Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a346630303a3a2f34302d3438203d3e20323131373437.roa
File: 326131313a323963303a346630303a3a2f34302d3438203d3e20323131373437.roa (raw, json)
Hash identifier: BsQIPitEaT2EhjCH/7zikrT4AQwkz2k78zEHASOfoAo=
Subject key identifier: AA:48:CF:41:13:ED:8D:89:1D:E7:A5:B9:72:35:C0:A2:4A:3D:08:64
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 5F405D0D985A1DFE66104E1BF6BC5910DDF186C9
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a346630303a3a2f34302d3438203d3e20323131373437.roa
Signing time: Thu 14 May 2026 15:22:51 +0000
ROA not before: Thu 14 May 2026 15:17:51 +0000
ROA not after: Thu 13 May 2027 15:22:51 +0000
asID: 211747
IP address blocks: 2a11:29c0:4f00::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 13:27:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:40:5d:0d:98:5a:1d:fe:66:10:4e:1b:f6:bc:59:10:dd:f1:86:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: May 14 15:17:51 2026 GMT
Not After : May 13 15:22:51 2027 GMT
Subject: CN=AA48CF4113ED8D891DE7A5B97235C0A24A3D0864
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:3a:29:dd:55:ee:6c:70:c4:b8:e1:bc:80:1b:
fe:8d:5a:64:28:f2:25:04:de:bb:61:08:2a:41:8f:
b0:79:15:19:93:fa:36:6a:5d:66:3a:2f:b7:f7:84:
27:80:0d:52:41:41:f5:4f:bf:eb:00:32:c0:22:34:
59:0b:33:ef:f4:0f:d6:3b:c2:d7:9d:44:17:8d:18:
a9:39:be:3d:ce:b1:cf:98:a7:48:41:32:ff:bd:40:
a9:73:74:82:7b:05:19:ca:3b:37:a4:d7:ad:92:5d:
d2:78:d1:ae:06:28:79:42:8c:d7:66:72:9c:31:db:
59:fd:1a:bf:f2:14:cb:1a:05:47:eb:ee:2b:06:2c:
35:76:b7:31:ed:49:a0:a9:fb:9b:05:bc:16:ca:b9:
69:19:a7:a1:82:cf:27:44:e5:b9:5a:73:d3:fe:1d:
ec:01:71:b8:27:50:22:c5:c2:f4:8b:4a:ec:67:5c:
a1:d4:1d:36:ff:f3:10:c9:cc:da:7f:89:60:b2:80:
24:9a:c5:c6:a0:39:ff:49:0e:ba:cd:f0:03:1d:9f:
da:50:3f:be:34:df:1e:3f:e9:b9:77:05:36:7c:0c:
d8:0f:2f:e6:c0:f4:62:df:9c:82:36:4d:a9:de:36:
b5:97:77:aa:af:8a:de:f7:69:64:de:4e:33:9e:44:
9b:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:48:CF:41:13:ED:8D:89:1D:E7:A5:B9:72:35:C0:A2:4A:3D:08:64
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a346630303a3a2f34302d3438203d3e20323131373437.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:4f00::/40
Signature Algorithm: sha256WithRSAEncryption
83:71:5a:16:cf:ad:ed:28:66:ce:69:39:34:69:15:91:6e:1f:
bc:c8:14:8b:04:21:f4:0b:d9:cc:7a:88:b9:b9:3c:22:b6:11:
c2:5a:25:90:b6:b5:51:ca:dd:f7:32:db:5b:ec:cf:af:f2:47:
b5:60:a5:09:80:d2:e6:84:80:53:5f:03:91:67:f8:ef:ed:87:
8e:40:9d:7c:a3:30:53:57:22:fa:82:61:b4:99:66:99:d5:9f:
d6:b6:08:38:44:93:58:20:ba:f5:62:f1:8f:c2:42:90:fc:d1:
17:b9:dd:5e:0b:3d:5c:52:b6:16:2a:c6:0c:7d:56:f9:22:aa:
02:3f:9c:6c:0b:c4:53:65:f7:f8:34:1a:f0:65:8f:da:6d:7e:
25:6d:73:c7:42:e7:3d:c4:16:ab:14:76:39:ba:8d:36:d5:66:
cf:91:18:72:80:bf:06:8a:8b:59:b0:20:e6:bc:d8:ce:95:b0:
76:63:bb:f7:06:35:e5:9c:35:06:68:58:0b:8d:11:66:9b:e1:
00:99:a7:a4:38:c2:bd:39:9d:43:25:9c:a9:32:35:4b:ec:93:
95:d0:b6:fb:42:01:6e:98:f7:5e:7c:1a:53:e2:9d:08:46:4f:
3c:e1:83:42:24:0c:46:d6:b7:3f:c2:90:df:da:9b:7d:55:4d:
3b:33:cb:99
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIUX0BdDZhaHf5mEE4b9rxZEN3xhskwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNjA1MTQxNTE3NTFaFw0yNzA1MTMxNTIyNTFaMDMxMTAvBgNV
BAMTKEFBNDhDRjQxMTNFRDhEODkxREU3QTVCOTcyMzVDMEEyNEEzRDA4NjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDrOindVe5scMS44byAG/6NWmQo
8iUE3rthCCpBj7B5FRmT+jZqXWY6L7f3hCeADVJBQfVPv+sAMsAiNFkLM+/0D9Y7
wtedRBeNGKk5vj3Osc+Yp0hBMv+9QKlzdIJ7BRnKOzek162SXdJ40a4GKHlCjNdm
cpwx21n9Gr/yFMsaBUfr7isGLDV2tzHtSaCp+5sFvBbKuWkZp6GCzydE5blac9P+
HewBcbgnUCLFwvSLSuxnXKHUHTb/8xDJzNp/iWCygCSaxcagOf9JDrrN8AMdn9pQ
P7403x4/6bl3BTZ8DNgPL+bA9GLfnII2TaneNrWXd6qvit73aWTeTjOeRJsVAgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQUqkjPQRPtjYkd56W5cjXAoko9CGQwHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzNDY2MzAzMDNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDMyMzEzMTM3MzQzNy5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw
DgQCAAIwCAMGACoRKcBPMA0GCSqGSIb3DQEBCwUAA4IBAQCDcVoWz63tKGbOaTk0
aRWRbh+8yBSLBCH0C9nMeoi5uTwithHCWiWQtrVRyt33Mttb7M+v8ke1YKUJgNLm
hIBTXwORZ/jv7YeOQJ18ozBTVyL6gmG0mWaZ1Z/Wtgg4RJNYILr1YvGPwkKQ/NEX
ud1eCz1cUrYWKsYMfVb5IqoCP5xsC8RTZff4NBrwZY/abX4lbXPHQuc9xBarFHY5
uo021WbPkRhygL8GiotZsCDmvNjOlbB2Y7v3BjXlnDUGaFgLjRFmm+EAmaekOMK9
OZ1DJZypMjVL7JOV0Lb7QgFumPdefBpT4p0IRk884YNCJAxG1rc/wpDf2pt9VU07
M8uZ
-----END CERTIFICATE-----
Generated at Thu Jun 11 17:10:16 2026 by rpki-client