Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466653a3a2f34382d3438203d3e20323037333539.roa
File: 326131313a323963303a336466653a3a2f34382d3438203d3e20323037333539.roa (raw, json)
Hash identifier: JK6Rn474QSG5jeoJHN/tqifNXu7hgo4LeC1XHuswSPg=
Subject key identifier: AD:13:F0:C2:02:49:1F:58:13:FF:E1:C0:75:F9:F4:3F:3F:33:BC:4A
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 6081B5C07DAE321A852174A893B92B8F38FBE193
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466653a3a2f34382d3438203d3e20323037333539.roa
Signing time: Wed 22 Apr 2026 14:22:51 +0000
ROA not before: Wed 22 Apr 2026 14:17:51 +0000
ROA not after: Wed 21 Apr 2027 14:22:51 +0000
asID: 207359
IP address blocks: 2a11:29c0:3dfe::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 Apr 2026 20:56:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:81:b5:c0:7d:ae:32:1a:85:21:74:a8:93:b9:2b:8f:38:fb:e1:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: Apr 22 14:17:51 2026 GMT
Not After : Apr 21 14:22:51 2027 GMT
Subject: CN=AD13F0C202491F5813FFE1C075F9F43F3F33BC4A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:3c:05:87:68:88:14:1c:84:4c:fe:93:0e:26:
f1:93:79:36:0b:5a:57:55:5b:73:0c:32:33:24:d5:
94:36:8f:84:c6:13:b6:f1:98:06:a3:88:4c:2a:d0:
86:09:08:b8:b8:cb:8c:e1:82:18:f5:3e:e0:34:e9:
22:33:de:48:56:20:c3:86:3e:2b:fa:6a:14:e3:48:
03:ed:8e:00:f9:c1:f4:38:f6:33:3c:10:4e:30:03:
5f:d8:17:15:0d:73:1b:00:2d:d5:8e:79:74:d5:ca:
08:0e:ed:7f:d9:b8:7e:6a:2a:5d:6b:da:fe:b1:ab:
3c:bf:62:d3:d9:b0:bf:bd:d4:c3:b9:1a:02:80:43:
f0:bc:71:d1:5d:da:c8:33:89:96:59:da:0f:d8:74:
52:ec:57:44:f6:a0:3d:38:e3:5c:3e:6c:41:b6:ad:
9a:dc:17:7b:f4:35:d3:93:c0:96:55:ce:0c:9f:92:
bb:f8:a0:4c:3b:96:41:3f:1a:5f:93:95:da:94:a3:
ed:2d:76:be:1b:d1:89:0a:69:11:24:d3:70:e6:2b:
db:ac:ea:54:ca:53:2b:47:b3:e6:e0:8c:6c:07:2d:
3c:2e:1b:a3:10:ed:16:e0:e5:17:f6:45:cf:6e:0e:
d2:dd:c4:01:1d:ea:ec:ab:10:a0:6f:16:44:40:2d:
04:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:13:F0:C2:02:49:1F:58:13:FF:E1:C0:75:F9:F4:3F:3F:33:BC:4A
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466653a3a2f34382d3438203d3e20323037333539.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:3dfe::/48
Signature Algorithm: sha256WithRSAEncryption
5c:3a:0b:48:14:11:33:c9:89:e7:45:19:7e:0a:f8:55:40:ff:
27:0d:19:f0:93:04:42:67:62:5a:51:d6:0c:77:d3:f9:9a:8d:
df:85:2a:78:b0:2a:51:b8:7f:83:f5:db:4f:c8:f9:41:ff:7e:
7a:7d:71:de:73:5b:fa:0b:b5:b4:e2:ae:e1:ce:9a:e9:ea:5e:
15:d2:c9:86:04:ec:1a:ab:f4:d6:18:bc:a6:05:d7:00:f5:a3:
95:fa:e2:e2:29:b9:67:43:4b:bc:23:c9:d8:f3:24:c6:17:91:
cf:45:66:52:fd:c3:3c:96:84:27:33:78:0d:89:b8:4a:57:0d:
d9:b6:7d:bf:b8:48:1e:f3:01:b9:12:73:df:73:09:c0:97:15:
b6:17:c3:81:f3:da:31:70:d9:f0:e4:96:4d:20:ce:ce:a7:d6:
c6:4d:92:81:c2:41:75:a4:c2:19:ed:64:af:e1:12:b2:09:69:
7a:58:52:67:d5:ee:85:9b:1e:82:a9:aa:75:97:8b:fa:fa:cf:
1e:e4:b6:d7:db:b7:de:0c:69:02:0b:ef:04:e1:b7:24:c6:3b:
3f:8f:07:fb:1e:71:c6:e8:1d:79:50:df:86:3f:70:b1:a8:4e:
cd:41:a9:a9:fc:31:4f:c7:87:52:ea:e3:a0:1a:f0:8e:71:de:
3e:2f:ab:77
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUYIG1wH2uMhqFIXSok7krjzj74ZMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNjA0MjIxNDE3NTFaFw0yNzA0MjExNDIyNTFaMDMxMTAvBgNV
BAMTKEFEMTNGMEMyMDI0OTFGNTgxM0ZGRTFDMDc1RjlGNDNGM0YzM0JDNEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLPAWHaIgUHIRM/pMOJvGTeTYL
WldVW3MMMjMk1ZQ2j4TGE7bxmAajiEwq0IYJCLi4y4zhghj1PuA06SIz3khWIMOG
Piv6ahTjSAPtjgD5wfQ49jM8EE4wA1/YFxUNcxsALdWOeXTVyggO7X/ZuH5qKl1r
2v6xqzy/YtPZsL+91MO5GgKAQ/C8cdFd2sgziZZZ2g/YdFLsV0T2oD0441w+bEG2
rZrcF3v0NdOTwJZVzgyfkrv4oEw7lkE/Gl+TldqUo+0tdr4b0YkKaREk03DmK9us
6lTKUytHs+bgjGwHLTwuG6MQ7Rbg5Rf2Rc9uDtLdxAEd6uyrEKBvFkRALQRVAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUrRPwwgJJH1gT/+HAdfn0Pz8zvEowHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzMzY0NjY2NTNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAzNzMzMzUzOS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoRKcA9/jANBgkqhkiG9w0BAQsFAAOCAQEAXDoLSBQRM8mJ50UZ
fgr4VUD/Jw0Z8JMEQmdiWlHWDHfT+ZqN34UqeLAqUbh/g/XbT8j5Qf9+en1x3nNb
+gu1tOKu4c6a6epeFdLJhgTsGqv01hi8pgXXAPWjlfri4im5Z0NLvCPJ2PMkxheR
z0VmUv3DPJaEJzN4DYm4SlcN2bZ9v7hIHvMBuRJz33MJwJcVthfDgfPaMXDZ8OSW
TSDOzqfWxk2SgcJBdaTCGe1kr+ESsglpelhSZ9XuhZsegqmqdZeL+vrPHuS219u3
3gxpAgvvBOG3JMY7P48H+x5xxugdeVDfhj9wsahOzUGpqfwxT8eHUurjoBrwjnHe
Pi+rdw==
-----END CERTIFICATE-----
Generated at Mon Apr 27 11:59:31 2026 by rpki-client