Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963343a623030623a3a2f34382d3438203d3e20323132313439.roa
File: 326131313a323963343a623030623a3a2f34382d3438203d3e20323132313439.roa (raw, json)
Hash identifier: g8OTi86/6R9UvNqqXrpMAvi2Nds+pz7r7q0aA3yWRPA=
Subject key identifier: A6:C6:AD:A5:F8:5B:47:A6:80:3A:B2:E9:B7:E4:E6:40:18:9B:7A:6A
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 2C93281D3416E62B3521A9D68EE6B1A6B1086F25
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963343a623030623a3a2f34382d3438203d3e20323132313439.roa
Signing time: Wed 22 Apr 2026 14:22:50 +0000
ROA not before: Wed 22 Apr 2026 14:17:50 +0000
ROA not after: Wed 21 Apr 2027 14:22:50 +0000
asID: 212149
IP address blocks: 2a11:29c4:b00b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 Apr 2026 20:56:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:93:28:1d:34:16:e6:2b:35:21:a9:d6:8e:e6:b1:a6:b1:08:6f:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: Apr 22 14:17:50 2026 GMT
Not After : Apr 21 14:22:50 2027 GMT
Subject: CN=A6C6ADA5F85B47A6803AB2E9B7E4E640189B7A6A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:01:7e:86:fc:d8:71:1c:9b:db:13:10:94:42:
87:01:fc:4d:6c:66:15:71:ec:5d:93:01:a3:7c:5f:
2c:b4:7b:5a:2e:9c:a6:d4:6b:93:56:53:8b:c4:b8:
af:33:7c:8e:b8:dc:15:7f:e0:91:ff:65:02:6b:71:
d7:01:c5:f7:b7:27:de:78:6d:66:ad:1e:bf:d7:07:
72:0f:ca:81:f3:ca:59:01:c8:85:0f:7b:b8:53:c2:
03:6e:76:90:c7:37:32:58:9a:06:92:5c:56:95:17:
56:ae:54:46:40:3f:8d:81:8e:e2:cd:d4:39:f1:a3:
4b:84:ee:fc:1d:9a:d1:0c:04:ef:58:a0:1a:1c:7c:
37:9f:be:eb:3e:04:99:48:b9:4a:ff:d1:58:44:9b:
92:63:8b:76:6b:d8:fa:71:9e:65:c2:39:f6:9c:78:
03:a3:86:67:57:65:3c:8c:10:5f:56:1f:64:bf:26:
34:25:2b:a0:76:67:f8:55:e4:5c:ad:28:58:98:33:
cf:42:b1:36:fe:93:cb:91:96:47:b2:2f:ac:c8:3e:
06:bd:a6:99:65:01:42:4a:af:98:eb:e8:60:4a:dd:
a1:9f:0d:ef:48:65:dc:3e:05:15:b7:cc:7f:b7:46:
39:8d:85:ac:6e:bd:9a:c6:32:17:f3:b1:f2:f5:f4:
96:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:C6:AD:A5:F8:5B:47:A6:80:3A:B2:E9:B7:E4:E6:40:18:9B:7A:6A
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963343a623030623a3a2f34382d3438203d3e20323132313439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c4:b00b::/48
Signature Algorithm: sha256WithRSAEncryption
55:5e:e7:dd:f0:8e:b9:91:ba:b7:b5:67:1d:28:ad:b1:e8:f5:
24:b2:78:06:68:11:e4:93:67:16:9d:cc:91:89:91:9e:a0:8d:
59:24:f9:0a:dd:a2:c2:a6:fb:cf:e5:db:7f:62:ac:a4:40:2e:
bd:d0:4a:e2:d3:c3:36:20:cc:55:27:f7:bf:d0:6b:bb:4d:d6:
5d:75:c0:d7:eb:58:32:97:e2:55:30:db:fb:cf:63:e3:ff:97:
1b:d3:f8:d4:8d:50:cc:5e:25:b7:bd:6e:d8:b0:ae:c0:e2:d8:
a8:10:c6:7e:6f:c2:79:4c:69:5a:30:4c:dd:57:8b:03:8c:a4:
89:42:e3:90:22:29:bb:36:ae:1f:a3:6d:8d:56:59:f8:ec:b4:
7b:fe:34:10:8c:1c:d9:ec:1b:85:f7:26:4c:b3:79:9f:61:62:
62:18:de:46:1e:5d:ce:38:05:dd:78:e5:1f:96:67:cf:75:75:
58:57:ce:27:9f:9a:5d:ac:21:21:61:63:bc:09:35:5e:3c:a0:
e6:0b:06:2b:6d:ce:eb:80:33:56:c2:df:db:6a:9f:77:6e:8a:
bf:1a:f6:66:94:99:53:12:50:0f:8e:99:ed:ab:84:d6:64:14:
05:5c:46:a1:e0:e7:b1:2f:46:13:3d:aa:e8:8c:64:85:82:64:
eb:19:47:5d
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIULJMoHTQW5is1IanWjuaxprEIbyUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNjA0MjIxNDE3NTBaFw0yNzA0MjExNDIyNTBaMDMxMTAvBgNV
BAMTKEE2QzZBREE1Rjg1QjQ3QTY4MDNBQjJFOUI3RTRFNjQwMTg5QjdBNkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkAX6G/NhxHJvbExCUQocB/E1s
ZhVx7F2TAaN8Xyy0e1ounKbUa5NWU4vEuK8zfI643BV/4JH/ZQJrcdcBxfe3J954
bWatHr/XB3IPyoHzylkByIUPe7hTwgNudpDHNzJYmgaSXFaVF1auVEZAP42BjuLN
1Dnxo0uE7vwdmtEMBO9YoBocfDefvus+BJlIuUr/0VhEm5Jji3Zr2PpxnmXCOfac
eAOjhmdXZTyMEF9WH2S/JjQlK6B2Z/hV5FytKFiYM89CsTb+k8uRlkeyL6zIPga9
ppllAUJKr5jr6GBK3aGfDe9IZdw+BRW3zH+3RjmNhaxuvZrGMhfzsfL19JZzAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUpsatpfhbR6aAOrLpt+TmQBibemowHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzM0
M2E2MjMwMzA2MjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzMjMxMzQzOS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoRKcSwCzANBgkqhkiG9w0BAQsFAAOCAQEAVV7n3fCOuZG6t7Vn
HSitsej1JLJ4BmgR5JNnFp3MkYmRnqCNWST5Ct2iwqb7z+Xbf2KspEAuvdBK4tPD
NiDMVSf3v9Bru03WXXXA1+tYMpfiVTDb+89j4/+XG9P41I1QzF4lt71u2LCuwOLY
qBDGfm/CeUxpWjBM3VeLA4ykiULjkCIpuzauH6NtjVZZ+Oy0e/40EIwc2ewbhfcm
TLN5n2FiYhjeRh5dzjgF3XjlH5Znz3V1WFfOJ5+aXawhIWFjvAk1Xjyg5gsGK23O
64AzVsLf22qfd26Kvxr2ZpSZUxJQD46Z7auE1mQUBVxGoeDnsS9GEz2q6IxkhYJk
6xlHXQ==
-----END CERTIFICATE-----
Generated at Mon Apr 27 10:46:30 2026 by rpki-client