Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963333a623030623a3a2f34382d3438203d3e20323132313439.roa
File: 326131313a323963333a623030623a3a2f34382d3438203d3e20323132313439.roa (raw, json)
Hash identifier: J4MlZC04wUU4r/1h8ApwhiNOO5/upl3hkHBdhDyvNO8=
Subject key identifier: C9:41:8F:D1:ED:D2:B1:1F:5D:3C:33:EE:A6:39:B9:9D:BA:84:75:3F
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 6F5B914B0CE1B4F0C9F4D42B846DBC54DCC73AD8
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963333a623030623a3a2f34382d3438203d3e20323132313439.roa
Signing time: Wed 22 Apr 2026 14:22:50 +0000
ROA not before: Wed 22 Apr 2026 14:17:50 +0000
ROA not after: Wed 21 Apr 2027 14:22:50 +0000
asID: 212149
IP address blocks: 2a11:29c3:b00b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 Apr 2026 20:56:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:5b:91:4b:0c:e1:b4:f0:c9:f4:d4:2b:84:6d:bc:54:dc:c7:3a:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: Apr 22 14:17:50 2026 GMT
Not After : Apr 21 14:22:50 2027 GMT
Subject: CN=C9418FD1EDD2B11F5D3C33EEA639B99DBA84753F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:e4:29:ba:2f:ed:60:22:94:42:1d:fb:67:2c:
95:fb:7b:4b:89:a3:c5:a5:ae:15:b2:3c:28:bd:11:
de:cf:a7:3a:93:13:3a:f0:1a:ca:7c:62:5b:ac:35:
e3:93:b7:33:fb:0e:3e:d1:bc:aa:8b:43:5f:9d:d7:
d6:69:69:17:68:a3:ca:cf:62:2b:6d:70:ce:92:b5:
7e:a6:57:4c:b6:83:3b:07:4e:0b:1a:b7:73:55:f4:
7d:47:6e:4f:16:8a:cc:e7:ea:24:15:7b:de:5d:99:
1a:ec:03:fc:be:e2:24:46:69:d2:69:a7:d0:48:21:
bd:7d:85:c6:b2:a1:b5:81:9b:9a:6d:63:95:09:a1:
30:85:ae:44:e8:55:a1:ef:98:86:b7:54:33:f6:86:
e5:5f:49:51:f5:0d:6b:58:87:e1:35:a2:08:7f:be:
85:da:b8:6d:1c:3d:57:4b:7f:e5:0d:c7:52:1c:3c:
40:0e:02:75:84:b6:c3:b9:4d:84:f5:b9:08:47:98:
a3:c6:5b:64:b2:e7:27:90:3d:bb:53:cc:90:f6:c2:
c6:29:8e:df:7e:81:6b:da:03:b3:39:c5:a5:26:79:
ab:49:61:7f:64:e3:3e:d1:c8:f9:32:df:2e:10:ba:
95:39:30:18:82:9f:28:7b:eb:42:04:86:a3:c6:b6:
0c:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:41:8F:D1:ED:D2:B1:1F:5D:3C:33:EE:A6:39:B9:9D:BA:84:75:3F
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963333a623030623a3a2f34382d3438203d3e20323132313439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c3:b00b::/48
Signature Algorithm: sha256WithRSAEncryption
7d:3d:b9:e7:de:6d:6b:6f:fc:56:c0:e5:90:b4:ce:1c:00:0d:
8c:66:95:ff:7a:87:55:02:d0:0e:0a:3f:16:c6:96:90:3a:f3:
67:db:1f:a9:38:cd:83:f6:47:f5:39:f3:c5:7c:00:4c:24:4e:
95:bc:52:ea:4b:dc:df:35:71:3a:05:eb:f9:ce:4d:bf:03:5c:
69:2a:96:14:dd:74:9f:f3:84:e8:25:3a:6f:78:d3:9e:43:33:
d0:40:59:5f:3a:27:6f:ff:d0:d2:cd:f6:69:ea:bc:8d:86:c5:
05:ec:b7:54:9a:d7:c1:b7:cc:6e:7c:27:7b:b8:70:ef:a1:82:
5f:01:a3:25:ee:f1:a4:17:8a:09:22:c8:c7:5a:1f:e7:14:16:
75:0e:73:64:76:27:9e:d9:e8:a1:6b:48:0d:d0:31:a8:15:49:
bb:2d:6e:c4:0c:71:b1:26:e1:c4:ec:15:d8:4b:3b:b2:fc:a8:
63:eb:d2:b0:4a:39:ca:d0:30:7e:a5:60:e7:06:2a:23:4b:eb:
a4:c9:31:b8:3b:a8:69:97:cb:de:da:ba:ed:c4:e6:14:a3:14:
9c:10:6f:79:06:cf:54:63:d1:cc:e4:b2:e1:7f:8e:e6:87:fa:
00:00:9b:95:e4:7d:54:e3:d9:5c:2a:1e:af:8a:f9:46:02:ec:
89:e9:4a:8b
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUb1uRSwzhtPDJ9NQrhG28VNzHOtgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNjA0MjIxNDE3NTBaFw0yNzA0MjExNDIyNTBaMDMxMTAvBgNV
BAMTKEM5NDE4RkQxRUREMkIxMUY1RDNDMzNFRUE2MzlCOTlEQkE4NDc1M0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDt5Cm6L+1gIpRCHftnLJX7e0uJ
o8WlrhWyPCi9Ed7PpzqTEzrwGsp8YlusNeOTtzP7Dj7RvKqLQ1+d19ZpaRdoo8rP
YittcM6StX6mV0y2gzsHTgsat3NV9H1Hbk8Wiszn6iQVe95dmRrsA/y+4iRGadJp
p9BIIb19hcayobWBm5ptY5UJoTCFrkToVaHvmIa3VDP2huVfSVH1DWtYh+E1ogh/
voXauG0cPVdLf+UNx1IcPEAOAnWEtsO5TYT1uQhHmKPGW2Sy5yeQPbtTzJD2wsYp
jt9+gWvaA7M5xaUmeatJYX9k4z7RyPky3y4QupU5MBiCnyh760IEhqPGtgy5AgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUyUGP0e3SsR9dPDPupjm5nbqEdT8wHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMz
M2E2MjMwMzA2MjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzMjMxMzQzOS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoRKcOwCzANBgkqhkiG9w0BAQsFAAOCAQEAfT25595ta2/8VsDl
kLTOHAANjGaV/3qHVQLQDgo/FsaWkDrzZ9sfqTjNg/ZH9TnzxXwATCROlbxS6kvc
3zVxOgXr+c5NvwNcaSqWFN10n/OE6CU6b3jTnkMz0EBZXzonb//Q0s32aeq8jYbF
Bey3VJrXwbfMbnwne7hw76GCXwGjJe7xpBeKCSLIx1of5xQWdQ5zZHYnntnooWtI
DdAxqBVJuy1uxAxxsSbhxOwV2Es7svyoY+vSsEo5ytAwfqVg5wYqI0vrpMkxuDuo
aZfL3tq67cTmFKMUnBBveQbPVGPRzOSy4X+O5of6AACbleR9VOPZXCoer4r5RgLs
ielKiw==
-----END CERTIFICATE-----
Generated at Mon Apr 27 10:46:29 2026 by rpki-client