Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963313a623030623a3a2f34382d3438203d3e20323132313439.roa
File: 326131313a323963313a623030623a3a2f34382d3438203d3e20323132313439.roa (raw, json)
Hash identifier: nr4tIzU4dj1Vz2RzCutBPc69bvsNnBd6sc02JOrXzMs=
Subject key identifier: 58:22:A2:F2:5C:3D:82:76:C6:F8:00:6E:58:C0:0D:51:D2:94:8D:83
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 608547E7F44128896FBEF8BD61197EB8FBD08599
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963313a623030623a3a2f34382d3438203d3e20323132313439.roa
Signing time: Wed 22 Apr 2026 14:22:49 +0000
ROA not before: Wed 22 Apr 2026 14:17:49 +0000
ROA not after: Wed 21 Apr 2027 14:22:49 +0000
asID: 212149
IP address blocks: 2a11:29c1:b00b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 01 May 2026 07:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:85:47:e7:f4:41:28:89:6f:be:f8:bd:61:19:7e:b8:fb:d0:85:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: Apr 22 14:17:49 2026 GMT
Not After : Apr 21 14:22:49 2027 GMT
Subject: CN=5822A2F25C3D8276C6F8006E58C00D51D2948D83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:f0:e3:71:08:45:db:5a:ce:ba:cb:a1:07:e3:
b4:3b:77:50:7f:85:6e:6d:62:57:a4:c0:c7:65:a4:
22:af:38:f8:ca:7d:1e:03:e5:fa:f9:60:ab:e3:10:
4b:30:48:2f:28:1d:84:11:f4:5e:25:20:21:0c:dd:
7c:36:d7:ee:6a:f7:2e:60:25:c8:a8:d6:f4:69:25:
f7:7d:0c:b4:df:d8:3c:63:56:18:8d:8e:bc:b9:65:
32:36:0f:ec:aa:25:78:02:3c:a5:80:55:f2:53:4d:
55:61:0b:91:c4:aa:92:3d:5b:0b:db:5c:ae:4e:d2:
e0:37:59:de:b5:0b:51:ed:40:2d:42:77:15:c4:e5:
f1:5c:ba:63:1f:4b:39:b4:8f:87:9d:89:bd:4e:a6:
c6:01:d0:1a:bf:a1:1f:43:3b:b3:7d:93:c4:b9:06:
97:92:d3:e3:49:34:9b:68:09:10:2e:a1:37:58:8d:
84:0b:61:60:37:1f:dd:22:e6:39:03:d4:5f:e5:3f:
f8:1f:7f:4b:2f:6f:34:fb:39:a4:e3:2b:1d:f9:8e:
d3:1e:77:f8:16:a4:2e:45:21:6a:31:64:08:0c:43:
c0:e2:1d:73:7f:d6:7d:34:a6:0d:65:c4:25:77:fd:
71:25:4f:81:b1:7a:10:73:2c:e9:63:3f:ee:db:ba:
9f:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:22:A2:F2:5C:3D:82:76:C6:F8:00:6E:58:C0:0D:51:D2:94:8D:83
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963313a623030623a3a2f34382d3438203d3e20323132313439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c1:b00b::/48
Signature Algorithm: sha256WithRSAEncryption
1f:59:09:9a:93:5d:4d:70:b5:18:59:41:10:30:06:c2:a3:f2:
de:8f:07:f4:95:e0:c1:84:94:c0:e6:a7:a5:02:a3:94:59:31:
c6:1b:2b:97:a4:df:63:14:d3:1c:50:08:d7:88:62:37:62:56:
85:7f:53:ef:d8:b2:9f:59:5a:d6:b5:a3:d7:a2:c4:f1:73:41:
73:6b:d0:38:51:49:fc:a5:c0:f9:b0:87:64:cf:a5:69:54:02:
60:cf:94:8a:b6:c9:68:79:b4:41:21:f1:9f:f3:30:d5:e8:e5:
9f:c4:53:e9:b1:c7:0e:ad:28:0a:cb:4c:f3:73:7d:53:e2:d3:
31:4a:5b:b3:9b:23:66:ab:7d:0b:33:4e:ab:54:08:dd:46:fe:
60:c7:76:0b:89:bc:9b:74:3c:8d:dc:7b:d5:87:ba:22:18:7b:
02:57:f0:c8:72:a3:7b:2f:42:83:4d:d0:0d:95:f3:ab:93:15:
95:51:48:ee:01:0b:75:92:fe:0b:d6:f6:a2:7c:fe:1c:89:02:
55:ca:9b:ae:db:75:37:b6:24:b1:93:89:76:ee:2a:f4:80:df:
b9:b8:f8:08:0a:56:50:84:57:65:9e:e4:a6:bc:d5:61:bd:a1:
60:ef:5a:16:19:49:fc:9f:03:9a:61:1a:07:3b:ed:f5:38:86:
ee:40:ec:dc
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUYIVH5/RBKIlvvvi9YRl+uPvQhZkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNjA0MjIxNDE3NDlaFw0yNzA0MjExNDIyNDlaMDMxMTAvBgNV
BAMTKDU4MjJBMkYyNUMzRDgyNzZDNkY4MDA2RTU4QzAwRDUxRDI5NDhEODMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDr8ONxCEXbWs66y6EH47Q7d1B/
hW5tYlekwMdlpCKvOPjKfR4D5fr5YKvjEEswSC8oHYQR9F4lICEM3Xw21+5q9y5g
Jcio1vRpJfd9DLTf2DxjVhiNjry5ZTI2D+yqJXgCPKWAVfJTTVVhC5HEqpI9Wwvb
XK5O0uA3Wd61C1HtQC1CdxXE5fFcumMfSzm0j4edib1OpsYB0Bq/oR9DO7N9k8S5
BpeS0+NJNJtoCRAuoTdYjYQLYWA3H90i5jkD1F/lP/gff0svbzT7OaTjKx35jtMe
d/gWpC5FIWoxZAgMQ8DiHXN/1n00pg1lxCV3/XElT4GxehBzLOljP+7bup/bAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUWCKi8lw9gnbG+ABuWMANUdKUjYMwHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMx
M2E2MjMwMzA2MjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzMjMxMzQzOS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoRKcGwCzANBgkqhkiG9w0BAQsFAAOCAQEAH1kJmpNdTXC1GFlB
EDAGwqPy3o8H9JXgwYSUwOanpQKjlFkxxhsrl6TfYxTTHFAI14hiN2JWhX9T79iy
n1la1rWj16LE8XNBc2vQOFFJ/KXA+bCHZM+laVQCYM+UirbJaHm0QSHxn/Mw1ejl
n8RT6bHHDq0oCstM83N9U+LTMUpbs5sjZqt9CzNOq1QI3Ub+YMd2C4m8m3Q8jdx7
1Ye6Ihh7AlfwyHKjey9Cg03QDZXzq5MVlVFI7gELdZL+C9b2onz+HIkCVcqbrtt1
N7YksZOJdu4q9IDfubj4CApWUIRXZZ7kprzVYb2hYO9aFhlJ/J8DmmEaBzvt9TiG
7kDs3A==
-----END CERTIFICATE-----
Generated at Thu Apr 30 15:41:16 2026 by rpki-client