Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466333a3a2f34382d3438203d3e20323131383931.roa
File: 326131313a323963303a336466333a3a2f34382d3438203d3e20323131383931.roa (raw, json)
Hash identifier: XbZGg8HunyttK+1LUZKPiYcbcsFPuI39sTz+RzNAioM=
Subject key identifier: 8C:A6:4A:F4:22:7B:98:A5:E3:7A:08:6C:8B:4B:74:4F:C3:92:B6:CD
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 033820F5F09B42DCD6F3EC7A87411268A72192E1
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466333a3a2f34382d3438203d3e20323131383931.roa
Signing time: Wed 22 Apr 2026 14:22:49 +0000
ROA not before: Wed 22 Apr 2026 14:17:49 +0000
ROA not after: Wed 21 Apr 2027 14:22:49 +0000
asID: 211891
IP address blocks: 2a11:29c0:3df3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 Apr 2026 20:56:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:38:20:f5:f0:9b:42:dc:d6:f3:ec:7a:87:41:12:68:a7:21:92:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: Apr 22 14:17:49 2026 GMT
Not After : Apr 21 14:22:49 2027 GMT
Subject: CN=8CA64AF4227B98A5E37A086C8B4B744FC392B6CD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:18:32:5e:f5:a2:f3:43:62:46:60:6a:a1:56:
f5:b2:9f:93:c5:77:d6:38:be:0d:48:76:62:1b:75:
d1:c8:ce:c9:29:20:c9:24:6c:b2:4f:27:ed:5b:aa:
7a:b0:49:97:cc:fc:43:f7:48:43:ac:ab:e8:c0:09:
3a:30:cb:2a:c5:b6:98:84:06:af:0a:ce:ac:79:b2:
db:8a:32:df:ba:eb:51:d8:66:1d:3a:7a:be:e5:55:
24:d0:02:c6:91:1e:a3:c7:1f:62:a0:d1:a7:5c:c1:
21:8c:1f:8a:00:39:f4:1c:d6:42:c5:9a:1b:e6:e6:
c8:82:1a:b5:bf:4e:ab:0d:e0:b4:2a:19:0f:b2:09:
5b:f4:79:04:8d:5b:7d:9b:8d:37:21:f8:1e:ee:38:
06:17:2f:aa:ab:bf:c1:14:b7:a7:6e:e1:3d:a5:5b:
20:4e:dd:70:ac:ca:26:21:dc:70:94:a7:25:8b:de:
e7:7b:4c:72:1f:fc:ef:a6:74:06:bc:aa:c1:50:1f:
24:a1:53:95:0d:90:a3:6c:a6:71:5f:2f:32:0d:55:
88:1d:f1:57:d3:80:87:ea:18:c7:92:c7:c2:a6:ff:
4d:83:e8:6c:19:69:23:8a:42:39:9f:95:49:1a:d9:
87:ec:0b:10:f4:da:99:72:21:b0:2e:20:0c:e0:85:
83:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:A6:4A:F4:22:7B:98:A5:E3:7A:08:6C:8B:4B:74:4F:C3:92:B6:CD
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466333a3a2f34382d3438203d3e20323131383931.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:3df3::/48
Signature Algorithm: sha256WithRSAEncryption
95:43:4f:47:a1:26:76:38:2b:7e:db:10:57:d2:14:8a:a3:5a:
0f:06:e0:96:ee:ef:49:8f:c5:2b:ee:cb:2c:f9:5a:d4:55:99:
f0:fe:83:71:f6:fb:63:37:80:46:5a:bf:ed:80:55:ee:03:94:
6b:5f:df:2d:73:37:c2:77:94:67:db:ce:9f:11:5b:23:c1:d0:
b6:b5:ea:c0:42:53:de:08:17:1c:d6:fd:04:43:0f:ac:cb:e7:
0a:9a:26:da:1e:cd:34:b8:32:0b:aa:5a:30:26:7d:03:89:19:
50:e4:14:ee:22:97:51:32:51:73:ca:1a:20:f7:74:b4:28:4a:
98:85:8a:20:1b:54:c1:8d:fd:16:5d:e5:1c:fa:e1:3d:f9:76:
d2:52:61:1a:a7:85:af:be:fb:ce:70:22:9e:b2:5a:4b:c0:d5:
26:d6:27:d8:87:7e:e3:7c:20:38:16:20:ec:01:15:28:af:5c:
9e:9f:d8:9d:d5:7e:db:78:88:bd:9b:87:62:90:48:ea:f7:64:
ae:b7:87:fc:47:92:3a:01:82:42:45:a7:44:72:25:33:64:80:
55:e3:00:91:02:9b:e8:ea:7c:7d:6f:b8:00:15:43:20:f2:89:
81:09:84:45:cf:af:de:80:5c:fc:9e:9f:4c:cf:28:9b:22:90:
43:ec:cd:9f
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUAzgg9fCbQtzW8+x6h0ESaKchkuEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNjA0MjIxNDE3NDlaFw0yNzA0MjExNDIyNDlaMDMxMTAvBgNV
BAMTKDhDQTY0QUY0MjI3Qjk4QTVFMzdBMDg2QzhCNEI3NDRGQzM5MkI2Q0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEGDJe9aLzQ2JGYGqhVvWyn5PF
d9Y4vg1IdmIbddHIzskpIMkkbLJPJ+1bqnqwSZfM/EP3SEOsq+jACTowyyrFtpiE
Bq8Kzqx5stuKMt+661HYZh06er7lVSTQAsaRHqPHH2Kg0adcwSGMH4oAOfQc1kLF
mhvm5siCGrW/TqsN4LQqGQ+yCVv0eQSNW32bjTch+B7uOAYXL6qrv8EUt6du4T2l
WyBO3XCsyiYh3HCUpyWL3ud7THIf/O+mdAa8qsFQHyShU5UNkKNspnFfLzINVYgd
8VfTgIfqGMeSx8Km/02D6GwZaSOKQjmflUka2YfsCxD02plyIbAuIAzghYPvAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUjKZK9CJ7mKXjeghsi0t0T8OSts0wHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzMzY0NjYzMzNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzMTM4MzkzMS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoRKcA98zANBgkqhkiG9w0BAQsFAAOCAQEAlUNPR6EmdjgrftsQ
V9IUiqNaDwbglu7vSY/FK+7LLPla1FWZ8P6Dcfb7YzeARlq/7YBV7gOUa1/fLXM3
wneUZ9vOnxFbI8HQtrXqwEJT3ggXHNb9BEMPrMvnCpom2h7NNLgyC6paMCZ9A4kZ
UOQU7iKXUTJRc8oaIPd0tChKmIWKIBtUwY39Fl3lHPrhPfl20lJhGqeFr777znAi
nrJaS8DVJtYn2Id+43wgOBYg7AEVKK9cnp/YndV+23iIvZuHYpBI6vdkrreH/EeS
OgGCQkWnRHIlM2SAVeMAkQKb6Op8fW+4ABVDIPKJgQmERc+v3oBc/J6fTM8omyKQ
Q+zNnw==
-----END CERTIFICATE-----
Generated at Mon Apr 27 10:46:30 2026 by rpki-client