Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/bb25d068-7f9c-4b0e-a695-1779b7d8f06e/0/326130663a336363333a313030303a3a2f33362d3336203d3e203630373335.roa
File: 326130663a336363333a313030303a3a2f33362d3336203d3e203630373335.roa (raw, json)
Hash identifier: HzAN9ywzH3R4tgGHlz5ec2Bib9+nQQlSPhjXFH+uvKQ=
Subject key identifier: 2B:0F:6A:C5:7C:9E:89:BA:00:92:55:6A:2B:AF:74:63:55:17:39:34
Certificate issuer: /CN=cb29a77669df5a7a5cb506d839ee8aa4337ccaac
Certificate serial: 1196999ECB16A5BF8C0BB2E53AB2DAADA4B144BE
Authority key identifier: CB:29:A7:76:69:DF:5A:7A:5C:B5:06:D8:39:EE:8A:A4:33:7C:CA:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yymndmnfWnpctQbYOe6KpDN8yqw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/bb25d068-7f9c-4b0e-a695-1779b7d8f06e/0/326130663a336363333a313030303a3a2f33362d3336203d3e203630373335.roa
Signing time: Sun 01 Mar 2026 05:46:33 +0000
ROA not before: Sun 01 Mar 2026 05:41:33 +0000
ROA not after: Sun 28 Feb 2027 05:46:33 +0000
asID: 60735
IP address blocks: 2a0f:3cc3:1000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/bb25d068-7f9c-4b0e-a695-1779b7d8f06e/0/CB29A77669DF5A7A5CB506D839EE8AA4337CCAAC.crl
rsync://rsync.paas.rpki.ripe.net/repository/bb25d068-7f9c-4b0e-a695-1779b7d8f06e/0/CB29A77669DF5A7A5CB506D839EE8AA4337CCAAC.mft
rsync://rpki.ripe.net/repository/DEFAULT/yymndmnfWnpctQbYOe6KpDN8yqw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:96:99:9e:cb:16:a5:bf:8c:0b:b2:e5:3a:b2:da:ad:a4:b1:44:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb29a77669df5a7a5cb506d839ee8aa4337ccaac
Validity
Not Before: Mar 1 05:41:33 2026 GMT
Not After : Feb 28 05:46:33 2027 GMT
Subject: CN=2B0F6AC57C9E89BA0092556A2BAF746355173934
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:44:c1:b0:57:09:85:31:64:4a:45:ff:ef:fd:
7c:93:69:bb:03:0c:2e:14:9b:ff:8d:08:fc:2c:61:
89:d9:8d:2c:4a:97:90:5b:b1:4e:a5:04:40:22:43:
7a:e6:eb:82:91:b0:44:75:70:36:32:58:7c:aa:5d:
90:2f:8c:c8:06:75:04:96:1b:b8:2c:12:8a:fc:fe:
97:8c:f1:d8:4e:a6:75:c4:87:95:db:d3:f9:48:0d:
93:72:86:03:c4:2c:65:ed:6a:55:66:e1:77:2c:5c:
c1:02:d5:01:a8:ea:1a:34:9a:82:c2:b3:f0:d3:bf:
b5:c2:2e:7d:b3:00:fc:1e:01:4d:4b:34:9c:59:fa:
30:ed:99:e0:d4:ce:64:bc:f9:62:80:4e:e6:bf:5c:
57:6e:ad:48:79:5e:bf:5d:13:dc:a3:a2:23:ab:06:
22:cc:1c:c4:a9:7e:1a:eb:a1:43:39:0f:84:c5:bf:
61:20:b6:95:68:8f:6c:33:70:d4:7c:91:48:c3:b4:
6f:ee:d1:2a:fc:11:f5:d7:6c:f6:fb:a9:ad:4a:cf:
02:2e:06:19:f1:cb:e9:ca:f3:d0:5c:46:14:a3:3b:
6b:20:2e:bd:57:f4:2e:c4:db:e2:f1:f5:06:cf:b2:
83:45:31:4c:fa:2b:5a:86:e7:ea:3b:ce:47:09:1e:
60:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:0F:6A:C5:7C:9E:89:BA:00:92:55:6A:2B:AF:74:63:55:17:39:34
X509v3 Authority Key Identifier:
keyid:CB:29:A7:76:69:DF:5A:7A:5C:B5:06:D8:39:EE:8A:A4:33:7C:CA:AC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/bb25d068-7f9c-4b0e-a695-1779b7d8f06e/0/CB29A77669DF5A7A5CB506D839EE8AA4337CCAAC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yymndmnfWnpctQbYOe6KpDN8yqw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/bb25d068-7f9c-4b0e-a695-1779b7d8f06e/0/326130663a336363333a313030303a3a2f33362d3336203d3e203630373335.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:3cc3:1000::/36
Signature Algorithm: sha256WithRSAEncryption
0e:ea:f4:66:d8:ed:76:38:38:d4:c1:0e:47:28:23:94:de:3c:
76:27:51:a4:d8:05:dc:85:b1:13:bc:c6:ef:46:69:2b:e2:98:
65:96:52:74:c3:d9:a0:56:24:ac:0f:66:85:79:e6:ee:b6:7c:
48:79:1a:8c:ee:ee:7a:29:66:a5:3a:95:90:ff:17:8e:ce:e3:
0f:a8:dc:65:7b:18:0a:ca:3f:23:17:2c:b8:24:a9:92:07:7e:
3e:30:53:06:36:88:2b:55:76:6d:7d:76:c0:ae:9b:82:f4:5d:
70:24:92:9d:a2:ad:e1:e3:41:37:54:a6:02:c4:9b:c8:e9:07:
c3:9a:b9:ec:07:fb:35:ae:5a:bb:ca:ae:94:4d:45:4b:ca:5d:
64:a9:ce:b2:6f:86:18:9e:46:0f:34:58:c9:96:99:59:f2:49:
57:5b:8b:97:c2:38:e8:39:b2:ed:f8:36:a0:dc:18:ea:36:0e:
3b:c5:31:99:be:31:dd:22:bf:7e:c8:8a:5d:4d:26:93:a5:92:
4e:d9:de:b2:42:2a:be:c4:97:54:05:be:b6:06:71:b9:83:c9:
4d:3d:15:c4:16:a2:8e:46:37:3b:48:2f:dd:ef:31:1c:22:0c:
ee:ef:19:71:3a:53:c0:68:3f:96:eb:80:79:51:9d:9a:09:e3:
f4:6a:8f:00
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIUEZaZnssWpb+MC7LlOrLaraSxRL4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoY2IyOWE3NzY2OWRmNWE3YTVjYjUwNmQ4MzllZThhYTQz
MzdjY2FhYzAeFw0yNjAzMDEwNTQxMzNaFw0yNzAyMjgwNTQ2MzNaMDMxMTAvBgNV
BAMTKDJCMEY2QUM1N0M5RTg5QkEwMDkyNTU2QTJCQUY3NDYzNTUxNzM5MzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCTRMGwVwmFMWRKRf/v/XyTabsD
DC4Um/+NCPwsYYnZjSxKl5BbsU6lBEAiQ3rm64KRsER1cDYyWHyqXZAvjMgGdQSW
G7gsEor8/peM8dhOpnXEh5Xb0/lIDZNyhgPELGXtalVm4XcsXMEC1QGo6ho0moLC
s/DTv7XCLn2zAPweAU1LNJxZ+jDtmeDUzmS8+WKATua/XFdurUh5Xr9dE9yjoiOr
BiLMHMSpfhrroUM5D4TFv2EgtpVoj2wzcNR8kUjDtG/u0Sr8EfXXbPb7qa1KzwIu
Bhnxy+nK89BcRhSjO2sgLr1X9C7E2+Lx9QbPsoNFMUz6K1qG5+o7zkcJHmC9AgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQUKw9qxXyeiboAklVqK690Y1UXOTQwHwYDVR0j
BBgwFoAUyymndmnfWnpctQbYOe6KpDN8yqwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYmIyNWQwNjgtN2Y5Yy00YjBlLWE2OTUtMTc3OWI3ZDhm
MDZlLzAvQ0IyOUE3NzY2OURGNUE3QTVDQjUwNkQ4MzlFRThBQTQzMzdDQ0FBQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3l5bW5kbW5mV25wY3RRYllPZTZLcERO
OHlxdy5jZXIwgbUGCCsGAQUFBwELBIGoMIGlMIGiBggrBgEFBQcwC4aBlXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYmIyNWQwNjgt
N2Y5Yy00YjBlLWE2OTUtMTc3OWI3ZDhmMDZlLzAvMzI2MTMwNjYzYTMzNjM2MzMz
M2EzMTMwMzAzMDNhM2EyZjMzMzYyZDMzMzYyMDNkM2UyMDM2MzAzNzMzMzUucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4E
AgACMAgDBgQqDzzDEDANBgkqhkiG9w0BAQsFAAOCAQEADur0Ztjtdjg41MEORygj
lN48didRpNgF3IWxE7zG70ZpK+KYZZZSdMPZoFYkrA9mhXnm7rZ8SHkajO7ueilm
pTqVkP8Xjs7jD6jcZXsYCso/IxcsuCSpkgd+PjBTBjaIK1V2bX12wK6bgvRdcCSS
naKt4eNBN1SmAsSbyOkHw5q57Af7Na5au8qulE1FS8pdZKnOsm+GGJ5GDzRYyZaZ
WfJJV1uLl8I46Dmy7fg2oNwY6jYOO8Uxmb4x3SK/fsiKXU0mk6WSTtneskIqvsSX
VAW+tgZxuYPJTT0VxBaijkY3O0gv3e8xHCIM7u8ZcTpTwGg/luuAeVGdmgnj9GqP
AA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 10:15:58 2026 by rpki-client