Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363313a3a2f33322d3438203d3e20323134303236.roa
File: 326130663a316363313a3a2f33322d3438203d3e20323134303236.roa (raw, json)
Hash identifier: 8gKKL8oMSwgdEic+s7ZwhftJw6KCb+iX9uq6UBRozgI=
Subject key identifier: 77:70:F5:CF:F2:F7:30:DA:0D:F6:96:F6:D1:0D:C1:CD:25:A1:62:64
Certificate issuer: /CN=1be240021a287f298973d9ea28dfc80735fd5800
Certificate serial: 7D60FBF2BEC3B8A78C080A4B24236E39A7693A56
Authority key identifier: 1B:E2:40:02:1A:28:7F:29:89:73:D9:EA:28:DF:C8:07:35:FD:58:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363313a3a2f33322d3438203d3e20323134303236.roa
Signing time: Tue 02 Jun 2026 12:18:28 +0000
ROA not before: Tue 02 Jun 2026 12:13:28 +0000
ROA not after: Tue 01 Jun 2027 12:18:28 +0000
asID: 214026
IP address blocks: 2a0f:1cc1::/32 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.crl
rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.mft
rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Jun 2026 04:00:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:60:fb:f2:be:c3:b8:a7:8c:08:0a:4b:24:23:6e:39:a7:69:3a:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1be240021a287f298973d9ea28dfc80735fd5800
Validity
Not Before: Jun 2 12:13:28 2026 GMT
Not After : Jun 1 12:18:28 2027 GMT
Subject: CN=7770F5CFF2F730DA0DF696F6D10DC1CD25A16264
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:fb:2b:62:33:38:ff:67:4b:95:6e:4e:94:41:
b3:b7:96:0c:7c:f5:59:3c:32:36:ab:a1:a7:4a:2f:
e1:ba:9d:ac:95:c6:40:fd:be:43:af:be:e1:85:60:
0d:42:82:b5:b4:09:25:ac:b8:62:ef:b9:f0:40:f0:
e4:ea:fe:2b:af:98:ea:19:70:20:5f:0d:ee:1a:d3:
5b:f0:2e:af:6c:39:45:a5:a5:cb:1f:09:0b:0c:a8:
1e:ea:56:f2:7b:14:d6:63:16:6c:96:ad:ec:27:69:
38:70:9f:7c:05:7e:bd:8c:42:c6:bc:06:f1:f5:03:
c1:29:27:80:35:63:1d:11:82:b5:de:3d:b0:fa:4c:
22:62:f6:99:13:ce:49:86:21:05:15:a2:07:04:d9:
58:92:50:b3:07:c7:eb:5b:07:90:8d:6a:e2:d6:cc:
7c:ee:31:bc:00:0c:f9:cc:96:d4:e3:41:69:f9:81:
71:92:d1:d1:2b:0e:5f:25:c3:ba:31:30:1b:39:4c:
67:d0:b0:fc:77:d6:0c:92:e9:08:26:f3:29:c7:97:
40:9e:f2:2b:39:ef:0a:49:bc:6e:ca:17:fc:38:2a:
75:8c:4b:6f:aa:82:5b:f7:7f:35:47:a3:9d:e6:80:
2d:b3:dd:3f:7d:50:9d:86:e4:d1:47:87:33:11:d8:
51:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:70:F5:CF:F2:F7:30:DA:0D:F6:96:F6:D1:0D:C1:CD:25:A1:62:64
X509v3 Authority Key Identifier:
keyid:1B:E2:40:02:1A:28:7F:29:89:73:D9:EA:28:DF:C8:07:35:FD:58:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363313a3a2f33322d3438203d3e20323134303236.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1cc1::/32
Signature Algorithm: sha256WithRSAEncryption
52:41:be:f8:e2:86:de:a5:5f:d9:31:4a:6a:a7:0e:88:4c:c1:
d6:ba:7d:6b:0f:d6:a7:40:d7:63:46:f5:bb:b9:af:a8:74:50:
57:2e:10:12:8e:4e:a8:b0:8a:9c:3c:d8:10:a1:c9:8a:d4:2f:
fe:4e:ee:5b:a8:98:8f:c0:72:0a:82:50:2c:c5:7e:74:3d:65:
2b:47:e0:a7:a5:cf:6c:4c:2c:b2:ee:ff:85:1b:bd:1a:33:33:
bb:8e:60:85:78:f9:da:1c:0b:d6:e0:2b:bf:3a:3f:97:d1:5d:
2e:1a:b9:94:6e:87:45:57:ae:01:87:64:33:e3:8c:4c:66:d7:
2f:98:f1:26:02:ca:ec:55:af:1b:4d:62:a8:21:84:9c:08:65:
f0:5f:f7:b2:69:c3:c6:0b:df:4e:20:ce:6f:27:ed:c9:45:e9:
03:b7:0a:f6:ba:a0:85:83:2e:72:97:93:c0:0a:67:fa:e2:f8:
b4:ed:f1:6a:27:d7:79:56:3f:3e:96:6a:70:47:28:87:d0:41:
99:b1:08:58:c9:0c:07:fa:fa:02:45:25:06:31:8d:d7:ea:5b:
09:f6:94:7e:67:54:ea:75:93:97:a8:a9:4f:35:97:fd:ad:77:
1b:33:62:93:72:d1:dc:e4:41:43:7c:9c:36:8d:e7:c2:23:3f:
ed:ac:30:d9
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIUfWD78r7DuKeMCApLJCNuOadpOlYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMWJlMjQwMDIxYTI4N2YyOTg5NzNkOWVhMjhkZmM4MDcz
NWZkNTgwMDAeFw0yNjA2MDIxMjEzMjhaFw0yNzA2MDExMjE4MjhaMDMxMTAvBgNV
BAMTKDc3NzBGNUNGRjJGNzMwREEwREY2OTZGNkQxMERDMUNEMjVBMTYyNjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCU+ytiMzj/Z0uVbk6UQbO3lgx8
9Vk8MjaroadKL+G6nayVxkD9vkOvvuGFYA1CgrW0CSWsuGLvufBA8OTq/iuvmOoZ
cCBfDe4a01vwLq9sOUWlpcsfCQsMqB7qVvJ7FNZjFmyWrewnaThwn3wFfr2MQsa8
BvH1A8EpJ4A1Yx0RgrXePbD6TCJi9pkTzkmGIQUVogcE2ViSULMHx+tbB5CNauLW
zHzuMbwADPnMltTjQWn5gXGS0dErDl8lw7oxMBs5TGfQsPx31gyS6Qgm8ynHl0Ce
8is57wpJvG7KF/w4KnWMS2+qglv3fzVHo53mgC2z3T99UJ2G5NFHhzMR2FE1AgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQUd3D1z/L3MNoN9pb20Q3BzSWhYmQwHwYDVR0j
BBgwFoAUG+JAAhoofymJc9nqKN/IBzX9WAAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGFmYjVmZTItM2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0
ZjBlLzAvMUJFMjQwMDIxQTI4N0YyOTg5NzNEOUVBMjhERkM4MDczNUZENTgwMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0ctSkFBaG9vZnltSmM5bnFLTl9JQnpY
OVdBQS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGFmYjVmZTIt
M2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0ZjBlLzAvMzI2MTMwNjYzYTMxNjM2MzMx
M2EzYTJmMzMzMjJkMzQzODIwM2QzZTIwMzIzMTM0MzAzMjM2LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUA
Kg8cwTANBgkqhkiG9w0BAQsFAAOCAQEAUkG++OKG3qVf2TFKaqcOiEzB1rp9aw/W
p0DXY0b1u7mvqHRQVy4QEo5OqLCKnDzYEKHJitQv/k7uW6iYj8ByCoJQLMV+dD1l
K0fgp6XPbEwssu7/hRu9GjMzu45ghXj52hwL1uArvzo/l9FdLhq5lG6HRVeuAYdk
M+OMTGbXL5jxJgLK7FWvG01iqCGEnAhl8F/3smnDxgvfTiDObyftyUXpA7cK9rqg
hYMucpeTwApn+uL4tO3xaifXeVY/PpZqcEcoh9BBmbEIWMkMB/r6AkUlBjGN1+pb
CfaUfmdU6nWTl6ipTzWX/a13GzNik3LR3ORBQ3ycNo3nwiM/7aww2Q==
-----END CERTIFICATE-----
Generated at Sat Jun 6 12:09:21 2026 by rpki-client