Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a33353a3a2f34382d3438203d3e203233343730.roa
File: 326131313a323963303a33353a3a2f34382d3438203d3e203233343730.roa (raw, json)
Hash identifier: cwlYTUnX+QJS+CobkJcAWjWfeOWXsi/GyeShmAGtvqc=
Subject key identifier: 27:74:4C:8D:A3:BE:47:FE:E6:E1:4A:7F:7D:D1:D2:8F:F2:5E:34:0F
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 6A9ED1D7CA8D09AD82D81F70C8168C4807100A93
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a33353a3a2f34382d3438203d3e203233343730.roa
Signing time: Fri 06 Mar 2026 12:22:45 +0000
ROA not before: Fri 06 Mar 2026 12:17:45 +0000
ROA not after: Fri 05 Mar 2027 12:22:45 +0000
asID: 23470
IP address blocks: 2a11:29c0:35::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 13 Mar 2026 16:06:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:9e:d1:d7:ca:8d:09:ad:82:d8:1f:70:c8:16:8c:48:07:10:0a:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: Mar 6 12:17:45 2026 GMT
Not After : Mar 5 12:22:45 2027 GMT
Subject: CN=27744C8DA3BE47FEE6E14A7F7DD1D28FF25E340F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:14:e9:7f:50:b2:44:6b:5b:b7:8f:e3:f1:a0:
ea:db:03:b7:d7:e9:66:1c:61:92:6b:03:06:7b:cd:
dc:92:c7:b3:ca:a7:9c:85:81:a8:f3:e0:86:be:94:
35:42:fb:ac:55:5f:8f:cf:09:59:ca:3d:06:ab:0e:
9c:c4:f9:e5:2c:d1:9c:7f:51:c2:f2:77:54:c9:83:
bf:1b:ca:ef:fb:27:77:fe:7e:5c:86:ec:30:d5:93:
ee:eb:a8:d7:45:28:22:6d:49:63:97:a1:24:c8:be:
31:c2:4b:19:92:24:48:cb:33:9c:92:a9:a0:4d:d4:
4c:6e:dd:88:db:c6:f1:ea:41:9a:af:71:f6:01:a2:
43:cf:2e:d1:be:65:eb:3c:0e:89:b3:25:3f:95:22:
b5:85:3c:50:29:33:9a:42:26:b1:f6:43:0a:6a:d7:
2c:6b:e9:d1:6f:01:ef:71:c0:e3:40:9a:36:a0:7e:
92:68:3e:5c:44:3d:d1:9b:00:ea:c9:f0:69:9f:25:
73:a3:6d:ec:b3:e9:d9:2a:53:d8:a3:6b:44:0a:64:
f2:c8:90:23:84:97:09:4b:f6:f6:64:a3:26:8c:4a:
8c:a9:c3:e2:b4:80:3c:c5:cf:65:37:4e:86:b1:7b:
dd:63:a2:98:aa:32:5c:c3:24:2b:6f:92:ee:be:d5:
a9:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:74:4C:8D:A3:BE:47:FE:E6:E1:4A:7F:7D:D1:D2:8F:F2:5E:34:0F
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a33353a3a2f34382d3438203d3e203233343730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:35::/48
Signature Algorithm: sha256WithRSAEncryption
19:4a:be:75:94:c5:f0:e8:49:95:53:8a:c5:6d:f0:d9:6c:16:
28:ce:99:95:bb:16:01:40:33:c9:6a:51:61:43:74:35:ac:d4:
a8:70:7d:8c:56:a5:44:26:e7:df:cc:bc:8c:90:b5:38:d5:f3:
fd:5e:ec:54:37:23:29:93:98:93:de:58:96:8e:5d:90:bd:92:
3e:31:92:bd:74:36:13:b6:41:1b:b9:ba:35:02:cc:62:e9:22:
5c:8f:67:0b:d2:1f:88:88:52:24:7c:27:21:ca:eb:9a:8b:03:
41:8c:08:2d:86:f3:91:29:69:7b:51:5c:49:46:fd:23:46:92:
d1:e1:0f:a0:1f:ee:eb:a2:ae:4e:c3:ca:7f:14:54:8f:4b:d3:
ee:e5:cc:aa:94:88:f2:83:27:a0:6d:ca:f3:dd:48:ff:ff:57:
df:1b:c3:29:c0:55:f7:39:b4:ee:48:ce:3c:47:8f:40:44:5f:
df:b2:70:9f:67:59:56:d7:50:fc:ac:48:7a:7e:f5:0d:a2:d7:
1d:bc:c9:3a:ae:f6:94:72:45:d3:7a:fe:cc:49:1b:80:65:9c:
a2:3b:5f:e6:dc:6e:f7:a9:b0:be:e1:bc:16:3e:cc:71:45:47:
f1:e0:76:70:b5:3b:59:05:8c:77:d3:17:e2:c1:29:33:81:51:
c3:4e:fe:8f
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUap7R18qNCa2C2B9wyBaMSAcQCpMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNjAzMDYxMjE3NDVaFw0yNzAzMDUxMjIyNDVaMDMxMTAvBgNV
BAMTKDI3NzQ0QzhEQTNCRTQ3RkVFNkUxNEE3RjdERDFEMjhGRjI1RTM0MEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPFOl/ULJEa1u3j+PxoOrbA7fX
6WYcYZJrAwZ7zdySx7PKp5yFgajz4Ia+lDVC+6xVX4/PCVnKPQarDpzE+eUs0Zx/
UcLyd1TJg78byu/7J3f+flyG7DDVk+7rqNdFKCJtSWOXoSTIvjHCSxmSJEjLM5yS
qaBN1Exu3YjbxvHqQZqvcfYBokPPLtG+Zes8DomzJT+VIrWFPFApM5pCJrH2Qwpq
1yxr6dFvAe9xwONAmjagfpJoPlxEPdGbAOrJ8GmfJXOjbeyz6dkqU9ija0QKZPLI
kCOElwlL9vZkoyaMSoypw+K0gDzFz2U3Toaxe91jopiqMlzDJCtvku6+1akrAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUJ3RMjaO+R/7m4Up/fdHSj/JeNA8wHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzMzM1M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzMzM0MzczMC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHACoRKcAANTANBgkqhkiG9w0BAQsFAAOCAQEAGUq+dZTF8OhJlVOKxW3w2WwW
KM6ZlbsWAUAzyWpRYUN0NazUqHB9jFalRCbn38y8jJC1ONXz/V7sVDcjKZOYk95Y
lo5dkL2SPjGSvXQ2E7ZBG7m6NQLMYukiXI9nC9IfiIhSJHwnIcrrmosDQYwILYbz
kSlpe1FcSUb9I0aS0eEPoB/u66KuTsPKfxRUj0vT7uXMqpSI8oMnoG3K891I//9X
3xvDKcBV9zm07kjOPEePQERf37Jwn2dZVtdQ/KxIen71DaLXHbzJOq72lHJF03r+
zEkbgGWcojtf5txu96mwvuG8Fj7McUVH8eB2cLU7WQWMd9MX4sEpM4FRw07+jw==
-----END CERTIFICATE-----
Generated at Fri Mar 13 05:32:20 2026 by rpki-client