Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/326130653a386630323a323139303a3a2f34342d3438203d3e20323131313533.roa
File: 326130653a386630323a323139303a3a2f34342d3438203d3e20323131313533.roa (raw, json)
Hash identifier: caF9KsSsgTcJ7qfxRBDIihSsp+eh+mDH5EvrHTSdXrw=
Subject key identifier: 5A:50:0B:FE:F4:46:22:A6:7B:7B:7F:7C:B1:A7:E9:FB:16:2F:43:5D
Certificate issuer: /CN=fac4708d7e265db1044f9bb0ee8728587f48b484
Certificate serial: 79D04BCE9EAC157BAB826DA1E5B71A7FDA1590CD
Authority key identifier: FA:C4:70:8D:7E:26:5D:B1:04:4F:9B:B0:EE:87:28:58:7F:48:B4:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-sRwjX4mXbEET5uw7ocoWH9ItIQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/326130653a386630323a323139303a3a2f34342d3438203d3e20323131313533.roa
Signing time: Mon 18 May 2026 12:02:12 +0000
ROA not before: Mon 18 May 2026 11:57:12 +0000
ROA not after: Mon 17 May 2027 12:02:12 +0000
asID: 211153
IP address blocks: 2a0e:8f02:2190::/44 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/FAC4708D7E265DB1044F9BB0EE8728587F48B484.crl
rsync://rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/FAC4708D7E265DB1044F9BB0EE8728587F48B484.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-sRwjX4mXbEET5uw7ocoWH9ItIQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 22:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:d0:4b:ce:9e:ac:15:7b:ab:82:6d:a1:e5:b7:1a:7f:da:15:90:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fac4708d7e265db1044f9bb0ee8728587f48b484
Validity
Not Before: May 18 11:57:12 2026 GMT
Not After : May 17 12:02:12 2027 GMT
Subject: CN=5A500BFEF44622A67B7B7F7CB1A7E9FB162F435D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:72:ae:ea:18:ea:5a:fc:22:ba:c8:7e:2f:8f:
b8:eb:45:9d:ec:7d:73:56:7a:2d:a4:30:f4:d6:fd:
93:f1:b5:63:a6:b8:78:59:03:e8:fe:47:11:2c:e1:
56:73:3a:ae:65:56:65:95:84:41:f0:80:e5:f1:80:
b8:19:6e:aa:da:51:6e:10:1e:d7:ca:96:e3:82:33:
ca:96:c7:59:ee:cf:9b:55:c2:f5:ac:71:6e:f0:9b:
70:0b:5e:16:50:21:3f:8e:4a:32:a8:c5:23:48:fb:
29:27:33:a4:71:99:bd:ee:f2:98:a7:09:8b:ce:a9:
d9:71:1c:59:f5:26:ca:0c:e7:c6:c6:5b:0b:2a:39:
96:a2:43:e7:a1:f2:c2:54:bc:50:f5:4b:90:eb:a3:
65:10:ac:b6:95:0b:33:76:9e:4b:d1:56:97:ff:52:
d5:6e:1e:8a:f6:24:32:83:eb:4c:ef:f6:73:a2:c0:
76:67:2d:9d:07:6a:2c:33:e6:b5:95:9e:6a:65:f0:
8e:b6:b4:9e:f8:8c:da:37:ae:be:77:91:88:41:f8:
85:c4:be:32:f8:1b:49:b6:d2:f6:38:18:0a:13:20:
af:cc:8d:33:0c:f2:d0:eb:fa:a8:a2:83:f4:2c:4c:
8e:c0:34:c9:42:47:fe:7d:1d:31:9f:4a:9a:45:f5:
81:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:50:0B:FE:F4:46:22:A6:7B:7B:7F:7C:B1:A7:E9:FB:16:2F:43:5D
X509v3 Authority Key Identifier:
keyid:FA:C4:70:8D:7E:26:5D:B1:04:4F:9B:B0:EE:87:28:58:7F:48:B4:84
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/FAC4708D7E265DB1044F9BB0EE8728587F48B484.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-sRwjX4mXbEET5uw7ocoWH9ItIQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/326130653a386630323a323139303a3a2f34342d3438203d3e20323131313533.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:2190::/44
Signature Algorithm: sha256WithRSAEncryption
10:bf:d0:c7:ca:9c:d3:be:cf:f2:ab:33:e2:05:da:22:48:75:
8c:ce:cc:89:aa:7e:7e:47:d8:0f:52:88:e0:2d:de:77:9f:c3:
40:d0:44:c2:c2:6c:b7:10:4a:da:ab:4c:c1:93:b3:40:45:f9:
3c:aa:4f:8c:57:69:e3:8a:86:a2:18:e1:6e:ea:70:3f:bd:6f:
ad:ab:39:70:b1:d7:ac:28:6f:7d:04:b5:3a:f6:37:50:a2:a1:
53:d1:08:4e:ac:09:76:16:83:55:fa:28:8f:01:33:63:30:af:
ee:5d:1a:98:ed:f6:52:90:96:2d:aa:ea:cc:86:fe:16:dd:6d:
89:da:cc:7e:16:8d:45:37:87:a9:fb:96:cc:7c:13:25:e7:86:
e6:aa:59:ab:a9:98:43:16:a1:9a:b7:41:36:8d:fb:0d:1e:82:
27:ec:70:06:9f:fa:dc:b4:df:6c:c8:bd:55:3d:9a:fb:f4:6d:
8a:94:6f:c5:6a:27:ed:b6:eb:55:22:83:37:97:30:3a:b2:ee:
99:46:fb:af:5d:ac:76:c7:97:7c:50:69:0a:fb:a2:68:2b:8a:
7f:e1:ba:ac:1d:11:a0:53:63:43:29:99:42:49:c6:3d:b1:e0:
8c:ba:2c:a8:7e:75:26:f1:46:35:bd:88:53:0a:f5:9b:10:e9:
ce:3e:8d:4a
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgIUedBLzp6sFXurgm2h5bcaf9oVkM0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZmFjNDcwOGQ3ZTI2NWRiMTA0NGY5YmIwZWU4NzI4NTg3
ZjQ4YjQ4NDAeFw0yNjA1MTgxMTU3MTJaFw0yNzA1MTcxMjAyMTJaMDMxMTAvBgNV
BAMTKDVBNTAwQkZFRjQ0NjIyQTY3QjdCN0Y3Q0IxQTdFOUZCMTYyRjQzNUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXcq7qGOpa/CK6yH4vj7jrRZ3s
fXNWei2kMPTW/ZPxtWOmuHhZA+j+RxEs4VZzOq5lVmWVhEHwgOXxgLgZbqraUW4Q
HtfKluOCM8qWx1nuz5tVwvWscW7wm3ALXhZQIT+OSjKoxSNI+yknM6Rxmb3u8pin
CYvOqdlxHFn1JsoM58bGWwsqOZaiQ+eh8sJUvFD1S5Dro2UQrLaVCzN2nkvRVpf/
UtVuHor2JDKD60zv9nOiwHZnLZ0Haiwz5rWVnmpl8I62tJ74jNo3rr53kYhB+IXE
vjL4G0m20vY4GAoTIK/MjTMM8tDr+qiig/QsTI7ANMlCR/59HTGfSppF9YErAgMB
AAGjggJLMIICRzAdBgNVHQ4EFgQUWlAL/vRGIqZ7e398safp+xYvQ10wHwYDVR0j
BBgwFoAU+sRwjX4mXbEET5uw7ocoWH9ItIQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNWI1OGU2NDYtZTdhMi00NjVjLTg3YzUtNDNjMzU5YWQ5
MzY5LzAvRkFDNDcwOEQ3RTI2NURCMTA0NEY5QkIwRUU4NzI4NTg3RjQ4QjQ4NC5j
cmwwZQYIKwYBBQUHAQEEWTBXMFUGCCsGAQUFBzAChklyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzEtc1J3alg0bVhiRUVUNXV3N29jb1dI
OUl0SVEuY2VyMIG3BggrBgEFBQcBCwSBqjCBpzCBpAYIKwYBBQUHMAuGgZdyc3lu
YzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzViNThlNjQ2
LWU3YTItNDY1Yy04N2M1LTQzYzM1OWFkOTM2OS8wLzMyNjEzMDY1M2EzODY2MzAz
MjNhMzIzMTM5MzAzYTNhMmYzNDM0MmQzNDM4MjAzZDNlMjAzMjMxMzEzMTM1MzMu
cm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzAR
MA8EAgACMAkDBwQqDo8CIZAwDQYJKoZIhvcNAQELBQADggEBABC/0MfKnNO+z/Kr
M+IF2iJIdYzOzImqfn5H2A9SiOAt3nefw0DQRMLCbLcQStqrTMGTs0BF+TyqT4xX
aeOKhqIY4W7qcD+9b62rOXCx16wob30EtTr2N1CioVPRCE6sCXYWg1X6KI8BM2Mw
r+5dGpjt9lKQli2q6syG/hbdbYnazH4WjUU3h6n7lsx8EyXnhuaqWaupmEMWoZq3
QTaN+w0egifscAaf+ty032zIvVU9mvv0bYqUb8VqJ+2261UigzeXMDqy7plG+69d
rHbHl3xQaQr7omgrin/huqwdEaBTY0MpmUJJxj2x4Iy6LKh+dSbxRjW9iFMK9ZsQ
6c4+jUo=
-----END CERTIFICATE-----
Generated at Fri Jun 12 08:28:02 2026 by rpki-client