Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/bb25d068-7f9c-4b0e-a695-1779b7d8f06e/0/326130663a336363363a3a2f33322d3332203d3e203630373335.roa
File: 326130663a336363363a3a2f33322d3332203d3e203630373335.roa (raw, json)
Hash identifier: ABkHDQKjEeANharZO1hp0RDKdEsWdRf0F4prEwfZnFs=
Subject key identifier: C6:EE:B3:20:55:EA:39:79:B5:60:F0:E9:6A:CD:0D:39:3A:54:9B:08
Certificate issuer: /CN=cb29a77669df5a7a5cb506d839ee8aa4337ccaac
Certificate serial: 43E90E78D054F59A5C2979723E4C5A2CDE7E54C1
Authority key identifier: CB:29:A7:76:69:DF:5A:7A:5C:B5:06:D8:39:EE:8A:A4:33:7C:CA:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yymndmnfWnpctQbYOe6KpDN8yqw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/bb25d068-7f9c-4b0e-a695-1779b7d8f06e/0/326130663a336363363a3a2f33322d3332203d3e203630373335.roa
Signing time: Sun 01 Mar 2026 05:46:33 +0000
ROA not before: Sun 01 Mar 2026 05:41:33 +0000
ROA not after: Sun 28 Feb 2027 05:46:33 +0000
asID: 60735
IP address blocks: 2a0f:3cc6::/32 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/bb25d068-7f9c-4b0e-a695-1779b7d8f06e/0/CB29A77669DF5A7A5CB506D839EE8AA4337CCAAC.crl
rsync://rsync.paas.rpki.ripe.net/repository/bb25d068-7f9c-4b0e-a695-1779b7d8f06e/0/CB29A77669DF5A7A5CB506D839EE8AA4337CCAAC.mft
rsync://rpki.ripe.net/repository/DEFAULT/yymndmnfWnpctQbYOe6KpDN8yqw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:e9:0e:78:d0:54:f5:9a:5c:29:79:72:3e:4c:5a:2c:de:7e:54:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb29a77669df5a7a5cb506d839ee8aa4337ccaac
Validity
Not Before: Mar 1 05:41:33 2026 GMT
Not After : Feb 28 05:46:33 2027 GMT
Subject: CN=C6EEB32055EA3979B560F0E96ACD0D393A549B08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:e8:31:d3:91:d4:27:25:a5:be:05:63:f2:e1:
af:62:7f:34:68:3f:e6:7e:d1:30:97:49:6e:9e:17:
ee:2c:3f:8b:b0:f5:fb:ad:f9:5e:ac:df:1a:25:b1:
8c:ae:a1:b5:73:8b:7f:81:8c:ba:f0:8c:91:d4:dd:
5b:a6:86:a4:8c:92:bb:59:63:c2:36:83:11:c5:a2:
94:6d:de:79:fd:6e:60:a7:eb:72:07:45:50:fd:77:
2d:d5:8b:56:fc:00:e8:11:04:bb:6b:8b:c2:c0:3e:
4a:4e:90:3d:08:21:01:3f:33:1f:ca:1c:f4:6c:14:
01:6f:d4:1d:e7:4b:ff:f2:33:1f:9f:8a:fa:1e:32:
90:80:64:51:1c:50:0b:98:0f:c1:43:6b:fc:97:a2:
7c:51:dc:7b:f3:0b:36:f4:31:39:96:33:2f:0e:8c:
a0:10:08:af:20:01:6e:3e:2b:00:fc:6b:a4:2d:17:
0a:2b:fa:26:28:38:57:bb:e6:e0:43:81:c4:ce:10:
d4:63:22:ba:f9:1f:aa:71:39:a9:e9:ac:21:95:32:
df:18:55:a7:d5:ea:e9:89:6e:a2:84:1b:2b:5d:04:
21:3c:e1:bb:a6:cc:8a:9d:91:97:a5:03:40:cd:39:
0d:2d:4b:32:6b:e3:26:79:dc:a8:ef:c3:97:ba:c8:
18:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:EE:B3:20:55:EA:39:79:B5:60:F0:E9:6A:CD:0D:39:3A:54:9B:08
X509v3 Authority Key Identifier:
keyid:CB:29:A7:76:69:DF:5A:7A:5C:B5:06:D8:39:EE:8A:A4:33:7C:CA:AC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/bb25d068-7f9c-4b0e-a695-1779b7d8f06e/0/CB29A77669DF5A7A5CB506D839EE8AA4337CCAAC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yymndmnfWnpctQbYOe6KpDN8yqw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/bb25d068-7f9c-4b0e-a695-1779b7d8f06e/0/326130663a336363363a3a2f33322d3332203d3e203630373335.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:3cc6::/32
Signature Algorithm: sha256WithRSAEncryption
7a:a8:9d:10:b3:2a:dd:9b:58:77:2a:bb:a7:f4:ed:d5:4f:6a:
a5:b8:9c:3d:81:a7:18:ab:53:5c:87:27:ca:c0:55:14:ee:58:
5e:ab:32:4a:85:4b:32:56:91:ac:5f:43:9d:21:02:6d:e3:1a:
1a:4e:fd:01:e0:b5:f5:08:fa:e4:30:14:d0:3a:a4:0a:6b:4f:
69:b6:50:b9:57:0c:b7:f9:f4:d4:9e:44:a1:86:cd:9b:05:dc:
9f:26:41:e2:b8:4b:af:04:07:6c:a5:8e:f5:08:f8:27:e3:3b:
44:a9:f7:c5:75:51:11:ec:b7:6a:1b:b7:52:81:90:f1:a8:93:
ac:a4:ad:50:34:f6:90:cc:e4:fc:02:94:8c:d8:ba:80:ff:c8:
6c:b5:c6:70:34:16:bd:15:d1:92:d5:4d:e3:57:20:34:e5:e7:
3e:55:d3:95:30:23:00:a0:7d:25:84:56:ab:74:99:b1:4d:5f:
50:f1:f5:c5:b3:0b:90:db:3c:b9:70:ab:81:28:74:40:2f:e1:
1c:b9:3f:81:82:11:49:f8:88:84:a0:d5:5e:57:f4:8c:bf:fa:
fa:2a:f4:71:a1:01:e9:99:81:d5:f4:bf:dc:9e:33:0a:77:9d:
5e:72:e2:37:2a:d2:52:8f:ad:d8:ef:e4:e1:73:ef:cc:f8:34:
09:fb:5e:1f
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIUQ+kOeNBU9ZpcKXlyPkxaLN5+VMEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoY2IyOWE3NzY2OWRmNWE3YTVjYjUwNmQ4MzllZThhYTQz
MzdjY2FhYzAeFw0yNjAzMDEwNTQxMzNaFw0yNzAyMjgwNTQ2MzNaMDMxMTAvBgNV
BAMTKEM2RUVCMzIwNTVFQTM5NzlCNTYwRjBFOTZBQ0QwRDM5M0E1NDlCMDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDo6DHTkdQnJaW+BWPy4a9ifzRo
P+Z+0TCXSW6eF+4sP4uw9fut+V6s3xolsYyuobVzi3+BjLrwjJHU3VumhqSMkrtZ
Y8I2gxHFopRt3nn9bmCn63IHRVD9dy3Vi1b8AOgRBLtri8LAPkpOkD0IIQE/Mx/K
HPRsFAFv1B3nS//yMx+fivoeMpCAZFEcUAuYD8FDa/yXonxR3HvzCzb0MTmWMy8O
jKAQCK8gAW4+KwD8a6QtFwor+iYoOFe75uBDgcTOENRjIrr5H6pxOanprCGVMt8Y
VafV6umJbqKEGytdBCE84bumzIqdkZelA0DNOQ0tSzJr4yZ53Kjvw5e6yBjzAgMB
AAGjggI8MIICODAdBgNVHQ4EFgQUxu6zIFXqOXm1YPDpas0NOTpUmwgwHwYDVR0j
BBgwFoAUyymndmnfWnpctQbYOe6KpDN8yqwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYmIyNWQwNjgtN2Y5Yy00YjBlLWE2OTUtMTc3OWI3ZDhm
MDZlLzAvQ0IyOUE3NzY2OURGNUE3QTVDQjUwNkQ4MzlFRThBQTQzMzdDQ0FBQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3l5bW5kbW5mV25wY3RRYllPZTZLcERO
OHlxdy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYmIyNWQwNjgt
N2Y5Yy00YjBlLWE2OTUtMTc3OWI3ZDhmMDZlLzAvMzI2MTMwNjYzYTMzNjM2MzM2
M2EzYTJmMzMzMjJkMzMzMjIwM2QzZTIwMzYzMDM3MzMzNS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoP
PMYwDQYJKoZIhvcNAQELBQADggEBAHqonRCzKt2bWHcqu6f07dVPaqW4nD2Bpxir
U1yHJ8rAVRTuWF6rMkqFSzJWkaxfQ50hAm3jGhpO/QHgtfUI+uQwFNA6pAprT2m2
ULlXDLf59NSeRKGGzZsF3J8mQeK4S68EB2yljvUI+CfjO0Sp98V1URHst2obt1KB
kPGok6ykrVA09pDM5PwClIzYuoD/yGy1xnA0Fr0V0ZLVTeNXIDTl5z5V05UwIwCg
fSWEVqt0mbFNX1Dx9cWzC5DbPLlwq4EodEAv4Ry5P4GCEUn4iISg1V5X9Iy/+voq
9HGhAemZgdX0v9yeMwp3nV5y4jcq0lKPrdjv5OFz78z4NAn7Xh8=
-----END CERTIFICATE-----
Generated at Mon Mar 2 10:02:06 2026 by rpki-client