Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a31303a3a2f34342d3438203d3e20313533333736.roa
File: 326130663a316363353a31303a3a2f34342d3438203d3e20313533333736.roa (raw, json)
Hash identifier: kwbq5RMMZ2w8npipyH3f3VGz/jC9lncVx3lqNfby4ZU=
Subject key identifier: 40:01:83:3F:A7:BC:B9:CB:92:C5:3E:45:54:55:E1:BB:98:95:3E:BF
Certificate issuer: /CN=1be240021a287f298973d9ea28dfc80735fd5800
Certificate serial: 5628652E85E2CDC87E420ADE3C612B94B98B3F4B
Authority key identifier: 1B:E2:40:02:1A:28:7F:29:89:73:D9:EA:28:DF:C8:07:35:FD:58:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a31303a3a2f34342d3438203d3e20313533333736.roa
Signing time: Tue 02 Jun 2026 12:18:18 +0000
ROA not before: Tue 02 Jun 2026 12:13:18 +0000
ROA not after: Tue 01 Jun 2027 12:18:18 +0000
asID: 153376
IP address blocks: 2a0f:1cc5:10::/44 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.crl
rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.mft
rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:28:65:2e:85:e2:cd:c8:7e:42:0a:de:3c:61:2b:94:b9:8b:3f:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1be240021a287f298973d9ea28dfc80735fd5800
Validity
Not Before: Jun 2 12:13:18 2026 GMT
Not After : Jun 1 12:18:18 2027 GMT
Subject: CN=4001833FA7BCB9CB92C53E455455E1BB98953EBF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:42:c6:65:55:1c:30:1e:e2:c0:65:f4:fb:a9:
03:ef:b7:fc:3a:bf:bb:9a:d2:b9:bf:d4:7e:f7:cb:
80:bf:63:04:81:a0:9e:83:99:ec:3e:34:9c:82:9c:
00:fb:e7:35:40:38:98:7b:1e:4d:44:73:f1:ae:ab:
f1:61:64:94:2f:b0:f7:71:35:a7:0d:fe:a6:4f:fc:
90:2c:a4:bd:3e:67:26:a1:ef:78:34:fd:8e:e9:17:
7b:7f:46:a0:74:28:5e:c4:aa:fb:44:cf:88:10:1c:
54:20:bf:e6:f0:c4:89:a0:e6:ad:2c:f0:f3:bc:d4:
f2:cd:1f:92:3c:dc:1e:b3:7e:f9:df:36:fd:9f:1f:
6b:f3:59:75:45:28:20:02:d6:23:6f:6b:42:f5:e3:
8e:bc:a6:24:12:aa:f6:6c:3f:8a:3c:d6:df:9d:c9:
f7:64:e9:68:3b:fe:48:e1:d4:5a:06:89:d7:e6:b0:
a7:31:36:93:8c:9b:70:6b:0b:39:9b:15:33:82:36:
14:a2:75:a0:61:0e:45:47:cb:54:66:c8:e9:98:19:
7d:7b:13:77:00:b4:c3:84:84:0a:4b:8f:87:ea:f5:
83:9e:d2:a3:cd:6e:16:99:d4:0c:82:11:f6:95:db:
23:57:d1:7d:75:97:05:f8:4d:00:ac:53:c6:24:29:
d8:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:01:83:3F:A7:BC:B9:CB:92:C5:3E:45:54:55:E1:BB:98:95:3E:BF
X509v3 Authority Key Identifier:
keyid:1B:E2:40:02:1A:28:7F:29:89:73:D9:EA:28:DF:C8:07:35:FD:58:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a31303a3a2f34342d3438203d3e20313533333736.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1cc5:10::/44
Signature Algorithm: sha256WithRSAEncryption
1c:66:e7:ca:a5:d3:21:b0:88:c4:2a:0d:57:11:ab:5d:bd:09:
05:40:74:e5:65:7a:7c:81:df:4a:05:fc:8c:72:70:ab:a6:d6:
58:b9:b8:3c:0a:93:9c:31:2f:71:4c:f3:6c:40:26:9a:7b:8c:
6b:ce:9f:d8:8e:e5:49:c2:77:3e:2d:54:89:93:0d:12:4d:0d:
01:cc:9e:c2:8a:43:6f:4b:f7:05:e7:14:ed:e0:a9:06:21:2b:
b6:6c:b1:db:a7:02:2e:27:ed:2a:51:25:07:3a:6b:03:4f:bc:
4d:58:c1:33:52:3b:12:b7:73:ab:e3:96:54:d2:e7:95:37:d0:
bb:13:58:d0:70:6f:d3:26:81:e8:c1:65:ec:b4:e8:0c:5c:14:
03:4a:a2:ea:dd:28:97:09:80:91:26:cb:3c:b9:a2:3e:7e:1f:
d4:16:54:17:d7:98:a1:d1:f9:f2:5e:e1:a1:4f:29:c5:3f:e3:
81:60:26:5b:eb:71:0b:84:e3:bf:11:87:2e:6d:96:88:16:4d:
d3:5c:9b:23:12:c3:75:62:ec:21:b3:da:40:8f:40:5a:e3:84:
72:1a:c0:b0:cd:aa:4e:44:a5:42:34:b0:da:7e:f9:1b:e9:63:
92:a9:e5:c1:cd:54:c5:e9:ae:94:8b:0a:b2:3c:0d:c3:b7:56:
6a:32:27:7c
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUVihlLoXizch+QgrePGErlLmLP0swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMWJlMjQwMDIxYTI4N2YyOTg5NzNkOWVhMjhkZmM4MDcz
NWZkNTgwMDAeFw0yNjA2MDIxMjEzMThaFw0yNzA2MDExMjE4MThaMDMxMTAvBgNV
BAMTKDQwMDE4MzNGQTdCQ0I5Q0I5MkM1M0U0NTU0NTVFMUJCOTg5NTNFQkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2QsZlVRwwHuLAZfT7qQPvt/w6
v7ua0rm/1H73y4C/YwSBoJ6Dmew+NJyCnAD75zVAOJh7Hk1Ec/Guq/FhZJQvsPdx
NacN/qZP/JAspL0+Zyah73g0/Y7pF3t/RqB0KF7EqvtEz4gQHFQgv+bwxImg5q0s
8PO81PLNH5I83B6zfvnfNv2fH2vzWXVFKCAC1iNva0L14468piQSqvZsP4o81t+d
yfdk6Wg7/kjh1FoGidfmsKcxNpOMm3BrCzmbFTOCNhSidaBhDkVHy1RmyOmYGX17
E3cAtMOEhApLj4fq9YOe0qPNbhaZ1AyCEfaV2yNX0X11lwX4TQCsU8YkKdgVAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUQAGDP6e8ucuSxT5FVFXhu5iVPr8wHwYDVR0j
BBgwFoAUG+JAAhoofymJc9nqKN/IBzX9WAAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGFmYjVmZTItM2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0
ZjBlLzAvMUJFMjQwMDIxQTI4N0YyOTg5NzNEOUVBMjhERkM4MDczNUZENTgwMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0ctSkFBaG9vZnltSmM5bnFLTl9JQnpY
OVdBQS5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGFmYjVmZTIt
M2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0ZjBlLzAvMzI2MTMwNjYzYTMxNjM2MzM1
M2EzMTMwM2EzYTJmMzQzNDJkMzQzODIwM2QzZTIwMzEzNTMzMzMzNzM2LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcEKg8cxQAQMA0GCSqGSIb3DQEBCwUAA4IBAQAcZufKpdMhsIjEKg1XEatd
vQkFQHTlZXp8gd9KBfyMcnCrptZYubg8CpOcMS9xTPNsQCaae4xrzp/YjuVJwnc+
LVSJkw0STQ0BzJ7CikNvS/cF5xTt4KkGISu2bLHbpwIuJ+0qUSUHOmsDT7xNWMEz
UjsSt3Or45ZU0ueVN9C7E1jQcG/TJoHowWXstOgMXBQDSqLq3SiXCYCRJss8uaI+
fh/UFlQX15ih0fnyXuGhTynFP+OBYCZb63ELhOO/EYcubZaIFk3TXJsjEsN1Yuwh
s9pAj0Ba44RyGsCwzapORKVCNLDafvkb6WOSqeXBzVTF6a6UiwqyPA3Dt1ZqMid8
-----END CERTIFICATE-----
Generated at Thu Jun 4 03:23:43 2026 by rpki-client