Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466643a3a2f34382d3438203d3e20323036303538.roa
File: 326131313a323963303a336466643a3a2f34382d3438203d3e20323036303538.roa (raw, json)
Hash identifier: chl6kSNogLgD7xPk21+dbti1jGJMLn6s0APTNaHDDpc=
Subject key identifier: 61:5D:4C:1B:3A:4A:F7:55:DE:EE:C4:46:90:92:C4:35:87:75:27:4C
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 04F71AAC53521C7F5CBDA69FE19D613B93297B88
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466643a3a2f34382d3438203d3e20323036303538.roa
Signing time: Wed 22 Apr 2026 14:22:49 +0000
ROA not before: Wed 22 Apr 2026 14:17:49 +0000
ROA not after: Wed 21 Apr 2027 14:22:49 +0000
asID: 206058
IP address blocks: 2a11:29c0:3dfd::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 Apr 2026 20:56:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:f7:1a:ac:53:52:1c:7f:5c:bd:a6:9f:e1:9d:61:3b:93:29:7b:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: Apr 22 14:17:49 2026 GMT
Not After : Apr 21 14:22:49 2027 GMT
Subject: CN=615D4C1B3A4AF755DEEEC4469092C4358775274C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:8c:57:fb:59:c3:90:6e:61:a7:6f:87:6c:39:
13:17:19:23:59:b6:17:3e:b8:e8:a4:db:d9:75:56:
d5:3a:9a:a1:35:37:8a:db:bd:b4:eb:f4:a0:e7:03:
95:4b:f8:0d:da:f4:5c:1a:0b:ab:76:f6:a0:77:0b:
45:78:77:96:db:39:98:0d:ec:64:58:03:2f:74:08:
3d:14:7d:59:cf:c5:b4:37:9d:5b:83:84:db:78:e3:
95:0b:95:ab:98:8f:06:98:cc:49:5c:db:9a:54:47:
cc:37:40:61:8a:15:aa:33:b3:e2:64:c3:ef:f6:da:
16:00:22:5a:58:d3:56:8f:91:69:69:bf:b0:17:74:
91:fc:3a:21:26:a8:d2:bf:aa:d0:a3:f1:bc:45:c7:
65:d6:57:09:61:82:cf:88:a2:38:11:74:0e:6d:81:
20:de:e0:c0:bd:ec:f9:23:c7:11:2f:3b:0e:f0:16:
f6:13:13:f1:c5:01:88:87:71:d2:11:d5:d8:e2:68:
09:07:cc:fa:f1:e2:d8:bf:08:85:95:80:d4:54:e3:
1d:0b:62:12:ce:e1:6e:7c:6a:89:c7:50:63:a3:5b:
0b:ac:e2:d7:e9:a2:c1:05:80:2f:c3:44:df:c2:9c:
0c:9a:ec:f7:67:d4:e7:4c:06:1a:1f:23:68:0b:99:
10:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:5D:4C:1B:3A:4A:F7:55:DE:EE:C4:46:90:92:C4:35:87:75:27:4C
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466643a3a2f34382d3438203d3e20323036303538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:3dfd::/48
Signature Algorithm: sha256WithRSAEncryption
49:b1:a6:05:00:68:18:f0:04:e2:82:a1:36:0e:f7:41:42:3d:
c4:1a:22:b6:95:94:5a:fc:29:7b:07:c8:86:0d:31:4f:9b:74:
97:00:0a:e4:5e:76:89:2e:cc:e0:be:d4:19:08:b4:80:b4:cd:
b6:e1:30:89:36:d8:ca:94:3d:d1:92:ea:5a:e4:a8:d1:ea:a1:
4c:25:51:31:10:29:db:5f:6b:b5:5f:bc:18:eb:57:6c:24:c6:
08:5f:8d:41:b8:cf:57:c9:76:be:1f:5f:82:88:9f:09:6b:ec:
de:45:d9:c1:a8:fa:2e:7f:18:78:b6:ad:ad:8f:f1:f9:6e:48:
02:64:e6:44:f8:e7:48:47:f8:d9:47:cc:cd:e0:5c:99:c8:59:
bf:02:ce:48:17:0a:5b:95:d6:f6:2e:a8:50:f7:2b:f5:37:6b:
5d:9e:0f:97:c4:9e:5b:c3:45:10:08:4b:d3:c8:0e:67:02:89:
89:d8:08:69:2d:93:e4:fa:47:37:05:3f:79:3b:7b:c4:12:36:
1c:57:c3:a1:54:3f:c2:80:69:90:e7:cb:b3:f0:7f:2d:92:ff:
2d:dc:bf:56:72:42:16:17:30:eb:64:c8:ed:ce:ae:4f:c6:4f:
75:c1:80:8c:db:05:0d:92:09:69:c8:2c:5b:88:60:f2:a0:6e:
9f:c5:bc:55
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUBPcarFNSHH9cvaaf4Z1hO5Mpe4gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNjA0MjIxNDE3NDlaFw0yNzA0MjExNDIyNDlaMDMxMTAvBgNV
BAMTKDYxNUQ0QzFCM0E0QUY3NTVERUVFQzQ0NjkwOTJDNDM1ODc3NTI3NEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDajFf7WcOQbmGnb4dsORMXGSNZ
thc+uOik29l1VtU6mqE1N4rbvbTr9KDnA5VL+A3a9FwaC6t29qB3C0V4d5bbOZgN
7GRYAy90CD0UfVnPxbQ3nVuDhNt445ULlauYjwaYzElc25pUR8w3QGGKFaozs+Jk
w+/22hYAIlpY01aPkWlpv7AXdJH8OiEmqNK/qtCj8bxFx2XWVwlhgs+IojgRdA5t
gSDe4MC97PkjxxEvOw7wFvYTE/HFAYiHcdIR1djiaAkHzPrx4ti/CIWVgNRU4x0L
YhLO4W58aonHUGOjWwus4tfposEFgC/DRN/CnAya7Pdn1OdMBhofI2gLmRA7AgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUYV1MGzpK91Xe7sRGkJLENYd1J0wwHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzMzY0NjY2NDNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAzNjMwMzUzOC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoRKcA9/TANBgkqhkiG9w0BAQsFAAOCAQEASbGmBQBoGPAE4oKh
Ng73QUI9xBoitpWUWvwpewfIhg0xT5t0lwAK5F52iS7M4L7UGQi0gLTNtuEwiTbY
ypQ90ZLqWuSo0eqhTCVRMRAp219rtV+8GOtXbCTGCF+NQbjPV8l2vh9fgoifCWvs
3kXZwaj6Ln8YeLatrY/x+W5IAmTmRPjnSEf42UfMzeBcmchZvwLOSBcKW5XW9i6o
UPcr9TdrXZ4Pl8SeW8NFEAhL08gOZwKJidgIaS2T5PpHNwU/eTt7xBI2HFfDoVQ/
woBpkOfLs/B/LZL/Ldy/VnJCFhcw62TI7c6uT8ZPdcGAjNsFDZIJacgsW4hg8qBu
n8W8VQ==
-----END CERTIFICATE-----
Generated at Mon Apr 27 10:46:08 2026 by rpki-client