Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/326130653a666434353a326630303a3a2f34382d3438203d3e20323132393636.roa
File: 326130653a666434353a326630303a3a2f34382d3438203d3e20323132393636.roa (raw, json)
Hash identifier: 4rV6D1GFz/bjY4t177ru5i22axDSZLmceosAGjuU6GE=
Subject key identifier: EC:25:1C:75:29:09:7B:85:73:6D:49:6A:5D:F5:9F:CA:EE:C2:8A:28
Certificate issuer: /CN=7f216f49a3b9a84a0e85e80a2c42874f09ea3985
Certificate serial: 06ABE1A7EF234E6D68EF5A8C05D165FC00612C4B
Authority key identifier: 7F:21:6F:49:A3:B9:A8:4A:0E:85:E8:0A:2C:42:87:4F:09:EA:39:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fyFvSaO5qEoOhegKLEKHTwnqOYU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/326130653a666434353a326630303a3a2f34382d3438203d3e20323132393636.roa
Signing time: Mon 16 Mar 2026 12:39:35 +0000
ROA not before: Mon 16 Mar 2026 12:34:35 +0000
ROA not after: Mon 15 Mar 2027 12:39:35 +0000
asID: 212966
IP address blocks: 2a0e:fd45:2f00::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.crl
rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.mft
rsync://rpki.ripe.net/repository/DEFAULT/fyFvSaO5qEoOhegKLEKHTwnqOYU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Mar 2026 01:17:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:ab:e1:a7:ef:23:4e:6d:68:ef:5a:8c:05:d1:65:fc:00:61:2c:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7f216f49a3b9a84a0e85e80a2c42874f09ea3985
Validity
Not Before: Mar 16 12:34:35 2026 GMT
Not After : Mar 15 12:39:35 2027 GMT
Subject: CN=EC251C7529097B85736D496A5DF59FCAEEC28A28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:92:c0:1a:07:ce:a0:64:bb:f9:e8:f4:ee:ea:
42:63:08:ff:38:ec:24:5d:36:d7:6b:19:d2:48:67:
2d:fc:84:a2:35:4d:08:fe:23:a3:c4:e2:b9:7b:ff:
a7:7a:58:15:3a:d0:b0:0f:0d:53:9a:44:d1:77:a3:
51:6c:9f:b1:ba:50:d0:94:73:58:b1:fd:8f:1f:77:
64:a5:ab:ee:43:8c:bd:d7:ac:ce:76:fb:df:67:2e:
ee:39:fa:e1:43:34:e8:7f:73:4d:15:a1:b6:e2:83:
a0:43:a5:f6:97:91:cd:1d:4d:77:35:41:cb:3e:86:
27:eb:ee:c1:e6:3c:8d:8d:08:08:d8:dc:18:e7:4f:
e8:72:ce:92:ce:90:f7:4c:67:b5:d0:6f:75:c6:9c:
ad:b8:f8:04:40:54:bb:43:6f:fb:75:56:00:f1:80:
31:31:dc:0c:f2:a6:0f:5c:f9:7e:6f:70:39:e7:28:
02:ba:0b:12:05:c9:44:06:91:88:d7:b9:12:c6:c5:
65:6d:6c:f1:d1:b4:aa:37:27:3a:ee:a9:16:f8:17:
bb:fb:ef:8e:ae:c4:37:cb:42:5f:92:fb:a1:bb:c8:
12:04:81:df:c3:69:5b:4d:b3:d0:26:c9:e7:c6:dc:
4c:7a:aa:db:26:e4:d6:0d:b3:f2:41:30:ed:7c:9e:
28:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:25:1C:75:29:09:7B:85:73:6D:49:6A:5D:F5:9F:CA:EE:C2:8A:28
X509v3 Authority Key Identifier:
keyid:7F:21:6F:49:A3:B9:A8:4A:0E:85:E8:0A:2C:42:87:4F:09:EA:39:85
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fyFvSaO5qEoOhegKLEKHTwnqOYU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/326130653a666434353a326630303a3a2f34382d3438203d3e20323132393636.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:fd45:2f00::/48
Signature Algorithm: sha256WithRSAEncryption
16:cc:98:5a:63:c9:26:b3:4b:d7:c0:98:d1:59:c9:d9:a9:f4:
3e:5f:fe:d6:71:a6:af:46:1a:66:0d:1b:58:53:94:80:e7:c9:
46:51:25:a3:43:11:8c:7f:53:82:48:af:8d:63:8c:d6:c7:05:
16:7d:54:d4:dc:e0:e4:08:1a:2a:7d:5b:a8:99:9c:0b:6b:5f:
d0:04:f3:97:1d:85:c8:d9:ae:c1:b9:94:54:d4:66:7d:3b:f7:
4b:28:a8:f8:2d:f0:68:1f:10:43:6d:95:6d:a1:36:1d:54:a2:
9f:6f:55:06:9a:b3:88:15:a9:45:dd:9e:24:cd:af:7e:2d:fc:
a1:8a:a5:73:fb:cb:e8:43:bf:a6:8c:52:ad:d6:36:45:41:4a:
2e:85:25:f2:2b:ba:74:8d:ad:28:83:e5:4c:85:04:2a:38:a7:
3c:df:02:a2:e2:64:08:0c:ab:fc:e3:5e:04:04:ff:5f:d6:89:
b7:5b:00:e0:e6:ef:e5:ef:f1:7d:a9:d4:87:26:59:32:f4:82:
4e:c7:ae:4f:3b:44:1b:82:ea:fc:61:78:f7:19:a7:4e:92:8f:
7f:78:60:ea:64:01:1e:25:a5:0e:5a:b4:0c:b3:7e:57:38:4a:
ee:ff:7a:cd:c0:4e:31:61:76:a6:ca:9d:5d:ea:89:8d:2f:d6:
30:ab:60:15
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUBqvhp+8jTm1o71qMBdFl/ABhLEswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2YyMTZmNDlhM2I5YTg0YTBlODVlODBhMmM0Mjg3NGYw
OWVhMzk4NTAeFw0yNjAzMTYxMjM0MzVaFw0yNzAzMTUxMjM5MzVaMDMxMTAvBgNV
BAMTKEVDMjUxQzc1MjkwOTdCODU3MzZENDk2QTVERjU5RkNBRUVDMjhBMjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCksAaB86gZLv56PTu6kJjCP84
7CRdNtdrGdJIZy38hKI1TQj+I6PE4rl7/6d6WBU60LAPDVOaRNF3o1Fsn7G6UNCU
c1ix/Y8fd2Slq+5DjL3XrM52+99nLu45+uFDNOh/c00Vobbig6BDpfaXkc0dTXc1
Qcs+hifr7sHmPI2NCAjY3BjnT+hyzpLOkPdMZ7XQb3XGnK24+ARAVLtDb/t1VgDx
gDEx3Azypg9c+X5vcDnnKAK6CxIFyUQGkYjXuRLGxWVtbPHRtKo3JzruqRb4F7v7
746uxDfLQl+S+6G7yBIEgd/DaVtNs9AmyefG3Ex6qtsm5NYNs/JBMO18nij5AgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQU7CUcdSkJe4VzbUlqXfWfyu7CiigwHwYDVR0j
BBgwFoAUfyFvSaO5qEoOhegKLEKHTwnqOYUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmRmYjMwY2EtZTFjMi00OTIxLWIwNTQtZDRhZjA5MTY1
YWYxLzAvN0YyMTZGNDlBM0I5QTg0QTBFODVFODBBMkM0Mjg3NEYwOUVBMzk4NS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Z5RnZTYU81cUVvT2hlZ0tMRUtIVHdu
cU9ZVS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmRmYjMwY2Et
ZTFjMi00OTIxLWIwNTQtZDRhZjA5MTY1YWYxLzAvMzI2MTMwNjUzYTY2NjQzNDM1
M2EzMjY2MzAzMDNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzMjM5MzYzNi5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoO/UUvADANBgkqhkiG9w0BAQsFAAOCAQEAFsyYWmPJJrNL18CY
0VnJ2an0Pl/+1nGmr0YaZg0bWFOUgOfJRlElo0MRjH9TgkivjWOM1scFFn1U1Nzg
5AgaKn1bqJmcC2tf0ATzlx2FyNmuwbmUVNRmfTv3Syio+C3waB8QQ22VbaE2HVSi
n29VBpqziBWpRd2eJM2vfi38oYqlc/vL6EO/poxSrdY2RUFKLoUl8iu6dI2tKIPl
TIUEKjinPN8CouJkCAyr/ONeBAT/X9aJt1sA4Obv5e/xfanUhyZZMvSCTseuTztE
G4Lq/GF49xmnTpKPf3hg6mQBHiWlDlq0DLN+VzhK7v96zcBOMWF2psqdXeqJjS/W
MKtgFQ==
-----END CERTIFICATE-----
Generated at Sat Mar 21 13:18:43 2026 by rpki-client