Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c5df7bba-6d8c-49e9-bbe3-c525f53d4206/0/326131343a623430303a3a2f33322d3332203d3e20323133323739.roa
File: 326131343a623430303a3a2f33322d3332203d3e20323133323739.roa (raw, json)
Hash identifier: /ywDrcg69RinQSaJq5qK1DkqX2kU3IcAj/TtRmkAN0I=
Subject key identifier: A5:58:1D:B8:49:6A:01:F2:C0:6E:0E:6E:15:76:AB:F9:BF:26:4B:AC
Certificate issuer: /CN=0d056bac6b22fd1ed0812c4c73ff09a59a409a6e
Certificate serial: 4ABB8A8C612FC32DB37ADBBB9EDA21C93BC2B1D3
Authority key identifier: 0D:05:6B:AC:6B:22:FD:1E:D0:81:2C:4C:73:FF:09:A5:9A:40:9A:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DQVrrGsi_R7QgSxMc_8JpZpAmm4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c5df7bba-6d8c-49e9-bbe3-c525f53d4206/0/326131343a623430303a3a2f33322d3332203d3e20323133323739.roa
Signing time: Fri 17 Apr 2026 13:33:28 +0000
ROA not before: Fri 17 Apr 2026 13:28:28 +0000
ROA not after: Fri 16 Apr 2027 13:33:28 +0000
asID: 213279
IP address blocks: 2a14:b400::/32 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c5df7bba-6d8c-49e9-bbe3-c525f53d4206/0/0D056BAC6B22FD1ED0812C4C73FF09A59A409A6E.crl
rsync://rsync.paas.rpki.ripe.net/repository/c5df7bba-6d8c-49e9-bbe3-c525f53d4206/0/0D056BAC6B22FD1ED0812C4C73FF09A59A409A6E.mft
rsync://rpki.ripe.net/repository/DEFAULT/DQVrrGsi_R7QgSxMc_8JpZpAmm4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 08:22:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:bb:8a:8c:61:2f:c3:2d:b3:7a:db:bb:9e:da:21:c9:3b:c2:b1:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d056bac6b22fd1ed0812c4c73ff09a59a409a6e
Validity
Not Before: Apr 17 13:28:28 2026 GMT
Not After : Apr 16 13:33:28 2027 GMT
Subject: CN=A5581DB8496A01F2C06E0E6E1576ABF9BF264BAC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fe:4e:78:e5:e9:73:a8:10:d3:58:25:5b:35:5a:
e9:15:67:7c:29:9c:bc:50:67:cd:ed:cd:a4:0d:44:
51:ba:64:2b:15:5a:03:1c:4e:d0:91:9c:22:57:61:
fa:5f:7e:7f:64:d9:40:f8:00:04:17:df:72:78:9b:
dc:b6:8e:ee:a2:ed:8b:a9:8d:fe:d3:39:4a:e8:73:
48:1b:4c:5b:fc:01:cf:bf:80:09:1e:a1:32:76:02:
59:f1:fc:8b:42:48:d7:84:48:e8:68:ab:82:2f:80:
a4:bb:de:68:da:98:41:a5:d9:11:cd:9d:b3:b8:75:
3b:8a:47:26:9e:eb:ae:e3:a9:bc:f7:09:5e:dd:70:
bd:d6:7c:b2:ab:85:6b:d7:97:c2:25:b7:df:9c:26:
e8:4f:ff:60:63:ee:31:b7:40:c1:00:38:97:30:35:
2e:1f:c6:75:e3:d5:0d:c5:4c:4d:7d:20:3c:8c:2e:
a1:fd:f1:dc:eb:20:56:5b:6e:75:93:bf:06:08:f4:
4d:2a:c3:c8:54:f2:46:e3:09:9f:da:53:77:39:69:
72:cf:f2:57:92:79:13:1a:9f:0f:1d:1e:05:1f:3d:
37:14:7e:42:b3:67:fe:66:42:78:e9:93:01:75:32:
40:5b:07:5f:cf:b1:82:b5:06:16:93:c6:88:fc:59:
fc:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:58:1D:B8:49:6A:01:F2:C0:6E:0E:6E:15:76:AB:F9:BF:26:4B:AC
X509v3 Authority Key Identifier:
keyid:0D:05:6B:AC:6B:22:FD:1E:D0:81:2C:4C:73:FF:09:A5:9A:40:9A:6E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c5df7bba-6d8c-49e9-bbe3-c525f53d4206/0/0D056BAC6B22FD1ED0812C4C73FF09A59A409A6E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQVrrGsi_R7QgSxMc_8JpZpAmm4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c5df7bba-6d8c-49e9-bbe3-c525f53d4206/0/326131343a623430303a3a2f33322d3332203d3e20323133323739.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:b400::/32
Signature Algorithm: sha256WithRSAEncryption
76:6e:bb:38:fb:95:3e:aa:19:e3:17:90:d4:de:6a:b6:69:89:
d9:0f:a7:74:af:8f:ba:5a:35:53:38:45:f5:3d:aa:68:a2:ba:
c6:51:0f:38:32:17:03:63:e7:2b:7f:92:4d:db:33:46:71:2d:
41:bf:94:99:7e:8f:8f:eb:19:7f:db:68:5a:17:cc:b6:0d:3a:
61:db:c1:76:04:b9:f6:09:07:e2:05:5c:0e:e8:df:52:61:13:
59:bc:9b:1c:8f:cf:30:d1:1c:e3:78:15:78:0b:0d:21:b6:61:
6b:a6:7a:8e:6f:46:c9:4d:75:0b:db:d7:0c:fe:f2:9f:c0:86:
9e:48:a0:28:cb:4c:1d:a9:4d:47:88:e6:99:a0:09:42:f5:71:
58:d6:d7:ea:1a:ad:ce:b7:0b:7e:e2:6d:4b:60:b1:d1:b9:87:
40:c9:5f:54:a5:13:35:d3:79:6c:8b:9e:bf:0a:fa:1c:a9:d2:
91:3e:ee:07:51:a4:83:64:ae:81:63:5a:3d:b3:10:69:21:dc:
05:96:48:ce:83:e0:61:d6:9b:9e:92:e1:8a:69:4d:cb:1a:e3:
4e:93:21:9a:cd:2a:9a:79:b4:07:1f:58:2c:47:f0:c8:05:6b:
3d:a2:dc:ba:09:42:19:f3:60:78:9e:23:9b:50:fe:08:32:e9:
ac:66:09:7b
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIUSruKjGEvwy2zetu7ntohyTvCsdMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQwNTZiYWM2YjIyZmQxZWQwODEyYzRjNzNmZjA5YTU5
YTQwOWE2ZTAeFw0yNjA0MTcxMzI4MjhaFw0yNzA0MTYxMzMzMjhaMDMxMTAvBgNV
BAMTKEE1NTgxREI4NDk2QTAxRjJDMDZFMEU2RTE1NzZBQkY5QkYyNjRCQUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD+Tnjl6XOoENNYJVs1WukVZ3wp
nLxQZ83tzaQNRFG6ZCsVWgMcTtCRnCJXYfpffn9k2UD4AAQX33J4m9y2ju6i7Yup
jf7TOUroc0gbTFv8Ac+/gAkeoTJ2Alnx/ItCSNeESOhoq4IvgKS73mjamEGl2RHN
nbO4dTuKRyae667jqbz3CV7dcL3WfLKrhWvXl8Ilt9+cJuhP/2Bj7jG3QMEAOJcw
NS4fxnXj1Q3FTE19IDyMLqH98dzrIFZbbnWTvwYI9E0qw8hU8kbjCZ/aU3c5aXLP
8leSeRManw8dHgUfPTcUfkKzZ/5mQnjpkwF1MkBbB1/PsYK1BhaTxoj8WfzHAgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQUpVgduElqAfLAbg5uFXar+b8mS6wwHwYDVR0j
BBgwFoAUDQVrrGsi/R7QgSxMc/8JpZpAmm4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzVkZjdiYmEtNmQ4Yy00OWU5LWJiZTMtYzUyNWY1M2Q0
MjA2LzAvMEQwNTZCQUM2QjIyRkQxRUQwODEyQzRDNzNGRjA5QTU5QTQwOUE2RS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RRVnJyR3NpX1I3UWdTeE1jXzhKcFpw
QW1tNC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzVkZjdiYmEt
NmQ4Yy00OWU5LWJiZTMtYzUyNWY1M2Q0MjA2LzAvMzI2MTMxMzQzYTYyMzQzMDMw
M2EzYTJmMzMzMjJkMzMzMjIwM2QzZTIwMzIzMTMzMzIzNzM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUA
KhS0ADANBgkqhkiG9w0BAQsFAAOCAQEAdm67OPuVPqoZ4xeQ1N5qtmmJ2Q+ndK+P
ulo1UzhF9T2qaKK6xlEPODIXA2PnK3+STdszRnEtQb+UmX6Pj+sZf9toWhfMtg06
YdvBdgS59gkH4gVcDujfUmETWbybHI/PMNEc43gVeAsNIbZha6Z6jm9GyU11C9vX
DP7yn8CGnkigKMtMHalNR4jmmaAJQvVxWNbX6hqtzrcLfuJtS2Cx0bmHQMlfVKUT
NdN5bIuevwr6HKnSkT7uB1Gkg2SugWNaPbMQaSHcBZZIzoPgYdabnpLhimlNyxrj
TpMhms0qmnm0Bx9YLEfwyAVrPaLcuglCGfNgeJ4jm1D+CDLprGYJew==
-----END CERTIFICATE-----
Generated at Sun Apr 19 16:02:35 2026 by rpki-client