Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ff7a989-ecdf-43d6-86e1-f6c3935b9b3d/4/326131343a366634343a65663a3a2f34382d3438203d3e20323136303338.roa
File: 326131343a366634343a65663a3a2f34382d3438203d3e20323136303338.roa (raw, json)
Hash identifier: TauJNXg8swMVdjA3FDyZs+uYTDIMc06RXssCFHJM7KI=
Subject key identifier: DD:33:1C:DA:37:89:44:A8:2B:57:02:38:FF:14:BC:09:9F:8A:42:46
Certificate issuer: /CN=3eeebb946a8d21d4083c93dc09cee557bb2ac32e
Certificate serial: 71B5BEB05C1155412DF3C7F871193C83AC92E58D
Authority key identifier: 3E:EE:BB:94:6A:8D:21:D4:08:3C:93:DC:09:CE:E5:57:BB:2A:C3:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pu67lGqNIdQIPJPcCc7lV7sqwy4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ff7a989-ecdf-43d6-86e1-f6c3935b9b3d/4/326131343a366634343a65663a3a2f34382d3438203d3e20323136303338.roa
Signing time: Mon 22 Jun 2026 12:50:40 +0000
ROA not before: Mon 22 Jun 2026 12:45:40 +0000
ROA not after: Mon 21 Jun 2027 12:50:40 +0000
asID: 216038
IP address blocks: 2a14:6f44:ef::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ff7a989-ecdf-43d6-86e1-f6c3935b9b3d/4/3EEEBB946A8D21D4083C93DC09CEE557BB2AC32E.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ff7a989-ecdf-43d6-86e1-f6c3935b9b3d/4/3EEEBB946A8D21D4083C93DC09CEE557BB2AC32E.mft
rsync://rpki.ripe.net/repository/DEFAULT/Pu67lGqNIdQIPJPcCc7lV7sqwy4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 25 Jun 2026 23:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:b5:be:b0:5c:11:55:41:2d:f3:c7:f8:71:19:3c:83:ac:92:e5:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3eeebb946a8d21d4083c93dc09cee557bb2ac32e
Validity
Not Before: Jun 22 12:45:40 2026 GMT
Not After : Jun 21 12:50:40 2027 GMT
Subject: CN=DD331CDA378944A82B570238FF14BC099F8A4246
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:64:38:cf:77:52:9d:5a:ad:8c:5e:9e:40:80:
f1:d6:1e:f0:59:46:fa:6b:5c:20:46:83:42:39:79:
eb:75:81:4c:4e:e8:4c:4e:b0:e8:3c:0e:3a:c4:39:
09:4b:a6:52:0f:f4:45:98:ac:c6:61:eb:00:47:fe:
bf:28:1c:1a:cd:2d:a7:7f:e1:d3:81:63:ab:4b:7e:
c9:fa:66:af:3f:24:1d:77:8e:5e:ea:4c:83:15:60:
ed:c0:d8:1a:36:65:6f:af:9a:e7:47:ec:49:8c:5c:
cb:0f:df:ee:9f:31:ed:ad:a4:d7:9e:37:3f:e2:7c:
26:96:69:5b:e0:2c:b3:7d:10:ea:22:01:e8:75:2b:
23:3f:de:aa:ac:29:d1:e1:9f:79:8b:dc:ce:bb:22:
2e:bc:8b:52:32:32:b9:5f:ae:8d:7d:96:a3:5c:72:
50:ac:66:9c:4f:fa:17:88:fa:f8:15:9f:d4:fc:dd:
ff:21:52:26:95:78:28:8d:ea:b9:ae:11:fa:cf:1e:
b7:56:1f:2e:24:80:33:16:81:11:a1:e5:5f:34:11:
4a:5e:9f:0f:d8:6b:d7:17:b9:b1:b8:9f:d9:8b:17:
06:c1:4f:c6:4a:6d:01:b1:eb:a1:1c:95:ce:bb:a6:
78:0b:59:89:b6:a2:02:96:6d:2b:8e:6c:7e:89:13:
77:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:33:1C:DA:37:89:44:A8:2B:57:02:38:FF:14:BC:09:9F:8A:42:46
X509v3 Authority Key Identifier:
keyid:3E:EE:BB:94:6A:8D:21:D4:08:3C:93:DC:09:CE:E5:57:BB:2A:C3:2E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ff7a989-ecdf-43d6-86e1-f6c3935b9b3d/4/3EEEBB946A8D21D4083C93DC09CEE557BB2AC32E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pu67lGqNIdQIPJPcCc7lV7sqwy4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ff7a989-ecdf-43d6-86e1-f6c3935b9b3d/4/326131343a366634343a65663a3a2f34382d3438203d3e20323136303338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:6f44:ef::/48
Signature Algorithm: sha256WithRSAEncryption
65:5a:da:4f:a7:b2:a2:48:04:28:ec:b4:58:3a:0b:a5:1f:bd:
10:25:a7:14:a3:b4:a3:c8:6b:8f:cd:a6:38:98:be:83:64:b0:
82:12:78:90:dd:a5:0d:80:0f:46:d1:4a:68:db:6f:a2:6f:79:
c9:e7:7a:d9:a2:dd:ee:a2:12:16:e8:61:a8:0e:f8:be:19:ad:
2e:18:3f:0f:f2:73:82:c0:f5:37:c1:85:37:15:44:ec:10:5f:
30:fa:dd:69:06:96:57:c0:9b:e6:cf:0a:20:5b:6e:7f:e2:e1:
87:54:a1:af:82:82:d5:44:61:de:0b:93:b2:dc:de:e4:f9:85:
47:f8:a5:27:03:0a:9d:75:26:6a:0a:24:54:55:8a:1e:a5:b7:
3a:5c:26:6b:c5:41:aa:57:2d:88:8e:cf:22:1e:06:9b:0d:f9:
b7:18:5e:53:99:b8:e4:36:f5:4f:cd:79:d2:37:79:be:cc:ba:
4e:d0:f9:2f:ea:82:2d:58:3a:14:cf:17:14:cd:02:74:80:4b:
67:93:d5:2b:52:8b:f2:3a:fc:77:f8:2e:3c:85:d7:d0:f3:f5:
87:ce:8a:e6:58:e3:83:b2:e2:76:45:e6:c4:ce:c7:0b:a1:7b:
91:4d:d3:60:40:9c:ed:0f:74:50:b2:a7:52:b5:63:16:a9:64:
f9:15:e5:b5
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUcbW+sFwRVUEt88f4cRk8g6yS5Y0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2VlZWJiOTQ2YThkMjFkNDA4M2M5M2RjMDljZWU1NTdi
YjJhYzMyZTAeFw0yNjA2MjIxMjQ1NDBaFw0yNzA2MjExMjUwNDBaMDMxMTAvBgNV
BAMTKEREMzMxQ0RBMzc4OTQ0QTgyQjU3MDIzOEZGMTRCQzA5OUY4QTQyNDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsZDjPd1KdWq2MXp5AgPHWHvBZ
RvprXCBGg0I5eet1gUxO6ExOsOg8DjrEOQlLplIP9EWYrMZh6wBH/r8oHBrNLad/
4dOBY6tLfsn6Zq8/JB13jl7qTIMVYO3A2Bo2ZW+vmudH7EmMXMsP3+6fMe2tpNee
Nz/ifCaWaVvgLLN9EOoiAeh1KyM/3qqsKdHhn3mL3M67Ii68i1IyMrlfro19lqNc
clCsZpxP+heI+vgVn9T83f8hUiaVeCiN6rmuEfrPHrdWHy4kgDMWgRGh5V80EUpe
nw/Ya9cXubG4n9mLFwbBT8ZKbQGx66Eclc67pngLWYm2ogKWbSuObH6JE3fPAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQU3TMc2jeJRKgrVwI4/xS8CZ+KQkYwHwYDVR0j
BBgwFoAUPu67lGqNIdQIPJPcCc7lV7sqwy4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmZmN2E5ODktZWNkZi00M2Q2LTg2ZTEtZjZjMzkzNWI5
YjNkLzQvM0VFRUJCOTQ2QThEMjFENDA4M0M5M0RDMDlDRUU1NTdCQjJBQzMyRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1B1NjdsR3FOSWRRSVBKUGNDYzdsVjdz
cXd5NC5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmZmN2E5ODkt
ZWNkZi00M2Q2LTg2ZTEtZjZjMzkzNWI5YjNkLzQvMzI2MTMxMzQzYTM2NjYzNDM0
M2E2NTY2M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzMTM2MzAzMzM4LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAKhRvRADvMA0GCSqGSIb3DQEBCwUAA4IBAQBlWtpPp7KiSAQo7LRYOgul
H70QJacUo7SjyGuPzaY4mL6DZLCCEniQ3aUNgA9G0Upo22+ib3nJ53rZot3uohIW
6GGoDvi+Ga0uGD8P8nOCwPU3wYU3FUTsEF8w+t1pBpZXwJvmzwogW25/4uGHVKGv
goLVRGHeC5Oy3N7k+YVH+KUnAwqddSZqCiRUVYoepbc6XCZrxUGqVy2Ijs8iHgab
Dfm3GF5TmbjkNvVPzXnSN3m+zLpO0Pkv6oItWDoUzxcUzQJ0gEtnk9UrUovyOvx3
+C48hdfQ8/WHzormWOODsuJ2RebEzscLoXuRTdNgQJztD3RQsqdStWMWqWT5FeW1
-----END CERTIFICATE-----
Generated at Thu Jun 25 09:42:18 2026 by rpki-client