Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466363a3a2f34382d3438203d3e20323038343231.roa
File: 326131313a323963303a336466363a3a2f34382d3438203d3e20323038343231.roa (raw, json)
Hash identifier: szMZqNR0LiDzTq4+tMhtJXJ8kpSLZ7JGg/yYq7Wfz74=
Subject key identifier: 84:4D:F4:88:CF:CA:6D:57:7A:5D:0F:6D:B0:1D:23:D5:88:94:14:AA
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 7D7EC5A68ABCC15467143B9020BF8B7FBD2EF0FD
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466363a3a2f34382d3438203d3e20323038343231.roa
Signing time: Wed 22 Apr 2026 14:22:50 +0000
ROA not before: Wed 22 Apr 2026 14:17:50 +0000
ROA not after: Wed 21 Apr 2027 14:22:50 +0000
asID: 208421
IP address blocks: 2a11:29c0:3df6::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 Apr 2026 20:56:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:7e:c5:a6:8a:bc:c1:54:67:14:3b:90:20:bf:8b:7f:bd:2e:f0:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: Apr 22 14:17:50 2026 GMT
Not After : Apr 21 14:22:50 2027 GMT
Subject: CN=844DF488CFCA6D577A5D0F6DB01D23D5889414AA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:b8:ca:b4:9c:2c:0b:47:40:a2:78:c0:36:6b:
45:f4:57:2c:13:a2:fd:c7:e7:b4:07:0b:1e:6b:7a:
11:40:b8:47:f8:1b:92:ee:e5:6b:1f:32:8b:40:73:
c5:81:fc:5d:b7:c2:85:c0:b0:aa:9e:d9:77:c7:67:
20:a3:74:ce:61:c4:38:87:70:6b:52:e6:79:2e:01:
15:8e:0d:1f:e4:0e:7e:43:db:18:24:1f:dd:85:16:
15:c1:24:13:19:32:b2:8b:4a:4a:46:20:36:c8:f1:
78:39:46:1a:31:bf:0c:10:f0:29:78:8f:85:20:32:
b7:7b:98:b6:da:3c:10:2b:71:83:2d:4e:b9:30:8e:
b5:9a:75:fc:db:9a:9a:98:23:c3:30:bd:b3:d9:ef:
a8:ec:46:6b:31:ab:2c:ed:45:da:38:69:6b:3e:10:
08:6c:52:9e:da:b1:f0:36:d6:8c:6c:7e:29:cd:08:
31:82:65:3b:02:c4:1a:c1:bb:35:bb:f5:f9:3b:09:
ea:16:5c:61:52:6d:db:c9:b7:9c:d1:ed:e6:a0:8d:
1d:a8:84:05:65:5a:d4:9c:e7:ca:39:bf:64:84:14:
90:3b:ec:df:85:6c:a0:6a:da:6e:e7:14:71:06:4b:
6c:86:0f:48:40:fc:a0:5d:a5:57:55:18:73:38:fb:
b3:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:4D:F4:88:CF:CA:6D:57:7A:5D:0F:6D:B0:1D:23:D5:88:94:14:AA
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466363a3a2f34382d3438203d3e20323038343231.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:3df6::/48
Signature Algorithm: sha256WithRSAEncryption
4e:c2:c2:eb:d5:66:f8:97:5f:69:6a:86:0b:b3:08:59:a3:96:
a2:40:c6:52:7d:69:56:c3:49:64:83:d6:10:c1:54:48:dc:b5:
81:20:57:bc:cf:00:b3:08:3f:bb:18:3b:78:0a:7c:fa:0a:03:
98:f0:cb:68:a3:ab:d2:5c:a5:5c:ae:16:41:e7:0d:d0:00:e2:
00:4d:cc:61:54:ce:7d:dc:9a:fe:a4:74:98:e4:ba:13:97:21:
6d:3f:73:6d:e8:8a:f3:eb:25:e3:09:ad:73:e4:52:f3:be:02:
8b:04:b7:06:2e:a6:57:ae:8a:c3:ce:78:62:10:90:36:26:03:
36:d8:e7:a8:03:a7:57:91:f4:60:bf:cb:82:a0:e4:b8:c9:dd:
0d:b8:bd:23:aa:bb:18:0d:a9:9a:dc:93:63:d9:b3:9e:93:77:
ac:26:2a:bb:79:44:35:3c:09:aa:a0:ac:99:42:1e:f3:3a:c1:
3f:82:8d:59:fe:19:36:f2:f9:53:51:32:15:5a:18:c9:77:5c:
d4:79:e2:73:f6:ee:86:22:37:e8:7a:34:66:d8:4d:fc:b7:13:
8a:b1:c6:a3:e1:61:1d:65:2c:b9:77:37:cd:a7:1e:69:1a:5c:
20:71:f2:7b:5d:c3:02:8c:75:75:d2:41:b9:b5:37:18:c8:da:
f7:a0:8a:ad
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUfX7Fpoq8wVRnFDuQIL+Lf70u8P0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNjA0MjIxNDE3NTBaFw0yNzA0MjExNDIyNTBaMDMxMTAvBgNV
BAMTKDg0NERGNDg4Q0ZDQTZENTc3QTVEMEY2REIwMUQyM0Q1ODg5NDE0QUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvuMq0nCwLR0CieMA2a0X0VywT
ov3H57QHCx5rehFAuEf4G5Lu5WsfMotAc8WB/F23woXAsKqe2XfHZyCjdM5hxDiH
cGtS5nkuARWODR/kDn5D2xgkH92FFhXBJBMZMrKLSkpGIDbI8Xg5RhoxvwwQ8Cl4
j4UgMrd7mLbaPBArcYMtTrkwjrWadfzbmpqYI8MwvbPZ76jsRmsxqyztRdo4aWs+
EAhsUp7asfA21oxsfinNCDGCZTsCxBrBuzW79fk7CeoWXGFSbdvJt5zR7eagjR2o
hAVlWtSc58o5v2SEFJA77N+FbKBq2m7nFHEGS2yGD0hA/KBdpVdVGHM4+7MfAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUhE30iM/KbVd6XQ9tsB0j1YiUFKowHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzMzY0NjYzNjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAzODM0MzIzMS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoRKcA99jANBgkqhkiG9w0BAQsFAAOCAQEATsLC69Vm+JdfaWqG
C7MIWaOWokDGUn1pVsNJZIPWEMFUSNy1gSBXvM8Aswg/uxg7eAp8+goDmPDLaKOr
0lylXK4WQecN0ADiAE3MYVTOfdya/qR0mOS6E5chbT9zbeiK8+sl4wmtc+RS874C
iwS3Bi6mV66Kw854YhCQNiYDNtjnqAOnV5H0YL/LgqDkuMndDbi9I6q7GA2pmtyT
Y9mznpN3rCYqu3lENTwJqqCsmUIe8zrBP4KNWf4ZNvL5U1EyFVoYyXdc1Hnic/bu
hiI36Ho0ZthN/LcTirHGo+FhHWUsuXc3zaceaRpcIHHye13DAox1ddJBubU3GMja
96CKrQ==
-----END CERTIFICATE-----
Generated at Mon Apr 27 10:46:04 2026 by rpki-client