Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563373a383330303a3a2f34302d3438203d3e20323032383137.roa
File: 326131343a316563373a383330303a3a2f34302d3438203d3e20323032383137.roa (raw, json)
Hash identifier: J7/7a0DzovwI9eot3CN8sJkgTugscianz3IhTyxdMEY=
Subject key identifier: C7:D3:99:8D:75:C0:9D:26:FE:9E:DE:00:1F:1D:D8:0F:8C:BD:BF:11
Certificate issuer: /CN=3134ee987e08d8b5583feef621a03150c4f35434
Certificate serial: 65E4E256DD1FC6E6F55101228BDD76987F10838A
Authority key identifier: 31:34:EE:98:7E:08:D8:B5:58:3F:EE:F6:21:A0:31:50:C4:F3:54:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563373a383330303a3a2f34302d3438203d3e20323032383137.roa
Signing time: Fri 22 May 2026 20:36:35 +0000
ROA not before: Fri 22 May 2026 20:31:35 +0000
ROA not after: Fri 21 May 2027 20:36:35 +0000
asID: 202817
IP address blocks: 2a14:1ec7:8300::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.crl
rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.mft
rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 00:42:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:e4:e2:56:dd:1f:c6:e6:f5:51:01:22:8b:dd:76:98:7f:10:83:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3134ee987e08d8b5583feef621a03150c4f35434
Validity
Not Before: May 22 20:31:35 2026 GMT
Not After : May 21 20:36:35 2027 GMT
Subject: CN=C7D3998D75C09D26FE9EDE001F1DD80F8CBDBF11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:1f:1a:40:f7:11:31:34:d2:46:20:21:6d:a4:
5d:a7:56:f7:f5:78:c2:9c:ae:f7:a7:81:f5:16:78:
dc:61:79:6c:b4:73:43:57:9c:cb:98:6b:aa:e0:4b:
aa:d8:68:13:7e:b4:dc:14:42:53:f2:ec:bf:78:d0:
74:37:05:5c:71:d1:03:db:ce:f3:9a:41:2b:e5:5f:
3f:39:71:a0:9e:6d:46:88:3f:87:d0:aa:35:9c:70:
24:be:c5:e6:50:a9:67:c1:66:bd:2b:06:98:ee:9a:
a8:12:6a:cd:7c:36:49:90:f4:ef:fd:24:36:42:93:
3a:74:9d:fc:8f:2f:24:fb:af:77:25:4c:b7:f2:e4:
ff:0c:f2:84:7c:5a:c0:e9:21:63:7a:82:c2:d2:a2:
71:dc:89:18:2f:59:3d:ec:7a:11:a7:6a:42:a4:f2:
ec:5b:69:f1:55:5a:ff:69:ab:c0:f9:a7:5a:be:c0:
42:2d:98:cd:90:1a:25:c4:a2:15:50:ae:e2:6d:60:
b0:09:42:52:7a:9b:d2:28:b8:69:61:60:9a:5a:ff:
e5:64:2a:c8:a7:9c:30:fd:b6:9d:d0:49:3d:39:6a:
98:ba:56:ab:97:55:0e:30:ed:b2:ae:74:cd:49:49:
cc:d5:ff:ae:ee:bc:82:1d:fa:06:98:4d:cc:c2:3c:
23:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:D3:99:8D:75:C0:9D:26:FE:9E:DE:00:1F:1D:D8:0F:8C:BD:BF:11
X509v3 Authority Key Identifier:
keyid:31:34:EE:98:7E:08:D8:B5:58:3F:EE:F6:21:A0:31:50:C4:F3:54:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563373a383330303a3a2f34302d3438203d3e20323032383137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:1ec7:8300::/40
Signature Algorithm: sha256WithRSAEncryption
8a:d4:a8:90:3c:4e:90:aa:e2:ea:42:7a:24:03:97:29:84:f9:
21:c4:5d:b2:4f:47:47:0e:5b:00:cf:55:f3:6c:de:e3:d9:76:
d6:a8:31:67:49:04:5a:46:77:ba:8b:1c:0b:48:6a:de:5e:5d:
f9:6e:e3:fe:b8:a2:04:9d:a2:d6:42:e5:b5:ef:f7:d3:29:15:
a7:43:79:4a:9e:60:26:74:95:56:b5:5a:51:f5:0e:fa:ea:63:
40:d8:d4:30:17:0b:93:e4:8f:e6:10:fc:ba:08:09:b1:94:43:
57:c5:32:18:b2:1a:67:a8:aa:c4:51:65:07:bf:47:cf:64:e7:
92:f1:c9:bb:3a:94:13:fb:fa:18:58:fd:c5:7a:3e:46:31:fc:
24:39:49:8f:fd:12:23:d1:62:06:be:8b:5a:31:01:41:ee:4a:
23:63:cb:68:d9:b3:c3:71:24:6c:0e:4e:da:83:09:7f:25:db:
26:7a:e2:6a:53:50:df:07:92:e3:75:2e:82:5a:f9:00:c6:f4:
0b:48:83:d1:8e:44:c5:b5:31:3e:a0:1f:01:c0:04:d2:9c:23:
b5:cb:d1:d4:df:24:f6:a1:ca:85:ed:fd:e0:6f:88:f9:fd:78:
f4:fc:05:11:83:b5:ed:c7:b9:50:64:9c:2d:7e:9b:f8:8a:c2:
07:4d:08:a5
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIUZeTiVt0fxub1UQEii912mH8Qg4owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzEzNGVlOTg3ZTA4ZDhiNTU4M2ZlZWY2MjFhMDMxNTBj
NGYzNTQzNDAeFw0yNjA1MjIyMDMxMzVaFw0yNzA1MjEyMDM2MzVaMDMxMTAvBgNV
BAMTKEM3RDM5OThENzVDMDlEMjZGRTlFREUwMDFGMUREODBGOENCREJGMTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIHxpA9xExNNJGICFtpF2nVvf1
eMKcrvengfUWeNxheWy0c0NXnMuYa6rgS6rYaBN+tNwUQlPy7L940HQ3BVxx0QPb
zvOaQSvlXz85caCebUaIP4fQqjWccCS+xeZQqWfBZr0rBpjumqgSas18NkmQ9O/9
JDZCkzp0nfyPLyT7r3clTLfy5P8M8oR8WsDpIWN6gsLSonHciRgvWT3sehGnakKk
8uxbafFVWv9pq8D5p1q+wEItmM2QGiXEohVQruJtYLAJQlJ6m9IouGlhYJpa/+Vk
KsinnDD9tp3QST05api6VquXVQ4w7bKudM1JSczV/67uvIId+gaYTczCPCOHAgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQUx9OZjXXAnSb+nt4AHx3YD4y9vxEwHwYDVR0j
BBgwFoAUMTTumH4I2LVYP+72IaAxUMTzVDQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWEzYmI5M2YtOThhNC00YzdlLWEwZTEtODA1N2E0ZjA4
NmM5LzAvMzEzNEVFOTg3RTA4RDhCNTU4M0ZFRUY2MjFBMDMxNTBDNEYzNTQzNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL01UVHVtSDRJMkxWWVAtNzJJYUF4VU1U
elZEUS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWEzYmI5M2Yt
OThhNC00YzdlLWEwZTEtODA1N2E0ZjA4NmM5LzAvMzI2MTMxMzQzYTMxNjU2MzM3
M2EzODMzMzAzMDNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDMyMzAzMjM4MzEzNy5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw
DgQCAAIwCAMGACoUHseDMA0GCSqGSIb3DQEBCwUAA4IBAQCK1KiQPE6QquLqQnok
A5cphPkhxF2yT0dHDlsAz1XzbN7j2XbWqDFnSQRaRne6ixwLSGreXl35buP+uKIE
naLWQuW17/fTKRWnQ3lKnmAmdJVWtVpR9Q766mNA2NQwFwuT5I/mEPy6CAmxlENX
xTIYshpnqKrEUWUHv0fPZOeS8cm7OpQT+/oYWP3Fej5GMfwkOUmP/RIj0WIGvota
MQFB7kojY8to2bPDcSRsDk7agwl/JdsmeuJqU1DfB5LjdS6CWvkAxvQLSIPRjkTF
tTE+oB8BwATSnCO1y9HU3yT2ocqF7f3gb4j5/Xj0/AURg7Xtx7lQZJwtfpv4isIH
TQil
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:22:08 2026 by rpki-client