Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/326131333a393634343a323232303a3a2f34342d3438203d3e20323134393932.roa
File: 326131333a393634343a323232303a3a2f34342d3438203d3e20323134393932.roa (raw, json)
Hash identifier: 0JoIiUMIT0jAbI3GHPb8luCDeUy4DCLrWrwx+cvSkwY=
Subject key identifier: 20:0D:BC:0E:98:E1:ED:B2:A4:0F:A1:0A:93:3C:65:04:07:D1:60:0C
Certificate issuer: /CN=f1d0572fe72991bd32854bac716676ebdad22ace
Certificate serial: 5B3DDF1BDA11464A5EB4148B74B3B8A83B78D141
Authority key identifier: F1:D0:57:2F:E7:29:91:BD:32:85:4B:AC:71:66:76:EB:DA:D2:2A:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/326131333a393634343a323232303a3a2f34342d3438203d3e20323134393932.roa
Signing time: Thu 11 Jun 2026 16:51:37 +0000
ROA not before: Thu 11 Jun 2026 16:46:37 +0000
ROA not after: Thu 10 Jun 2027 16:51:37 +0000
asID: 214992
IP address blocks: 2a13:9644:2220::/44 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.crl
rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.mft
rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 05:54:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:3d:df:1b:da:11:46:4a:5e:b4:14:8b:74:b3:b8:a8:3b:78:d1:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d0572fe72991bd32854bac716676ebdad22ace
Validity
Not Before: Jun 11 16:46:37 2026 GMT
Not After : Jun 10 16:51:37 2027 GMT
Subject: CN=200DBC0E98E1EDB2A40FA10A933C650407D1600C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:d0:1a:a5:d3:83:b3:eb:7a:19:62:b9:2a:f2:
dc:84:a0:9e:28:76:10:8b:4e:80:82:23:e1:10:7f:
4d:f1:ef:33:2c:db:f8:1e:4f:f3:52:26:af:ee:29:
2b:c7:73:59:24:fd:2c:bc:b3:ce:2e:6f:25:66:ba:
4a:7b:2d:24:1d:91:91:81:39:45:0f:db:73:92:3e:
f3:ab:06:1c:4f:2c:eb:b2:88:e5:4d:eb:d3:ff:49:
ac:37:32:e7:23:ba:e4:4b:2c:f6:49:77:a8:e8:84:
fb:fb:8d:e1:ff:09:de:25:de:e5:d5:4f:3b:0e:a7:
23:55:ea:03:52:e4:9e:e0:c4:ac:6f:d6:bb:7c:ae:
f0:59:41:82:6b:73:96:d8:bc:59:9a:75:6b:f5:59:
5f:49:7f:24:ea:8b:4b:90:1d:53:5d:ed:e4:7c:54:
d3:5b:31:07:7a:06:29:be:7b:e7:27:62:6d:39:08:
46:28:23:c3:e9:e5:9d:f8:6c:44:8d:17:9d:57:47:
71:08:f0:cd:9f:ac:2e:c3:fb:4e:6d:8f:0f:db:f1:
f3:dc:89:8c:59:b9:f6:39:54:47:03:d3:74:ab:7e:
bb:21:2b:1e:9d:b1:d1:6d:2f:ad:6b:fa:0b:f2:68:
fb:53:94:1f:24:5a:88:b2:9e:b1:c3:03:47:8a:78:
49:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:0D:BC:0E:98:E1:ED:B2:A4:0F:A1:0A:93:3C:65:04:07:D1:60:0C
X509v3 Authority Key Identifier:
keyid:F1:D0:57:2F:E7:29:91:BD:32:85:4B:AC:71:66:76:EB:DA:D2:2A:CE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/326131333a393634343a323232303a3a2f34342d3438203d3e20323134393932.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9644:2220::/44
Signature Algorithm: sha256WithRSAEncryption
7d:7d:b9:66:7f:37:3d:f0:ad:36:f5:0d:41:9b:40:37:57:66:
8f:21:07:68:af:f8:41:a1:aa:47:25:b9:5a:16:5a:15:e1:1b:
58:83:06:23:a2:f8:95:ed:80:17:eb:55:8a:e7:a8:35:55:5e:
b9:ea:18:78:9b:51:e9:9c:5b:bb:fd:6e:27:a8:ad:33:59:3c:
79:eb:2c:f0:c2:f0:bd:94:ba:89:62:54:b3:8e:72:ef:94:ba:
cc:1d:b8:48:58:4a:70:a0:98:b5:aa:7b:55:13:06:71:71:17:
f8:38:2c:bf:f6:62:c5:e8:59:10:6b:f9:e1:a8:f1:64:02:46:
38:63:73:af:e0:7d:b4:8e:a7:28:cd:d9:da:6b:af:cd:9d:95:
29:db:09:be:f9:61:be:19:d7:b1:18:99:af:e0:94:5b:2d:a7:
f2:f3:81:0c:b3:ae:8e:a2:48:85:20:fc:49:1a:87:c3:7d:0a:
14:c6:83:91:a7:d4:40:81:34:fd:5b:53:d4:82:d4:20:dc:55:
18:2c:91:87:0e:82:de:4a:57:fc:67:26:20:fe:18:ce:83:ef:
8a:ce:00:10:7b:21:a8:69:fc:23:5d:bd:62:40:0d:82:a2:8c:
22:d3:80:d8:6c:d8:51:48:2f:d7:e4:57:44:9a:07:d6:ea:ba:
3f:82:5e:b7
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUWz3fG9oRRkpetBSLdLO4qDt40UEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZjFkMDU3MmZlNzI5OTFiZDMyODU0YmFjNzE2Njc2ZWJk
YWQyMmFjZTAeFw0yNjA2MTExNjQ2MzdaFw0yNzA2MTAxNjUxMzdaMDMxMTAvBgNV
BAMTKDIwMERCQzBFOThFMUVEQjJBNDBGQTEwQTkzM0M2NTA0MDdEMTYwMEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCy0Bql04Oz63oZYrkq8tyEoJ4o
dhCLToCCI+EQf03x7zMs2/geT/NSJq/uKSvHc1kk/Sy8s84ubyVmukp7LSQdkZGB
OUUP23OSPvOrBhxPLOuyiOVN69P/Saw3MucjuuRLLPZJd6johPv7jeH/Cd4l3uXV
TzsOpyNV6gNS5J7gxKxv1rt8rvBZQYJrc5bYvFmadWv1WV9JfyTqi0uQHVNd7eR8
VNNbMQd6Bim+e+cnYm05CEYoI8Pp5Z34bESNF51XR3EI8M2frC7D+05tjw/b8fPc
iYxZufY5VEcD03SrfrshKx6dsdFtL61r+gvyaPtTlB8kWoiynrHDA0eKeEllAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUIA28Dpjh7bKkD6EKkzxlBAfRYAwwHwYDVR0j
BBgwFoAU8dBXL+cpkb0yhUuscWZ269rSKs4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTMwZGU4NGItNDAwYS00ZmQxLWFiOGEtZTc2MTZlMjQ1
YjQ5LzAvRjFEMDU3MkZFNzI5OTFCRDMyODU0QkFDNzE2Njc2RUJEQUQyMkFDRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzhkQlhMLWNwa2IweWhVdXNjV1oyNjly
U0tzNC5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTMwZGU4NGIt
NDAwYS00ZmQxLWFiOGEtZTc2MTZlMjQ1YjQ5LzAvMzI2MTMxMzMzYTM5MzYzNDM0
M2EzMjMyMzIzMDNhM2EyZjM0MzQyZDM0MzgyMDNkM2UyMDMyMzEzNDM5MzkzMi5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHBCoTlkQiIDANBgkqhkiG9w0BAQsFAAOCAQEAfX25Zn83PfCtNvUN
QZtAN1dmjyEHaK/4QaGqRyW5WhZaFeEbWIMGI6L4le2AF+tViueoNVVeueoYeJtR
6Zxbu/1uJ6itM1k8eess8MLwvZS6iWJUs45y75S6zB24SFhKcKCYtap7VRMGcXEX
+Dgsv/ZixehZEGv54ajxZAJGOGNzr+B9tI6nKM3Z2muvzZ2VKdsJvvlhvhnXsRiZ
r+CUWy2n8vOBDLOujqJIhSD8SRqHw30KFMaDkafUQIE0/VtT1ILUINxVGCyRhw6C
3kpX/GcmIP4YzoPvis4AEHshqGn8I129YkANgqKMItOA2GzYUUgv1+RXRJoH1uq6
P4Jetw==
-----END CERTIFICATE-----
Generated at Sat Jun 13 12:58:04 2026 by rpki-client