Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a313130303a3a2f34302d3438203d3e20323135363139.roa
File: 326130663a316363353a313130303a3a2f34302d3438203d3e20323135363139.roa (raw, json)
Hash identifier: zDWqnBjwDxhb1FbE71dezia7ZFWfrU76ZjYP6CSWr2s=
Subject key identifier: CC:B4:89:D4:7C:31:40:E4:FF:AC:DC:96:5A:3A:13:6A:CA:76:25:71
Certificate issuer: /CN=1be240021a287f298973d9ea28dfc80735fd5800
Certificate serial: 59B8E385F3CE6574C86F20AFE4EC925A9E7A46EC
Authority key identifier: 1B:E2:40:02:1A:28:7F:29:89:73:D9:EA:28:DF:C8:07:35:FD:58:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a313130303a3a2f34302d3438203d3e20323135363139.roa
Signing time: Tue 02 Jun 2026 12:18:06 +0000
ROA not before: Tue 02 Jun 2026 12:13:06 +0000
ROA not after: Tue 01 Jun 2027 12:18:06 +0000
asID: 215619
IP address blocks: 2a0f:1cc5:1100::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.crl
rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.mft
rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Jun 2026 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:b8:e3:85:f3:ce:65:74:c8:6f:20:af:e4:ec:92:5a:9e:7a:46:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1be240021a287f298973d9ea28dfc80735fd5800
Validity
Not Before: Jun 2 12:13:06 2026 GMT
Not After : Jun 1 12:18:06 2027 GMT
Subject: CN=CCB489D47C3140E4FFACDC965A3A136ACA762571
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:af:76:fe:09:08:54:19:89:f9:e6:5c:5a:d7:
21:de:df:67:65:c8:a8:83:d7:6d:94:29:35:9a:aa:
84:72:10:8b:d2:ea:cb:93:d8:37:7d:d7:ac:13:39:
8a:e9:f3:26:23:b1:f8:fa:f3:eb:04:87:a2:d3:0b:
ce:4b:0d:09:44:06:fe:6f:4a:d0:ea:f4:de:ed:aa:
f6:ce:fe:e0:63:06:8b:d6:39:06:f9:3e:5d:91:0d:
2b:06:73:a7:a6:35:a5:2b:ed:40:5d:2d:32:c1:0b:
ec:67:15:63:49:ba:e7:c5:30:0e:43:4c:e8:1f:f9:
e4:b1:7b:03:cb:16:e0:88:50:d4:e1:6a:08:c8:5f:
d3:16:04:5b:f4:5f:8a:6d:5a:59:e4:26:e6:13:26:
dc:a9:2b:06:9c:f1:1b:86:d6:8d:5e:20:ab:94:f8:
eb:3b:0a:54:65:89:11:27:67:cd:2a:44:7c:1a:c5:
53:63:7e:e8:38:45:97:0c:56:ae:5a:8e:78:99:43:
f0:f3:8c:58:fd:1b:87:a0:5d:fd:ad:a3:c1:36:f3:
aa:7e:62:d3:dd:c3:3a:ae:c0:b1:22:74:c1:6e:f0:
ea:23:f5:e7:c9:ec:8c:91:e1:27:50:67:f3:6a:f7:
03:a6:f6:68:c5:ee:2c:3b:e5:7d:1f:9d:96:43:29:
f9:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:B4:89:D4:7C:31:40:E4:FF:AC:DC:96:5A:3A:13:6A:CA:76:25:71
X509v3 Authority Key Identifier:
keyid:1B:E2:40:02:1A:28:7F:29:89:73:D9:EA:28:DF:C8:07:35:FD:58:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a313130303a3a2f34302d3438203d3e20323135363139.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1cc5:1100::/40
Signature Algorithm: sha256WithRSAEncryption
1a:e2:78:a1:a0:6d:5e:d0:1b:a2:f9:45:52:5d:a2:55:51:c4:
c1:a6:7d:0b:32:97:c4:4c:09:32:1c:0f:9c:2d:24:ed:f7:70:
79:c9:b3:09:b8:a5:d6:5c:e1:56:5a:d1:c3:f2:50:39:c1:67:
28:ca:0f:10:34:03:13:4e:16:35:dd:fd:3d:d8:e8:68:5c:77:
cd:d4:50:a7:84:cf:a0:0f:82:01:ae:7c:0a:46:78:04:90:c2:
f4:33:dc:14:ff:df:24:2e:8c:2f:6b:ad:c8:89:5a:61:6f:e9:
fa:20:7a:49:4d:7f:dc:d6:14:06:33:a2:35:5b:5e:70:ee:8d:
4e:b8:ab:32:7f:b8:62:a0:cc:7c:fa:69:8a:d2:59:64:ca:dc:
41:42:c9:a3:1c:f2:64:aa:84:3e:d1:04:11:d8:e8:13:b3:1f:
be:2d:8e:74:33:46:da:23:e5:f8:9b:dd:05:e0:ec:34:30:cc:
c0:dd:da:45:cc:d2:30:8c:4b:b9:92:46:2d:0e:cb:7d:fb:9c:
73:6b:14:51:a5:a3:ba:cb:52:48:13:50:c6:79:7e:9b:86:d0:
a6:28:5d:93:84:32:fc:b0:56:f3:ea:b5:1d:31:6f:3f:27:9c:
78:c8:a6:09:93:6e:4c:91:e5:12:dd:ad:0b:28:bc:e3:ce:34:
33:3b:26:f9
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIUWbjjhfPOZXTIbyCv5OySWp56RuwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMWJlMjQwMDIxYTI4N2YyOTg5NzNkOWVhMjhkZmM4MDcz
NWZkNTgwMDAeFw0yNjA2MDIxMjEzMDZaFw0yNzA2MDExMjE4MDZaMDMxMTAvBgNV
BAMTKENDQjQ4OUQ0N0MzMTQwRTRGRkFDREM5NjVBM0ExMzZBQ0E3NjI1NzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCSr3b+CQhUGYn55lxa1yHe32dl
yKiD122UKTWaqoRyEIvS6suT2Dd916wTOYrp8yYjsfj68+sEh6LTC85LDQlEBv5v
StDq9N7tqvbO/uBjBovWOQb5Pl2RDSsGc6emNaUr7UBdLTLBC+xnFWNJuufFMA5D
TOgf+eSxewPLFuCIUNThagjIX9MWBFv0X4ptWlnkJuYTJtypKwac8RuG1o1eIKuU
+Os7ClRliREnZ80qRHwaxVNjfug4RZcMVq5ajniZQ/DzjFj9G4egXf2to8E286p+
YtPdwzquwLEidMFu8Ooj9efJ7IyR4SdQZ/Nq9wOm9mjF7iw75X0fnZZDKfl5AgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQUzLSJ1HwxQOT/rNyWWjoTasp2JXEwHwYDVR0j
BBgwFoAUG+JAAhoofymJc9nqKN/IBzX9WAAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGFmYjVmZTItM2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0
ZjBlLzAvMUJFMjQwMDIxQTI4N0YyOTg5NzNEOUVBMjhERkM4MDczNUZENTgwMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0ctSkFBaG9vZnltSmM5bnFLTl9JQnpY
OVdBQS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGFmYjVmZTIt
M2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0ZjBlLzAvMzI2MTMwNjYzYTMxNjM2MzM1
M2EzMTMxMzAzMDNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDMyMzEzNTM2MzEzOS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw
DgQCAAIwCAMGACoPHMURMA0GCSqGSIb3DQEBCwUAA4IBAQAa4nihoG1e0Bui+UVS
XaJVUcTBpn0LMpfETAkyHA+cLSTt93B5ybMJuKXWXOFWWtHD8lA5wWcoyg8QNAMT
ThY13f092OhoXHfN1FCnhM+gD4IBrnwKRngEkML0M9wU/98kLowva63IiVphb+n6
IHpJTX/c1hQGM6I1W15w7o1OuKsyf7hioMx8+mmK0llkytxBQsmjHPJkqoQ+0QQR
2OgTsx++LY50M0baI+X4m90F4Ow0MMzA3dpFzNIwjEu5kkYtDst9+5xzaxRRpaO6
y1JIE1DGeX6bhtCmKF2ThDL8sFbz6rUdMW8/J5x4yKYJk25MkeUS3a0LKLzjzjQz
Oyb5
-----END CERTIFICATE-----
Generated at Sun Jun 7 09:16:03 2026 by rpki-client