Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336461303a3a2f34342d3438203d3e20323031363136.roa
File: 326131313a323963303a336461303a3a2f34342d3438203d3e20323031363136.roa (raw, json)
Hash identifier: AxVtl/iO0ZflCHjzQQJoQb0YNRc0kNSo8AGnMZNLJto=
Subject key identifier: FA:16:8F:6B:A5:84:ED:F9:7D:A6:C5:50:D8:85:B1:84:05:AE:E1:0C
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 75D569EBC8E0AF3C8783EF6106D301EE543C3FED
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336461303a3a2f34342d3438203d3e20323031363136.roa
Signing time: Fri 29 May 2026 08:05:08 +0000
ROA not before: Fri 29 May 2026 08:00:08 +0000
ROA not after: Fri 28 May 2027 08:05:08 +0000
asID: 201616
IP address blocks: 2a11:29c0:3da0::/44 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 13:27:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:d5:69:eb:c8:e0:af:3c:87:83:ef:61:06:d3:01:ee:54:3c:3f:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: May 29 08:00:08 2026 GMT
Not After : May 28 08:05:08 2027 GMT
Subject: CN=FA168F6BA584EDF97DA6C550D885B18405AEE10C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:4f:77:89:c5:89:e5:df:83:16:a7:61:bd:13:
cb:ae:f6:a7:cc:44:60:11:e8:e6:c4:41:f9:b2:93:
9b:7f:58:58:b5:1b:bf:62:0f:55:df:7d:df:85:d9:
af:cd:07:2f:b0:f2:40:59:b5:58:93:26:23:15:e2:
8e:f3:58:1a:de:9a:bf:b2:5c:f8:b5:a8:82:7e:98:
93:6b:7c:50:c2:ba:b4:71:73:ea:3d:0e:e3:12:c4:
09:78:5b:fa:2d:7d:bb:7e:69:4a:c2:bd:4f:15:53:
7d:fb:44:99:86:17:08:76:9a:e1:3c:4e:fd:7e:29:
ec:31:0e:95:93:37:6c:4a:fb:71:95:ab:33:08:89:
99:f1:0d:7b:cd:ac:55:c7:71:a8:eb:fd:bf:50:a9:
c5:24:5a:78:3f:0d:9f:34:a0:7e:19:b6:2d:28:52:
a7:9e:44:76:ed:48:b3:70:f9:64:49:dd:84:73:a5:
8a:f7:70:a9:3c:27:c5:51:5d:1c:b5:2c:eb:17:e1:
de:b3:e8:61:98:cd:90:64:d1:3b:5d:72:90:d4:87:
52:17:9b:4d:5a:2d:88:06:d2:a2:20:32:07:86:fc:
0a:25:fd:09:eb:62:f2:b2:75:a4:5a:75:bd:8e:01:
f2:d5:81:92:12:1e:57:20:9d:b0:dc:64:42:a5:bb:
b1:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:16:8F:6B:A5:84:ED:F9:7D:A6:C5:50:D8:85:B1:84:05:AE:E1:0C
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336461303a3a2f34342d3438203d3e20323031363136.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:3da0::/44
Signature Algorithm: sha256WithRSAEncryption
84:94:ba:72:75:db:ab:cb:15:b8:a1:95:38:f8:34:3e:21:d1:
83:e8:03:e0:ee:69:b3:a2:c7:0f:62:35:53:ad:c9:35:32:17:
df:0d:ac:66:17:57:de:25:43:cc:07:e0:95:88:b9:3a:cb:b7:
88:ba:b6:f1:54:46:f1:98:09:7b:26:49:65:b4:82:4c:4d:fb:
45:59:12:e6:46:0f:44:fb:31:85:f3:a3:1d:1a:0e:f1:04:9e:
b2:52:b0:ba:3d:7a:7c:33:a2:89:9d:d7:e4:d3:e0:fb:ac:a3:
7d:6c:4b:73:90:ac:2f:22:e3:5b:04:05:ae:1a:cd:23:af:f5:
ec:96:fd:c3:c1:26:81:55:a7:ea:42:f9:96:f0:3f:9e:0c:b3:
e3:b0:a1:1f:7e:13:67:25:4b:5a:9b:fb:7a:fc:2f:2c:fd:1e:
5d:58:9a:aa:47:c0:29:17:de:1a:e0:98:fb:34:f3:88:46:18:
4b:4a:3a:9e:b1:7e:99:26:ba:01:1c:14:71:f2:e0:cf:4b:7f:
d8:d7:be:e3:5a:54:ca:cc:a2:17:e7:69:23:a1:4f:a8:5b:7b:
06:2d:3a:80:73:2f:79:57:ad:bb:3d:6b:72:62:ac:2e:30:3f:
13:32:6b:a9:27:a4:32:99:ab:02:90:c2:24:81:66:fd:1a:14:
98:63:23:ce
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUddVp68jgrzyHg+9hBtMB7lQ8P+0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNjA1MjkwODAwMDhaFw0yNzA1MjgwODA1MDhaMDMxMTAvBgNV
BAMTKEZBMTY4RjZCQTU4NEVERjk3REE2QzU1MEQ4ODVCMTg0MDVBRUUxMEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOT3eJxYnl34MWp2G9E8uu9qfM
RGAR6ObEQfmyk5t/WFi1G79iD1Xffd+F2a/NBy+w8kBZtViTJiMV4o7zWBremr+y
XPi1qIJ+mJNrfFDCurRxc+o9DuMSxAl4W/otfbt+aUrCvU8VU337RJmGFwh2muE8
Tv1+KewxDpWTN2xK+3GVqzMIiZnxDXvNrFXHcajr/b9QqcUkWng/DZ80oH4Zti0o
UqeeRHbtSLNw+WRJ3YRzpYr3cKk8J8VRXRy1LOsX4d6z6GGYzZBk0TtdcpDUh1IX
m01aLYgG0qIgMgeG/Aol/QnrYvKydaRadb2OAfLVgZISHlcgnbDcZEKlu7E7AgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQU+haPa6WE7fl9psVQ2IWxhAWu4QwwHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzMzY0NjEzMDNhM2EyZjM0MzQyZDM0MzgyMDNkM2UyMDMyMzAzMTM2MzEzNi5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHBCoRKcA9oDANBgkqhkiG9w0BAQsFAAOCAQEAhJS6cnXbq8sVuKGV
OPg0PiHRg+gD4O5ps6LHD2I1U63JNTIX3w2sZhdX3iVDzAfglYi5Osu3iLq28VRG
8ZgJeyZJZbSCTE37RVkS5kYPRPsxhfOjHRoO8QSeslKwuj16fDOiiZ3X5NPg+6yj
fWxLc5CsLyLjWwQFrhrNI6/17Jb9w8EmgVWn6kL5lvA/ngyz47ChH34TZyVLWpv7
evwvLP0eXViaqkfAKRfeGuCY+zTziEYYS0o6nrF+mSa6ARwUcfLgz0t/2Ne+41pU
ysyiF+dpI6FPqFt7Bi06gHMveVetuz1rcmKsLjA/EzJrqSekMpmrApDCJIFm/RoU
mGMjzg==
-----END CERTIFICATE-----
Generated at Thu Jun 11 17:02:36 2026 by rpki-client