Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466373a3a2f34382d3438203d3e20323038343731.roa
File: 326131313a323963303a336466373a3a2f34382d3438203d3e20323038343731.roa (raw, json)
Hash identifier: KoBAIj+gM9KIuT0hVc6Sk4TSDdaeI5oTo1wJhnLpems=
Subject key identifier: 74:61:3C:70:73:2B:9D:3A:A7:BB:0B:64:1D:94:13:4E:87:1E:76:AC
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 3E6BEFEBD184E30DA404E4CB0CDC449B2F04FC0C
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466373a3a2f34382d3438203d3e20323038343731.roa
Signing time: Wed 22 Apr 2026 14:22:48 +0000
ROA not before: Wed 22 Apr 2026 14:17:48 +0000
ROA not after: Wed 21 Apr 2027 14:22:48 +0000
asID: 208471
IP address blocks: 2a11:29c0:3df7::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 Apr 2026 20:56:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:6b:ef:eb:d1:84:e3:0d:a4:04:e4:cb:0c:dc:44:9b:2f:04:fc:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: Apr 22 14:17:48 2026 GMT
Not After : Apr 21 14:22:48 2027 GMT
Subject: CN=74613C70732B9D3AA7BB0B641D94134E871E76AC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:4f:ab:a6:dc:fc:86:39:6a:ab:6a:26:4d:16:
ec:9a:28:fd:e9:fb:c9:25:df:49:d4:55:ed:01:4a:
0d:2d:a3:3a:af:21:08:59:44:ea:c8:cb:02:64:61:
dd:5b:a2:1d:e5:b5:06:d7:f6:d6:1e:30:15:23:a1:
a6:b5:dd:1a:2e:ed:d2:fc:81:2b:13:09:06:e0:d7:
88:28:59:33:0c:41:f4:9f:58:d2:9c:d6:b9:5f:ad:
2d:66:b5:59:80:23:0f:56:d8:95:97:33:b1:42:8f:
ff:01:38:0f:d2:5c:c2:25:d3:c6:3e:a2:59:bc:40:
1e:13:fc:9b:e4:17:ce:7f:d8:cf:54:a8:41:13:b0:
d5:7d:84:17:5e:52:7c:da:02:86:c6:50:80:45:a4:
9a:0c:71:b2:09:3b:04:f1:70:09:39:50:cf:6b:03:
dd:9a:4b:54:cc:1f:18:9a:11:dc:0b:aa:a5:b0:ea:
09:25:e1:72:99:a3:fc:73:78:f1:ac:3f:0f:ea:fa:
db:f4:8f:76:d5:81:82:a5:b9:28:40:b3:40:94:26:
2b:46:e0:d8:60:2f:11:49:0d:6b:5e:52:4a:69:b3:
4b:99:54:b2:c6:78:e8:df:55:27:f4:b2:92:d4:93:
8d:a7:77:d4:8e:46:ba:64:78:1e:ba:89:92:f5:28:
3d:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:61:3C:70:73:2B:9D:3A:A7:BB:0B:64:1D:94:13:4E:87:1E:76:AC
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466373a3a2f34382d3438203d3e20323038343731.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:3df7::/48
Signature Algorithm: sha256WithRSAEncryption
60:90:b9:46:78:e1:14:0e:ff:74:17:f8:a6:0c:1c:71:7a:b7:
57:65:34:82:96:4d:4b:59:f8:99:44:9b:f1:39:37:90:13:c5:
21:08:23:8e:25:23:ec:66:23:9c:c8:d2:f3:86:ba:0b:49:ba:
23:4a:4a:c6:a5:a1:10:8c:4a:60:56:a5:96:71:f2:ab:64:03:
a0:c9:55:6f:c4:07:18:c9:9d:1e:e3:a7:70:14:21:43:c3:0b:
bb:81:68:e9:66:3b:af:ad:0b:c0:7d:a2:b9:32:eb:59:c9:fb:
4f:d4:ff:33:13:43:f7:c1:eb:90:55:d2:18:0e:16:39:8d:a7:
88:cc:10:16:ad:05:cb:16:b4:5c:47:4f:26:67:55:c1:cf:e2:
44:8e:94:a5:7f:ba:ce:26:c3:c9:42:6b:c9:20:0b:31:a4:0c:
e6:71:d5:d6:fe:dd:01:71:c0:a2:d8:da:4e:bc:cc:dc:e0:93:
d8:d2:80:1d:ba:59:25:65:0b:30:5e:c4:44:1b:f7:48:20:ff:
48:8b:53:c0:11:71:a5:29:ee:7e:fb:27:42:8b:32:f4:6e:b2:
c6:a5:da:ac:59:af:6e:43:9f:71:87:15:c5:d5:b6:fa:81:c8:
32:a3:b1:cb:ea:4c:2e:a3:97:01:3a:3c:43:0d:80:4f:6b:0d:
ca:30:da:b6
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUPmvv69GE4w2kBOTLDNxEmy8E/AwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNjA0MjIxNDE3NDhaFw0yNzA0MjExNDIyNDhaMDMxMTAvBgNV
BAMTKDc0NjEzQzcwNzMyQjlEM0FBN0JCMEI2NDFEOTQxMzRFODcxRTc2QUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKT6um3PyGOWqraiZNFuyaKP3p
+8kl30nUVe0BSg0tozqvIQhZROrIywJkYd1boh3ltQbX9tYeMBUjoaa13Rou7dL8
gSsTCQbg14goWTMMQfSfWNKc1rlfrS1mtVmAIw9W2JWXM7FCj/8BOA/SXMIl08Y+
olm8QB4T/JvkF85/2M9UqEETsNV9hBdeUnzaAobGUIBFpJoMcbIJOwTxcAk5UM9r
A92aS1TMHxiaEdwLqqWw6gkl4XKZo/xzePGsPw/q+tv0j3bVgYKluShAs0CUJitG
4NhgLxFJDWteUkpps0uZVLLGeOjfVSf0spLUk42nd9SORrpkeB66iZL1KD0lAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUdGE8cHMrnTqnuwtkHZQTTocedqwwHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzMzY0NjYzNzNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAzODM0MzczMS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoRKcA99zANBgkqhkiG9w0BAQsFAAOCAQEAYJC5RnjhFA7/dBf4
pgwccXq3V2U0gpZNS1n4mUSb8Tk3kBPFIQgjjiUj7GYjnMjS84a6C0m6I0pKxqWh
EIxKYFallnHyq2QDoMlVb8QHGMmdHuOncBQhQ8MLu4Fo6WY7r60LwH2iuTLrWcn7
T9T/MxND98HrkFXSGA4WOY2niMwQFq0Fyxa0XEdPJmdVwc/iRI6UpX+6zibDyUJr
ySALMaQM5nHV1v7dAXHAotjaTrzM3OCT2NKAHbpZJWULMF7ERBv3SCD/SItTwBFx
pSnufvsnQosy9G6yxqXarFmvbkOfcYcVxdW2+oHIMqOxy+pMLqOXATo8Qw2AT2sN
yjDatg==
-----END CERTIFICATE-----
Generated at Mon Apr 27 12:03:31 2026 by rpki-client