Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/326130623a346530343a3a2f33322d3438203d3e203236393534.roa
File: 326130623a346530343a3a2f33322d3438203d3e203236393534.roa (raw, json)
Hash identifier: F+gO6ZKYcboOFSJKnCm81psNizqbMEENngfXl2NTHEQ=
Subject key identifier: 14:8D:C4:D2:C1:4A:62:58:75:6B:A8:BE:B9:EF:65:1D:36:AB:9E:44
Certificate issuer: /CN=42e508fba8960f48071b119accbf57bdbf3a8057
Certificate serial: 496F3D1E95BD901EF35EA67D0B57EFE40160E735
Authority key identifier: 42:E5:08:FB:A8:96:0F:48:07:1B:11:9A:CC:BF:57:BD:BF:3A:80:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QuUI-6iWD0gHGxGazL9Xvb86gFc.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/326130623a346530343a3a2f33322d3438203d3e203236393534.roa
Signing time: Wed 27 May 2026 17:05:08 +0000
ROA not before: Wed 27 May 2026 17:00:08 +0000
ROA not after: Wed 26 May 2027 17:05:08 +0000
asID: 26954
IP address blocks: 2a0b:4e04::/32 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/42E508FBA8960F48071B119ACCBF57BDBF3A8057.crl
rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/42E508FBA8960F48071B119ACCBF57BDBF3A8057.mft
rsync://rpki.ripe.net/repository/DEFAULT/QuUI-6iWD0gHGxGazL9Xvb86gFc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 06 Jun 2026 17:49:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:6f:3d:1e:95:bd:90:1e:f3:5e:a6:7d:0b:57:ef:e4:01:60:e7:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42e508fba8960f48071b119accbf57bdbf3a8057
Validity
Not Before: May 27 17:00:08 2026 GMT
Not After : May 26 17:05:08 2027 GMT
Subject: CN=148DC4D2C14A6258756BA8BEB9EF651D36AB9E44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:4d:35:ba:cc:80:c0:1a:0a:5a:22:2c:b5:85:
c8:a6:ec:39:b1:f3:ae:cb:b2:b0:b9:6d:c8:df:8a:
b6:cb:dc:eb:1b:bd:87:5c:8f:dc:32:c8:ea:4c:57:
f4:5a:05:0f:1c:29:64:59:18:5e:eb:39:30:aa:bf:
a0:f5:59:8b:2e:2f:7f:9d:f6:7e:fc:00:34:bc:79:
64:89:78:53:48:5c:ec:7a:de:7d:62:64:b8:36:c3:
6e:66:68:a9:6b:0c:63:08:4f:70:ad:8e:8e:7c:59:
d4:87:86:c6:ce:6c:2e:aa:db:b9:cf:c8:89:95:2c:
16:ce:4e:b5:b4:96:4a:21:c4:8c:87:1c:15:42:42:
af:b1:cf:a9:58:99:19:74:fa:26:c9:59:80:23:89:
eb:fd:82:c6:77:64:81:fe:fb:f6:5f:fd:1c:79:4c:
71:b5:3f:7b:61:be:3a:0e:75:ca:7b:4f:f4:e5:66:
60:70:d5:31:fd:3f:aa:e1:4f:95:f3:d2:db:0b:d0:
02:33:98:d3:1c:56:e1:dc:17:49:92:d0:ce:71:96:
91:c3:89:10:aa:02:23:4e:85:81:28:80:aa:4e:2e:
72:26:78:3e:8a:6e:98:08:03:2f:28:b7:07:01:59:
33:28:73:3f:e1:c6:ca:ed:42:9a:b8:25:39:98:c3:
be:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:8D:C4:D2:C1:4A:62:58:75:6B:A8:BE:B9:EF:65:1D:36:AB:9E:44
X509v3 Authority Key Identifier:
keyid:42:E5:08:FB:A8:96:0F:48:07:1B:11:9A:CC:BF:57:BD:BF:3A:80:57
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/42E508FBA8960F48071B119ACCBF57BDBF3A8057.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QuUI-6iWD0gHGxGazL9Xvb86gFc.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/326130623a346530343a3a2f33322d3438203d3e203236393534.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:4e04::/32
Signature Algorithm: sha256WithRSAEncryption
91:e5:83:b6:75:17:61:e4:d0:ac:cf:35:08:3e:55:89:e8:45:
1f:d0:a7:2b:03:84:02:ca:7b:9b:7a:d9:ab:5e:2d:68:04:38:
3a:ad:1a:71:56:f6:72:13:5b:b8:94:60:c7:79:b4:e7:09:c7:
ea:b1:bc:d8:11:3b:1a:3e:9b:b9:d0:a4:19:00:ec:3f:4d:72:
ad:db:f1:b1:59:0f:cb:79:f1:04:8d:31:07:0a:5d:21:24:1b:
01:c1:fe:a5:49:18:56:56:3f:ee:98:bc:3b:71:fc:40:0d:04:
aa:5f:88:60:67:65:48:c8:ae:bb:0b:ca:f9:0d:3d:12:b7:89:
fd:a4:67:3a:70:0b:d4:16:05:ef:18:fc:3c:6a:ff:20:55:6a:
a2:07:03:0e:61:53:6b:d9:81:41:89:6c:60:4b:6a:d3:da:e4:
34:48:13:c0:c8:00:d4:d2:f6:81:aa:8d:aa:68:1b:d2:92:21:
a2:d6:c4:21:b4:51:21:00:03:30:20:67:65:7b:fe:07:c9:88:
8f:f1:7a:fc:3f:67:8b:82:b6:53:ef:b1:e5:a2:53:18:93:6d:
6d:90:67:10:60:5c:43:90:3e:4e:7d:1b:0c:f9:84:55:ee:24:
d2:22:a4:3b:d6:70:c8:95:9b:e2:40:ac:07:3d:c0:29:9b:99:
24:3c:a8:e3
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIUSW89HpW9kB7zXqZ9C1fv5AFg5zUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDJlNTA4ZmJhODk2MGY0ODA3MWIxMTlhY2NiZjU3YmRi
ZjNhODA1NzAeFw0yNjA1MjcxNzAwMDhaFw0yNzA1MjYxNzA1MDhaMDMxMTAvBgNV
BAMTKDE0OERDNEQyQzE0QTYyNTg3NTZCQThCRUI5RUY2NTFEMzZBQjlFNDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXTTW6zIDAGgpaIiy1hcim7Dmx
867LsrC5bcjfirbL3OsbvYdcj9wyyOpMV/RaBQ8cKWRZGF7rOTCqv6D1WYsuL3+d
9n78ADS8eWSJeFNIXOx63n1iZLg2w25maKlrDGMIT3Ctjo58WdSHhsbObC6q27nP
yImVLBbOTrW0lkohxIyHHBVCQq+xz6lYmRl0+ibJWYAjiev9gsZ3ZIH++/Zf/Rx5
THG1P3thvjoOdcp7T/TlZmBw1TH9P6rhT5Xz0tsL0AIzmNMcVuHcF0mS0M5xlpHD
iRCqAiNOhYEogKpOLnImeD6KbpgIAy8otwcBWTMocz/hxsrtQpq4JTmYw74nAgMB
AAGjggI8MIICODAdBgNVHQ4EFgQUFI3E0sFKYlh1a6i+ue9lHTarnkQwHwYDVR0j
BBgwFoAUQuUI+6iWD0gHGxGazL9Xvb86gFcwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzNiOGVjMDEtOGJhNS00NzlmLWEyMjktMGFiNzBlNDgx
NWJiLzAvNDJFNTA4RkJBODk2MEY0ODA3MUIxMTlBQ0NCRjU3QkRCRjNBODA1Ny5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1F1VUktNmlXRDBnSEd4R2F6TDlYdmI4
NmdGYy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNzNiOGVjMDEt
OGJhNS00NzlmLWEyMjktMGFiNzBlNDgxNWJiLzAvMzI2MTMwNjIzYTM0NjUzMDM0
M2EzYTJmMzMzMjJkMzQzODIwM2QzZTIwMzIzNjM5MzUzNC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoL
TgQwDQYJKoZIhvcNAQELBQADggEBAJHlg7Z1F2Hk0KzPNQg+VYnoRR/QpysDhALK
e5t62ateLWgEODqtGnFW9nITW7iUYMd5tOcJx+qxvNgROxo+m7nQpBkA7D9Ncq3b
8bFZD8t58QSNMQcKXSEkGwHB/qVJGFZWP+6YvDtx/EANBKpfiGBnZUjIrrsLyvkN
PRK3if2kZzpwC9QWBe8Y/Dxq/yBVaqIHAw5hU2vZgUGJbGBLatPa5DRIE8DIANTS
9oGqjapoG9KSIaLWxCG0USEAAzAgZ2V7/gfJiI/xevw/Z4uCtlPvseWiUxiTbW2Q
ZxBgXEOQPk59Gwz5hFXuJNIipDvWcMiVm+JArAc9wCmbmSQ8qOM=
-----END CERTIFICATE-----
Generated at Sat Jun 6 02:34:31 2026 by rpki-client