Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a663a3a2f34382d3438203d3e203530333931.roa
File: 326131313a323963303a663a3a2f34382d3438203d3e203530333931.roa (raw, json)
Hash identifier: Tc8Pkcwmilh+TUTTQcjXQoGpqoVzE6B52nmzy217Jvg=
Subject key identifier: EA:98:EA:83:F2:C6:A9:67:A5:51:00:03:45:5F:43:38:8C:BF:5E:AB
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 3A66585E15F7EB27E0786E8FE006302F92E8180E
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a663a3a2f34382d3438203d3e203530333931.roa
Signing time: Wed 22 Apr 2026 14:22:50 +0000
ROA not before: Wed 22 Apr 2026 14:17:50 +0000
ROA not after: Wed 21 Apr 2027 14:22:50 +0000
asID: 50391
IP address blocks: 2a11:29c0:f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 Apr 2026 20:56:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:66:58:5e:15:f7:eb:27:e0:78:6e:8f:e0:06:30:2f:92:e8:18:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: Apr 22 14:17:50 2026 GMT
Not After : Apr 21 14:22:50 2027 GMT
Subject: CN=EA98EA83F2C6A967A5510003455F43388CBF5EAB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:82:5e:82:71:29:1b:4e:5c:4d:24:d6:78:fb:
24:9a:ec:60:98:d7:2e:9c:c8:7f:9c:0d:4e:52:13:
d7:b3:92:d5:7d:15:84:e5:7f:d1:f6:a0:85:c9:68:
69:80:8f:86:09:a7:b2:10:6f:25:cb:3d:ae:e3:ff:
9f:c7:fb:fe:c2:a8:a2:2d:a6:48:50:da:6b:09:8d:
b3:b7:7f:08:34:04:a3:8f:7c:de:7a:30:7a:53:49:
a9:61:47:14:18:e9:09:7e:7b:f5:d9:a3:bc:6f:90:
4f:35:c0:2e:2d:c3:45:b1:5f:96:9f:72:51:a5:bb:
47:c4:39:6d:6b:af:ef:65:2c:34:6c:a0:47:43:54:
44:d1:11:c6:1a:6b:41:75:75:ce:4c:b5:e3:68:8e:
5b:b7:f0:49:c7:41:20:f4:32:ea:d5:05:35:37:cb:
4a:41:98:c7:dd:3d:b1:36:90:cd:23:49:5e:95:38:
82:76:ec:ea:d5:51:a7:16:98:f4:0a:74:32:39:f9:
37:d2:d3:ad:e5:b9:a5:05:1a:c5:5c:1d:86:e3:8d:
78:fa:51:22:69:0a:0e:0f:fe:c1:b6:c9:f1:2f:57:
80:07:0d:ae:25:93:f7:b3:41:72:e6:6c:17:d0:82:
82:be:88:e6:4a:f6:bc:cd:52:00:78:25:5e:20:51:
fd:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:98:EA:83:F2:C6:A9:67:A5:51:00:03:45:5F:43:38:8C:BF:5E:AB
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a663a3a2f34382d3438203d3e203530333931.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:f::/48
Signature Algorithm: sha256WithRSAEncryption
1f:ea:30:25:f6:55:a7:1a:fe:0a:51:13:e4:4e:f0:e1:e4:c5:
d1:1b:cf:04:08:1d:f9:e7:0f:27:98:04:b5:78:fb:12:18:e9:
d7:75:00:29:74:74:d1:b3:1f:50:44:8c:54:43:15:2e:ca:f4:
fd:85:11:b5:81:5b:7e:57:73:38:6b:b0:c2:ea:50:ae:6d:0d:
c2:fa:6c:aa:ee:cc:ec:25:cd:dd:51:e2:ac:3b:cf:e2:4b:f5:
70:d1:bf:59:aa:d9:a0:b4:4a:78:bc:3b:21:17:db:18:20:81:
68:8b:ce:7e:a4:09:e1:58:58:bd:b7:b1:73:4c:62:e5:5b:fc:
c8:b4:58:8f:92:8c:5a:f4:c4:aa:2b:69:1e:18:09:a7:94:da:
81:b2:05:7d:92:cf:d5:d7:71:2d:32:9a:0c:ee:f2:76:d2:51:
42:27:03:07:bb:3a:7c:5e:f1:c1:2b:ea:e7:ea:d3:60:f9:e9:
29:13:c6:af:d8:28:c6:3b:b8:c1:23:d0:e0:c4:e4:68:d6:f0:
51:82:1f:33:eb:67:41:ab:eb:17:37:02:b7:a1:8c:d3:a4:03:
eb:2d:e0:a9:79:61:db:13:5e:dd:22:3c:98:bd:45:d4:af:e0:
02:8a:a6:70:dc:44:54:18:9a:89:82:6e:be:97:26:8b:40:f8:
f1:2e:a2:65
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUOmZYXhX36yfgeG6P4AYwL5LoGA4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNjA0MjIxNDE3NTBaFw0yNzA0MjExNDIyNTBaMDMxMTAvBgNV
BAMTKEVBOThFQTgzRjJDNkE5NjdBNTUxMDAwMzQ1NUY0MzM4OENCRjVFQUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqgl6CcSkbTlxNJNZ4+ySa7GCY
1y6cyH+cDU5SE9ezktV9FYTlf9H2oIXJaGmAj4YJp7IQbyXLPa7j/5/H+/7CqKIt
pkhQ2msJjbO3fwg0BKOPfN56MHpTSalhRxQY6Ql+e/XZo7xvkE81wC4tw0WxX5af
clGlu0fEOW1rr+9lLDRsoEdDVETREcYaa0F1dc5MteNojlu38EnHQSD0MurVBTU3
y0pBmMfdPbE2kM0jSV6VOIJ27OrVUacWmPQKdDI5+TfS063luaUFGsVcHYbjjXj6
USJpCg4P/sG2yfEvV4AHDa4lk/ezQXLmbBfQgoK+iOZK9rzNUgB4JV4gUf2HAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQU6pjqg/LGqWelUQADRV9DOIy/XqswHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2E2NjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDM1MzAzMzM5MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkD
BwAqESnAAA8wDQYJKoZIhvcNAQELBQADggEBAB/qMCX2Vaca/gpRE+RO8OHkxdEb
zwQIHfnnDyeYBLV4+xIY6dd1ACl0dNGzH1BEjFRDFS7K9P2FEbWBW35XczhrsMLq
UK5tDcL6bKruzOwlzd1R4qw7z+JL9XDRv1mq2aC0Sni8OyEX2xgggWiLzn6kCeFY
WL23sXNMYuVb/Mi0WI+SjFr0xKoraR4YCaeU2oGyBX2Sz9XXcS0ymgzu8nbSUUIn
Awe7Onxe8cEr6ufq02D56SkTxq/YKMY7uMEj0ODE5GjW8FGCHzPrZ0Gr6xc3Areh
jNOkA+st4Kl5YdsTXt0iPJi9RdSv4AKKpnDcRFQYmomCbr6XJotA+PEuomU=
-----END CERTIFICATE-----
Generated at Mon Apr 27 11:58:30 2026 by rpki-client