Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466323a3a2f34382d3438203d3e20323131393434.roa
File: 326131313a323963303a336466323a3a2f34382d3438203d3e20323131393434.roa (raw, json)
Hash identifier: knMWev5QWmNNjXkS1zcidsc/7AX6EGQq5Xu7+/xGHSc=
Subject key identifier: AB:34:33:9F:50:48:FE:2F:AE:3F:C7:73:80:41:BB:0F:09:D2:FF:1E
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 0F106DE85FF467607BC526AB353FB681AF9252AE
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466323a3a2f34382d3438203d3e20323131393434.roa
Signing time: Wed 22 Apr 2026 14:22:48 +0000
ROA not before: Wed 22 Apr 2026 14:17:48 +0000
ROA not after: Wed 21 Apr 2027 14:22:48 +0000
asID: 211944
IP address blocks: 2a11:29c0:3df2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 Apr 2026 20:56:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:10:6d:e8:5f:f4:67:60:7b:c5:26:ab:35:3f:b6:81:af:92:52:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: Apr 22 14:17:48 2026 GMT
Not After : Apr 21 14:22:48 2027 GMT
Subject: CN=AB34339F5048FE2FAE3FC7738041BB0F09D2FF1E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:38:9b:f2:c0:f6:d1:4a:4f:f1:11:4e:0d:4f:
af:79:3f:af:e7:3a:ac:dd:52:59:e2:1a:70:4e:29:
aa:b6:03:fd:68:59:36:25:67:bf:9c:e1:19:9e:f5:
e3:4b:2f:28:c6:73:03:9d:da:a1:3f:bc:de:bf:54:
cb:15:3a:3e:13:9f:f3:ee:42:74:bc:3e:9d:0a:41:
5e:5b:8c:21:f7:82:bf:05:e5:87:01:7e:95:ea:cb:
d5:d9:7b:f8:96:46:96:cc:ef:f8:8e:68:f9:9d:97:
51:1b:7e:ca:75:5b:c1:18:88:06:cc:ca:ac:b6:31:
c9:c6:77:a0:40:a6:56:3c:76:a9:a7:c2:8b:88:ee:
12:a5:82:e0:9a:12:77:69:94:fd:c1:a3:39:a3:43:
6a:ca:07:b0:b5:2b:35:f8:05:8e:d1:b7:56:d2:32:
aa:70:26:1a:34:95:2f:20:3d:dd:2f:25:3e:a5:5c:
e0:43:8f:66:c4:14:92:01:71:18:02:75:e6:9d:20:
0f:9d:2c:86:0f:f1:4e:11:a7:64:cd:ae:71:b6:5b:
73:93:bd:84:18:73:98:ce:09:e2:81:9d:d0:20:83:
c8:a3:ba:65:7c:48:dd:b9:ba:2f:68:c6:6f:3a:da:
0f:82:6c:a4:e6:a8:c6:22:08:d8:e1:38:51:63:90:
dd:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:34:33:9F:50:48:FE:2F:AE:3F:C7:73:80:41:BB:0F:09:D2:FF:1E
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466323a3a2f34382d3438203d3e20323131393434.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:3df2::/48
Signature Algorithm: sha256WithRSAEncryption
8d:d2:7a:7c:31:06:1d:c2:4b:7e:3e:98:02:b9:de:0f:56:5d:
51:43:2e:46:95:69:0e:fa:dd:7f:1d:d5:57:1d:a3:28:dc:8a:
16:62:35:58:54:6a:95:a4:14:86:1e:c7:2a:a1:c4:41:1d:60:
84:4b:ab:c0:70:1a:88:88:c1:12:8a:4f:e4:43:b1:47:74:c6:
64:75:43:c5:19:3d:67:e0:c4:e4:bb:74:74:ac:ed:89:ce:b8:
94:da:9c:86:01:a8:a5:5e:a4:f1:db:0b:be:36:46:e5:5c:83:
05:62:51:4c:3b:9f:27:7a:20:ba:d9:d6:65:11:ca:42:96:ac:
f3:b3:00:ab:5a:29:9b:32:c9:81:77:87:51:54:2d:7b:8c:34:
5b:99:81:3c:19:c9:e1:a2:3d:63:13:d6:04:36:5a:b3:4f:e7:
7c:10:00:15:8a:7a:0b:4e:21:d2:9e:21:ee:80:b7:26:a9:22:
d9:a1:09:df:0b:87:a4:f1:e9:b4:c6:22:dc:52:e1:02:95:da:
93:67:1c:e6:28:b7:b9:0c:c9:d2:5a:63:a7:85:1a:86:b2:14:
03:2b:5f:8a:d7:56:60:d7:e4:17:40:6a:02:18:f3:a9:f8:6d:
4d:e5:1d:35:cc:b7:c6:4a:f4:6b:05:8a:0a:3f:12:6c:92:31:
03:93:58:48
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUDxBt6F/0Z2B7xSarNT+2ga+SUq4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNjA0MjIxNDE3NDhaFw0yNzA0MjExNDIyNDhaMDMxMTAvBgNV
BAMTKEFCMzQzMzlGNTA0OEZFMkZBRTNGQzc3MzgwNDFCQjBGMDlEMkZGMUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvOJvywPbRSk/xEU4NT695P6/n
OqzdUlniGnBOKaq2A/1oWTYlZ7+c4Rme9eNLLyjGcwOd2qE/vN6/VMsVOj4Tn/Pu
QnS8Pp0KQV5bjCH3gr8F5YcBfpXqy9XZe/iWRpbM7/iOaPmdl1Ebfsp1W8EYiAbM
yqy2McnGd6BAplY8dqmnwouI7hKlguCaEndplP3BozmjQ2rKB7C1KzX4BY7Rt1bS
MqpwJho0lS8gPd0vJT6lXOBDj2bEFJIBcRgCdeadIA+dLIYP8U4Rp2TNrnG2W3OT
vYQYc5jOCeKBndAgg8ijumV8SN25ui9oxm862g+CbKTmqMYiCNjhOFFjkN3tAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUqzQzn1BI/i+uP8dzgEG7DwnS/x4wHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzMzY0NjYzMjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzMTM5MzQzNC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoRKcA98jANBgkqhkiG9w0BAQsFAAOCAQEAjdJ6fDEGHcJLfj6Y
ArneD1ZdUUMuRpVpDvrdfx3VVx2jKNyKFmI1WFRqlaQUhh7HKqHEQR1ghEurwHAa
iIjBEopP5EOxR3TGZHVDxRk9Z+DE5Lt0dKztic64lNqchgGopV6k8dsLvjZG5VyD
BWJRTDufJ3ogutnWZRHKQpas87MAq1opmzLJgXeHUVQte4w0W5mBPBnJ4aI9YxPW
BDZas0/nfBAAFYp6C04h0p4h7oC3Jqki2aEJ3wuHpPHptMYi3FLhApXak2cc5ii3
uQzJ0lpjp4UahrIUAytfitdWYNfkF0BqAhjzqfhtTeUdNcy3xkr0awWKCj8SbJIx
A5NYSA==
-----END CERTIFICATE-----
Generated at Mon Apr 27 10:46:31 2026 by rpki-client