Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/326131333a393634343a31303a3a2f34362d3438203d3e203438313934.roa
File: 326131333a393634343a31303a3a2f34362d3438203d3e203438313934.roa (raw, json)
Hash identifier: dUdgsqEsXhjpFbCXjEAOMcgmvSkHr/B9yKj+ko9WRB0=
Subject key identifier: 10:F5:D0:70:07:03:30:49:3E:B4:D2:C9:A3:CC:B0:0E:5C:28:F8:24
Certificate issuer: /CN=f1d0572fe72991bd32854bac716676ebdad22ace
Certificate serial: 6873A99BE0752834D3E360C7FC06626109CCBDF2
Authority key identifier: F1:D0:57:2F:E7:29:91:BD:32:85:4B:AC:71:66:76:EB:DA:D2:2A:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/326131333a393634343a31303a3a2f34362d3438203d3e203438313934.roa
Signing time: Thu 11 Jun 2026 16:50:53 +0000
ROA not before: Thu 11 Jun 2026 16:45:53 +0000
ROA not after: Thu 10 Jun 2027 16:50:53 +0000
asID: 48194
IP address blocks: 2a13:9644:10::/46 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.crl
rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.mft
rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 17 Jun 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:73:a9:9b:e0:75:28:34:d3:e3:60:c7:fc:06:62:61:09:cc:bd:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d0572fe72991bd32854bac716676ebdad22ace
Validity
Not Before: Jun 11 16:45:53 2026 GMT
Not After : Jun 10 16:50:53 2027 GMT
Subject: CN=10F5D070070330493EB4D2C9A3CCB00E5C28F824
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:41:e1:fb:09:b4:9e:a4:7b:11:22:58:3e:87:
6a:41:44:ed:ee:0f:3c:3d:76:99:a0:c8:a5:f7:b8:
2b:75:d8:e0:27:f6:0b:22:1c:66:b0:59:1d:da:fb:
f4:86:f8:18:37:81:2a:2e:0e:3c:0a:f4:ec:3e:0f:
64:bb:f9:57:e0:b7:1f:6d:51:30:67:99:38:d1:1c:
74:e6:cd:16:5b:ad:75:d9:a2:c5:cf:49:7b:73:bd:
89:59:23:c3:7b:a0:ed:a3:54:3f:aa:72:c3:ed:f5:
b9:2a:32:0b:fc:70:5b:9f:7c:95:26:8a:1e:04:b3:
6e:06:29:9f:42:cb:bc:e7:47:82:fa:96:77:b8:a9:
16:ff:30:5c:5c:56:92:e7:d7:52:39:42:8f:34:a9:
a9:a7:98:15:19:44:01:0b:d4:5f:dc:33:9b:6a:01:
17:29:ef:84:2b:79:fc:fb:80:52:90:e9:1e:ed:23:
28:14:6b:e4:70:7e:60:f1:cd:1d:18:e7:ba:43:df:
a4:e9:92:0a:f3:0c:24:62:b6:57:93:98:0a:b5:92:
ac:23:29:e0:65:ca:4d:00:7d:47:fb:80:11:8b:8b:
9b:b6:ef:75:39:21:83:aa:07:07:4a:80:cc:1d:2a:
8d:e0:e5:9d:5e:a6:c6:d3:df:fc:f0:e9:2c:fa:f1:
bc:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:F5:D0:70:07:03:30:49:3E:B4:D2:C9:A3:CC:B0:0E:5C:28:F8:24
X509v3 Authority Key Identifier:
keyid:F1:D0:57:2F:E7:29:91:BD:32:85:4B:AC:71:66:76:EB:DA:D2:2A:CE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/326131333a393634343a31303a3a2f34362d3438203d3e203438313934.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9644:10::/46
Signature Algorithm: sha256WithRSAEncryption
36:e1:7e:f8:c8:5f:0d:70:bc:f3:c8:e0:cb:84:63:b1:fb:95:
40:11:a4:ee:54:eb:8a:d2:46:ba:f0:25:5b:c9:3f:df:ca:7e:
21:da:e1:87:d3:78:b4:09:fb:c2:d2:34:37:63:f5:76:28:8f:
4f:31:f0:64:76:fd:0f:bc:91:b4:cf:4a:e0:68:7b:02:b4:6f:
38:36:45:05:d3:1a:8e:79:36:5a:df:0d:c0:98:05:a0:eb:4e:
cb:78:ea:c0:f3:c5:d2:eb:db:20:f5:aa:67:37:e4:a3:2a:75:
63:3e:f1:85:d7:23:d4:6e:51:06:b7:8a:73:d5:91:72:c5:8e:
94:9d:65:a0:58:ec:6f:6b:4c:4b:24:44:eb:b1:ab:c4:84:f6:
ae:41:ce:09:fe:a8:51:56:ee:56:02:fb:83:e4:9f:7a:27:70:
43:ab:42:3b:5f:e6:69:89:c6:5a:1f:22:d9:38:d9:27:e3:f5:
6a:3f:f6:c2:b5:c3:93:51:75:6d:9b:5d:b6:37:0c:64:62:89:
29:26:4b:8d:52:e6:a1:d4:38:34:36:bc:e1:2f:c4:86:3c:9e:
6a:01:29:44:77:23:1a:67:7c:69:06:c5:88:d7:80:b3:bd:52:
56:3b:48:a4:a4:b6:52:91:13:56:fd:6d:e6:02:c0:ba:34:80:
8e:7e:de:87
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUaHOpm+B1KDTT42DH/AZiYQnMvfIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZjFkMDU3MmZlNzI5OTFiZDMyODU0YmFjNzE2Njc2ZWJk
YWQyMmFjZTAeFw0yNjA2MTExNjQ1NTNaFw0yNzA2MTAxNjUwNTNaMDMxMTAvBgNV
BAMTKDEwRjVEMDcwMDcwMzMwNDkzRUI0RDJDOUEzQ0NCMDBFNUMyOEY4MjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDQeH7CbSepHsRIlg+h2pBRO3u
Dzw9dpmgyKX3uCt12OAn9gsiHGawWR3a+/SG+Bg3gSouDjwK9Ow+D2S7+Vfgtx9t
UTBnmTjRHHTmzRZbrXXZosXPSXtzvYlZI8N7oO2jVD+qcsPt9bkqMgv8cFuffJUm
ih4Es24GKZ9Cy7znR4L6lne4qRb/MFxcVpLn11I5Qo80qamnmBUZRAEL1F/cM5tq
ARcp74Qrefz7gFKQ6R7tIygUa+RwfmDxzR0Y57pD36TpkgrzDCRitleTmAq1kqwj
KeBlyk0AfUf7gBGLi5u273U5IYOqBwdKgMwdKo3g5Z1epsbT3/zw6Sz68byfAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUEPXQcAcDMEk+tNLJo8ywDlwo+CQwHwYDVR0j
BBgwFoAU8dBXL+cpkb0yhUuscWZ269rSKs4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTMwZGU4NGItNDAwYS00ZmQxLWFiOGEtZTc2MTZlMjQ1
YjQ5LzAvRjFEMDU3MkZFNzI5OTFCRDMyODU0QkFDNzE2Njc2RUJEQUQyMkFDRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzhkQlhMLWNwa2IweWhVdXNjV1oyNjly
U0tzNC5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTMwZGU4NGIt
NDAwYS00ZmQxLWFiOGEtZTc2MTZlMjQ1YjQ5LzAvMzI2MTMxMzMzYTM5MzYzNDM0
M2EzMTMwM2EzYTJmMzQzNjJkMzQzODIwM2QzZTIwMzQzODMxMzkzNC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHAioTlkQAEDANBgkqhkiG9w0BAQsFAAOCAQEANuF++MhfDXC888jgy4RjsfuV
QBGk7lTritJGuvAlW8k/38p+Idrhh9N4tAn7wtI0N2P1diiPTzHwZHb9D7yRtM9K
4Gh7ArRvODZFBdMajnk2Wt8NwJgFoOtOy3jqwPPF0uvbIPWqZzfkoyp1Yz7xhdcj
1G5RBreKc9WRcsWOlJ1loFjsb2tMSyRE67GrxIT2rkHOCf6oUVbuVgL7g+Sfeidw
Q6tCO1/maYnGWh8i2TjZJ+P1aj/2wrXDk1F1bZtdtjcMZGKJKSZLjVLmodQ4NDa8
4S/EhjyeagEpRHcjGmd8aQbFiNeAs71SVjtIpKS2UpETVv1t5gLAujSAjn7ehw==
-----END CERTIFICATE-----
Generated at Wed Jun 17 09:24:38 2026 by rpki-client