Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/bb25d068-7f9c-4b0e-a695-1779b7d8f06e/0/326130663a336363303a3a2f33322d3332203d3e20323037393336.roa
File: 326130663a336363303a3a2f33322d3332203d3e20323037393336.roa (raw, json)
Hash identifier: wDL3d4A1d+S+hyAjhYBLt0XksiIY4fLz7lOilgNj2Q4=
Subject key identifier: D0:BF:B6:9B:55:52:2B:E0:81:BB:C8:5A:B7:B3:B1:D5:0C:A1:39:23
Certificate issuer: /CN=cb29a77669df5a7a5cb506d839ee8aa4337ccaac
Certificate serial: 1123D195EBA9E9DEC7F6B04085029FADF37C5CE3
Authority key identifier: CB:29:A7:76:69:DF:5A:7A:5C:B5:06:D8:39:EE:8A:A4:33:7C:CA:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yymndmnfWnpctQbYOe6KpDN8yqw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/bb25d068-7f9c-4b0e-a695-1779b7d8f06e/0/326130663a336363303a3a2f33322d3332203d3e20323037393336.roa
Signing time: Sun 01 Mar 2026 05:46:34 +0000
ROA not before: Sun 01 Mar 2026 05:41:34 +0000
ROA not after: Sun 28 Feb 2027 05:46:34 +0000
asID: 207936
IP address blocks: 2a0f:3cc0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/bb25d068-7f9c-4b0e-a695-1779b7d8f06e/0/CB29A77669DF5A7A5CB506D839EE8AA4337CCAAC.crl
rsync://rsync.paas.rpki.ripe.net/repository/bb25d068-7f9c-4b0e-a695-1779b7d8f06e/0/CB29A77669DF5A7A5CB506D839EE8AA4337CCAAC.mft
rsync://rpki.ripe.net/repository/DEFAULT/yymndmnfWnpctQbYOe6KpDN8yqw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 01:03:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:23:d1:95:eb:a9:e9:de:c7:f6:b0:40:85:02:9f:ad:f3:7c:5c:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb29a77669df5a7a5cb506d839ee8aa4337ccaac
Validity
Not Before: Mar 1 05:41:34 2026 GMT
Not After : Feb 28 05:46:34 2027 GMT
Subject: CN=D0BFB69B55522BE081BBC85AB7B3B1D50CA13923
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:75:d7:c7:a5:35:ad:32:66:32:0b:8c:5d:c7:
4c:4b:60:ef:65:1b:26:05:c0:6b:40:d7:32:37:15:
5b:ce:73:6c:b9:9f:e5:28:e1:dc:fe:19:43:ea:d1:
00:b3:c3:39:23:c6:20:9b:7a:0a:5f:b0:8a:c8:cc:
2f:b9:aa:c7:e7:21:da:40:2f:af:b0:86:f3:f7:a5:
da:d4:b5:47:74:78:e5:bf:53:1d:fa:b8:f6:2d:50:
07:ba:7f:f2:26:b9:16:9d:3e:72:41:c4:65:88:7c:
bb:a1:26:3e:b0:c2:00:3d:9e:71:be:97:56:0e:e9:
27:19:b4:60:38:7e:d1:ae:94:a8:69:1a:b1:7e:30:
33:83:85:21:7a:bb:79:db:92:97:dd:aa:fa:f0:16:
40:5e:e1:54:83:20:dc:e5:37:40:d5:32:f9:6a:09:
d6:ad:1c:e2:9c:54:bc:53:76:e7:21:38:9f:8c:ed:
f9:33:2a:bd:35:0d:b2:c4:6f:1a:12:86:b3:3a:03:
fb:1a:37:ab:bc:d1:7f:39:0c:47:32:0a:4c:ea:b9:
3f:cd:e0:2f:f4:a5:d0:72:2a:78:cb:fa:59:73:7a:
84:a8:6f:15:32:fb:f9:5b:44:79:95:1c:43:0b:4c:
d8:5d:2b:b6:5e:06:c3:62:ed:c8:6e:17:e2:41:92:
c3:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:BF:B6:9B:55:52:2B:E0:81:BB:C8:5A:B7:B3:B1:D5:0C:A1:39:23
X509v3 Authority Key Identifier:
keyid:CB:29:A7:76:69:DF:5A:7A:5C:B5:06:D8:39:EE:8A:A4:33:7C:CA:AC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/bb25d068-7f9c-4b0e-a695-1779b7d8f06e/0/CB29A77669DF5A7A5CB506D839EE8AA4337CCAAC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yymndmnfWnpctQbYOe6KpDN8yqw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/bb25d068-7f9c-4b0e-a695-1779b7d8f06e/0/326130663a336363303a3a2f33322d3332203d3e20323037393336.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:3cc0::/32
Signature Algorithm: sha256WithRSAEncryption
97:d7:80:c2:04:bc:8d:f7:a2:3a:0a:45:ee:ad:6a:50:ad:3d:
46:93:22:28:ab:0f:e9:ee:de:2e:c3:fc:aa:7b:6a:26:b2:94:
19:eb:4a:da:9f:1d:09:ed:a0:19:74:94:df:4a:e4:e0:2e:5e:
bc:43:5d:36:de:99:87:f9:aa:d9:38:12:a2:94:ed:7c:53:cf:
63:f8:3d:26:ac:ef:b2:91:53:d8:c3:f7:9e:62:c0:73:10:6e:
64:f0:c7:58:ae:67:2b:3c:1d:d0:c3:50:c5:83:b8:68:f0:f8:
e8:9d:20:a3:db:77:08:8d:cc:b0:5e:1e:89:15:ac:6a:44:89:
1e:b3:29:60:73:e8:a4:32:92:5f:f4:b6:2c:84:cd:88:f2:b5:
51:d9:92:8a:df:53:d9:28:6a:a1:b3:26:4a:9a:2c:38:35:1b:
9b:9e:46:cf:ec:27:b3:de:bc:ef:2e:55:9e:01:4b:17:10:85:
7b:57:1d:b9:e0:d2:ad:c0:d9:ce:65:0c:af:64:ca:0f:6f:9c:
95:4e:bc:66:3c:7a:6b:a0:f1:b8:3b:7f:03:fa:92:76:a0:8d:
37:06:ca:3d:d9:7a:a8:39:dd:ad:0d:75:cb:fa:ef:ef:c1:f4:
cc:e1:7a:dd:c3:d2:8a:cc:c3:eb:3c:14:10:21:59:f0:c6:f1:
98:53:89:8a
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIUESPRleup6d7H9rBAhQKfrfN8XOMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoY2IyOWE3NzY2OWRmNWE3YTVjYjUwNmQ4MzllZThhYTQz
MzdjY2FhYzAeFw0yNjAzMDEwNTQxMzRaFw0yNzAyMjgwNTQ2MzRaMDMxMTAvBgNV
BAMTKEQwQkZCNjlCNTU1MjJCRTA4MUJCQzg1QUI3QjNCMUQ1MENBMTM5MjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7ddfHpTWtMmYyC4xdx0xLYO9l
GyYFwGtA1zI3FVvOc2y5n+Uo4dz+GUPq0QCzwzkjxiCbegpfsIrIzC+5qsfnIdpA
L6+whvP3pdrUtUd0eOW/Ux36uPYtUAe6f/ImuRadPnJBxGWIfLuhJj6wwgA9nnG+
l1YO6ScZtGA4ftGulKhpGrF+MDODhSF6u3nbkpfdqvrwFkBe4VSDINzlN0DVMvlq
CdatHOKcVLxTduchOJ+M7fkzKr01DbLEbxoShrM6A/saN6u80X85DEcyCkzquT/N
4C/0pdByKnjL+llzeoSobxUy+/lbRHmVHEMLTNhdK7ZeBsNi7chuF+JBksMPAgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQU0L+2m1VSK+CBu8hat7Ox1QyhOSMwHwYDVR0j
BBgwFoAUyymndmnfWnpctQbYOe6KpDN8yqwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYmIyNWQwNjgtN2Y5Yy00YjBlLWE2OTUtMTc3OWI3ZDhm
MDZlLzAvQ0IyOUE3NzY2OURGNUE3QTVDQjUwNkQ4MzlFRThBQTQzMzdDQ0FBQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3l5bW5kbW5mV25wY3RRYllPZTZLcERO
OHlxdy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYmIyNWQwNjgt
N2Y5Yy00YjBlLWE2OTUtMTc3OWI3ZDhmMDZlLzAvMzI2MTMwNjYzYTMzNjM2MzMw
M2EzYTJmMzMzMjJkMzMzMjIwM2QzZTIwMzIzMDM3MzkzMzM2LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUA
Kg88wDANBgkqhkiG9w0BAQsFAAOCAQEAl9eAwgS8jfeiOgpF7q1qUK09RpMiKKsP
6e7eLsP8qntqJrKUGetK2p8dCe2gGXSU30rk4C5evENdNt6Zh/mq2TgSopTtfFPP
Y/g9JqzvspFT2MP3nmLAcxBuZPDHWK5nKzwd0MNQxYO4aPD46J0go9t3CI3MsF4e
iRWsakSJHrMpYHPopDKSX/S2LITNiPK1UdmSit9T2ShqobMmSposODUbm55Gz+wn
s9687y5VngFLFxCFe1cdueDSrcDZzmUMr2TKD2+clU68Zjx6a6DxuDt/A/qSdqCN
NwbKPdl6qDndrQ11y/rv78H0zOF63cPSiszD6zwUECFZ8MbxmFOJig==
-----END CERTIFICATE-----
Generated at Mon Mar 2 13:22:35 2026 by rpki-client