Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466343a3a2f34382d3438203d3e20323130333434.roa
File: 326131313a323963303a336466343a3a2f34382d3438203d3e20323130333434.roa (raw, json)
Hash identifier: bhYdubSuZpr2juE8qjdMiUMSntlMJkspZlHnzl5CiHc=
Subject key identifier: C5:B6:21:DC:FE:53:29:F8:BE:92:BE:A9:CE:CA:35:67:90:A3:28:D7
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 067FCB683E6DE16F3D53817DF8048AC417A8B062
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466343a3a2f34382d3438203d3e20323130333434.roa
Signing time: Wed 22 Apr 2026 14:22:50 +0000
ROA not before: Wed 22 Apr 2026 14:17:50 +0000
ROA not after: Wed 21 Apr 2027 14:22:50 +0000
asID: 210344
IP address blocks: 2a11:29c0:3df4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 Apr 2026 20:56:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:7f:cb:68:3e:6d:e1:6f:3d:53:81:7d:f8:04:8a:c4:17:a8:b0:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: Apr 22 14:17:50 2026 GMT
Not After : Apr 21 14:22:50 2027 GMT
Subject: CN=C5B621DCFE5329F8BE92BEA9CECA356790A328D7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:c2:5e:64:6a:1a:03:1d:c0:f5:f5:54:db:9f:
42:67:f1:e2:5c:0f:04:82:d2:8a:e6:f1:02:60:1d:
d1:f3:69:c9:96:9d:8d:44:5f:81:c2:28:1a:e3:f2:
ac:3b:2d:e5:00:d9:77:b6:3f:69:7d:78:60:3a:aa:
18:84:dd:b4:c9:b6:bc:43:dd:0e:c3:73:3c:69:00:
be:0d:af:fb:f6:5f:6a:c2:4f:d6:b9:c6:95:09:b4:
09:4b:0c:45:0f:e9:04:95:24:db:6a:34:d3:9b:e3:
ac:8a:1e:71:6a:0a:d3:64:33:24:83:e4:d4:14:5a:
d5:20:73:21:91:35:f9:75:39:af:c5:b2:e7:41:7a:
9d:5e:03:3d:fe:5a:f6:6a:ca:3a:47:8e:b5:36:de:
ab:46:f6:c7:59:7b:f1:fc:30:c4:a0:30:9a:22:a3:
b3:69:7d:16:b6:67:0f:d1:30:b3:74:17:c4:30:1d:
87:81:4b:bf:d3:fb:f0:23:d0:6e:46:96:c1:4d:b6:
e7:38:f7:93:5b:13:4a:3d:e1:d6:a2:29:c3:89:2a:
7b:11:c3:2c:75:bc:e0:ec:19:ea:81:40:75:bf:ca:
58:48:61:3f:72:9d:56:91:97:a7:6f:57:12:a6:30:
ec:42:8a:b6:aa:0d:e0:10:dd:ec:a7:3f:b7:0e:29:
7b:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:B6:21:DC:FE:53:29:F8:BE:92:BE:A9:CE:CA:35:67:90:A3:28:D7
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466343a3a2f34382d3438203d3e20323130333434.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:3df4::/48
Signature Algorithm: sha256WithRSAEncryption
8d:eb:d8:b5:30:f3:8e:9d:2e:2d:ff:88:32:64:3e:cf:02:fb:
24:ef:f6:42:0d:8b:ae:b9:dc:8b:0d:58:94:9a:ee:20:02:f6:
f4:44:2e:58:82:34:7c:a8:e2:92:c5:cb:5c:6d:61:39:cc:a8:
c7:ce:a8:15:eb:b9:c7:21:4f:42:47:5b:51:8c:d3:c2:7b:b6:
57:0d:55:d3:50:2f:99:4e:20:77:34:14:c3:b6:f5:8c:f6:18:
9a:4c:32:79:f7:98:2d:06:6e:39:cd:87:e3:2e:6f:72:6f:29:
a2:38:97:f2:8e:54:d3:1b:e3:d4:84:41:e0:f0:09:fc:e4:05:
9c:20:96:f5:d2:df:9b:8e:54:f6:d8:36:81:f6:d3:72:ce:79:
ed:d7:e6:20:10:2e:0e:24:3c:8b:85:7f:02:57:47:40:32:42:
8f:ff:28:fd:a7:00:c1:0f:92:2b:76:eb:33:42:3a:ff:c2:dc:
b4:82:ab:31:21:2b:9f:e0:ae:a1:35:21:78:c0:ea:31:12:9c:
73:af:ed:93:e1:08:5f:11:bc:ac:74:8d:ff:87:4f:cf:b4:6c:
12:4b:d5:44:ff:3b:58:dd:94:86:df:c6:4a:41:8e:c7:c6:85:
bc:c0:0f:56:2c:c0:80:63:f1:28:55:52:11:be:1f:9b:07:98:
11:b8:9d:1e
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUBn/LaD5t4W89U4F9+ASKxBeosGIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNjA0MjIxNDE3NTBaFw0yNzA0MjExNDIyNTBaMDMxMTAvBgNV
BAMTKEM1QjYyMURDRkU1MzI5RjhCRTkyQkVBOUNFQ0EzNTY3OTBBMzI4RDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCawl5kahoDHcD19VTbn0Jn8eJc
DwSC0orm8QJgHdHzacmWnY1EX4HCKBrj8qw7LeUA2Xe2P2l9eGA6qhiE3bTJtrxD
3Q7DczxpAL4Nr/v2X2rCT9a5xpUJtAlLDEUP6QSVJNtqNNOb46yKHnFqCtNkMySD
5NQUWtUgcyGRNfl1Oa/FsudBep1eAz3+WvZqyjpHjrU23qtG9sdZe/H8MMSgMJoi
o7NpfRa2Zw/RMLN0F8QwHYeBS7/T+/Aj0G5GlsFNtuc495NbE0o94daiKcOJKnsR
wyx1vODsGeqBQHW/ylhIYT9ynVaRl6dvVxKmMOxCiraqDeAQ3eynP7cOKXuXAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUxbYh3P5TKfi+kr6pzso1Z5CjKNcwHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzMzY0NjYzNDNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzMDMzMzQzNC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoRKcA99DANBgkqhkiG9w0BAQsFAAOCAQEAjevYtTDzjp0uLf+I
MmQ+zwL7JO/2Qg2Lrrnciw1YlJruIAL29EQuWII0fKjiksXLXG1hOcyox86oFeu5
xyFPQkdbUYzTwnu2Vw1V01AvmU4gdzQUw7b1jPYYmkwyefeYLQZuOc2H4y5vcm8p
ojiX8o5U0xvj1IRB4PAJ/OQFnCCW9dLfm45U9tg2gfbTcs557dfmIBAuDiQ8i4V/
AldHQDJCj/8o/acAwQ+SK3brM0I6/8LctIKrMSErn+CuoTUheMDqMRKcc6/tk+EI
XxG8rHSN/4dPz7RsEkvVRP87WN2Uht/GSkGOx8aFvMAPVizAgGPxKFVSEb4fmweY
EbidHg==
-----END CERTIFICATE-----
Generated at Mon Apr 27 10:46:34 2026 by rpki-client