Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363343a3a2f33322d3438203d3e203430393239.roa
File: 326130663a316363343a3a2f33322d3438203d3e203430393239.roa (raw, json)
Hash identifier: fxS3/SDV+p+/vfrjI53288DAhI/yXLZcGXRRnOyZcaE=
Subject key identifier: E4:CB:FF:5B:61:2A:51:78:D4:1F:35:56:1C:6E:75:FC:B8:41:A7:51
Certificate issuer: /CN=1be240021a287f298973d9ea28dfc80735fd5800
Certificate serial: 798CD21AB83272645027496A39D76A1A0E726725
Authority key identifier: 1B:E2:40:02:1A:28:7F:29:89:73:D9:EA:28:DF:C8:07:35:FD:58:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363343a3a2f33322d3438203d3e203430393239.roa
Signing time: Tue 02 Jun 2026 12:18:21 +0000
ROA not before: Tue 02 Jun 2026 12:13:21 +0000
ROA not after: Tue 01 Jun 2027 12:18:21 +0000
asID: 40929
IP address blocks: 2a0f:1cc4::/32 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.crl
rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.mft
rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 10:05:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:8c:d2:1a:b8:32:72:64:50:27:49:6a:39:d7:6a:1a:0e:72:67:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1be240021a287f298973d9ea28dfc80735fd5800
Validity
Not Before: Jun 2 12:13:21 2026 GMT
Not After : Jun 1 12:18:21 2027 GMT
Subject: CN=E4CBFF5B612A5178D41F35561C6E75FCB841A751
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:33:b7:56:1a:1a:38:31:31:89:9d:1c:da:8c:
11:b2:8f:7f:e2:63:94:5f:3e:29:d1:64:47:45:85:
fe:91:f7:e4:b6:46:3c:60:14:b8:cf:98:04:73:d2:
bd:69:e2:b6:c5:a0:43:b8:b5:e7:51:e5:a6:77:73:
b8:85:f1:1a:0a:cd:dd:f7:55:76:ff:cd:d3:db:f5:
26:49:0c:7e:c8:49:f1:1e:6d:77:3a:87:56:cd:8e:
94:80:d4:46:05:72:77:e9:91:0b:1f:8e:28:e3:df:
06:44:20:f4:00:5d:90:fd:9a:a4:b1:50:fc:7e:ad:
f6:29:77:51:70:5a:d5:15:43:b7:0f:17:cb:9a:a9:
51:03:a7:ab:e9:49:46:65:1c:12:47:19:2c:73:3c:
d0:d1:9f:e8:cf:1a:fa:4a:c6:f9:82:2f:04:10:c3:
fc:6b:c1:2f:c8:99:c5:5d:63:f3:4c:34:77:70:d1:
33:a7:b9:48:d1:3b:5f:c6:c4:72:cd:5a:49:61:11:
20:2b:0b:c9:47:5b:10:43:65:17:58:ea:82:9b:f1:
07:e6:de:a1:94:24:89:26:12:cb:35:ce:b9:b2:88:
6e:aa:1f:a4:45:8e:84:40:9c:7b:99:6b:ae:56:86:
3b:4c:88:be:17:e9:fb:04:d5:39:e8:a9:5a:b2:a7:
d6:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:CB:FF:5B:61:2A:51:78:D4:1F:35:56:1C:6E:75:FC:B8:41:A7:51
X509v3 Authority Key Identifier:
keyid:1B:E2:40:02:1A:28:7F:29:89:73:D9:EA:28:DF:C8:07:35:FD:58:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363343a3a2f33322d3438203d3e203430393239.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1cc4::/32
Signature Algorithm: sha256WithRSAEncryption
20:91:5a:68:7a:1c:a6:11:d0:19:27:92:a9:2f:52:0d:70:ce:
66:14:f0:03:c7:95:e6:21:38:a5:1d:96:c7:48:a8:98:34:b5:
c5:c9:cf:76:b5:d0:14:68:ed:4d:ca:b9:b1:19:e2:11:a6:73:
f0:3f:67:40:1a:6f:b1:33:71:88:47:e1:32:4a:6a:aa:8a:b5:
d0:40:6e:43:f6:0d:1b:9b:b0:a9:3c:0e:93:95:c1:65:1f:46:
90:fb:1f:16:2e:fe:cf:5f:e6:8d:22:a4:70:de:70:ff:37:75:
98:f2:78:bf:db:a4:5e:59:7c:37:8e:ea:c9:55:bf:65:50:c8:
a7:c7:f9:3b:ea:1f:04:9e:8e:c4:f2:cd:e2:de:de:01:43:b7:
1c:e7:7e:0c:98:af:0a:6f:fb:5d:dd:aa:96:94:6d:46:f4:64:
7a:c2:d5:36:e1:93:55:28:fb:a2:3d:d2:92:11:fe:cc:8c:93:
d6:b6:95:1f:c8:4b:cf:28:e9:0a:42:d5:26:58:2c:15:28:bb:
00:06:97:cf:17:08:9d:e2:9e:8f:96:f7:0e:da:f0:6d:0e:50:
91:dd:ad:34:34:6d:6a:19:c7:4b:3b:8c:7d:6e:44:cc:9e:7d:
a9:df:5b:ac:8c:a6:ed:6f:88:1b:e4:f5:0e:96:70:30:89:dc:
b3:89:c4:17
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIUeYzSGrgycmRQJ0lqOddqGg5yZyUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMWJlMjQwMDIxYTI4N2YyOTg5NzNkOWVhMjhkZmM4MDcz
NWZkNTgwMDAeFw0yNjA2MDIxMjEzMjFaFw0yNzA2MDExMjE4MjFaMDMxMTAvBgNV
BAMTKEU0Q0JGRjVCNjEyQTUxNzhENDFGMzU1NjFDNkU3NUZDQjg0MUE3NTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSM7dWGho4MTGJnRzajBGyj3/i
Y5RfPinRZEdFhf6R9+S2RjxgFLjPmARz0r1p4rbFoEO4tedR5aZ3c7iF8RoKzd33
VXb/zdPb9SZJDH7ISfEebXc6h1bNjpSA1EYFcnfpkQsfjijj3wZEIPQAXZD9mqSx
UPx+rfYpd1FwWtUVQ7cPF8uaqVEDp6vpSUZlHBJHGSxzPNDRn+jPGvpKxvmCLwQQ
w/xrwS/ImcVdY/NMNHdw0TOnuUjRO1/GxHLNWklhESArC8lHWxBDZRdY6oKb8Qfm
3qGUJIkmEss1zrmyiG6qH6RFjoRAnHuZa65WhjtMiL4X6fsE1TnoqVqyp9bBAgMB
AAGjggI8MIICODAdBgNVHQ4EFgQU5Mv/W2EqUXjUHzVWHG51/LhBp1EwHwYDVR0j
BBgwFoAUG+JAAhoofymJc9nqKN/IBzX9WAAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGFmYjVmZTItM2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0
ZjBlLzAvMUJFMjQwMDIxQTI4N0YyOTg5NzNEOUVBMjhERkM4MDczNUZENTgwMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0ctSkFBaG9vZnltSmM5bnFLTl9JQnpY
OVdBQS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGFmYjVmZTIt
M2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0ZjBlLzAvMzI2MTMwNjYzYTMxNjM2MzM0
M2EzYTJmMzMzMjJkMzQzODIwM2QzZTIwMzQzMDM5MzIzOS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoP
HMQwDQYJKoZIhvcNAQELBQADggEBACCRWmh6HKYR0BknkqkvUg1wzmYU8APHleYh
OKUdlsdIqJg0tcXJz3a10BRo7U3KubEZ4hGmc/A/Z0Aab7EzcYhH4TJKaqqKtdBA
bkP2DRubsKk8DpOVwWUfRpD7HxYu/s9f5o0ipHDecP83dZjyeL/bpF5ZfDeO6slV
v2VQyKfH+TvqHwSejsTyzeLe3gFDtxznfgyYrwpv+13dqpaUbUb0ZHrC1Tbhk1Uo
+6I90pIR/syMk9a2lR/IS88o6QpC1SZYLBUouwAGl88XCJ3ino+W9w7a8G0OUJHd
rTQ0bWoZx0s7jH1uRMyefanfW6yMpu1viBvk9Q6WcDCJ3LOJxBc=
-----END CERTIFICATE-----
Generated at Fri Jun 12 00:10:41 2026 by rpki-client