Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a623030623a3a2f34382d3438203d3e20323132313439.roa
File: 326131313a323963303a623030623a3a2f34382d3438203d3e20323132313439.roa (raw, json)
Hash identifier: DGnAofA5E5W+GSGod3OlOCJnGjyxN+ybCHEOq7uAC2Q=
Subject key identifier: 06:E4:CE:F1:F8:BD:DC:3C:AB:38:FD:85:49:B5:A2:00:2A:82:C7:90
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 6BFEBD9EDA604CF3FE4CCC14FF428685AD917CBA
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a623030623a3a2f34382d3438203d3e20323132313439.roa
Signing time: Wed 22 Apr 2026 14:22:47 +0000
ROA not before: Wed 22 Apr 2026 14:17:47 +0000
ROA not after: Wed 21 Apr 2027 14:22:47 +0000
asID: 212149
IP address blocks: 2a11:29c0:b00b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 Apr 2026 20:56:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:fe:bd:9e:da:60:4c:f3:fe:4c:cc:14:ff:42:86:85:ad:91:7c:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: Apr 22 14:17:47 2026 GMT
Not After : Apr 21 14:22:47 2027 GMT
Subject: CN=06E4CEF1F8BDDC3CAB38FD8549B5A2002A82C790
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:76:ec:ad:fa:13:0a:0a:46:6a:eb:9c:d4:5e:
2d:59:bc:49:c4:84:bf:14:0f:78:37:04:92:16:eb:
b0:64:9b:ee:6c:95:fb:38:6d:41:85:8d:23:78:6e:
f0:14:1c:2f:9d:e9:80:96:43:8e:82:e6:ab:32:83:
17:22:ac:5c:a6:62:36:98:19:bc:5d:9c:bc:7b:73:
cb:59:3c:4a:05:74:89:40:4f:44:66:fc:26:e4:8e:
9b:a2:c1:82:26:ed:bd:de:22:d6:5d:5b:10:88:f9:
ef:50:79:d3:b9:f3:f7:a3:64:c9:a4:a3:c5:03:df:
93:90:e6:d3:6f:d7:3f:bc:83:5a:59:cc:e2:95:2f:
86:b7:7e:6b:34:01:85:72:f3:02:82:fc:2a:26:28:
91:fd:ff:5b:ad:56:4b:4d:5d:21:8f:1b:27:25:62:
51:6d:7d:e7:7f:e0:1f:f1:b7:8b:c0:ec:3a:62:17:
cc:32:16:1e:ce:eb:8f:84:26:e0:dd:b7:8c:e0:4e:
81:e8:1c:43:04:f2:21:25:43:10:86:56:53:4e:39:
c2:71:c2:9d:da:26:5d:4e:92:28:ad:c8:be:a9:cc:
53:6b:bb:42:17:6c:28:b9:99:94:08:ee:d2:08:8a:
50:a2:b9:f1:50:d6:ec:fb:1d:08:39:2d:d9:d1:25:
79:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:E4:CE:F1:F8:BD:DC:3C:AB:38:FD:85:49:B5:A2:00:2A:82:C7:90
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a623030623a3a2f34382d3438203d3e20323132313439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:b00b::/48
Signature Algorithm: sha256WithRSAEncryption
b0:fb:ce:41:e3:36:3f:c4:86:9f:a0:e8:ca:3e:c8:1b:d9:d1:
e4:03:23:d5:c5:d1:c7:ec:4c:6d:cf:9e:fe:78:0b:df:4f:6a:
c2:93:b1:d7:58:8c:b9:06:c0:8d:0b:52:3d:5d:05:c1:a6:0c:
bb:0f:99:be:23:36:e4:4b:e8:7f:78:03:75:6d:9b:9e:2a:38:
40:68:3a:a1:5f:92:a2:be:d9:9b:95:55:d9:c0:67:be:c5:4a:
fc:03:d4:6a:3c:74:78:0f:7e:58:f9:d4:35:eb:46:14:c0:b2:
00:e9:fc:16:ac:ad:40:40:39:66:8f:d4:6d:98:b7:c2:c1:00:
38:42:33:ca:36:ef:59:7d:29:38:05:f5:1f:da:8d:5e:0f:d4:
36:27:f5:67:1c:b3:e5:77:ff:ae:f3:a7:4b:8a:a7:5f:0a:61:
07:e2:03:31:90:6b:87:5a:07:a2:f5:27:93:0c:4d:f0:e4:de:
dc:ba:02:1a:6b:ed:7c:67:a4:a0:2e:7e:61:cc:cb:9f:ff:0d:
5a:10:98:3f:77:e2:85:3a:45:17:ce:2a:a6:e5:39:aa:d9:b7:
70:b2:83:63:e8:00:7d:65:46:8c:74:5e:5c:77:5d:05:95:f3:
08:c5:46:59:74:93:e4:c6:a7:60:92:66:7f:11:82:4b:ce:41:
6e:cc:b5:47
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUa/69ntpgTPP+TMwU/0KGha2RfLowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNjA0MjIxNDE3NDdaFw0yNzA0MjExNDIyNDdaMDMxMTAvBgNV
BAMTKDA2RTRDRUYxRjhCRERDM0NBQjM4RkQ4NTQ5QjVBMjAwMkE4MkM3OTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9duyt+hMKCkZq65zUXi1ZvEnE
hL8UD3g3BJIW67Bkm+5slfs4bUGFjSN4bvAUHC+d6YCWQ46C5qsygxcirFymYjaY
GbxdnLx7c8tZPEoFdIlAT0Rm/CbkjpuiwYIm7b3eItZdWxCI+e9QedO58/ejZMmk
o8UD35OQ5tNv1z+8g1pZzOKVL4a3fms0AYVy8wKC/ComKJH9/1utVktNXSGPGycl
YlFtfed/4B/xt4vA7DpiF8wyFh7O64+EJuDdt4zgToHoHEME8iElQxCGVlNOOcJx
wp3aJl1OkiityL6pzFNru0IXbCi5mZQI7tIIilCiufFQ1uz7HQg5LdnRJXnNAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUBuTO8fi93DyrOP2FSbWiACqCx5AwHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2E2MjMwMzA2MjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzMjMxMzQzOS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoRKcCwCzANBgkqhkiG9w0BAQsFAAOCAQEAsPvOQeM2P8SGn6Do
yj7IG9nR5AMj1cXRx+xMbc+e/ngL309qwpOx11iMuQbAjQtSPV0FwaYMuw+ZviM2
5Evof3gDdW2bnio4QGg6oV+Sor7Zm5VV2cBnvsVK/APUajx0eA9+WPnUNetGFMCy
AOn8FqytQEA5Zo/UbZi3wsEAOEIzyjbvWX0pOAX1H9qNXg/UNif1Zxyz5Xf/rvOn
S4qnXwphB+IDMZBrh1oHovUnkwxN8OTe3LoCGmvtfGekoC5+YczLn/8NWhCYP3fi
hTpFF84qpuU5qtm3cLKDY+gAfWVGjHReXHddBZXzCMVGWXST5ManYJJmfxGCS85B
bsy1Rw==
-----END CERTIFICATE-----
Generated at Mon Apr 27 10:46:28 2026 by rpki-client