Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963363a623030623a3a2f34382d3438203d3e20323132313439.roa
File: 326131313a323963363a623030623a3a2f34382d3438203d3e20323132313439.roa (raw, json)
Hash identifier: bW/YN+E1FwFGOwuICs0MqeEVOdnkDg7IfQxmOZMwQO0=
Subject key identifier: E3:4F:C8:F2:68:58:F5:AF:C3:3D:42:6E:6D:1A:1A:3A:FA:63:09:FC
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 217337BA204983A4BE19345EE37262549B91585A
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963363a623030623a3a2f34382d3438203d3e20323132313439.roa
Signing time: Wed 22 Apr 2026 14:22:49 +0000
ROA not before: Wed 22 Apr 2026 14:17:49 +0000
ROA not after: Wed 21 Apr 2027 14:22:49 +0000
asID: 212149
IP address blocks: 2a11:29c6:b00b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 Apr 2026 20:56:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:73:37:ba:20:49:83:a4:be:19:34:5e:e3:72:62:54:9b:91:58:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: Apr 22 14:17:49 2026 GMT
Not After : Apr 21 14:22:49 2027 GMT
Subject: CN=E34FC8F26858F5AFC33D426E6D1A1A3AFA6309FC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:86:a3:2a:7f:11:b2:e3:9f:84:f8:ea:5d:de:
79:1e:98:8b:c4:ea:6f:4c:f4:f4:71:38:17:01:71:
26:ae:17:16:0a:41:a3:d9:5e:2c:ac:f2:d9:be:8e:
6e:96:5f:a7:7d:4e:51:80:6e:27:36:e4:b6:61:c9:
64:af:3c:49:cd:ed:ab:3b:ed:dd:58:dd:17:aa:a4:
72:16:ec:a7:16:8f:e0:5a:b9:69:f7:15:4e:d6:96:
4a:07:ac:cc:59:9e:c3:7d:2c:46:45:06:d8:81:1f:
85:25:d5:35:d5:33:7a:e7:b1:5a:4a:c7:cc:25:d2:
c3:d2:90:5d:cb:21:7d:1e:95:65:eb:7c:2a:1f:ea:
b3:75:3b:e6:1c:26:51:31:14:f6:09:97:24:c4:28:
85:43:be:b5:87:b2:e6:e8:4c:2b:7c:18:8e:9d:8f:
6a:4e:fd:cf:98:1b:41:bc:c6:f4:be:0b:8c:7e:44:
8c:c7:92:52:ac:bb:d4:11:f1:e9:47:0e:6a:37:ca:
80:3b:fe:08:85:89:d3:2d:f4:5c:cd:10:d7:bb:df:
90:01:60:f5:dd:60:58:58:f7:f4:6e:f7:8c:0a:b6:
61:86:bb:05:f6:24:bf:07:2f:c0:e6:31:45:6a:36:
ea:b9:6e:49:f8:c9:fb:31:02:d7:ca:31:66:2b:fe:
fd:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:4F:C8:F2:68:58:F5:AF:C3:3D:42:6E:6D:1A:1A:3A:FA:63:09:FC
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963363a623030623a3a2f34382d3438203d3e20323132313439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c6:b00b::/48
Signature Algorithm: sha256WithRSAEncryption
3a:fa:dd:04:dd:52:30:47:c9:86:b9:53:4e:70:6f:33:af:e9:
d9:e4:21:f4:f9:c1:73:e0:1f:89:49:11:f4:9d:bf:b5:ac:c5:
21:3e:65:45:20:ec:a4:b6:9d:01:e2:30:f9:00:88:b1:42:2f:
76:58:09:42:0e:45:03:77:3c:32:4d:11:21:e3:90:6d:b1:6a:
82:98:06:a2:19:80:5c:2e:27:a4:a5:81:6a:5a:ff:41:bc:66:
ce:c2:cd:2b:7a:ca:c0:78:e3:51:12:21:53:87:7a:8c:cd:da:
69:87:57:30:28:e0:a4:10:e5:a3:45:d5:49:05:5a:af:bc:77:
3f:a8:28:f2:55:33:f0:89:5c:a4:d9:d0:f3:a3:66:65:2b:76:
85:5f:75:cc:44:f7:82:8e:1b:1d:1a:3e:72:50:ea:c9:8f:e7:
06:1b:c7:c3:61:65:8c:8c:61:de:9d:fd:da:3f:fc:fe:59:51:
fb:de:e7:be:a0:26:09:66:99:ea:39:85:c3:4b:aa:22:5c:09:
d5:86:cd:0d:5b:bb:0a:a3:dc:eb:6b:ab:99:ea:1c:6f:19:dd:
46:13:a7:ee:e7:3e:3a:20:ab:2f:90:75:12:9a:a7:94:b6:4d:
60:5f:b3:2c:f9:7d:8d:e1:ee:52:9f:3a:4e:d1:d4:41:2a:8c:
b9:77:52:d6
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUIXM3uiBJg6S+GTRe43JiVJuRWFowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNjA0MjIxNDE3NDlaFw0yNzA0MjExNDIyNDlaMDMxMTAvBgNV
BAMTKEUzNEZDOEYyNjg1OEY1QUZDMzNENDI2RTZEMUExQTNBRkE2MzA5RkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjhqMqfxGy45+E+Opd3nkemIvE
6m9M9PRxOBcBcSauFxYKQaPZXiys8tm+jm6WX6d9TlGAbic25LZhyWSvPEnN7as7
7d1Y3ReqpHIW7KcWj+BauWn3FU7WlkoHrMxZnsN9LEZFBtiBH4Ul1TXVM3rnsVpK
x8wl0sPSkF3LIX0elWXrfCof6rN1O+YcJlExFPYJlyTEKIVDvrWHsuboTCt8GI6d
j2pO/c+YG0G8xvS+C4x+RIzHklKsu9QR8elHDmo3yoA7/giFidMt9FzNENe735AB
YPXdYFhY9/Ru94wKtmGGuwX2JL8HL8DmMUVqNuq5bkn4yfsxAtfKMWYr/v2lAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQU40/I8mhY9a/DPUJubRoaOvpjCfwwHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzM2
M2E2MjMwMzA2MjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzMjMxMzQzOS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoRKcawCzANBgkqhkiG9w0BAQsFAAOCAQEAOvrdBN1SMEfJhrlT
TnBvM6/p2eQh9PnBc+AfiUkR9J2/tazFIT5lRSDspLadAeIw+QCIsUIvdlgJQg5F
A3c8Mk0RIeOQbbFqgpgGohmAXC4npKWBalr/QbxmzsLNK3rKwHjjURIhU4d6jM3a
aYdXMCjgpBDlo0XVSQVar7x3P6go8lUz8IlcpNnQ86NmZSt2hV91zET3go4bHRo+
clDqyY/nBhvHw2FljIxh3p392j/8/llR+97nvqAmCWaZ6jmFw0uqIlwJ1YbNDVu7
CqPc62urmeocbxndRhOn7uc+OiCrL5B1EpqnlLZNYF+zLPl9jeHuUp86TtHUQSqM
uXdS1g==
-----END CERTIFICATE-----
Generated at Mon Apr 27 10:46:30 2026 by rpki-client