Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a313a3a2f34382d3438203d3e203530333931.roa
File: 326131313a323963303a313a3a2f34382d3438203d3e203530333931.roa (raw, json)
Hash identifier: qu3LCtDUOHCAqWVfB5A0wH7WDKlFhqMo0b0BfGHXlHA=
Subject key identifier: 4C:E2:09:2F:88:C6:A8:1B:BA:E7:82:24:09:40:F0:9C:1A:E2:B5:CD
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 5FAA9DB76D6C4A8A966FD0DA9FE55FCF18A2E7AB
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a313a3a2f34382d3438203d3e203530333931.roa
Signing time: Wed 22 Apr 2026 14:22:48 +0000
ROA not before: Wed 22 Apr 2026 14:17:48 +0000
ROA not after: Wed 21 Apr 2027 14:22:48 +0000
asID: 50391
IP address blocks: 2a11:29c0:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 Apr 2026 20:56:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:aa:9d:b7:6d:6c:4a:8a:96:6f:d0:da:9f:e5:5f:cf:18:a2:e7:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: Apr 22 14:17:48 2026 GMT
Not After : Apr 21 14:22:48 2027 GMT
Subject: CN=4CE2092F88C6A81BBAE782240940F09C1AE2B5CD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:04:f6:6d:0f:67:97:2f:63:fb:72:5f:bf:ab:
98:08:34:28:38:3e:16:2b:20:d9:e9:d2:7f:94:dd:
64:6e:28:c4:23:ad:03:d7:e0:0c:fe:7a:21:6f:ee:
a4:38:50:97:0a:8b:8d:ab:fb:f8:21:e3:f5:fb:ef:
97:3b:ef:c2:92:b6:cb:38:f6:94:37:58:7a:32:1e:
de:29:80:27:60:4d:ab:44:8f:9b:4f:ac:06:7e:3d:
20:49:4f:fa:3a:07:fb:9e:a3:72:9c:e0:ec:96:74:
7e:ae:c5:b3:28:ef:4d:f4:9b:bc:f8:f9:cd:f3:3a:
73:be:06:5a:30:2a:87:00:0c:eb:4b:ca:bb:5f:0d:
35:96:9f:c3:06:3d:28:0b:d7:93:be:d2:c7:98:d4:
ef:36:23:1a:98:ef:48:5b:28:e6:4a:64:ff:a3:05:
c9:f3:af:d2:55:e2:99:ce:2e:c9:af:10:94:d3:9d:
d7:a0:40:d3:75:5f:30:48:a1:67:ec:11:5a:3e:b7:
c3:98:0e:7d:61:c2:4a:f2:89:e0:bd:6a:7f:f5:fa:
2b:96:8d:be:32:04:b5:f9:6d:05:db:6e:75:7b:fb:
22:ef:4a:21:28:52:cb:d7:da:98:4d:f3:8d:73:1f:
0e:d0:f2:93:ef:d5:2e:7e:39:d2:16:cc:3d:99:20:
d1:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:E2:09:2F:88:C6:A8:1B:BA:E7:82:24:09:40:F0:9C:1A:E2:B5:CD
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a313a3a2f34382d3438203d3e203530333931.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:1::/48
Signature Algorithm: sha256WithRSAEncryption
ac:82:7c:f6:1a:99:bc:f8:5e:f8:b1:b5:20:0d:b3:3a:79:27:
d6:71:a0:8e:b2:d3:bd:6c:e3:2e:5f:00:c3:01:e9:86:85:3f:
21:08:df:11:56:3f:f8:60:b9:ee:74:50:65:fa:da:2b:fc:52:
8a:d0:b5:99:61:f4:87:e3:d4:89:0a:1a:78:33:7d:e5:4c:7d:
28:35:17:dc:d6:c7:26:cb:1e:51:51:25:ac:04:03:ba:31:92:
3b:0c:8a:e8:0c:92:4d:7b:5c:12:c6:75:ed:6f:76:44:00:99:
f9:d5:3d:9c:8d:74:0a:b5:c5:8e:2e:a5:ae:f7:25:41:99:a5:
23:30:a6:25:7f:fb:d9:2c:74:20:a7:7a:de:ec:a3:5d:34:bf:
c5:0d:53:1b:43:af:2e:56:bd:b8:98:4a:51:9c:b5:74:97:7e:
05:66:a5:8f:05:0b:45:00:f4:32:18:7b:c8:e4:84:e1:c9:1c:
07:45:34:3f:56:a5:a5:29:29:ae:62:1d:be:e5:c0:bc:f3:4e:
00:5e:03:9e:29:89:96:f9:91:7c:b6:98:04:99:64:ad:dd:88:
24:cf:ab:d0:c0:6c:1b:51:df:92:48:bb:bb:87:85:7a:48:36:
a3:6c:97:27:ad:03:2e:75:81:a7:5f:25:e5:e5:d7:ac:73:c3:
13:c9:57:7f
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUX6qdt21sSoqWb9Dan+Vfzxii56swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNjA0MjIxNDE3NDhaFw0yNzA0MjExNDIyNDhaMDMxMTAvBgNV
BAMTKDRDRTIwOTJGODhDNkE4MUJCQUU3ODIyNDA5NDBGMDlDMUFFMkI1Q0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVBPZtD2eXL2P7cl+/q5gINCg4
PhYrINnp0n+U3WRuKMQjrQPX4Az+eiFv7qQ4UJcKi42r+/gh4/X775c778KStss4
9pQ3WHoyHt4pgCdgTatEj5tPrAZ+PSBJT/o6B/ueo3Kc4OyWdH6uxbMo7030m7z4
+c3zOnO+BlowKocADOtLyrtfDTWWn8MGPSgL15O+0seY1O82IxqY70hbKOZKZP+j
Bcnzr9JV4pnOLsmvEJTTndegQNN1XzBIoWfsEVo+t8OYDn1hwkryieC9an/1+iuW
jb4yBLX5bQXbbnV7+yLvSiEoUsvX2phN841zHw7Q8pPv1S5+OdIWzD2ZINE3AgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUTOIJL4jGqBu654IkCUDwnBritc0wHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzMTNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDM1MzAzMzM5MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkD
BwAqESnAAAEwDQYJKoZIhvcNAQELBQADggEBAKyCfPYambz4XvixtSANszp5J9Zx
oI6y071s4y5fAMMB6YaFPyEI3xFWP/hgue50UGX62iv8UorQtZlh9Ifj1IkKGngz
feVMfSg1F9zWxybLHlFRJawEA7oxkjsMiugMkk17XBLGde1vdkQAmfnVPZyNdAq1
xY4upa73JUGZpSMwpiV/+9ksdCCnet7so100v8UNUxtDry5WvbiYSlGctXSXfgVm
pY8FC0UA9DIYe8jkhOHJHAdFND9WpaUpKa5iHb7lwLzzTgBeA54piZb5kXy2mASZ
ZK3diCTPq9DAbBtR35JIu7uHhXpINqNslyetAy51gadfJeXl16xzwxPJV38=
-----END CERTIFICATE-----
Generated at Mon Apr 27 10:45:51 2026 by rpki-client