Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/f0e48da2-bf3d-4f94-9c13-c08c1190de18/0/326131333a376663303a613432613a3a2f34382d3438203d3e20323133323136.roa
File: 326131333a376663303a613432613a3a2f34382d3438203d3e20323133323136.roa (raw, json)
Hash identifier: lt17UYcjIOUOPLVOK/FWXABZZQuRCYc0AYsajAWcNG0=
Subject key identifier: B0:33:27:D6:9C:18:77:51:05:35:5E:10:D7:E4:EE:5C:51:FF:3F:AA
Certificate issuer: /CN=0177dcd7bee1190629437ca4c8ab83e3ad15c7a9
Certificate serial: 0E81E5DBB89D1FCE1BFD50681EEA456D8FB3A6F8
Authority key identifier: 01:77:DC:D7:BE:E1:19:06:29:43:7C:A4:C8:AB:83:E3:AD:15:C7:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AXfc177hGQYpQ3ykyKuD460Vx6k.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/f0e48da2-bf3d-4f94-9c13-c08c1190de18/0/326131333a376663303a613432613a3a2f34382d3438203d3e20323133323136.roa
Signing time: Wed 15 Apr 2026 19:34:25 +0000
ROA not before: Wed 15 Apr 2026 19:29:25 +0000
ROA not after: Wed 14 Apr 2027 19:34:25 +0000
asID: 213216
IP address blocks: 2a13:7fc0:a42a::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/f0e48da2-bf3d-4f94-9c13-c08c1190de18/0/0177DCD7BEE1190629437CA4C8AB83E3AD15C7A9.crl
rsync://rsync.paas.rpki.ripe.net/repository/f0e48da2-bf3d-4f94-9c13-c08c1190de18/0/0177DCD7BEE1190629437CA4C8AB83E3AD15C7A9.mft
rsync://rpki.ripe.net/repository/DEFAULT/AXfc177hGQYpQ3ykyKuD460Vx6k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:33:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:81:e5:db:b8:9d:1f:ce:1b:fd:50:68:1e:ea:45:6d:8f:b3:a6:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0177dcd7bee1190629437ca4c8ab83e3ad15c7a9
Validity
Not Before: Apr 15 19:29:25 2026 GMT
Not After : Apr 14 19:34:25 2027 GMT
Subject: CN=B03327D69C18775105355E10D7E4EE5C51FF3FAA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:e1:62:58:22:6e:62:05:34:ef:66:c8:6b:23:
ff:a8:58:92:04:29:d8:38:a0:f4:8b:52:66:2b:b7:
b9:5a:31:47:4f:24:ee:2a:a4:07:51:27:41:e7:5b:
0b:0c:47:43:37:4d:d1:86:4c:dd:ae:ee:a8:60:fa:
12:cb:14:3d:3d:d9:75:4f:9d:f4:26:a2:7d:07:5f:
ff:cd:b9:90:19:76:be:82:6e:ba:ac:42:7f:b6:f0:
14:0a:cc:ca:ed:61:7c:a2:ec:9a:28:c3:70:3d:78:
4b:21:b9:2e:1f:74:5f:d1:33:c8:ef:14:62:23:be:
32:48:f0:60:93:5c:71:87:2a:97:80:16:92:c9:16:
88:04:97:07:bf:c5:c9:83:e2:f9:9d:bf:75:da:1e:
45:8e:9e:45:b5:20:e3:91:f9:51:9e:68:cc:84:9d:
f2:d1:1d:49:69:fe:24:d5:af:c7:ff:69:76:27:f2:
90:0f:12:9b:4c:b2:3a:57:c6:df:02:51:42:08:6d:
55:3c:3a:8b:85:2f:f6:db:ec:2d:14:28:9f:f7:cb:
5b:43:48:81:96:0d:2f:0c:1a:32:53:d7:1a:7d:84:
09:94:a1:22:9b:17:37:50:9c:1d:dc:63:81:66:f4:
aa:97:15:45:12:8d:9b:0e:cf:b4:b0:43:3c:bc:60:
0d:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:33:27:D6:9C:18:77:51:05:35:5E:10:D7:E4:EE:5C:51:FF:3F:AA
X509v3 Authority Key Identifier:
keyid:01:77:DC:D7:BE:E1:19:06:29:43:7C:A4:C8:AB:83:E3:AD:15:C7:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/f0e48da2-bf3d-4f94-9c13-c08c1190de18/0/0177DCD7BEE1190629437CA4C8AB83E3AD15C7A9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AXfc177hGQYpQ3ykyKuD460Vx6k.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/f0e48da2-bf3d-4f94-9c13-c08c1190de18/0/326131333a376663303a613432613a3a2f34382d3438203d3e20323133323136.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:7fc0:a42a::/48
Signature Algorithm: sha256WithRSAEncryption
6b:45:72:bc:2b:ca:89:bf:18:30:a0:f2:e9:b2:63:f7:ad:f5:
36:b4:a8:ec:f8:2d:89:3e:b4:5e:ba:47:f7:be:ed:52:31:26:
42:5c:e9:9d:28:5e:0f:4e:3c:d4:c2:06:01:56:4a:17:39:fb:
68:9f:01:fc:6a:41:07:5f:20:d4:3c:bc:9b:0e:ff:04:8d:df:
1a:77:f1:5f:89:fd:4b:79:12:21:06:ec:78:80:8b:df:83:5e:
e3:08:69:9e:ee:56:eb:88:26:4e:6e:01:b4:5a:13:15:20:18:
5b:9f:10:ae:84:54:5b:a8:87:d5:94:a1:9e:aa:37:9c:61:53:
82:69:d9:71:74:de:28:b3:61:37:a1:68:19:4c:bd:03:b7:3b:
61:18:68:25:df:a3:66:73:05:18:da:07:28:c6:df:c9:55:80:
dc:ca:76:24:b1:7a:8b:be:4a:ab:5a:01:be:a0:a6:3d:e8:b4:
13:74:8e:67:cc:dc:4c:a3:67:c3:d8:de:30:a5:fa:25:ac:10:
ea:28:f6:6a:3b:04:01:b6:ad:7b:93:db:04:72:34:bb:08:2a:
95:cc:d8:ad:a2:ec:7e:f3:3b:ca:35:da:87:83:bc:92:27:0a:
7b:e3:e8:2f:e1:98:bc:fa:9f:bc:44:58:ea:17:a9:0d:ad:cf:
d8:7b:9f:e4
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUDoHl27idH84b/VBoHupFbY+zpvgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDE3N2RjZDdiZWUxMTkwNjI5NDM3Y2E0YzhhYjgzZTNh
ZDE1YzdhOTAeFw0yNjA0MTUxOTI5MjVaFw0yNzA0MTQxOTM0MjVaMDMxMTAvBgNV
BAMTKEIwMzMyN0Q2OUMxODc3NTEwNTM1NUUxMEQ3RTRFRTVDNTFGRjNGQUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC44WJYIm5iBTTvZshrI/+oWJIE
Kdg4oPSLUmYrt7laMUdPJO4qpAdRJ0HnWwsMR0M3TdGGTN2u7qhg+hLLFD092XVP
nfQmon0HX//NuZAZdr6CbrqsQn+28BQKzMrtYXyi7Joow3A9eEshuS4fdF/RM8jv
FGIjvjJI8GCTXHGHKpeAFpLJFogElwe/xcmD4vmdv3XaHkWOnkW1IOOR+VGeaMyE
nfLRHUlp/iTVr8f/aXYn8pAPEptMsjpXxt8CUUIIbVU8OouFL/bb7C0UKJ/3y1tD
SIGWDS8MGjJT1xp9hAmUoSKbFzdQnB3cY4Fm9KqXFUUSjZsOz7SwQzy8YA0xAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUsDMn1pwYd1EFNV4Q1+TuXFH/P6owHwYDVR0j
BBgwFoAUAXfc177hGQYpQ3ykyKuD460Vx6kwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZjBlNDhkYTItYmYzZC00Zjk0LTljMTMtYzA4YzExOTBk
ZTE4LzAvMDE3N0RDRDdCRUUxMTkwNjI5NDM3Q0E0QzhBQjgzRTNBRDE1QzdBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0FYZmMxNzdoR1FZcFEzeWt5S3VENDYw
Vng2ay5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZjBlNDhkYTIt
YmYzZC00Zjk0LTljMTMtYzA4YzExOTBkZTE4LzAvMzI2MTMxMzMzYTM3NjY2MzMw
M2E2MTM0MzI2MTNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzMzMyMzEzNi5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoTf8CkKjANBgkqhkiG9w0BAQsFAAOCAQEAa0VyvCvKib8YMKDy
6bJj9631NrSo7PgtiT60XrpH977tUjEmQlzpnSheD0481MIGAVZKFzn7aJ8B/GpB
B18g1Dy8mw7/BI3fGnfxX4n9S3kSIQbseICL34Ne4whpnu5W64gmTm4BtFoTFSAY
W58QroRUW6iH1ZShnqo3nGFTgmnZcXTeKLNhN6FoGUy9A7c7YRhoJd+jZnMFGNoH
KMbfyVWA3Mp2JLF6i75Kq1oBvqCmPei0E3SOZ8zcTKNnw9jeMKX6JawQ6ij2ajsE
Abate5PbBHI0uwgqlczYraLsfvM7yjXah4O8kicKe+PoL+GYvPqfvERY6hepDa3P
2Huf5A==
-----END CERTIFICATE-----
Generated at Fri Apr 17 22:10:54 2026 by rpki-client