Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c5df7bba-6d8c-49e9-bbe3-c525f53d4206/0/326131343a623430303a3a2f34382d3438203d3e20323133323739.roa
File: 326131343a623430303a3a2f34382d3438203d3e20323133323739.roa (raw, json)
Hash identifier: MPDWzEveSeqr5REDNZ7vahiUYH6XirhHXiielY71rvw=
Subject key identifier: 71:53:8F:F0:74:FE:54:C4:94:B8:14:6B:7C:4F:35:F7:D6:1E:05:A2
Certificate issuer: /CN=0d056bac6b22fd1ed0812c4c73ff09a59a409a6e
Certificate serial: 1D5A2FCD6DCCBAB350698E8EAA951F3436174CCA
Authority key identifier: 0D:05:6B:AC:6B:22:FD:1E:D0:81:2C:4C:73:FF:09:A5:9A:40:9A:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DQVrrGsi_R7QgSxMc_8JpZpAmm4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c5df7bba-6d8c-49e9-bbe3-c525f53d4206/0/326131343a623430303a3a2f34382d3438203d3e20323133323739.roa
Signing time: Fri 17 Apr 2026 13:33:28 +0000
ROA not before: Fri 17 Apr 2026 13:28:28 +0000
ROA not after: Fri 16 Apr 2027 13:33:28 +0000
asID: 213279
IP address blocks: 2a14:b400::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c5df7bba-6d8c-49e9-bbe3-c525f53d4206/0/0D056BAC6B22FD1ED0812C4C73FF09A59A409A6E.crl
rsync://rsync.paas.rpki.ripe.net/repository/c5df7bba-6d8c-49e9-bbe3-c525f53d4206/0/0D056BAC6B22FD1ED0812C4C73FF09A59A409A6E.mft
rsync://rpki.ripe.net/repository/DEFAULT/DQVrrGsi_R7QgSxMc_8JpZpAmm4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 08:22:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:5a:2f:cd:6d:cc:ba:b3:50:69:8e:8e:aa:95:1f:34:36:17:4c:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d056bac6b22fd1ed0812c4c73ff09a59a409a6e
Validity
Not Before: Apr 17 13:28:28 2026 GMT
Not After : Apr 16 13:33:28 2027 GMT
Subject: CN=71538FF074FE54C494B8146B7C4F35F7D61E05A2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:41:b8:c9:26:5c:c3:f9:d6:9a:d4:20:b8:e2:
63:a8:7f:a2:71:27:db:46:d9:e2:0d:2f:e0:80:23:
fd:3f:1e:c8:f6:c3:b0:e4:aa:84:7b:9f:9d:5c:5b:
b6:27:c0:88:6a:76:78:3a:77:39:fa:47:32:fb:b0:
e2:f5:ea:01:12:78:0c:f5:50:dc:9a:0a:b3:6c:c0:
bc:47:43:93:24:ff:b1:c4:11:f9:40:00:c8:b5:c1:
10:cc:27:b4:fa:e2:37:d3:71:d6:2c:50:06:39:9e:
da:8b:e0:51:b4:4f:10:d9:6e:22:93:af:43:d9:e4:
a0:25:15:a3:12:d5:b6:09:cf:8c:70:da:98:dd:1a:
34:96:dc:e9:31:13:6b:c1:77:59:63:d2:7d:e4:2b:
e8:b8:0a:5e:98:51:7c:ca:91:33:ed:31:93:e2:e4:
f6:f1:8b:a3:80:15:47:b8:66:75:da:6b:56:ee:74:
a1:e5:35:29:08:e7:7f:3d:ec:04:c2:33:00:d3:e4:
28:bc:dd:e8:a8:04:63:c8:e8:d2:c8:f7:45:49:02:
57:4f:f6:d9:7b:63:8f:97:b7:ff:54:cd:c1:5c:bd:
d1:ec:d3:39:43:d3:e8:6e:3b:c6:01:98:c2:49:aa:
72:35:11:bd:de:49:c9:5a:e6:4f:9e:fc:3b:67:fd:
f0:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:53:8F:F0:74:FE:54:C4:94:B8:14:6B:7C:4F:35:F7:D6:1E:05:A2
X509v3 Authority Key Identifier:
keyid:0D:05:6B:AC:6B:22:FD:1E:D0:81:2C:4C:73:FF:09:A5:9A:40:9A:6E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c5df7bba-6d8c-49e9-bbe3-c525f53d4206/0/0D056BAC6B22FD1ED0812C4C73FF09A59A409A6E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQVrrGsi_R7QgSxMc_8JpZpAmm4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c5df7bba-6d8c-49e9-bbe3-c525f53d4206/0/326131343a623430303a3a2f34382d3438203d3e20323133323739.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:b400::/48
Signature Algorithm: sha256WithRSAEncryption
c7:5e:a4:20:a1:df:eb:8d:e7:f4:93:f9:16:5c:ed:06:df:f0:
9a:73:7f:37:84:5f:8d:3f:b7:b6:a1:e8:f4:60:2d:a9:4d:97:
e5:e1:8b:4e:e8:76:82:82:7a:60:4c:64:30:16:15:18:7b:80:
c5:7f:19:18:ac:79:0d:0f:e2:65:bf:1a:7f:65:87:89:28:86:
c4:8a:23:0e:05:72:88:9d:e0:80:9a:b3:8b:41:0a:8f:18:a5:
bf:24:06:34:07:f7:f6:ca:1b:7c:af:82:52:8d:8f:5b:36:06:
b4:f4:6b:89:a7:c9:e8:c1:54:e2:d7:ef:59:3d:3c:f8:1d:17:
a3:d2:85:5e:8c:d8:33:05:84:8f:08:3a:82:2c:47:3e:ff:94:
3f:eb:70:c7:37:a5:1e:df:8f:25:fa:5a:e0:3d:fe:1c:c6:9d:
cc:9e:8b:55:82:60:25:51:fb:61:ae:3b:6c:9c:08:82:5d:0e:
96:65:6c:9e:a4:e5:8b:34:b2:30:53:46:29:83:ee:b6:05:36:
a7:3d:f5:83:75:e8:92:e6:4c:23:fd:dd:5e:66:55:9e:13:67:
6a:da:25:7a:87:88:4c:30:7a:8f:3b:0b:56:10:c7:c2:5e:a8:
71:80:3b:d9:0b:9e:75:5f:f5:f1:c6:43:cc:7b:65:4d:db:3b:
1c:ff:8b:7c
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgIUHVovzW3MurNQaY6OqpUfNDYXTMowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQwNTZiYWM2YjIyZmQxZWQwODEyYzRjNzNmZjA5YTU5
YTQwOWE2ZTAeFw0yNjA0MTcxMzI4MjhaFw0yNzA0MTYxMzMzMjhaMDMxMTAvBgNV
BAMTKDcxNTM4RkYwNzRGRTU0QzQ5NEI4MTQ2QjdDNEYzNUY3RDYxRTA1QTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfQbjJJlzD+daa1CC44mOof6Jx
J9tG2eINL+CAI/0/Hsj2w7DkqoR7n51cW7YnwIhqdng6dzn6RzL7sOL16gESeAz1
UNyaCrNswLxHQ5Mk/7HEEflAAMi1wRDMJ7T64jfTcdYsUAY5ntqL4FG0TxDZbiKT
r0PZ5KAlFaMS1bYJz4xw2pjdGjSW3OkxE2vBd1lj0n3kK+i4Cl6YUXzKkTPtMZPi
5Pbxi6OAFUe4ZnXaa1budKHlNSkI53897ATCMwDT5Ci83eioBGPI6NLI90VJAldP
9tl7Y4+Xt/9UzcFcvdHs0zlD0+huO8YBmMJJqnI1Eb3eScla5k+e/Dtn/fAzAgMB
AAGjggJAMIICPDAdBgNVHQ4EFgQUcVOP8HT+VMSUuBRrfE8199YeBaIwHwYDVR0j
BBgwFoAUDQVrrGsi/R7QgSxMc/8JpZpAmm4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzVkZjdiYmEtNmQ4Yy00OWU5LWJiZTMtYzUyNWY1M2Q0
MjA2LzAvMEQwNTZCQUM2QjIyRkQxRUQwODEyQzRDNzNGRjA5QTU5QTQwOUE2RS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RRVnJyR3NpX1I3UWdTeE1jXzhKcFpw
QW1tNC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzVkZjdiYmEt
NmQ4Yy00OWU5LWJiZTMtYzUyNWY1M2Q0MjA2LzAvMzI2MTMxMzQzYTYyMzQzMDMw
M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzMTMzMzIzNzM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcA
KhS0AAAAMA0GCSqGSIb3DQEBCwUAA4IBAQDHXqQgod/rjef0k/kWXO0G3/Cac383
hF+NP7e2oej0YC2pTZfl4YtO6HaCgnpgTGQwFhUYe4DFfxkYrHkND+Jlvxp/ZYeJ
KIbEiiMOBXKIneCAmrOLQQqPGKW/JAY0B/f2yht8r4JSjY9bNga09GuJp8nowVTi
1+9ZPTz4HRej0oVejNgzBYSPCDqCLEc+/5Q/63DHN6Ue348l+lrgPf4cxp3MnotV
gmAlUfthrjtsnAiCXQ6WZWyepOWLNLIwU0Ypg+62BTanPfWDdeiS5kwj/d1eZlWe
E2dq2iV6h4hMMHqPOwtWEMfCXqhxgDvZC551X/XxxkPMe2VN2zsc/4t8
-----END CERTIFICATE-----
Generated at Sun Apr 19 16:02:22 2026 by rpki-client