Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466393a3a2f34382d3438203d3e20323038373731.roa
File: 326131313a323963303a336466393a3a2f34382d3438203d3e20323038373731.roa (raw, json)
Hash identifier: E+Ym+GnKBZcbAMCfI+LMJVjaE7sdKcY+Hao/dEergg0=
Subject key identifier: BD:95:A2:C8:44:B1:43:6B:2D:0D:12:7A:64:62:C0:09:9D:56:E1:AB
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 3A8749FC0F8A900F4E74800F73FAE941CFFBA6A9
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466393a3a2f34382d3438203d3e20323038373731.roa
Signing time: Wed 22 Apr 2026 14:22:49 +0000
ROA not before: Wed 22 Apr 2026 14:17:49 +0000
ROA not after: Wed 21 Apr 2027 14:22:49 +0000
asID: 208771
IP address blocks: 2a11:29c0:3df9::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 Apr 2026 20:56:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:87:49:fc:0f:8a:90:0f:4e:74:80:0f:73:fa:e9:41:cf:fb:a6:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: Apr 22 14:17:49 2026 GMT
Not After : Apr 21 14:22:49 2027 GMT
Subject: CN=BD95A2C844B1436B2D0D127A6462C0099D56E1AB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:6a:cf:0e:91:e2:b1:38:d4:95:b8:19:a7:de:
8e:0f:f0:e7:a8:16:7d:ae:7e:7f:df:f6:8a:e1:82:
6d:42:ec:f3:07:69:32:e4:c5:5f:1d:2b:30:54:57:
70:db:fa:2a:67:4d:4b:df:6b:20:b6:82:c9:7f:64:
b5:77:55:f1:0c:54:c1:49:1b:32:f1:f5:ab:ec:a8:
23:75:4e:c6:3a:92:28:5c:be:0f:96:71:e6:e2:6e:
e9:5d:d8:e5:a8:4c:42:cf:f6:5f:59:16:d5:8b:9a:
37:13:d1:56:4f:3f:be:f6:b2:97:55:ad:b6:7a:e5:
a2:1f:c8:e7:cd:be:c0:b3:a1:6c:bd:c8:ec:b1:e2:
87:6e:26:e2:2d:d8:7e:10:29:8b:cd:65:52:54:1f:
ba:4d:a3:7d:3c:89:04:78:83:f2:3b:42:30:e4:a5:
18:94:01:ef:4a:a0:9e:c6:ac:73:b3:2b:3d:a8:6a:
40:61:d8:57:47:55:7e:5b:f5:d0:28:4b:e7:dc:1d:
d4:a0:cc:0d:4b:63:c3:61:8a:60:20:19:18:47:0a:
c5:b7:59:b3:9e:22:1e:a1:20:34:79:73:bb:80:40:
f8:f6:ae:14:72:b8:f6:81:57:bf:ec:13:41:ca:6e:
d4:27:d8:ba:1e:65:b2:bf:4e:0d:65:c6:5c:9c:30:
2b:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:95:A2:C8:44:B1:43:6B:2D:0D:12:7A:64:62:C0:09:9D:56:E1:AB
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466393a3a2f34382d3438203d3e20323038373731.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:3df9::/48
Signature Algorithm: sha256WithRSAEncryption
75:c2:a3:5a:18:06:78:9a:e8:93:37:84:f9:9d:fd:05:13:3c:
c6:45:9c:5c:9c:bd:b9:f5:5e:82:fc:b1:82:e1:ef:1d:c9:b3:
fa:37:b8:de:66:5d:bd:01:45:bf:14:a4:db:44:d2:24:06:53:
bd:c3:7c:79:51:99:3b:f0:77:93:6b:c8:2d:b1:ed:cd:5c:bd:
cd:af:7b:ac:4b:b6:d3:a6:db:59:54:e7:06:6d:db:20:da:7e:
f7:7b:16:d5:48:f9:ca:ab:b0:40:c6:ab:08:c6:01:b4:75:98:
fe:4f:ea:46:7c:f2:de:b3:d2:02:d3:4c:27:5c:e9:80:cc:b0:
ad:5d:e4:f9:0e:3a:d5:05:f3:8b:63:68:62:d1:6b:84:43:54:
8b:f1:e0:57:a8:a2:53:1f:f6:a3:bb:19:ba:d8:43:d0:bc:e9:
56:bf:61:0a:b2:20:f2:23:11:1f:51:f5:f1:82:bc:48:7f:af:
ab:e9:f1:97:bf:20:5b:31:f0:07:b1:ac:df:f7:b7:d8:5d:53:
56:54:c7:c9:30:c3:c8:bc:06:70:72:b0:c6:42:3d:2b:de:19:
47:6a:fa:38:2e:4d:9e:98:8f:0e:66:56:40:6d:68:9d:6e:ec:
18:86:ea:7d:d9:63:e4:b4:f6:cb:b0:b6:92:16:5c:cf:d4:0f:
85:56:3c:f0
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUOodJ/A+KkA9OdIAPc/rpQc/7pqkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNjA0MjIxNDE3NDlaFw0yNzA0MjExNDIyNDlaMDMxMTAvBgNV
BAMTKEJEOTVBMkM4NDRCMTQzNkIyRDBEMTI3QTY0NjJDMDA5OUQ1NkUxQUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGas8OkeKxONSVuBmn3o4P8Oeo
Fn2ufn/f9orhgm1C7PMHaTLkxV8dKzBUV3Db+ipnTUvfayC2gsl/ZLV3VfEMVMFJ
GzLx9avsqCN1TsY6kihcvg+Wcebibuld2OWoTELP9l9ZFtWLmjcT0VZPP772spdV
rbZ65aIfyOfNvsCzoWy9yOyx4oduJuIt2H4QKYvNZVJUH7pNo308iQR4g/I7QjDk
pRiUAe9KoJ7GrHOzKz2oakBh2FdHVX5b9dAoS+fcHdSgzA1LY8NhimAgGRhHCsW3
WbOeIh6hIDR5c7uAQPj2rhRyuPaBV7/sE0HKbtQn2LoeZbK/Tg1lxlycMCsbAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUvZWiyESxQ2stDRJ6ZGLACZ1W4aswHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzMzY0NjYzOTNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAzODM3MzczMS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoRKcA9+TANBgkqhkiG9w0BAQsFAAOCAQEAdcKjWhgGeJrokzeE
+Z39BRM8xkWcXJy9ufVegvyxguHvHcmz+je43mZdvQFFvxSk20TSJAZTvcN8eVGZ
O/B3k2vILbHtzVy9za97rEu206bbWVTnBm3bINp+93sW1Uj5yquwQMarCMYBtHWY
/k/qRnzy3rPSAtNMJ1zpgMywrV3k+Q461QXzi2NoYtFrhENUi/HgV6iiUx/2o7sZ
uthD0LzpVr9hCrIg8iMRH1H18YK8SH+vq+nxl78gWzHwB7Gs3/e32F1TVlTHyTDD
yLwGcHKwxkI9K94ZR2r6OC5NnpiPDmZWQG1onW7sGIbqfdlj5LT2y7C2khZcz9QP
hVY88A==
-----END CERTIFICATE-----
Generated at Mon Apr 27 11:59:30 2026 by rpki-client