Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466633a3a2f34382d3438203d3e20323130333438.roa
File: 326131313a323963303a336466633a3a2f34382d3438203d3e20323130333438.roa (raw, json)
Hash identifier: Kjn5TMVNU3zPZ+kFmqJCltvGqG7Lf/Ouzq2B3rnvz9Q=
Subject key identifier: 4D:EB:4E:18:15:4C:C2:62:6E:6C:A0:45:D6:46:2E:93:98:EA:C1:E5
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 65194C42747B44EB7C1971FBB2078F1EEA79339E
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466633a3a2f34382d3438203d3e20323130333438.roa
Signing time: Wed 22 Apr 2026 14:22:50 +0000
ROA not before: Wed 22 Apr 2026 14:17:50 +0000
ROA not after: Wed 21 Apr 2027 14:22:50 +0000
asID: 210348
IP address blocks: 2a11:29c0:3dfc::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 Apr 2026 20:56:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:19:4c:42:74:7b:44:eb:7c:19:71:fb:b2:07:8f:1e:ea:79:33:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: Apr 22 14:17:50 2026 GMT
Not After : Apr 21 14:22:50 2027 GMT
Subject: CN=4DEB4E18154CC2626E6CA045D6462E9398EAC1E5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:6b:9e:ce:ed:29:2a:7c:a8:01:a0:1a:54:b4:
3f:bf:21:3a:2e:55:bb:bf:8f:16:03:8b:61:fd:20:
14:e7:83:2f:e0:3c:b6:f3:2e:7a:18:3b:c6:d5:d3:
0c:17:72:66:a9:27:a6:d8:8c:77:94:b2:42:a4:93:
74:03:db:97:12:4d:6b:af:04:58:51:bc:ef:e8:7d:
f5:d4:94:c1:a5:4c:4d:22:b5:e9:f2:bb:32:58:4e:
c0:46:81:f9:e4:a2:e6:8c:fa:15:27:42:a4:b3:ab:
b2:81:c0:f3:e0:87:e5:0a:3e:be:78:d8:53:44:d4:
d6:f7:ae:71:94:fd:9c:5b:f3:a9:06:d7:8e:36:39:
7c:74:87:d3:21:c4:fe:c8:13:35:ab:98:84:10:d0:
0a:2e:88:c7:7f:34:ba:38:9d:c5:56:c0:c7:08:5b:
82:56:d2:cb:d7:bd:15:c3:e0:c9:14:f9:d1:81:a7:
48:0c:8b:36:f1:6b:e7:67:ca:1d:3e:fb:a3:68:2e:
6f:a2:5b:a4:6a:19:e2:10:8e:d8:2b:3f:c0:3c:62:
38:69:b4:ec:a4:2d:6d:b7:ca:e0:f8:ae:be:a3:72:
b7:02:1e:2f:fa:e0:0c:cc:47:60:7f:50:ee:ba:cb:
cd:94:d4:ec:4f:49:d6:d5:02:73:ea:6e:d8:b6:69:
d7:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:EB:4E:18:15:4C:C2:62:6E:6C:A0:45:D6:46:2E:93:98:EA:C1:E5
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466633a3a2f34382d3438203d3e20323130333438.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:3dfc::/48
Signature Algorithm: sha256WithRSAEncryption
69:26:35:99:bc:61:5c:7c:84:06:ff:31:89:d7:38:c5:45:c8:
a5:d7:db:45:84:68:b7:2a:42:9d:59:3d:3f:d0:dc:4b:03:05:
f7:27:51:26:0c:63:13:7e:e0:ed:c6:f1:2b:f0:4e:27:60:e4:
12:b3:76:56:19:4d:92:8f:eb:c7:a6:50:5f:3c:df:79:3b:27:
11:8a:5b:b9:ea:2e:58:e5:09:b6:fe:c5:54:d0:92:17:1f:e2:
62:b1:46:fc:c8:50:3f:62:15:95:28:37:d1:85:53:7c:92:a2:
13:2e:79:04:2c:60:3e:7f:cb:52:69:5a:56:fe:f8:a1:3d:d2:
92:5c:2c:76:fa:42:ef:5a:33:1b:a2:9d:2e:e3:24:16:3f:15:
f5:a0:72:ed:82:87:6a:9a:e7:5a:ac:de:cd:35:66:5f:f9:db:
62:9e:f2:f1:00:2c:d7:95:57:cf:35:f6:4d:c2:4f:3e:00:ef:
79:71:25:39:8c:dc:7a:68:45:00:d1:1a:d8:b8:1e:6c:e3:79:
c6:8c:7d:e2:18:0d:df:be:4a:2c:0f:a0:7c:1d:77:17:c6:c7:
f3:67:c7:9b:e0:7b:a7:d6:88:ee:c9:d0:3b:15:d9:8d:91:d2:
19:e6:80:94:b4:77:4d:6a:a2:74:24:4b:e7:38:36:a3:16:ca:
aa:a8:f3:be
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUZRlMQnR7ROt8GXH7sgePHup5M54wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNjA0MjIxNDE3NTBaFw0yNzA0MjExNDIyNTBaMDMxMTAvBgNV
BAMTKDRERUI0RTE4MTU0Q0MyNjI2RTZDQTA0NUQ2NDYyRTkzOThFQUMxRTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRa57O7SkqfKgBoBpUtD+/ITou
Vbu/jxYDi2H9IBTngy/gPLbzLnoYO8bV0wwXcmapJ6bYjHeUskKkk3QD25cSTWuv
BFhRvO/offXUlMGlTE0itenyuzJYTsBGgfnkouaM+hUnQqSzq7KBwPPgh+UKPr54
2FNE1Nb3rnGU/Zxb86kG1442OXx0h9MhxP7IEzWrmIQQ0AouiMd/NLo4ncVWwMcI
W4JW0svXvRXD4MkU+dGBp0gMizbxa+dnyh0++6NoLm+iW6RqGeIQjtgrP8A8Yjhp
tOykLW23yuD4rr6jcrcCHi/64AzMR2B/UO66y82U1OxPSdbVAnPqbti2adf7AgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUTetOGBVMwmJubKBF1kYuk5jqweUwHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzMzY0NjY2MzNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzMDMzMzQzOC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoRKcA9/DANBgkqhkiG9w0BAQsFAAOCAQEAaSY1mbxhXHyEBv8x
idc4xUXIpdfbRYRotypCnVk9P9DcSwMF9ydRJgxjE37g7cbxK/BOJ2DkErN2VhlN
ko/rx6ZQXzzfeTsnEYpbueouWOUJtv7FVNCSFx/iYrFG/MhQP2IVlSg30YVTfJKi
Ey55BCxgPn/LUmlaVv74oT3SklwsdvpC71ozG6KdLuMkFj8V9aBy7YKHaprnWqze
zTVmX/nbYp7y8QAs15VXzzX2TcJPPgDveXElOYzcemhFANEa2LgebON5xox94hgN
375KLA+gfB13F8bH82fHm+B7p9aI7snQOxXZjZHSGeaAlLR3TWqidCRL5zg2oxbK
qqjzvg==
-----END CERTIFICATE-----
Generated at Mon Apr 27 10:46:35 2026 by rpki-client