Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363343a3a2f33322d3438203d3e203430393239.roa
File: 326130663a316363343a3a2f33322d3438203d3e203430393239.roa (raw, json)
Hash identifier: BYqYo2XWSQOudmogosYDmgrcAxBa+UZRqrTTJ0wPYd0=
Subject key identifier: 59:88:09:EC:6F:C6:0F:6B:53:06:51:63:FC:7B:9D:AF:34:2D:06:9A
Certificate issuer: /CN=411e2d411d687bcb4449c3df45beedc041007d94
Certificate serial: 54125532362226FCF5E59B2550311168AD58E7FA
Authority key identifier: 41:1E:2D:41:1D:68:7B:CB:44:49:C3:DF:45:BE:ED:C0:41:00:7D:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363343a3a2f33322d3438203d3e203430393239.roa
Signing time: Mon 20 Apr 2026 03:24:00 +0000
ROA not before: Mon 20 Apr 2026 03:19:00 +0000
ROA not after: Mon 19 Apr 2027 03:24:00 +0000
asID: 40929
IP address blocks: 2a0f:1cc4::/32 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.crl
rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.mft
rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 08:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:12:55:32:36:22:26:fc:f5:e5:9b:25:50:31:11:68:ad:58:e7:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=411e2d411d687bcb4449c3df45beedc041007d94
Validity
Not Before: Apr 20 03:19:00 2026 GMT
Not After : Apr 19 03:24:00 2027 GMT
Subject: CN=598809EC6FC60F6B53065163FC7B9DAF342D069A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:6e:9f:92:0d:56:60:8a:b4:ef:a3:f1:47:9c:
fe:c3:56:b6:b3:04:d8:4f:c8:4f:ba:74:4d:c5:ff:
76:cc:7a:b2:53:4d:e4:bf:3a:55:eb:03:d1:3f:e8:
29:63:2e:80:70:5d:a1:ae:d1:49:1b:a3:52:93:ac:
68:55:c2:93:fc:75:96:c8:36:5a:76:d5:04:03:de:
d9:15:ab:d9:92:0e:a3:a7:65:c9:43:8b:04:16:60:
e3:a8:f0:19:ad:bf:87:d0:a0:f7:23:66:11:4e:b1:
8b:ec:8f:ed:13:25:77:e3:39:86:c1:eb:8f:af:4b:
f2:86:37:86:77:86:66:b3:df:e7:54:32:d7:d3:3c:
af:6d:6f:73:c9:62:d1:f4:79:be:a4:b1:30:7e:06:
27:18:38:52:23:f3:30:32:25:ec:63:ae:a8:85:2b:
1d:7c:f9:61:ff:e6:08:e8:69:8d:cf:d9:3e:aa:e4:
d0:49:5a:bb:93:b2:fd:5d:81:61:0c:84:cb:f9:68:
86:0e:2e:e3:6b:1d:89:a2:fb:26:cb:0e:af:48:5a:
1a:31:2c:28:f4:ef:1a:05:77:21:25:8f:f0:a1:51:
8b:5c:33:80:a4:03:9b:6c:15:6a:63:ab:20:de:a3:
f2:d7:2c:56:a2:84:34:4e:71:df:89:e0:13:e6:de:
f0:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:88:09:EC:6F:C6:0F:6B:53:06:51:63:FC:7B:9D:AF:34:2D:06:9A
X509v3 Authority Key Identifier:
keyid:41:1E:2D:41:1D:68:7B:CB:44:49:C3:DF:45:BE:ED:C0:41:00:7D:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363343a3a2f33322d3438203d3e203430393239.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1cc4::/32
Signature Algorithm: sha256WithRSAEncryption
10:03:c7:26:d8:53:64:69:cb:3e:a5:94:49:3c:95:5e:12:d4:
32:9c:0f:b9:f1:3a:c6:b1:fc:31:6d:a8:a0:c1:65:bd:27:e7:
fe:9f:70:1d:63:8d:07:03:13:1f:03:a7:e3:2c:c5:66:4c:20:
cf:a9:72:eb:1a:98:46:a3:d3:07:b3:8a:e2:8f:92:35:ad:5d:
6b:b1:03:80:ca:a8:42:54:79:26:b3:6e:53:5f:e4:12:87:8d:
ca:1b:32:63:57:00:f8:e4:60:83:e6:be:9e:76:82:c3:c2:15:
33:30:d1:94:3a:9f:99:0d:13:22:6a:fb:e5:ee:22:4b:41:92:
1f:1f:10:73:e6:2b:25:6f:9b:eb:db:1a:9f:ed:54:2f:5a:59:
6b:01:2f:87:75:30:ca:25:0d:10:a4:ad:c0:32:da:cd:8f:4c:
06:22:d1:a5:1a:80:dd:dd:62:50:9f:72:ac:04:fc:cc:51:6e:
56:d8:22:90:dd:2c:45:47:38:1e:27:63:62:e6:8c:37:c9:e8:
4a:ca:6d:3a:f5:7e:34:df:67:84:aa:d7:f1:89:1b:26:95:e5:
af:34:a8:4d:b9:ab:35:4e:ff:4e:ca:fe:b7:b5:43:94:47:2f:
4e:ee:f9:ee:f9:b4:e2:81:85:6c:2e:05:f7:4e:29:ae:0d:04:
97:fe:1e:f0
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIUVBJVMjYiJvz15ZslUDERaK1Y5/owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDExZTJkNDExZDY4N2JjYjQ0NDljM2RmNDViZWVkYzA0
MTAwN2Q5NDAeFw0yNjA0MjAwMzE5MDBaFw0yNzA0MTkwMzI0MDBaMDMxMTAvBgNV
BAMTKDU5ODgwOUVDNkZDNjBGNkI1MzA2NTE2M0ZDN0I5REFGMzQyRDA2OUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCebp+SDVZgirTvo/FHnP7DVraz
BNhPyE+6dE3F/3bMerJTTeS/OlXrA9E/6CljLoBwXaGu0Ukbo1KTrGhVwpP8dZbI
Nlp21QQD3tkVq9mSDqOnZclDiwQWYOOo8Bmtv4fQoPcjZhFOsYvsj+0TJXfjOYbB
64+vS/KGN4Z3hmaz3+dUMtfTPK9tb3PJYtH0eb6ksTB+BicYOFIj8zAyJexjrqiF
Kx18+WH/5gjoaY3P2T6q5NBJWruTsv1dgWEMhMv5aIYOLuNrHYmi+ybLDq9IWhox
LCj07xoFdyElj/ChUYtcM4CkA5tsFWpjqyDeo/LXLFaihDROcd+J4BPm3vD7AgMB
AAGjggI8MIICODAdBgNVHQ4EFgQUWYgJ7G/GD2tTBlFj/HudrzQtBpowHwYDVR0j
BBgwFoAUQR4tQR1oe8tEScPfRb7twEEAfZQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGFmYjVmZTItM2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0
ZjBlLzAvNDExRTJENDExRDY4N0JDQjQ0NDlDM0RGNDVCRUVEQzA0MTAwN0Q5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1FSNHRRUjFvZTh0RVNjUGZSYjd0d0VF
QWZaUS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGFmYjVmZTIt
M2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0ZjBlLzAvMzI2MTMwNjYzYTMxNjM2MzM0
M2EzYTJmMzMzMjJkMzQzODIwM2QzZTIwMzQzMDM5MzIzOS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoP
HMQwDQYJKoZIhvcNAQELBQADggEBABADxybYU2Rpyz6llEk8lV4S1DKcD7nxOsax
/DFtqKDBZb0n5/6fcB1jjQcDEx8Dp+MsxWZMIM+pcusamEaj0weziuKPkjWtXWux
A4DKqEJUeSazblNf5BKHjcobMmNXAPjkYIPmvp52gsPCFTMw0ZQ6n5kNEyJq++Xu
IktBkh8fEHPmKyVvm+vbGp/tVC9aWWsBL4d1MMolDRCkrcAy2s2PTAYi0aUagN3d
YlCfcqwE/MxRblbYIpDdLEVHOB4nY2LmjDfJ6ErKbTr1fjTfZ4Sq1/GJGyaV5a80
qE25qzVO/07K/re1Q5RHL07u+e75tOKBhWwuBfdOKa4NBJf+HvA=
-----END CERTIFICATE-----
Generated at Mon Apr 27 16:23:54 2026 by rpki-client