Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/326131313a663263303a343a3a2f34382d3438203d3e20323032333539.roa
File: 326131313a663263303a343a3a2f34382d3438203d3e20323032333539.roa (raw, json)
Hash identifier: xfgLKdcaQj0NvKT0fDpsFIjlfgNqKkaTCna+rBc2muw=
Subject key identifier: 8A:C5:A2:73:C2:97:7C:98:1B:46:E2:CB:88:C2:FD:17:30:D3:80:1D
Certificate issuer: /CN=0839a93dab544c296ffa143456844a8b2818b1d0
Certificate serial: 7542B7EAB4A05645964EA3DA804E6AF167C71E02
Authority key identifier: 08:39:A9:3D:AB:54:4C:29:6F:FA:14:34:56:84:4A:8B:28:18:B1:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CDmpPatUTClv-hQ0VoRKiygYsdA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/326131313a663263303a343a3a2f34382d3438203d3e20323032333539.roa
Signing time: Mon 18 May 2026 14:20:18 +0000
ROA not before: Mon 18 May 2026 14:15:18 +0000
ROA not after: Mon 17 May 2027 14:20:18 +0000
asID: 202359
IP address blocks: 2a11:f2c0:4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/0839A93DAB544C296FFA143456844A8B2818B1D0.crl
rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/0839A93DAB544C296FFA143456844A8B2818B1D0.mft
rsync://rpki.ripe.net/repository/DEFAULT/CDmpPatUTClv-hQ0VoRKiygYsdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 13:17:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:42:b7:ea:b4:a0:56:45:96:4e:a3:da:80:4e:6a:f1:67:c7:1e:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0839a93dab544c296ffa143456844a8b2818b1d0
Validity
Not Before: May 18 14:15:18 2026 GMT
Not After : May 17 14:20:18 2027 GMT
Subject: CN=8AC5A273C2977C981B46E2CB88C2FD1730D3801D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:84:e3:db:f2:f0:0b:92:8b:26:82:bb:0f:a0:
10:b9:6f:1f:90:bc:4e:61:bd:4d:ef:c5:38:58:d0:
a2:0f:90:49:87:69:a5:b8:5f:70:5c:de:62:d8:94:
57:14:51:ce:91:fd:e6:7a:31:d4:eb:aa:e2:7c:ba:
62:6b:3c:3a:2f:c0:07:a4:54:2d:69:9f:9b:a5:5d:
d3:4d:b1:09:aa:d0:b7:0e:77:88:83:d4:5c:95:1a:
09:4c:13:43:66:c3:ea:34:e8:98:59:ca:4a:db:a3:
a0:1a:57:67:a6:56:91:de:7c:c2:46:57:55:9f:94:
be:ed:a7:40:f8:21:a3:69:ff:e2:5d:0d:ac:af:71:
1f:cd:75:10:b7:8c:6b:9b:55:ad:9a:86:a2:e2:c9:
2e:a1:62:34:37:a1:c3:cb:ce:4a:06:ca:6a:06:bd:
24:fa:5d:42:db:2f:0c:8c:70:8c:2c:d4:e6:66:51:
a5:0f:97:32:67:f7:6b:26:57:a5:c2:0f:ea:1e:33:
03:89:b2:da:e9:0b:71:7e:48:f0:e5:9a:df:79:60:
d5:4e:cd:54:2e:75:34:2b:13:a7:c1:aa:a4:0c:b3:
81:b0:ce:15:72:6a:54:9b:33:87:64:99:21:0d:d0:
08:bc:e3:d5:07:b7:e9:4f:35:ba:ed:60:94:5d:17:
1a:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:C5:A2:73:C2:97:7C:98:1B:46:E2:CB:88:C2:FD:17:30:D3:80:1D
X509v3 Authority Key Identifier:
keyid:08:39:A9:3D:AB:54:4C:29:6F:FA:14:34:56:84:4A:8B:28:18:B1:D0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/0839A93DAB544C296FFA143456844A8B2818B1D0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CDmpPatUTClv-hQ0VoRKiygYsdA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/326131313a663263303a343a3a2f34382d3438203d3e20323032333539.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:f2c0:4::/48
Signature Algorithm: sha256WithRSAEncryption
09:b9:01:bb:60:37:52:73:17:85:d7:0a:75:1a:1d:78:63:99:
c3:68:b0:8d:21:33:a9:e4:16:6c:db:f7:6a:ee:dc:d1:ca:8d:
26:a7:bd:37:b6:95:80:38:82:ac:d1:b7:6e:96:a8:cb:37:22:
47:c7:c2:4c:8b:76:20:66:f8:25:bb:7f:b9:3e:59:e2:c5:c2:
00:5f:3b:09:a9:1e:84:6c:c9:05:96:19:5f:3a:25:e3:72:98:
ec:61:3e:07:ad:5e:c9:dc:00:68:a6:6a:5d:38:3a:ab:2d:50:
98:a2:c3:c0:de:d4:89:b7:3e:dc:89:2e:6b:8b:0b:3a:fc:0e:
ef:32:c1:4a:52:3a:83:7a:c1:f4:b7:88:ae:19:ee:ae:3d:cb:
9d:84:3f:7f:09:b7:85:d9:13:1f:be:ed:de:eb:e4:e9:c4:d5:
d8:93:7c:29:78:cf:e5:0c:2c:8c:cb:21:77:0e:f1:ed:33:12:
35:08:ce:2a:ee:3a:8c:c1:e5:7a:a8:32:89:b0:e0:a5:10:c9:
86:85:ef:d6:e1:76:03:cc:ab:8e:c7:93:d1:bb:80:90:67:b8:
7b:3b:ab:35:a1:3b:ec:20:19:b4:fb:eb:d4:7c:6a:16:a8:46:
63:c9:c4:18:1c:77:30:3a:91:97:8f:db:a3:e2:20:66:e0:3d:
bf:0f:4a:1d
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUdUK36rSgVkWWTqPagE5q8WfHHgIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDgzOWE5M2RhYjU0NGMyOTZmZmExNDM0NTY4NDRhOGIy
ODE4YjFkMDAeFw0yNjA1MTgxNDE1MThaFw0yNzA1MTcxNDIwMThaMDMxMTAvBgNV
BAMTKDhBQzVBMjczQzI5NzdDOTgxQjQ2RTJDQjg4QzJGRDE3MzBEMzgwMUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwhOPb8vALkosmgrsPoBC5bx+Q
vE5hvU3vxThY0KIPkEmHaaW4X3Bc3mLYlFcUUc6R/eZ6MdTrquJ8umJrPDovwAek
VC1pn5ulXdNNsQmq0LcOd4iD1FyVGglME0Nmw+o06JhZykrbo6AaV2emVpHefMJG
V1WflL7tp0D4IaNp/+JdDayvcR/NdRC3jGubVa2ahqLiyS6hYjQ3ocPLzkoGymoG
vST6XULbLwyMcIws1OZmUaUPlzJn92smV6XCD+oeMwOJstrpC3F+SPDlmt95YNVO
zVQudTQrE6fBqqQMs4GwzhVyalSbM4dkmSEN0Ai849UHt+lPNbrtYJRdFxo7AgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUisWic8KXfJgbRuLLiML9FzDTgB0wHwYDVR0j
BBgwFoAUCDmpPatUTClv+hQ0VoRKiygYsdAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZGRlODM3ZmItNjM5MC00MWI1LTgyYTAtZjBkMDJjMDNh
MmM2LzcvMDgzOUE5M0RBQjU0NEMyOTZGRkExNDM0NTY4NDRBOEIyODE4QjFEMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NEbXBQYXRVVENsdi1oUTBWb1JLaXln
WXNkQS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZGRlODM3ZmIt
NjM5MC00MWI1LTgyYTAtZjBkMDJjMDNhMmM2LzcvMzI2MTMxMzEzYTY2MzI2MzMw
M2EzNDNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAzMjMzMzUzOS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHACoR8sAABDANBgkqhkiG9w0BAQsFAAOCAQEACbkBu2A3UnMXhdcKdRodeGOZ
w2iwjSEzqeQWbNv3au7c0cqNJqe9N7aVgDiCrNG3bpaoyzciR8fCTIt2IGb4Jbt/
uT5Z4sXCAF87CakehGzJBZYZXzol43KY7GE+B61eydwAaKZqXTg6qy1QmKLDwN7U
ibc+3Ikua4sLOvwO7zLBSlI6g3rB9LeIrhnurj3LnYQ/fwm3hdkTH77t3uvk6cTV
2JN8KXjP5QwsjMshdw7x7TMSNQjOKu46jMHleqgyibDgpRDJhoXv1uF2A8yrjseT
0buAkGe4ezurNaE77CAZtPvr1HxqFqhGY8nEGBx3MDqRl4/bo+IgZuA9vw9KHQ==
-----END CERTIFICATE-----
Generated at Sun Jun 14 00:09:43 2026 by rpki-client