Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963353a623030623a3a2f34382d3438203d3e20323132313439.roa
File: 326131313a323963353a623030623a3a2f34382d3438203d3e20323132313439.roa (raw, json)
Hash identifier: FT91pSoMZQLmeTdogn5INSwN23HTh2zChPVsHuZqwgo=
Subject key identifier: 18:34:40:33:68:33:AE:29:4C:4C:06:FA:D7:38:6D:5D:A4:BA:28:EB
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 6525FA3092CA41E0001198B506723A28AECB7FB9
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963353a623030623a3a2f34382d3438203d3e20323132313439.roa
Signing time: Wed 22 Apr 2026 14:22:50 +0000
ROA not before: Wed 22 Apr 2026 14:17:50 +0000
ROA not after: Wed 21 Apr 2027 14:22:50 +0000
asID: 212149
IP address blocks: 2a11:29c5:b00b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 Apr 2026 20:56:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:25:fa:30:92:ca:41:e0:00:11:98:b5:06:72:3a:28:ae:cb:7f:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: Apr 22 14:17:50 2026 GMT
Not After : Apr 21 14:22:50 2027 GMT
Subject: CN=183440336833AE294C4C06FAD7386D5DA4BA28EB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:0a:2d:33:e9:6d:81:d6:52:d9:a3:4e:0e:be:
08:63:73:05:92:0f:6e:c8:df:e6:f0:53:b2:7f:14:
1d:08:dd:81:87:46:ad:60:3a:2e:0c:15:da:05:ab:
c6:24:64:4d:8f:ac:34:9e:a2:36:a5:be:10:a1:2a:
ed:a6:1e:41:22:32:d6:1e:af:cb:da:33:d2:77:6c:
f9:89:90:62:5e:16:dc:35:18:b3:41:84:fe:56:33:
04:e8:d8:b3:a3:4d:56:34:65:90:1b:c8:97:cf:f7:
6f:8e:be:e6:dc:6e:9c:45:9d:6b:0f:d9:4d:b5:29:
93:5d:c6:e7:6d:28:87:bf:c0:51:f1:12:cd:53:02:
79:02:ab:8f:e3:fa:02:5b:ec:75:06:2e:3d:56:5e:
9c:31:27:c2:84:38:5b:4d:66:ab:3a:34:1c:8c:74:
35:28:b6:9f:86:0d:46:d8:53:d9:74:cb:a5:88:f8:
25:5c:d5:f8:9f:ff:31:c4:34:2a:5d:93:d9:87:8a:
9d:22:9f:b2:94:9f:ac:6f:bb:ea:03:ad:bc:3a:fe:
14:5c:7c:af:e1:e3:a8:fd:44:a0:92:b5:b1:72:65:
d7:ec:63:7f:fb:cc:45:4c:d5:7a:a6:54:e6:13:e4:
18:44:a3:47:c7:c6:af:bb:26:c2:9c:80:54:a1:92:
0f:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:34:40:33:68:33:AE:29:4C:4C:06:FA:D7:38:6D:5D:A4:BA:28:EB
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963353a623030623a3a2f34382d3438203d3e20323132313439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c5:b00b::/48
Signature Algorithm: sha256WithRSAEncryption
81:31:76:30:54:f4:d9:88:39:83:d0:b0:79:88:c8:02:91:4c:
16:16:b9:03:25:02:ea:2a:95:ab:b2:fe:94:d5:57:bd:ab:4f:
8a:f2:81:88:09:e2:9e:89:80:5a:d1:5d:97:38:16:90:f3:c2:
db:78:fb:bb:7b:ab:2e:b2:a6:ca:4b:d7:08:33:3a:6e:cd:9f:
e9:09:1b:7a:df:2f:ce:42:9b:5c:fb:9a:a7:eb:90:53:c6:2f:
20:ca:d0:5e:41:81:d7:82:dc:c9:db:31:c2:0a:15:c4:35:17:
5a:cc:f8:09:7b:27:db:db:ac:b0:fa:5d:33:cc:02:36:54:ab:
28:8c:8f:3d:f0:85:a9:09:0c:7c:1a:85:41:c2:5e:6c:f4:bd:
c6:9a:65:e5:e0:e7:9f:9a:79:43:8d:de:e3:b5:63:ca:d1:e0:
29:65:2d:74:a5:71:1b:f5:b8:5b:82:af:29:7c:66:09:b8:d7:
99:d7:e3:8b:2b:fb:77:4a:78:dd:1c:0d:e1:ed:56:c2:53:31:
ef:ba:ba:c5:df:73:01:ac:53:b7:9b:1b:ed:14:3b:c3:30:8c:
b4:26:0d:7e:17:d8:a5:b2:64:d6:62:bf:e5:42:d1:d2:00:82:
02:fb:5c:4a:bb:ee:f0:68:99:f5:2a:cf:87:da:82:27:4c:8a:
c8:6c:90:24
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUZSX6MJLKQeAAEZi1BnI6KK7Lf7kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNjA0MjIxNDE3NTBaFw0yNzA0MjExNDIyNTBaMDMxMTAvBgNV
BAMTKDE4MzQ0MDMzNjgzM0FFMjk0QzRDMDZGQUQ3Mzg2RDVEQTRCQTI4RUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsCi0z6W2B1lLZo04OvghjcwWS
D27I3+bwU7J/FB0I3YGHRq1gOi4MFdoFq8YkZE2PrDSeojalvhChKu2mHkEiMtYe
r8vaM9J3bPmJkGJeFtw1GLNBhP5WMwTo2LOjTVY0ZZAbyJfP92+OvubcbpxFnWsP
2U21KZNdxudtKIe/wFHxEs1TAnkCq4/j+gJb7HUGLj1WXpwxJ8KEOFtNZqs6NByM
dDUotp+GDUbYU9l0y6WI+CVc1fif/zHENCpdk9mHip0in7KUn6xvu+oDrbw6/hRc
fK/h46j9RKCStbFyZdfsY3/7zEVM1XqmVOYT5BhEo0fHxq+7JsKcgFShkg9bAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUGDRAM2gzrilMTAb61zhtXaS6KOswHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzM1
M2E2MjMwMzA2MjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzMjMxMzQzOS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoRKcWwCzANBgkqhkiG9w0BAQsFAAOCAQEAgTF2MFT02Yg5g9Cw
eYjIApFMFha5AyUC6iqVq7L+lNVXvatPivKBiAninomAWtFdlzgWkPPC23j7u3ur
LrKmykvXCDM6bs2f6Qkbet8vzkKbXPuap+uQU8YvIMrQXkGB14LcydsxwgoVxDUX
Wsz4CXsn29ussPpdM8wCNlSrKIyPPfCFqQkMfBqFQcJebPS9xppl5eDnn5p5Q43e
47VjytHgKWUtdKVxG/W4W4KvKXxmCbjXmdfjiyv7d0p43RwN4e1WwlMx77q6xd9z
AaxTt5sb7RQ7wzCMtCYNfhfYpbJk1mK/5ULR0gCCAvtcSrvu8GiZ9SrPh9qCJ0yK
yGyQJA==
-----END CERTIFICATE-----
Generated at Mon Apr 27 10:46:30 2026 by rpki-client