Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466313a3a2f34382d3438203d3e20323039333839.roa
File: 326131313a323963303a336466313a3a2f34382d3438203d3e20323039333839.roa (raw, json)
Hash identifier: pFU2tQJgzw22EV3fj4JzqJ/gc5bjh+MG06nlhK5w3LE=
Subject key identifier: 5E:11:48:11:15:BF:A8:F0:47:0A:ED:7A:6B:12:64:DA:CE:FE:41:BA
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 7B93798D60359779798AED6F3A6DE52D3F885D5B
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466313a3a2f34382d3438203d3e20323039333839.roa
Signing time: Wed 22 Apr 2026 14:22:48 +0000
ROA not before: Wed 22 Apr 2026 14:17:48 +0000
ROA not after: Wed 21 Apr 2027 14:22:48 +0000
asID: 209389
IP address blocks: 2a11:29c0:3df1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 Apr 2026 20:56:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:93:79:8d:60:35:97:79:79:8a:ed:6f:3a:6d:e5:2d:3f:88:5d:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: Apr 22 14:17:48 2026 GMT
Not After : Apr 21 14:22:48 2027 GMT
Subject: CN=5E11481115BFA8F0470AED7A6B1264DACEFE41BA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:c2:7a:d0:05:f9:a5:70:f9:d0:61:d8:22:88:
2e:eb:75:e9:10:a8:c8:9c:b0:26:42:b2:12:30:18:
00:bc:b1:5d:e3:1e:d6:bd:f4:d3:42:d2:a5:71:dd:
63:4f:96:a5:98:66:9b:de:84:77:7e:ef:e9:08:f0:
12:46:3b:40:cf:ca:93:9d:75:1c:75:48:e1:89:1e:
23:d5:fa:48:9d:52:82:a7:ef:5d:5b:73:63:e4:d5:
8d:a7:32:9f:9d:6e:cb:43:e0:46:bb:8f:33:a5:b5:
0b:50:52:33:af:1c:d3:6c:57:c7:dc:d5:fe:19:b8:
df:11:84:c6:fd:1f:91:21:75:6d:33:5e:a6:82:fc:
19:90:49:5d:4e:bb:d0:27:84:b2:17:a4:ec:1a:7d:
9f:e0:c8:58:3d:c2:c6:f1:28:f3:e2:3d:5f:d3:ca:
54:12:fb:20:cc:98:ce:a7:6a:e8:13:f5:59:d2:92:
d8:28:6d:b9:d0:26:60:ba:b7:51:82:15:07:04:ea:
fa:52:ad:9c:d2:ca:0b:80:c1:f2:a8:bb:3e:0d:58:
71:65:30:95:a8:db:b2:d4:14:11:c3:79:09:48:bf:
9e:33:1e:c8:93:38:84:78:d2:42:08:dc:2e:bc:f2:
5e:eb:38:cd:f2:eb:b6:fa:21:6b:54:cb:9f:f7:9b:
a5:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:11:48:11:15:BF:A8:F0:47:0A:ED:7A:6B:12:64:DA:CE:FE:41:BA
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466313a3a2f34382d3438203d3e20323039333839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:3df1::/48
Signature Algorithm: sha256WithRSAEncryption
34:0f:62:85:06:16:ab:24:a4:48:78:3d:28:66:cd:1e:3a:19:
06:88:59:5e:6c:fc:4f:2f:51:20:21:70:11:fc:6b:27:6f:fe:
95:6f:44:6a:de:fe:db:0c:6e:d6:7f:48:97:70:59:9b:5b:ec:
a9:1a:6a:98:b2:2a:24:4f:67:17:e1:9a:f5:c1:ba:b2:67:4a:
44:08:2e:1d:e5:db:05:c3:d0:be:82:31:69:92:48:63:fa:2b:
d2:dc:4f:7a:57:45:2a:46:f1:95:8c:f6:3a:71:8b:ac:41:df:
d3:f5:e8:c0:e1:76:a0:5f:5e:ba:d5:6c:12:ba:b6:31:4e:b3:
89:9a:44:07:af:e7:f5:6f:15:e7:3f:9b:4f:9d:d4:3a:63:bd:
1e:11:82:8b:3a:b8:de:32:8f:fb:de:40:8c:c2:80:c5:9e:ab:
8f:69:f0:c1:1f:a5:4f:65:8c:9a:2a:c6:97:c6:3f:8a:93:9f:
1a:21:26:d8:ca:a4:32:42:54:2c:e2:d7:c5:73:aa:f0:00:e5:
f1:41:89:5c:b7:35:35:57:b1:30:39:ea:00:fd:3c:5c:9d:eb:
94:8a:a8:7e:16:a3:eb:6f:dc:98:65:e5:21:ac:29:c7:77:be:
84:0d:b8:63:2e:cd:f9:85:3e:e0:30:92:b2:1b:db:4e:6b:ec:
e9:18:6b:15
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUe5N5jWA1l3l5iu1vOm3lLT+IXVswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNjA0MjIxNDE3NDhaFw0yNzA0MjExNDIyNDhaMDMxMTAvBgNV
BAMTKDVFMTE0ODExMTVCRkE4RjA0NzBBRUQ3QTZCMTI2NERBQ0VGRTQxQkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkwnrQBfmlcPnQYdgiiC7rdekQ
qMicsCZCshIwGAC8sV3jHta99NNC0qVx3WNPlqWYZpvehHd+7+kI8BJGO0DPypOd
dRx1SOGJHiPV+kidUoKn711bc2Pk1Y2nMp+dbstD4Ea7jzOltQtQUjOvHNNsV8fc
1f4ZuN8RhMb9H5EhdW0zXqaC/BmQSV1Ou9AnhLIXpOwafZ/gyFg9wsbxKPPiPV/T
ylQS+yDMmM6naugT9VnSktgobbnQJmC6t1GCFQcE6vpSrZzSyguAwfKouz4NWHFl
MJWo27LUFBHDeQlIv54zHsiTOIR40kII3C688l7rOM3y67b6IWtUy5/3m6V9AgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUXhFIERW/qPBHCu16axJk2s7+QbowHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzMzY0NjYzMTNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAzOTMzMzgzOS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoRKcA98TANBgkqhkiG9w0BAQsFAAOCAQEANA9ihQYWqySkSHg9
KGbNHjoZBohZXmz8Ty9RICFwEfxrJ2/+lW9Eat7+2wxu1n9Il3BZm1vsqRpqmLIq
JE9nF+Ga9cG6smdKRAguHeXbBcPQvoIxaZJIY/or0txPeldFKkbxlYz2OnGLrEHf
0/XowOF2oF9eutVsErq2MU6ziZpEB6/n9W8V5z+bT53UOmO9HhGCizq43jKP+95A
jMKAxZ6rj2nwwR+lT2WMmirGl8Y/ipOfGiEm2MqkMkJULOLXxXOq8ADl8UGJXLc1
NVexMDnqAP08XJ3rlIqofhaj62/cmGXlIawpx3e+hA24Yy7N+YU+4DCSshvbTmvs
6RhrFQ==
-----END CERTIFICATE-----
Generated at Mon Apr 27 10:46:34 2026 by rpki-client