Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466383a3a2f34382d3438203d3e20323038373439.roa
File: 326131313a323963303a336466383a3a2f34382d3438203d3e20323038373439.roa (raw, json)
Hash identifier: HLvnoR0zcT9uqGobW4qOAzd2f834dT5s5Bb1sC/kJEI=
Subject key identifier: 75:1B:EC:75:93:8D:3E:DB:94:87:4B:E7:B8:55:93:62:30:60:AF:21
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 7039935FCF4D06C8F093A076E7DC24AECF3605BD
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466383a3a2f34382d3438203d3e20323038373439.roa
Signing time: Wed 22 Apr 2026 14:22:47 +0000
ROA not before: Wed 22 Apr 2026 14:17:47 +0000
ROA not after: Wed 21 Apr 2027 14:22:47 +0000
asID: 208749
IP address blocks: 2a11:29c0:3df8::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 Apr 2026 20:56:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:39:93:5f:cf:4d:06:c8:f0:93:a0:76:e7:dc:24:ae:cf:36:05:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: Apr 22 14:17:47 2026 GMT
Not After : Apr 21 14:22:47 2027 GMT
Subject: CN=751BEC75938D3EDB94874BE7B85593623060AF21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:e8:ab:a7:40:26:64:c1:af:95:49:20:e2:16:
21:b4:0a:aa:94:e2:4a:dc:f0:de:57:3d:00:87:0e:
9f:c6:7c:ab:60:60:ec:a6:01:43:d9:a2:11:a3:5d:
e1:8f:94:28:78:97:eb:e2:9b:dc:fe:4e:e4:08:a6:
23:37:2d:b6:62:7c:98:c1:70:7d:68:f1:7b:88:f1:
1f:e2:dd:e7:04:58:2d:85:ca:91:1c:43:d0:30:fb:
3a:c3:5b:74:7e:71:0e:7a:c1:d7:45:06:36:3a:49:
52:d2:4e:eb:fb:51:c3:2d:b7:cb:e9:b1:24:10:24:
78:c5:f5:5c:28:c9:2d:40:ed:58:96:3c:11:88:f2:
0d:59:7f:db:e0:da:6e:2f:f4:58:ca:b4:41:c0:e9:
31:1a:0a:36:8d:57:5b:c8:4a:a5:8a:4a:bd:08:24:
d7:d0:d9:46:da:e0:0f:64:51:b9:8f:27:4f:9d:b9:
d8:d4:5f:83:3f:d5:88:c5:3e:d9:08:ec:3c:d4:97:
73:df:29:1f:27:22:03:9f:e7:79:6e:0e:47:10:9d:
0e:e8:d3:f2:50:e5:77:61:43:e1:12:1a:c6:12:ff:
98:ad:34:a9:59:45:fc:b0:02:10:ef:f1:b1:c1:84:
f5:eb:de:49:47:5c:1e:11:b3:7e:e3:51:4f:8d:d0:
0e:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:1B:EC:75:93:8D:3E:DB:94:87:4B:E7:B8:55:93:62:30:60:AF:21
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466383a3a2f34382d3438203d3e20323038373439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:3df8::/48
Signature Algorithm: sha256WithRSAEncryption
45:5e:fb:29:64:13:8a:db:5a:0a:6d:ea:11:05:7b:9d:df:0e:
7e:77:3c:7a:f8:a4:c9:61:34:f8:d4:2e:9e:79:e9:47:70:c1:
80:eb:0f:c3:15:9b:71:e8:0b:01:93:19:8f:0f:32:94:e3:42:
bf:f9:7f:ac:6c:95:2a:20:69:03:63:2f:c9:45:21:df:3f:e6:
28:00:93:0e:ea:f9:11:33:59:57:49:ab:83:3d:60:16:c9:21:
b3:ee:a9:10:2d:9f:43:15:fa:bc:69:8b:62:09:40:2e:78:aa:
d1:f3:ea:b3:3d:fe:62:6e:2d:44:b7:dd:45:28:87:81:0e:81:
e6:1f:96:f6:5f:b0:63:37:16:57:ce:e0:9d:ff:96:e1:08:45:
b5:66:53:4e:f0:75:db:72:69:b5:50:b4:e6:f4:d0:29:20:69:
65:cc:22:82:7a:e3:47:55:cd:3e:a3:d7:c3:7f:ab:08:bf:8a:
e4:de:33:13:a2:8d:a9:80:bf:94:1a:28:01:46:5c:1b:df:a6:
84:87:e9:43:0f:f5:4b:0c:60:c0:34:fc:8b:ba:d6:2f:5f:48:
a8:13:7f:51:51:6d:24:a5:71:76:95:60:e1:41:2b:3f:2e:84:
e4:a0:f3:08:7a:33:59:cd:ef:d2:23:fd:b9:a5:60:69:ff:f6:
ac:8f:2f:94
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUcDmTX89NBsjwk6B259wkrs82Bb0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNjA0MjIxNDE3NDdaFw0yNzA0MjExNDIyNDdaMDMxMTAvBgNV
BAMTKDc1MUJFQzc1OTM4RDNFREI5NDg3NEJFN0I4NTU5MzYyMzA2MEFGMjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJ6KunQCZkwa+VSSDiFiG0CqqU
4krc8N5XPQCHDp/GfKtgYOymAUPZohGjXeGPlCh4l+vim9z+TuQIpiM3LbZifJjB
cH1o8XuI8R/i3ecEWC2FypEcQ9Aw+zrDW3R+cQ56wddFBjY6SVLSTuv7UcMtt8vp
sSQQJHjF9VwoyS1A7ViWPBGI8g1Zf9vg2m4v9FjKtEHA6TEaCjaNV1vISqWKSr0I
JNfQ2Uba4A9kUbmPJ0+dudjUX4M/1YjFPtkI7DzUl3PfKR8nIgOf53luDkcQnQ7o
0/JQ5XdhQ+ESGsYS/5itNKlZRfywAhDv8bHBhPXr3klHXB4Rs37jUU+N0A4dAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUdRvsdZONPtuUh0vnuFWTYjBgryEwHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzMzY0NjYzODNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAzODM3MzQzOS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoRKcA9+DANBgkqhkiG9w0BAQsFAAOCAQEARV77KWQTittaCm3q
EQV7nd8Ofnc8evikyWE0+NQunnnpR3DBgOsPwxWbcegLAZMZjw8ylONCv/l/rGyV
KiBpA2MvyUUh3z/mKACTDur5ETNZV0mrgz1gFskhs+6pEC2fQxX6vGmLYglALniq
0fPqsz3+Ym4tRLfdRSiHgQ6B5h+W9l+wYzcWV87gnf+W4QhFtWZTTvB123JptVC0
5vTQKSBpZcwignrjR1XNPqPXw3+rCL+K5N4zE6KNqYC/lBooAUZcG9+mhIfpQw/1
SwxgwDT8i7rWL19IqBN/UVFtJKVxdpVg4UErPy6E5KDzCHozWc3v0iP9uaVgaf/2
rI8vlA==
-----END CERTIFICATE-----
Generated at Mon Apr 27 10:46:33 2026 by rpki-client