNDafL4=
Subject key identifier: 75:8B:D3:DA:FF:AA:C6:3B:A9:CD:E3:65:5B:2A:F3:71:8B:86:89:51
Certificate issuer: /CN=0e70ae0acd0be83d2d458ca207b1d4ffa3c3e4ea
Certificate serial: 38A614E329A121B0560DA8F6038389E226A655D3
Authority key identifier: 0E:70:AE:0A:CD:0B:E8:3D:2D:45:8C:A2:07:B1:D4:FF:A3:C3:E4:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DnCuCs0L6D0tRYyiB7HU_6PD5Oo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b3f2aaae-23cf-4a37-9403-743b15ec2a8e/0/326130613a643638373a663130303a3a2f34342d3438203d3e20313937323133.roa
Signing time: Tue 16 Jun 2026 14:40:13 +0000
ROA not before: Tue 16 Jun 2026 14:35:13 +0000
ROA not after: Tue 15 Jun 2027 14:40:13 +0000
asID: 197213
IP address blocks: 2a0a:d687:f100::/44 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b3f2aaae-23cf-4a37-9403-743b15ec2a8e/0/0E70AE0ACD0BE83D2D458CA207B1D4FFA3C3E4EA.crl
rsync://rsync.paas.rpki.ripe.net/repository/b3f2aaae-23cf-4a37-9403-743b15ec2a8e/0/0E70AE0ACD0BE83D2D458CA207B1D4FFA3C3E4EA.mft
rsync://rpki.ripe.net/repository/DEFAULT/DnCuCs0L6D0tRYyiB7HU_6PD5Oo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 17 Jun 2026 17:16:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:a6:14:e3:29:a1:21:b0:56:0d:a8:f6:03:83:89:e2:26:a6:55:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e70ae0acd0be83d2d458ca207b1d4ffa3c3e4ea
Validity
Not Before: Jun 16 14:35:13 2026 GMT
Not After : Jun 15 14:40:13 2027 GMT
Subject: CN=758BD3DAFFAAC63BA9CDE3655B2AF3718B868951
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:8a:96:dc:0d:a6:a1:bb:f1:1a:b4:6a:5a:a8:
3f:63:9d:81:f0:5c:75:aa:54:a2:e9:33:05:71:48:
d9:99:e8:93:d6:53:d1:6d:00:91:f6:a4:34:e6:4a:
88:b6:e6:03:a4:e8:5b:5b:41:02:36:2c:3a:b6:21:
0c:81:8c:33:93:3a:2d:ea:a0:f5:b4:b7:a0:50:f1:
8b:f1:45:da:23:e6:53:e0:38:64:ac:27:03:79:40:
b6:a6:04:a5:7c:6a:77:d0:ca:fd:9f:37:8f:d1:17:
9f:39:64:30:46:34:18:40:8c:5f:17:53:b4:f2:cc:
a0:99:88:40:ae:d9:2a:d7:fe:d1:42:35:45:f8:30:
ff:23:ae:ff:7c:d2:37:ce:b9:7e:8a:4b:e4:46:e4:
d6:4f:d9:f3:a7:08:bd:21:4e:66:ff:f1:86:17:d3:
b8:f6:6a:8c:b0:c7:6b:78:d3:d3:b3:79:fa:45:0a:
9f:29:e8:60:5b:97:d9:75:b4:89:9f:ec:be:5d:36:
e9:5b:3e:c1:89:e6:28:44:04:1b:37:c2:b4:b2:fb:
56:bf:8b:28:75:9e:58:16:b7:8b:f7:e8:53:03:47:
f6:4f:aa:2c:42:0b:6d:2e:7a:a1:27:1d:3f:23:95:
bf:05:08:6f:72:52:7a:c4:80:d2:22:07:31:24:7f:
8f:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:8B:D3:DA:FF:AA:C6:3B:A9:CD:E3:65:5B:2A:F3:71:8B:86:89:51
X509v3 Authority Key Identifier:
keyid:0E:70:AE:0A:CD:0B:E8:3D:2D:45:8C:A2:07:B1:D4:FF:A3:C3:E4:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b3f2aaae-23cf-4a37-9403-743b15ec2a8e/0/0E70AE0ACD0BE83D2D458CA207B1D4FFA3C3E4EA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DnCuCs0L6D0tRYyiB7HU_6PD5Oo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b3f2aaae-23cf-4a37-9403-743b15ec2a8e/0/326130613a643638373a663130303a3a2f34342d3438203d3e20313937323133.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:d687:f100::/44
Signature Algorithm: sha256WithRSAEncryption
a9:39:7e:c2:7a:dc:65:f2:25:0c:0a:0b:84:3a:aa:d9:52:30:
ce:a9:a2:e7:85:9b:0b:9b:82:24:77:aa:2e:2a:41:54:61:b9:
e7:6b:3a:c9:cb:8d:34:88:02:5f:43:c2:c2:f0:43:91:02:3b:
01:bc:75:2e:c7:50:07:96:2f:cd:5f:23:16:e5:2f:48:ef:77:
0f:f4:63:bb:41:94:93:53:ca:30:7c:7d:e8:f3:14:db:71:51:
08:04:a7:e3:82:23:14:73:f0:2f:b7:5f:9f:01:a2:0c:8b:15:
f8:f9:f1:a7:8e:87:a0:9c:93:fc:e2:7a:02:13:05:c8:88:0f:
32:a1:09:b6:04:17:38:7e:c0:9a:47:9c:75:c6:9b:7c:b8:6f:
ab:98:39:b8:c0:9d:79:d7:07:4f:c2:0a:03:28:ea:e9:0a:61:
b8:de:98:dd:4c:9b:e5:04:5a:cd:ce:48:96:32:23:fa:19:74:
22:d3:46:dc:35:0b:46:ee:85:8e:ee:07:ef:08:52:f4:38:fb:
2c:25:e1:ef:47:9a:a7:24:9a:21:08:0d:e3:f7:22:37:2d:f5:
a6:fa:73:d1:da:01:92:a4:27:c0:0a:77:c9:99:b2:fa:47:bd:
b2:2b:6c:54:fc:e9:aa:3f:36:d9:e2:21:ae:e8:ca:dd:ec:68:
a7:ee:5d:61
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUOKYU4ymhIbBWDaj2A4OJ4iamVdMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGU3MGFlMGFjZDBiZTgzZDJkNDU4Y2EyMDdiMWQ0ZmZh
M2MzZTRlYTAeFw0yNjA2MTYxNDM1MTNaFw0yNzA2MTUxNDQwMTNaMDMxMTAvBgNV
BAMTKDc1OEJEM0RBRkZBQUM2M0JBOUNERTM2NTVCMkFGMzcxOEI4Njg5NTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbipbcDaahu/EatGpaqD9jnYHw
XHWqVKLpMwVxSNmZ6JPWU9FtAJH2pDTmSoi25gOk6FtbQQI2LDq2IQyBjDOTOi3q
oPW0t6BQ8YvxRdoj5lPgOGSsJwN5QLamBKV8anfQyv2fN4/RF585ZDBGNBhAjF8X
U7TyzKCZiECu2SrX/tFCNUX4MP8jrv980jfOuX6KS+RG5NZP2fOnCL0hTmb/8YYX
07j2aoywx2t409OzefpFCp8p6GBbl9l1tImf7L5dNulbPsGJ5ihEBBs3wrSy+1a/
iyh1nlgWt4v36FMDR/ZPqixCC20ueqEnHT8jlb8FCG9yUnrEgNIiBzEkf4/RAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUdYvT2v+qxjupzeNlWyrzcYuGiVEwHwYDVR0j
BBgwFoAUDnCuCs0L6D0tRYyiB7HU/6PD5OowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjNmMmFhYWUtMjNjZi00YTM3LTk0MDMtNzQzYjE1ZWMy
YThlLzAvMEU3MEFFMEFDRDBCRTgzRDJENDU4Q0EyMDdCMUQ0RkZBM0MzRTRFQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RuQ3VDczBMNkQwdFJZeWlCN0hVXzZQ
RDVPby5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjNmMmFhYWUt
MjNjZi00YTM3LTk0MDMtNzQzYjE1ZWMyYThlLzAvMzI2MTMwNjEzYTY0MzYzODM3
M2E2NjMxMzAzMDNhM2EyZjM0MzQyZDM0MzgyMDNkM2UyMDMxMzkzNzMyMzEzMy5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHBCoK1ofxADANBgkqhkiG9w0BAQsFAAOCAQEAqTl+wnrcZfIlDAoL
hDqq2VIwzqmi54WbC5uCJHeqLipBVGG552s6ycuNNIgCX0PCwvBDkQI7Abx1LsdQ
B5YvzV8jFuUvSO93D/Rju0GUk1PKMHx96PMU23FRCASn44IjFHPwL7dfnwGiDIsV
+Pnxp46HoJyT/OJ6AhMFyIgPMqEJtgQXOH7AmkecdcabfLhvq5g5uMCdedcHT8IK
Ayjq6QphuN6Y3Uyb5QRazc5IljIj+hl0ItNG3DULRu6Fju4H7whS9Dj7LCXh70ea
pySaIQgN4/ciNy31pvpz0doBkqQnwAp3yZmy+ke9sitsVPzpqj822eIhrujK3exo
p+5dYQ==
-----END CERTIFICATE-----
Generated at Wed Jun 17 09:07:11 2026 by rpki-client