Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/326130623a346530343a33613a3a2f34382d3438203d3e20323032333031.roa
File: 326130623a346530343a33613a3a2f34382d3438203d3e20323032333031.roa (raw, json)
Hash identifier: PxM9g8iygtPE0W8UaxD6VQbthErf6scMW5Q5B330XGE=
Subject key identifier: 40:FE:7E:B9:F6:1A:0F:74:07:F6:F5:98:1B:7B:7F:C5:22:EA:E9:6D
Certificate issuer: /CN=42e508fba8960f48071b119accbf57bdbf3a8057
Certificate serial: 5AF6BC03E2F24818C4D7C495E69189E629DAD0DD
Authority key identifier: 42:E5:08:FB:A8:96:0F:48:07:1B:11:9A:CC:BF:57:BD:BF:3A:80:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QuUI-6iWD0gHGxGazL9Xvb86gFc.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/326130623a346530343a33613a3a2f34382d3438203d3e20323032333031.roa
Signing time: Sun 31 May 2026 08:08:10 +0000
ROA not before: Sun 31 May 2026 08:03:10 +0000
ROA not after: Sun 30 May 2027 08:08:10 +0000
asID: 202301
IP address blocks: 2a0b:4e04:3a::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/42E508FBA8960F48071B119ACCBF57BDBF3A8057.crl
rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/42E508FBA8960F48071B119ACCBF57BDBF3A8057.mft
rsync://rpki.ripe.net/repository/DEFAULT/QuUI-6iWD0gHGxGazL9Xvb86gFc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 06 Jun 2026 17:49:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:f6:bc:03:e2:f2:48:18:c4:d7:c4:95:e6:91:89:e6:29:da:d0:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42e508fba8960f48071b119accbf57bdbf3a8057
Validity
Not Before: May 31 08:03:10 2026 GMT
Not After : May 30 08:08:10 2027 GMT
Subject: CN=40FE7EB9F61A0F7407F6F5981B7B7FC522EAE96D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:a2:1b:b5:95:d9:72:fc:1a:75:54:57:4a:83:
35:30:6c:1e:f7:16:bd:c9:e9:ff:fd:7d:bf:8a:43:
3f:fa:e1:46:32:80:b2:f0:79:ce:59:61:ce:3d:68:
6d:c2:e1:58:03:0c:a8:93:fa:ff:03:a6:4a:8d:48:
0d:0e:87:bd:85:8b:21:78:7c:30:14:fa:79:e9:5a:
3f:33:ab:89:7a:98:68:84:87:4a:cc:1c:c3:0f:91:
0e:cb:d3:ac:fc:ae:94:ef:bf:36:00:01:a5:77:a4:
97:8f:5c:f1:6a:e4:d2:84:63:e6:ed:bd:d0:a0:6f:
08:8a:c1:fc:9c:30:49:d6:6a:4e:33:23:de:b9:42:
b0:b2:1c:98:72:ba:59:81:58:6c:55:0d:53:e3:91:
04:70:e9:fc:54:52:35:53:f8:26:9a:ae:ae:fc:c3:
81:60:2d:dd:97:c7:1f:e6:1c:9e:fe:b7:8b:20:fd:
37:37:af:65:2f:33:31:d6:f7:ca:7e:40:57:ac:f7:
fc:e8:5f:c8:11:15:f7:6c:ba:fc:50:02:10:c2:6d:
fe:46:b8:0f:fe:d0:da:24:c5:86:40:ab:68:74:0a:
ae:4b:2c:72:ec:4c:ac:6a:71:fa:1d:15:75:e6:4a:
41:82:11:ec:64:b6:37:35:5a:01:d6:65:41:fd:fb:
b7:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:FE:7E:B9:F6:1A:0F:74:07:F6:F5:98:1B:7B:7F:C5:22:EA:E9:6D
X509v3 Authority Key Identifier:
keyid:42:E5:08:FB:A8:96:0F:48:07:1B:11:9A:CC:BF:57:BD:BF:3A:80:57
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/42E508FBA8960F48071B119ACCBF57BDBF3A8057.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QuUI-6iWD0gHGxGazL9Xvb86gFc.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/326130623a346530343a33613a3a2f34382d3438203d3e20323032333031.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:4e04:3a::/48
Signature Algorithm: sha256WithRSAEncryption
90:54:a2:1b:af:01:50:a4:b5:a4:61:1a:d6:74:9f:54:b2:81:
90:61:ee:7c:35:ad:54:cf:71:6d:4f:41:4d:83:e6:5c:12:f1:
3b:f5:20:f6:b2:cd:9a:f0:38:aa:3b:4f:14:20:13:0c:23:d9:
c6:81:66:f4:5f:5f:76:e8:9e:b9:1e:05:23:2b:46:09:6b:2a:
cb:83:a4:6d:b9:fb:c3:a2:8d:67:1f:cb:eb:b0:4d:7c:8f:1a:
51:f4:e1:96:8b:f3:6a:f7:f3:87:5e:a2:cc:3d:11:78:db:0f:
14:70:b0:15:af:2c:d0:8a:f9:25:9b:70:02:3a:24:75:e1:e0:
ad:5f:a6:15:84:bc:c1:a0:20:54:62:1a:df:16:92:6f:7b:26:
2e:13:13:8d:b3:11:1e:92:99:94:af:1f:b6:b1:bd:24:53:8c:
6a:29:26:da:ae:d0:2f:97:70:e0:ce:4b:a2:16:e2:6f:76:21:
05:39:ec:fd:b7:6e:1c:ca:9b:86:b7:89:3b:a9:7b:37:17:53:
ae:7f:b1:2b:de:25:51:9f:7e:60:8d:63:99:bf:a9:92:5d:ae:
d7:10:f9:7e:84:63:ee:f3:b6:55:43:5f:ec:44:e8:46:58:89:
3b:f6:1b:f1:c3:4c:60:68:ff:20:07:2f:2b:ee:cc:51:af:a9:
b7:d8:06:ad
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUWva8A+LySBjE18SV5pGJ5ina0N0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDJlNTA4ZmJhODk2MGY0ODA3MWIxMTlhY2NiZjU3YmRi
ZjNhODA1NzAeFw0yNjA1MzEwODAzMTBaFw0yNzA1MzAwODA4MTBaMDMxMTAvBgNV
BAMTKDQwRkU3RUI5RjYxQTBGNzQwN0Y2RjU5ODFCN0I3RkM1MjJFQUU5NkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4ohu1ldly/Bp1VFdKgzUwbB73
Fr3J6f/9fb+KQz/64UYygLLwec5ZYc49aG3C4VgDDKiT+v8DpkqNSA0Oh72FiyF4
fDAU+nnpWj8zq4l6mGiEh0rMHMMPkQ7L06z8rpTvvzYAAaV3pJePXPFq5NKEY+bt
vdCgbwiKwfycMEnWak4zI965QrCyHJhyulmBWGxVDVPjkQRw6fxUUjVT+Caarq78
w4FgLd2Xxx/mHJ7+t4sg/Tc3r2UvMzHW98p+QFes9/zoX8gRFfdsuvxQAhDCbf5G
uA/+0NokxYZAq2h0Cq5LLHLsTKxqcfodFXXmSkGCEexktjc1WgHWZUH9+7cdAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUQP5+ufYaD3QH9vWYG3t/xSLq6W0wHwYDVR0j
BBgwFoAUQuUI+6iWD0gHGxGazL9Xvb86gFcwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzNiOGVjMDEtOGJhNS00NzlmLWEyMjktMGFiNzBlNDgx
NWJiLzAvNDJFNTA4RkJBODk2MEY0ODA3MUIxMTlBQ0NCRjU3QkRCRjNBODA1Ny5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1F1VUktNmlXRDBnSEd4R2F6TDlYdmI4
NmdGYy5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNzNiOGVjMDEt
OGJhNS00NzlmLWEyMjktMGFiNzBlNDgxNWJiLzAvMzI2MTMwNjIzYTM0NjUzMDM0
M2EzMzYxM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzMDMyMzMzMDMxLnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAKgtOBAA6MA0GCSqGSIb3DQEBCwUAA4IBAQCQVKIbrwFQpLWkYRrWdJ9U
soGQYe58Na1Uz3FtT0FNg+ZcEvE79SD2ss2a8DiqO08UIBMMI9nGgWb0X1926J65
HgUjK0YJayrLg6RtufvDoo1nH8vrsE18jxpR9OGWi/Nq9/OHXqLMPRF42w8UcLAV
ryzQivklm3ACOiR14eCtX6YVhLzBoCBUYhrfFpJveyYuExONsxEekpmUrx+2sb0k
U4xqKSbartAvl3DgzkuiFuJvdiEFOez9t24cypuGt4k7qXs3F1Ouf7Er3iVRn35g
jWOZv6mSXa7XEPl+hGPu87ZVQ1/sROhGWIk79hvxw0xgaP8gBy8r7sxRr6m32Aat
-----END CERTIFICATE-----
Generated at Sat Jun 6 02:28:58 2026 by rpki-client