Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a33623a3a2f34382d3438203d3e20313938333735.roa
File: 326131313a323963303a33623a3a2f34382d3438203d3e20313938333735.roa (raw, json)
Hash identifier: U6cO2o9t4dfd5qaUqvHjljVr2+sPso1Vs5IEVU4rdcI=
Subject key identifier: F4:DE:09:19:9F:5B:E1:C8:B4:D0:E7:19:83:3A:FB:9E:A3:DA:0B:0C
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 6BEDEAEFA72228F64B8EE5213142D1D588E2FC69
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a33623a3a2f34382d3438203d3e20313938333735.roa
Signing time: Fri 24 Apr 2026 16:49:34 +0000
ROA not before: Fri 24 Apr 2026 16:44:34 +0000
ROA not after: Fri 23 Apr 2027 16:49:34 +0000
asID: 198375
IP address blocks: 2a11:29c0:3b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 Apr 2026 20:56:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:ed:ea:ef:a7:22:28:f6:4b:8e:e5:21:31:42:d1:d5:88:e2:fc:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: Apr 24 16:44:34 2026 GMT
Not After : Apr 23 16:49:34 2027 GMT
Subject: CN=F4DE09199F5BE1C8B4D0E719833AFB9EA3DA0B0C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:4f:63:08:72:aa:9e:f4:02:e1:cf:e3:72:a7:
8b:dd:2e:fe:ba:9e:74:4a:64:c2:60:90:df:7b:1b:
63:b7:e8:ab:e6:13:67:da:56:41:7a:68:69:b3:63:
bf:2a:64:c8:e7:f9:ba:45:4c:ea:00:78:06:e5:03:
3c:82:36:93:6e:df:b6:c9:03:10:dc:fb:73:f0:a3:
1a:ec:f8:ed:34:31:b5:c4:5d:5b:5d:e9:22:a3:8c:
de:5b:89:6f:20:89:12:a6:85:e1:61:aa:40:ab:2e:
81:8c:df:ba:db:38:2c:81:2a:aa:87:6c:10:32:90:
53:f5:1f:82:59:07:8b:8b:e1:87:d4:6f:c1:f1:2a:
50:3e:59:da:37:3d:60:c7:b9:01:f8:06:37:2e:e2:
bd:1a:ba:49:e9:bb:a4:6e:10:c1:e3:2d:31:1a:98:
31:72:55:8f:1e:1f:34:6f:d0:fc:2e:dc:93:99:8b:
b3:c7:be:9c:f1:c7:f8:19:b2:93:6f:50:da:42:4e:
c0:21:e2:fc:0d:3a:46:3b:47:53:ca:70:c5:1a:22:
9d:67:ed:16:d0:07:d6:33:67:43:30:23:5e:d0:32:
64:0c:bb:62:1d:17:f4:70:c2:ce:e5:4f:78:fb:84:
f7:e2:ca:7c:9c:90:42:80:8c:93:9e:6c:1f:7c:8f:
92:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:DE:09:19:9F:5B:E1:C8:B4:D0:E7:19:83:3A:FB:9E:A3:DA:0B:0C
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a33623a3a2f34382d3438203d3e20313938333735.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:3b::/48
Signature Algorithm: sha256WithRSAEncryption
5a:ac:19:19:f2:ba:92:f2:3a:bb:29:7d:be:83:72:26:83:f1:
5c:27:96:85:3e:6c:86:19:93:d0:ff:a0:bb:37:2d:77:1b:6d:
2d:c8:b2:7e:88:45:2b:8e:f4:9a:d9:91:20:c2:59:02:a8:35:
32:8a:41:79:7b:f1:b8:db:75:3b:c6:b5:eb:a2:e2:28:aa:5b:
e3:08:19:ba:65:64:44:6b:d6:54:b8:d9:2f:69:83:cb:1b:7e:
3a:bc:84:dc:f3:e5:8e:08:84:58:8f:3c:15:83:41:e7:89:9d:
e2:2e:3c:e3:9f:47:10:13:52:09:56:71:b7:f3:3e:4b:b7:3d:
6d:43:96:1b:1f:4b:87:98:12:1a:76:c0:1d:38:59:e0:13:37:
8d:de:0a:8d:18:35:2a:e2:3c:31:52:46:6b:f4:a1:8f:68:06:
24:db:67:6d:42:8f:3f:36:a0:a6:31:6b:aa:a3:6b:f4:ef:28:
9e:9b:ef:1b:bc:04:ee:aa:95:0c:88:38:cb:c0:2e:0c:33:21:
0b:ad:71:6a:a4:84:7d:b1:1d:06:ca:b7:4d:8f:b4:7f:86:99:
a8:68:df:98:4b:44:33:b0:a6:5b:f5:78:05:14:22:f9:65:57:
9c:e9:79:19:7c:47:f8:e1:08:68:37:0e:a7:ab:bd:fd:7e:2e:
ca:cf:22:a8
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUa+3q76ciKPZLjuUhMULR1Yji/GkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNjA0MjQxNjQ0MzRaFw0yNzA0MjMxNjQ5MzRaMDMxMTAvBgNV
BAMTKEY0REUwOTE5OUY1QkUxQzhCNEQwRTcxOTgzM0FGQjlFQTNEQTBCMEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1T2MIcqqe9ALhz+Nyp4vdLv66
nnRKZMJgkN97G2O36KvmE2faVkF6aGmzY78qZMjn+bpFTOoAeAblAzyCNpNu37bJ
AxDc+3Pwoxrs+O00MbXEXVtd6SKjjN5biW8giRKmheFhqkCrLoGM37rbOCyBKqqH
bBAykFP1H4JZB4uL4YfUb8HxKlA+Wdo3PWDHuQH4Bjcu4r0auknpu6RuEMHjLTEa
mDFyVY8eHzRv0Pwu3JOZi7PHvpzxx/gZspNvUNpCTsAh4vwNOkY7R1PKcMUaIp1n
7RbQB9YzZ0MwI17QMmQMu2IdF/Rwws7lT3j7hPfiynyckEKAjJOebB98j5LBAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQU9N4JGZ9b4ci00OcZgzr7nqPaCwwwHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzMzYyM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzEzOTM4MzMzNzM1LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAKhEpwAA7MA0GCSqGSIb3DQEBCwUAA4IBAQBarBkZ8rqS8jq7KX2+g3Im
g/FcJ5aFPmyGGZPQ/6C7Ny13G20tyLJ+iEUrjvSa2ZEgwlkCqDUyikF5e/G423U7
xrXrouIoqlvjCBm6ZWREa9ZUuNkvaYPLG346vITc8+WOCIRYjzwVg0HniZ3iLjzj
n0cQE1IJVnG38z5Ltz1tQ5YbH0uHmBIadsAdOFngEzeN3gqNGDUq4jwxUkZr9KGP
aAYk22dtQo8/NqCmMWuqo2v07yiem+8bvATuqpUMiDjLwC4MMyELrXFqpIR9sR0G
yrdNj7R/hpmoaN+YS0QzsKZb9XgFFCL5ZVec6XkZfEf44QhoNw6nq739fi7KzyKo
-----END CERTIFICATE-----
Generated at Mon Apr 27 10:38:22 2026 by rpki-client