Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/326130313a3666303a3230313a3a2f34382d3438203d3e203432333636.roa
File: 326130313a3666303a3230313a3a2f34382d3438203d3e203432333636.roa (raw, json)
Hash identifier: trW7I0TEr7Im6NAqvhtS0HXu21gttpIpScYM1kqHMC8=
Subject key identifier: 76:FD:B5:FB:12:F0:7C:46:EA:A3:15:98:B4:9C:48:AF:06:78:B3:E4
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 5A7D5E8A15191A7B8310D0080C59B2A0908DB3A1
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/326130313a3666303a3230313a3a2f34382d3438203d3e203432333636.roa
Signing time: Thu 22 Jan 2026 09:23:10 +0000
ROA not before: Thu 22 Jan 2026 09:18:10 +0000
ROA not after: Thu 21 Jan 2027 09:23:10 +0000
asID: 42366
IP address blocks: 2a01:6f0:201::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:7d:5e:8a:15:19:1a:7b:83:10:d0:08:0c:59:b2:a0:90:8d:b3:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 22 09:18:10 2026 GMT
Not After : Jan 21 09:23:10 2027 GMT
Subject: CN=76FDB5FB12F07C46EAA31598B49C48AF0678B3E4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:7e:7e:88:5b:e8:9a:69:b6:5f:0f:9c:cd:4a:
83:1f:86:44:70:c9:cb:da:4e:3a:e6:11:42:53:6f:
7a:97:f2:04:3c:2b:2f:03:e2:f7:f6:6f:c5:18:20:
9b:5a:c5:f3:81:4d:eb:c2:26:ab:ca:c8:58:e9:5a:
ea:10:1e:50:cc:15:76:89:b6:77:1b:bb:f6:bd:22:
7b:6c:32:3a:46:5e:07:c8:f1:39:46:8a:b7:ff:b0:
77:47:53:a2:2c:dc:39:b4:a2:54:70:cb:6e:74:7f:
56:ea:09:c2:0a:2f:32:37:55:48:de:39:c6:68:8d:
b4:f6:d6:f7:8c:31:31:bb:8b:b2:d1:c7:a3:30:68:
fe:7f:56:dd:77:76:06:3b:4f:d4:6e:b9:9c:29:21:
23:3f:c2:76:8d:a6:41:b0:7a:a8:98:80:6a:b7:0f:
3a:18:e2:49:33:4a:56:b0:fc:e3:26:96:0a:6b:93:
23:78:60:7e:e1:2d:82:05:a8:09:aa:b1:6c:b5:74:
47:ee:85:73:28:df:0d:f4:a0:f3:8c:6f:c8:25:9f:
81:e6:3d:33:b4:91:b2:d3:00:43:81:81:19:ec:95:
63:de:01:97:54:2e:b1:58:02:87:8f:af:1a:b4:d7:
a3:b4:fe:f8:4d:6e:87:b4:3c:19:55:d4:38:ab:12:
0b:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:FD:B5:FB:12:F0:7C:46:EA:A3:15:98:B4:9C:48:AF:06:78:B3:E4
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/326130313a3666303a3230313a3a2f34382d3438203d3e203432333636.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:6f0:201::/48
Signature Algorithm: sha256WithRSAEncryption
0b:ec:14:1e:52:53:20:a5:29:99:9c:67:7a:c6:f3:f7:05:95:
af:e5:93:02:92:39:23:98:90:85:71:99:da:2b:63:28:43:ba:
3d:15:e0:91:ba:4e:5f:17:c5:b6:cc:d1:fe:66:dd:a4:20:84:
aa:af:b5:a7:be:94:e3:e5:c7:eb:36:72:6b:ae:08:02:3a:09:
e0:9b:98:17:bf:59:72:96:88:76:36:d0:3d:4e:ac:f8:27:04:
04:3b:57:4e:a7:b9:86:61:33:b1:3d:ad:08:24:a9:b6:52:57:
c1:c1:a0:70:ea:49:d1:3c:78:ae:7a:78:b9:c2:16:24:32:e2:
dc:a2:7f:ea:cf:8f:ae:fa:df:33:69:93:9b:a2:b8:15:29:73:
f8:6a:ad:9f:d3:0c:84:21:93:dc:76:6d:aa:0d:cd:fc:99:c5:
f3:61:7c:e7:8a:97:7b:d8:df:52:c1:04:c1:90:42:30:4f:51:
33:0a:cc:4c:e6:32:30:ad:8a:26:a8:69:44:a6:d9:01:ea:76:
b5:bb:0c:c6:d5:98:08:1c:59:c1:d2:66:5e:5e:5e:74:eb:86:
8f:8d:e9:96:c6:87:58:63:95:e4:31:18:fb:7c:57:c3:81:62:
bf:2d:78:02:c4:8c:fd:42:72:99:8c:bc:50:6d:d0:3b:6e:52:
a3:6f:6c:9b
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUWn1eihUZGnuDENAIDFmyoJCNs6EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjAxMjIwOTE4MTBaFw0yNzAxMjEwOTIzMTBaMDMxMTAvBgNV
BAMTKDc2RkRCNUZCMTJGMDdDNDZFQUEzMTU5OEI0OUM0OEFGMDY3OEIzRTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLfn6IW+iaabZfD5zNSoMfhkRw
ycvaTjrmEUJTb3qX8gQ8Ky8D4vf2b8UYIJtaxfOBTevCJqvKyFjpWuoQHlDMFXaJ
tncbu/a9IntsMjpGXgfI8TlGirf/sHdHU6Is3Dm0olRwy250f1bqCcIKLzI3VUje
OcZojbT21veMMTG7i7LRx6MwaP5/Vt13dgY7T9RuuZwpISM/wnaNpkGweqiYgGq3
DzoY4kkzSlaw/OMmlgprkyN4YH7hLYIFqAmqsWy1dEfuhXMo3w30oPOMb8gln4Hm
PTO0kbLTAEOBgRnslWPeAZdULrFYAoePrxq016O0/vhNboe0PBlV1DirEgvhAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUdv21+xLwfEbqoxWYtJxIrwZ4s+QwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzI2MTMwMzEzYTM2NjYzMDNh
MzIzMDMxM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzQzMjMzMzYzNi5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHACoBBvACATANBgkqhkiG9w0BAQsFAAOCAQEAC+wUHlJTIKUpmZxnesbz9wWV
r+WTApI5I5iQhXGZ2itjKEO6PRXgkbpOXxfFtszR/mbdpCCEqq+1p76U4+XH6zZy
a64IAjoJ4JuYF79ZcpaIdjbQPU6s+CcEBDtXTqe5hmEzsT2tCCSptlJXwcGgcOpJ
0Tx4rnp4ucIWJDLi3KJ/6s+PrvrfM2mTm6K4FSlz+Gqtn9MMhCGT3HZtqg3N/JnF
82F854qXe9jfUsEEwZBCME9RMwrMTOYyMK2KJqhpRKbZAep2tbsMxtWYCBxZwdJm
Xl5edOuGj43plsaHWGOV5DEY+3xXw4Fivy14AsSM/UJymYy8UG3QO25So29smw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 10:23:29 2026 by rpki-client