Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ff7a989-ecdf-43d6-86e1-f6c3935b9b3d/4/326131343a366634343a636133303a3a2f34342d3438203d3e20323030333738.roa
File: 326131343a366634343a636133303a3a2f34342d3438203d3e20323030333738.roa (raw, json)
Hash identifier: FMuCbBdzp6p9ySj22p+fUaROVQxj2tYK0a25mbwUBXo=
Subject key identifier: 9D:58:48:4F:C0:22:88:1A:2A:CF:AC:D8:46:B5:44:0E:45:7A:C9:7F
Certificate issuer: /CN=3eeebb946a8d21d4083c93dc09cee557bb2ac32e
Certificate serial: 21C0B9A0934F5F0517A6A5CFE9A8D48542F97154
Authority key identifier: 3E:EE:BB:94:6A:8D:21:D4:08:3C:93:DC:09:CE:E5:57:BB:2A:C3:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pu67lGqNIdQIPJPcCc7lV7sqwy4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ff7a989-ecdf-43d6-86e1-f6c3935b9b3d/4/326131343a366634343a636133303a3a2f34342d3438203d3e20323030333738.roa
Signing time: Wed 04 Mar 2026 16:45:38 +0000
ROA not before: Wed 04 Mar 2026 16:40:38 +0000
ROA not after: Wed 03 Mar 2027 16:45:38 +0000
asID: 200378
IP address blocks: 2a14:6f44:ca30::/44 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ff7a989-ecdf-43d6-86e1-f6c3935b9b3d/4/3EEEBB946A8D21D4083C93DC09CEE557BB2AC32E.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ff7a989-ecdf-43d6-86e1-f6c3935b9b3d/4/3EEEBB946A8D21D4083C93DC09CEE557BB2AC32E.mft
rsync://rpki.ripe.net/repository/DEFAULT/Pu67lGqNIdQIPJPcCc7lV7sqwy4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Mar 2026 03:32:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:c0:b9:a0:93:4f:5f:05:17:a6:a5:cf:e9:a8:d4:85:42:f9:71:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3eeebb946a8d21d4083c93dc09cee557bb2ac32e
Validity
Not Before: Mar 4 16:40:38 2026 GMT
Not After : Mar 3 16:45:38 2027 GMT
Subject: CN=9D58484FC022881A2ACFACD846B5440E457AC97F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:a9:75:1e:c1:45:3b:a0:79:ce:08:53:3d:1a:
4a:d7:bf:4c:f4:30:d1:3b:d3:8e:d0:04:3a:29:54:
ab:b1:5b:32:02:bf:d7:ea:fd:ec:35:ef:a5:e0:38:
f2:d0:f6:5f:06:36:73:80:1f:24:5e:f9:86:99:91:
ad:f3:c6:69:94:5c:ad:1c:a0:bb:d3:31:4f:c5:f2:
15:6d:fa:32:34:84:1b:24:c8:25:be:ce:ff:4b:aa:
55:4b:b5:ca:32:54:51:fa:eb:99:75:64:8d:a8:eb:
17:01:7a:a7:d4:96:61:a3:af:2f:35:18:97:5a:61:
61:0f:f7:da:78:cb:97:e8:6f:7a:32:45:4f:95:c6:
27:24:05:bd:3a:e8:a1:6f:2f:a2:a7:95:2f:8a:85:
2e:cf:be:00:d9:10:87:83:c8:23:19:80:74:c5:f2:
23:1f:e5:18:a2:fe:bd:0e:10:c9:43:90:d5:9d:d4:
5f:65:8a:b6:aa:bc:b8:c1:cb:76:19:af:5e:9a:3b:
e1:e4:18:d3:33:05:eb:16:64:56:02:83:85:2c:f4:
0f:16:d9:94:40:ee:93:c3:ef:33:98:a2:26:27:b4:
6f:40:a6:57:c5:a4:e3:25:08:8e:bd:71:7b:db:f9:
d1:48:ab:d0:34:eb:e0:ee:89:37:c0:49:df:f8:9b:
a4:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:58:48:4F:C0:22:88:1A:2A:CF:AC:D8:46:B5:44:0E:45:7A:C9:7F
X509v3 Authority Key Identifier:
keyid:3E:EE:BB:94:6A:8D:21:D4:08:3C:93:DC:09:CE:E5:57:BB:2A:C3:2E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ff7a989-ecdf-43d6-86e1-f6c3935b9b3d/4/3EEEBB946A8D21D4083C93DC09CEE557BB2AC32E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pu67lGqNIdQIPJPcCc7lV7sqwy4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ff7a989-ecdf-43d6-86e1-f6c3935b9b3d/4/326131343a366634343a636133303a3a2f34342d3438203d3e20323030333738.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:6f44:ca30::/44
Signature Algorithm: sha256WithRSAEncryption
81:b5:43:e0:34:62:56:d9:b3:2e:d5:e2:f4:24:e4:e2:49:56:
1e:29:04:0b:4f:3f:ca:0a:a8:8e:c4:b8:1e:65:50:66:32:ad:
2e:20:71:a3:8d:e9:b6:81:b2:be:88:f9:21:38:cc:a5:a1:be:
c5:67:05:35:74:75:76:33:d7:43:5c:a4:b3:a4:e4:f3:b3:6b:
ca:a3:f8:66:3d:12:e2:6f:2e:14:19:0c:7b:55:74:fa:14:80:
47:1b:10:68:e0:0e:d9:4f:99:2b:48:3c:fc:c5:1e:99:0c:ba:
ff:92:fb:24:fd:63:7f:66:3d:97:47:8e:03:80:53:ea:8c:11:
77:82:1a:bb:85:ec:e0:61:18:89:b2:61:63:24:08:be:f9:00:
09:8e:84:6d:53:d9:f4:f2:22:06:c4:3e:ea:36:54:11:45:4f:
d4:fa:96:c7:f5:43:72:c2:f5:d1:82:55:62:9f:0e:5b:39:6b:
12:80:ae:64:a5:4e:c2:b1:a8:0f:61:2e:01:f7:e8:44:e2:d4:
df:18:72:e1:b4:f9:89:b0:1e:ce:7a:4c:b3:ea:23:a8:71:5d:
99:5c:e3:d2:6b:cd:c2:95:5b:68:fb:de:8e:9f:f1:09:37:85:
2e:1e:cb:d1:9f:50:6b:1e:07:83:ac:9a:04:6d:03:bc:e2:4d:
f7:33:03:6c
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUIcC5oJNPXwUXpqXP6ajUhUL5cVQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2VlZWJiOTQ2YThkMjFkNDA4M2M5M2RjMDljZWU1NTdi
YjJhYzMyZTAeFw0yNjAzMDQxNjQwMzhaFw0yNzAzMDMxNjQ1MzhaMDMxMTAvBgNV
BAMTKDlENTg0ODRGQzAyMjg4MUEyQUNGQUNEODQ2QjU0NDBFNDU3QUM5N0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCOqXUewUU7oHnOCFM9GkrXv0z0
MNE7047QBDopVKuxWzICv9fq/ew176XgOPLQ9l8GNnOAHyRe+YaZka3zxmmUXK0c
oLvTMU/F8hVt+jI0hBskyCW+zv9LqlVLtcoyVFH665l1ZI2o6xcBeqfUlmGjry81
GJdaYWEP99p4y5fob3oyRU+VxickBb066KFvL6KnlS+KhS7PvgDZEIeDyCMZgHTF
8iMf5Rii/r0OEMlDkNWd1F9liraqvLjBy3YZr16aO+HkGNMzBesWZFYCg4Us9A8W
2ZRA7pPD7zOYoiYntG9AplfFpOMlCI69cXvb+dFIq9A06+DuiTfASd/4m6R1AgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUnVhIT8AiiBoqz6zYRrVEDkV6yX8wHwYDVR0j
BBgwFoAUPu67lGqNIdQIPJPcCc7lV7sqwy4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmZmN2E5ODktZWNkZi00M2Q2LTg2ZTEtZjZjMzkzNWI5
YjNkLzQvM0VFRUJCOTQ2QThEMjFENDA4M0M5M0RDMDlDRUU1NTdCQjJBQzMyRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1B1NjdsR3FOSWRRSVBKUGNDYzdsVjdz
cXd5NC5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmZmN2E5ODkt
ZWNkZi00M2Q2LTg2ZTEtZjZjMzkzNWI5YjNkLzQvMzI2MTMxMzQzYTM2NjYzNDM0
M2E2MzYxMzMzMDNhM2EyZjM0MzQyZDM0MzgyMDNkM2UyMDMyMzAzMDMzMzczOC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHBCoUb0TKMDANBgkqhkiG9w0BAQsFAAOCAQEAgbVD4DRiVtmzLtXi
9CTk4klWHikEC08/ygqojsS4HmVQZjKtLiBxo43ptoGyvoj5ITjMpaG+xWcFNXR1
djPXQ1yks6Tk87NryqP4Zj0S4m8uFBkMe1V0+hSARxsQaOAO2U+ZK0g8/MUemQy6
/5L7JP1jf2Y9l0eOA4BT6owRd4Iau4Xs4GEYibJhYyQIvvkACY6EbVPZ9PIiBsQ+
6jZUEUVP1PqWx/VDcsL10YJVYp8OWzlrEoCuZKVOwrGoD2EuAffoROLU3xhy4bT5
ibAeznpMs+ojqHFdmVzj0mvNwpVbaPvejp/xCTeFLh7L0Z9Qax4Hg6yaBG0DvOJN
9zMDbA==
-----END CERTIFICATE-----
Generated at Fri Mar 13 13:44:50 2026 by rpki-client