Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a31313a3a2f34382d3438203d3e203530333931.roa
File: 326131313a323963303a31313a3a2f34382d3438203d3e203530333931.roa (raw, json)
Hash identifier: Xltfcc8K9wNbfryhwKM7tXG9tAqIa4HC0FPm22+Mfbc=
Subject key identifier: D4:3F:69:03:CF:1E:B4:16:71:C9:43:D2:D4:18:F6:83:2C:C5:AF:24
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 194812EE315206603652B432B74F147658DF59CF
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a31313a3a2f34382d3438203d3e203530333931.roa
Signing time: Wed 22 Apr 2026 14:22:50 +0000
ROA not before: Wed 22 Apr 2026 14:17:50 +0000
ROA not after: Wed 21 Apr 2027 14:22:50 +0000
asID: 50391
IP address blocks: 2a11:29c0:11::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 Apr 2026 20:56:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:48:12:ee:31:52:06:60:36:52:b4:32:b7:4f:14:76:58:df:59:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: Apr 22 14:17:50 2026 GMT
Not After : Apr 21 14:22:50 2027 GMT
Subject: CN=D43F6903CF1EB41671C943D2D418F6832CC5AF24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:67:fd:9f:d1:19:82:16:76:38:72:d6:2c:6b:
7b:4e:c6:7c:7d:2f:26:1b:d6:8f:7a:bb:fb:d4:89:
e8:c2:b5:43:64:66:5b:71:78:70:64:34:91:ba:e0:
42:00:d3:83:3b:31:4b:ad:d5:5c:15:4b:bf:7b:cd:
07:f9:04:f1:c4:b7:60:f6:c2:80:06:10:20:b0:f3:
5b:50:99:3c:9a:d2:18:22:52:0c:4e:ee:f9:69:2b:
a8:65:f3:1f:5d:80:10:bf:e0:0f:fc:be:3f:11:11:
dc:b6:fe:56:3b:a2:1b:c0:c2:08:ca:62:43:f0:90:
74:d7:e0:1e:10:47:de:71:3f:e1:ac:3d:35:de:4a:
ec:a0:eb:00:c8:59:12:cd:fc:d3:f4:71:d5:a8:03:
0d:6b:95:f6:81:bf:8d:e2:6f:f5:c9:50:6b:b8:ec:
b2:95:0a:23:27:62:77:ea:06:59:25:e4:eb:5a:59:
2d:4b:7d:2a:c6:6f:92:5d:55:96:29:b2:c1:e9:c8:
a1:c8:fc:cc:f4:e9:c8:35:88:16:a7:47:42:52:0f:
75:1e:b9:d0:34:a1:36:33:e0:4c:69:8d:11:6c:64:
47:a8:98:21:00:1a:d2:c8:38:fa:7d:84:d1:00:15:
11:e6:54:a3:c8:79:e3:56:ee:51:dd:7a:12:a5:c4:
cf:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:3F:69:03:CF:1E:B4:16:71:C9:43:D2:D4:18:F6:83:2C:C5:AF:24
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a31313a3a2f34382d3438203d3e203530333931.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:11::/48
Signature Algorithm: sha256WithRSAEncryption
29:26:6f:a8:b4:3d:b3:44:43:61:7c:dd:fd:f2:ee:63:61:c2:
c3:80:61:00:32:a7:2c:a2:34:d3:65:a5:48:78:5f:33:ed:f7:
77:2b:2c:38:24:1a:8f:18:d3:19:62:19:91:a4:fa:a4:b8:d8:
29:6f:ef:b9:77:ac:12:cb:7a:5f:e8:38:61:dc:c0:b7:98:76:
81:a8:08:f6:cb:9a:16:e2:7a:39:71:ee:95:37:37:df:fe:33:
f8:14:62:d2:9f:73:93:c4:f1:22:fe:aa:33:21:9d:66:07:2b:
69:5c:8e:e8:c3:67:d7:6e:4b:48:a1:7f:2d:4a:5f:e4:33:3e:
82:fd:9c:a8:cf:68:e4:d3:d7:7b:4b:2f:76:be:b1:d6:e8:78:
8e:96:a5:5a:46:75:14:af:28:8c:eb:c3:b0:1c:9c:b4:49:e5:
b4:de:6e:a6:ac:48:f9:97:d2:4c:b4:50:2b:5d:9a:0b:1b:f6:
fd:41:2d:04:26:98:e2:0e:20:be:af:b8:5c:35:14:6c:46:f5:
19:f8:f2:c1:b4:bf:b4:70:1f:2c:23:a7:b2:58:8e:5e:14:45:
09:a9:61:b5:2d:73:3e:c9:e9:20:16:aa:21:25:3c:38:de:09:
dc:12:d0:3e:58:79:47:8e:0d:74:0f:52:dc:d8:ee:5e:da:7f:
40:b8:ef:b5
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUGUgS7jFSBmA2UrQyt08UdljfWc8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNjA0MjIxNDE3NTBaFw0yNzA0MjExNDIyNTBaMDMxMTAvBgNV
BAMTKEQ0M0Y2OTAzQ0YxRUI0MTY3MUM5NDNEMkQ0MThGNjgzMkNDNUFGMjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5Z/2f0RmCFnY4ctYsa3tOxnx9
LyYb1o96u/vUiejCtUNkZltxeHBkNJG64EIA04M7MUut1VwVS797zQf5BPHEt2D2
woAGECCw81tQmTya0hgiUgxO7vlpK6hl8x9dgBC/4A/8vj8REdy2/lY7ohvAwgjK
YkPwkHTX4B4QR95xP+GsPTXeSuyg6wDIWRLN/NP0cdWoAw1rlfaBv43ib/XJUGu4
7LKVCiMnYnfqBlkl5OtaWS1LfSrGb5JdVZYpssHpyKHI/Mz06cg1iBanR0JSD3Ue
udA0oTYz4ExpjRFsZEeomCEAGtLIOPp9hNEAFRHmVKPIeeNW7lHdehKlxM+lAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQU1D9pA88etBZxyUPS1Bj2gyzFryQwHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzMTMxM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzUzMDMzMzkzMS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHACoRKcAAETANBgkqhkiG9w0BAQsFAAOCAQEAKSZvqLQ9s0RDYXzd/fLuY2HC
w4BhADKnLKI002WlSHhfM+33dyssOCQajxjTGWIZkaT6pLjYKW/vuXesEst6X+g4
YdzAt5h2gagI9suaFuJ6OXHulTc33/4z+BRi0p9zk8TxIv6qMyGdZgcraVyO6MNn
125LSKF/LUpf5DM+gv2cqM9o5NPXe0svdr6x1uh4jpalWkZ1FK8ojOvDsByctEnl
tN5upqxI+ZfSTLRQK12aCxv2/UEtBCaY4g4gvq+4XDUUbEb1GfjywbS/tHAfLCOn
sliOXhRFCalhtS1zPsnpIBaqISU8ON4J3BLQPlh5R44NdA9S3NjuXtp/QLjvtQ==
-----END CERTIFICATE-----
Generated at Mon Apr 27 10:46:16 2026 by rpki-client