Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466613a3a2f34382d3438203d3e20323038383530.roa
File: 326131313a323963303a336466613a3a2f34382d3438203d3e20323038383530.roa (raw, json)
Hash identifier: NCRLl1cOoqICx7jkkTeQ6/6VgbrjTCXKf2ak543L3ec=
Subject key identifier: A5:F2:32:37:52:9B:74:3B:85:6F:06:0A:BC:F4:CF:72:C1:C8:24:37
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 33A84CD40AC2818E738EC2D8D84590BCEF6E2587
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466613a3a2f34382d3438203d3e20323038383530.roa
Signing time: Wed 22 Apr 2026 14:22:49 +0000
ROA not before: Wed 22 Apr 2026 14:17:49 +0000
ROA not after: Wed 21 Apr 2027 14:22:49 +0000
asID: 208850
IP address blocks: 2a11:29c0:3dfa::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 Apr 2026 20:56:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:a8:4c:d4:0a:c2:81:8e:73:8e:c2:d8:d8:45:90:bc:ef:6e:25:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: Apr 22 14:17:49 2026 GMT
Not After : Apr 21 14:22:49 2027 GMT
Subject: CN=A5F23237529B743B856F060ABCF4CF72C1C82437
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:ee:24:c1:94:dc:ec:30:92:dd:2d:f8:4e:bc:
37:ca:8f:85:e7:4c:4e:95:d6:59:21:d0:fc:70:c3:
02:ec:8f:93:f5:10:eb:67:66:26:69:79:50:3d:d2:
5e:9e:e8:2d:30:b7:9b:dd:6d:91:ea:1f:07:1e:44:
e1:ff:1a:d3:12:5e:c4:ea:6a:65:6c:ea:7b:80:b4:
0d:87:22:6a:39:51:c4:6c:e4:1a:0b:02:97:39:d1:
db:68:43:f0:e2:f7:d0:f7:f3:b0:b7:6c:25:28:10:
a2:97:a8:eb:9c:ef:0b:43:67:fb:17:02:03:96:13:
21:98:d5:eb:5e:62:3a:64:26:d4:7d:b0:a5:d1:e8:
f0:94:44:5b:23:01:52:0e:67:16:01:7b:cd:4d:12:
0b:81:9c:24:7a:40:f1:62:d9:c6:00:c1:a2:c4:fd:
88:a1:ac:e6:e5:57:49:dd:4c:06:f7:f9:6c:a6:ac:
17:f1:4c:11:d9:9a:47:3b:5e:40:dc:9a:12:27:cd:
3c:96:40:54:d6:d1:12:c3:8e:be:2e:4c:b6:c9:d4:
da:26:e1:e8:11:9d:95:5d:32:e7:d3:2a:0d:c1:72:
90:c7:a1:5b:b8:c7:a5:d1:f4:59:52:95:54:54:42:
fa:4c:6b:c0:02:43:0e:06:8e:3c:eb:5c:1e:18:75:
71:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:F2:32:37:52:9B:74:3B:85:6F:06:0A:BC:F4:CF:72:C1:C8:24:37
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466613a3a2f34382d3438203d3e20323038383530.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:3dfa::/48
Signature Algorithm: sha256WithRSAEncryption
1c:12:32:2d:97:e5:dc:54:ec:49:18:7a:51:48:4f:c5:36:18:
8e:32:8d:af:78:31:a8:8e:0b:33:3d:fb:4b:c4:4d:f3:fe:3b:
b8:52:16:3f:23:c4:10:08:7f:d0:59:d8:20:91:dc:a8:4d:eb:
98:af:7e:e9:aa:36:dd:fe:16:4e:86:50:fb:d2:51:08:0e:8b:
a0:3a:9e:29:6c:bf:d5:ed:71:78:3b:e9:30:76:64:56:72:b2:
c1:c2:1f:5c:2c:1c:b9:ad:02:01:91:47:4a:6d:d8:3d:e8:82:
58:db:af:ff:05:b1:51:28:7c:7e:26:32:48:ac:fd:1a:49:ae:
df:1c:8e:16:27:7b:bd:14:8f:9a:7a:bb:a6:60:a0:c9:50:96:
51:0d:9b:b0:a1:f8:b5:5c:12:97:a8:35:c2:5f:a1:a8:cd:b1:
a5:ea:f8:1c:81:5c:3d:d5:56:93:09:20:4d:f7:f2:9e:14:30:
16:87:73:60:8a:e2:af:3d:19:b3:96:b3:32:84:56:7e:66:7e:
46:24:a3:c0:9b:08:65:85:87:85:7d:ef:88:62:b7:69:1d:b1:
0c:20:b6:7c:db:4d:b9:29:30:9b:9d:8f:93:95:17:e4:49:92:
3f:04:84:44:f5:14:2d:9c:93:8a:d7:5f:79:c8:27:b7:fd:d8:
6b:fe:2f:71
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUM6hM1ArCgY5zjsLY2EWQvO9uJYcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNjA0MjIxNDE3NDlaFw0yNzA0MjExNDIyNDlaMDMxMTAvBgNV
BAMTKEE1RjIzMjM3NTI5Qjc0M0I4NTZGMDYwQUJDRjRDRjcyQzFDODI0MzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCa7iTBlNzsMJLdLfhOvDfKj4Xn
TE6V1lkh0PxwwwLsj5P1EOtnZiZpeVA90l6e6C0wt5vdbZHqHwceROH/GtMSXsTq
amVs6nuAtA2HImo5UcRs5BoLApc50dtoQ/Di99D387C3bCUoEKKXqOuc7wtDZ/sX
AgOWEyGY1eteYjpkJtR9sKXR6PCURFsjAVIOZxYBe81NEguBnCR6QPFi2cYAwaLE
/YihrOblV0ndTAb3+WymrBfxTBHZmkc7XkDcmhInzTyWQFTW0RLDjr4uTLbJ1Nom
4egRnZVdMufTKg3BcpDHoVu4x6XR9FlSlVRUQvpMa8ACQw4GjjzrXB4YdXEZAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUpfIyN1KbdDuFbwYKvPTPcsHIJDcwHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzMzY0NjY2MTNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAzODM4MzUzMC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoRKcA9+jANBgkqhkiG9w0BAQsFAAOCAQEAHBIyLZfl3FTsSRh6
UUhPxTYYjjKNr3gxqI4LMz37S8RN8/47uFIWPyPEEAh/0FnYIJHcqE3rmK9+6ao2
3f4WToZQ+9JRCA6LoDqeKWy/1e1xeDvpMHZkVnKywcIfXCwcua0CAZFHSm3YPeiC
WNuv/wWxUSh8fiYySKz9Gkmu3xyOFid7vRSPmnq7pmCgyVCWUQ2bsKH4tVwSl6g1
wl+hqM2xper4HIFcPdVWkwkgTffynhQwFodzYIrirz0Zs5azMoRWfmZ+RiSjwJsI
ZYWHhX3viGK3aR2xDCC2fNtNuSkwm52Pk5UX5EmSPwSERPUULZyTitdfecgnt/3Y
a/4vcQ==
-----END CERTIFICATE-----
Generated at Mon Apr 27 10:46:04 2026 by rpki-client