Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963323a623030623a3a2f34382d3438203d3e20323132313439.roa
File: 326131313a323963323a623030623a3a2f34382d3438203d3e20323132313439.roa (raw, json)
Hash identifier: slqBy1sT7BHldH44t5LYn/XeFz3TObY9EneCpxQ1iio=
Subject key identifier: 8C:49:27:3F:12:9D:A1:BC:49:07:D6:A7:AE:24:06:AC:21:A0:8A:45
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 42A898A41D2FE26A1D5A8795613649E02EDC693F
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963323a623030623a3a2f34382d3438203d3e20323132313439.roa
Signing time: Wed 22 Apr 2026 14:22:48 +0000
ROA not before: Wed 22 Apr 2026 14:17:48 +0000
ROA not after: Wed 21 Apr 2027 14:22:48 +0000
asID: 212149
IP address blocks: 2a11:29c2:b00b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 Apr 2026 20:56:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:a8:98:a4:1d:2f:e2:6a:1d:5a:87:95:61:36:49:e0:2e:dc:69:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: Apr 22 14:17:48 2026 GMT
Not After : Apr 21 14:22:48 2027 GMT
Subject: CN=8C49273F129DA1BC4907D6A7AE2406AC21A08A45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:6b:da:71:9c:84:f3:5d:d3:a9:07:2c:4c:b2:
34:39:04:a0:be:c4:56:cc:55:84:37:d2:b5:33:8e:
7f:fc:90:01:24:dc:dd:5f:d9:15:73:95:da:c3:da:
e5:64:92:2d:d8:67:b2:6f:77:87:e4:cf:23:da:fe:
8b:19:99:49:df:50:d0:00:4a:2f:b1:16:dc:90:4f:
44:29:9a:a8:5c:d3:3a:cf:b5:c3:f0:32:87:bc:32:
9b:1f:47:90:17:a5:54:dd:06:f5:70:6c:fc:ba:9e:
c1:4d:29:45:82:20:c3:44:aa:5e:23:bb:4d:47:ac:
bd:d9:87:b5:0d:79:81:a5:4e:07:0b:75:f6:60:3c:
b5:68:5f:02:a4:1d:c1:a4:fc:ca:bc:4f:86:64:a1:
fc:49:57:7a:40:22:e9:f8:92:01:ec:36:3c:91:bf:
18:82:ca:7b:ec:ed:b0:8c:48:41:0b:ab:ef:c9:67:
15:29:17:85:b3:a9:13:db:be:46:65:54:c2:40:e1:
51:b0:25:e4:a3:39:95:8a:f0:f1:67:ce:e5:c6:d1:
f2:9b:06:dd:05:1a:4b:e8:f5:f7:84:14:56:5c:f2:
b4:37:c1:46:e1:1d:15:b2:4c:02:5a:4e:48:82:4b:
de:48:ab:12:50:01:c8:04:cc:30:54:38:73:25:d7:
e8:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:49:27:3F:12:9D:A1:BC:49:07:D6:A7:AE:24:06:AC:21:A0:8A:45
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963323a623030623a3a2f34382d3438203d3e20323132313439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c2:b00b::/48
Signature Algorithm: sha256WithRSAEncryption
14:92:0e:7d:a9:42:d3:73:c0:51:2a:a2:6d:28:cf:9a:df:23:
58:63:94:10:9e:4e:e2:c4:36:98:5c:32:64:17:89:1c:6c:e2:
0f:8b:0c:55:e0:6d:9b:94:aa:95:d7:73:e8:b9:14:38:f7:ab:
72:44:36:08:95:da:09:67:65:b9:33:80:0f:f6:36:0d:88:76:
98:08:62:cc:27:82:0e:c4:eb:69:96:10:ba:37:e7:b0:81:de:
d2:5f:78:a5:8b:52:fe:35:78:89:50:c0:8c:01:bc:45:eb:48:
1d:b5:dc:3b:d5:fc:73:b8:8f:b6:e6:81:2b:7f:3d:f6:0d:2c:
86:2a:15:88:50:1c:96:7d:c1:e8:47:b3:7d:86:86:2e:f5:0d:
f8:8b:b7:cf:9e:75:e3:e5:e8:94:2d:49:a7:a9:a8:a4:6d:f3:
79:6b:94:85:96:37:b0:48:43:ae:6c:95:e0:69:4e:a7:25:94:
12:62:e0:07:29:17:bd:5a:ed:8f:3d:2a:50:37:98:18:ad:91:
22:a3:c8:ce:ae:09:2e:04:a9:96:b8:7d:f9:8b:b8:f2:7b:3f:
32:71:d2:26:ec:31:27:e9:7f:45:fd:1d:e1:b0:dd:f2:58:fc:
29:a5:ad:33:53:dd:e8:ba:52:4d:4b:0b:ae:41:fa:73:f6:84:
5a:57:bf:b4
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUQqiYpB0v4modWoeVYTZJ4C7caT8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNjA0MjIxNDE3NDhaFw0yNzA0MjExNDIyNDhaMDMxMTAvBgNV
BAMTKDhDNDkyNzNGMTI5REExQkM0OTA3RDZBN0FFMjQwNkFDMjFBMDhBNDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEa9pxnITzXdOpByxMsjQ5BKC+
xFbMVYQ30rUzjn/8kAEk3N1f2RVzldrD2uVkki3YZ7Jvd4fkzyPa/osZmUnfUNAA
Si+xFtyQT0Qpmqhc0zrPtcPwMoe8MpsfR5AXpVTdBvVwbPy6nsFNKUWCIMNEql4j
u01HrL3Zh7UNeYGlTgcLdfZgPLVoXwKkHcGk/Mq8T4ZkofxJV3pAIun4kgHsNjyR
vxiCynvs7bCMSEELq+/JZxUpF4WzqRPbvkZlVMJA4VGwJeSjOZWK8PFnzuXG0fKb
Bt0FGkvo9feEFFZc8rQ3wUbhHRWyTAJaTkiCS95IqxJQAcgEzDBUOHMl1+iJAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUjEknPxKdobxJB9anriQGrCGgikUwHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMy
M2E2MjMwMzA2MjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzMjMxMzQzOS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoRKcKwCzANBgkqhkiG9w0BAQsFAAOCAQEAFJIOfalC03PAUSqi
bSjPmt8jWGOUEJ5O4sQ2mFwyZBeJHGziD4sMVeBtm5Sqlddz6LkUOPerckQ2CJXa
CWdluTOAD/Y2DYh2mAhizCeCDsTraZYQujfnsIHe0l94pYtS/jV4iVDAjAG8RetI
HbXcO9X8c7iPtuaBK3899g0shioViFAcln3B6EezfYaGLvUN+Iu3z5514+XolC1J
p6mopG3zeWuUhZY3sEhDrmyV4GlOpyWUEmLgBykXvVrtjz0qUDeYGK2RIqPIzq4J
LgSplrh9+Yu48ns/MnHSJuwxJ+l/Rf0d4bDd8lj8KaWtM1Pd6LpSTUsLrkH6c/aE
Wle/tA==
-----END CERTIFICATE-----
Generated at Mon Apr 27 10:46:30 2026 by rpki-client