Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a313430303a3a2f34302d3438203d3e20323133383738.roa
File: 326130663a316363353a313430303a3a2f34302d3438203d3e20323133383738.roa (raw, json)
Hash identifier: Iolvu2GNprbjbwsvZl4ntm+FN22PoQozqijUM6GyLc0=
Subject key identifier: 08:7F:F0:A9:19:40:C1:B5:5E:61:2D:D9:37:A9:27:15:56:4E:5B:3E
Certificate issuer: /CN=1be240021a287f298973d9ea28dfc80735fd5800
Certificate serial: 76C6B25D5F2ECBE7D162687955C9F7EA46F90657
Authority key identifier: 1B:E2:40:02:1A:28:7F:29:89:73:D9:EA:28:DF:C8:07:35:FD:58:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a313430303a3a2f34302d3438203d3e20323133383738.roa
Signing time: Tue 02 Jun 2026 12:18:23 +0000
ROA not before: Tue 02 Jun 2026 12:13:23 +0000
ROA not after: Tue 01 Jun 2027 12:18:23 +0000
asID: 213878
IP address blocks: 2a0f:1cc5:1400::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.crl
rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.mft
rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Jun 2026 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:c6:b2:5d:5f:2e:cb:e7:d1:62:68:79:55:c9:f7:ea:46:f9:06:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1be240021a287f298973d9ea28dfc80735fd5800
Validity
Not Before: Jun 2 12:13:23 2026 GMT
Not After : Jun 1 12:18:23 2027 GMT
Subject: CN=087FF0A91940C1B55E612DD937A92715564E5B3E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:17:a3:e4:c0:33:1c:ea:b0:6c:be:b1:72:98:
52:e7:6d:00:45:c4:62:61:df:31:2e:51:bb:d9:ff:
00:9a:47:91:74:40:1b:97:86:b7:10:52:79:30:fc:
8c:04:0f:d9:f7:71:7a:56:f9:c2:7f:45:ce:54:be:
92:44:47:fc:19:a1:0e:85:fa:0c:06:1a:c8:5c:bb:
84:ce:aa:db:bb:96:15:c3:a3:f6:47:b4:b5:72:9a:
cb:c2:fa:79:7b:19:a4:21:58:60:ee:64:ce:5f:4e:
22:b9:1f:1c:cc:5b:65:8c:36:9d:d2:c5:20:21:2e:
85:99:86:a1:07:a7:1c:35:3b:1e:97:2d:0e:3e:a4:
e1:38:95:e2:cf:4c:8d:22:ac:af:6a:ba:6d:e9:6c:
93:9b:f4:e8:0b:01:5e:c7:71:32:78:e5:ee:e8:81:
82:8b:8e:b7:84:0e:d2:36:a1:04:21:47:b6:80:9d:
0d:65:53:e9:0a:33:12:79:97:ad:2a:49:24:5f:22:
2d:94:e2:44:8e:7c:d1:eb:58:82:d4:79:0a:f0:29:
66:6c:3e:9d:aa:d6:07:0d:83:13:8e:79:5a:f7:7a:
ca:ae:45:ae:80:f7:66:97:7b:ce:f0:88:d5:75:42:
12:c0:9a:4b:fd:c6:a2:c1:1b:dd:47:98:3d:d0:64:
52:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:7F:F0:A9:19:40:C1:B5:5E:61:2D:D9:37:A9:27:15:56:4E:5B:3E
X509v3 Authority Key Identifier:
keyid:1B:E2:40:02:1A:28:7F:29:89:73:D9:EA:28:DF:C8:07:35:FD:58:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a313430303a3a2f34302d3438203d3e20323133383738.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1cc5:1400::/40
Signature Algorithm: sha256WithRSAEncryption
43:68:b9:c6:fc:74:bb:44:2b:91:bd:00:f8:df:5e:95:63:35:
61:9a:32:d6:21:a8:73:90:94:55:96:6a:ea:71:d3:7d:e9:9d:
f1:b6:8e:a6:48:f6:b6:7f:f6:e9:3c:c5:16:c8:55:2c:4e:58:
be:a0:7b:e8:6c:66:42:7d:a3:81:b3:20:2c:d2:b7:4a:43:4c:
d9:ea:66:97:ff:ca:b5:6a:12:86:4a:b4:19:0d:6e:bf:f8:b1:
b6:0e:04:67:c7:d8:d9:d5:d7:20:47:41:43:a2:7a:6e:3d:5d:
74:7d:1e:30:8c:ae:43:8d:4a:50:73:38:27:c1:0b:9a:88:d5:
f6:c9:bf:ba:65:86:65:f2:18:0e:2c:8c:5d:cf:99:aa:bb:cd:
49:1c:90:21:38:4a:55:ee:4a:4e:c0:55:02:7c:03:2c:bc:cd:
c6:fe:2b:8a:8b:ab:b9:6b:78:c4:48:71:cf:7e:15:3d:6c:2a:
7a:63:3f:be:8b:46:a3:fd:75:c0:b9:11:fe:9c:84:ee:1b:eb:
d7:59:b7:da:07:2c:7d:d7:da:3a:8b:60:f9:0e:dd:54:6a:a7:
78:52:80:56:af:da:13:89:9d:6d:9a:80:1d:d5:4e:0f:b7:c4:
34:34:38:13:6f:26:73:b8:aa:f9:38:6c:47:fb:66:35:59:83:
4f:c9:96:68
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIUdsayXV8uy+fRYmh5Vcn36kb5BlcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMWJlMjQwMDIxYTI4N2YyOTg5NzNkOWVhMjhkZmM4MDcz
NWZkNTgwMDAeFw0yNjA2MDIxMjEzMjNaFw0yNzA2MDExMjE4MjNaMDMxMTAvBgNV
BAMTKDA4N0ZGMEE5MTk0MEMxQjU1RTYxMkREOTM3QTkyNzE1NTY0RTVCM0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNF6PkwDMc6rBsvrFymFLnbQBF
xGJh3zEuUbvZ/wCaR5F0QBuXhrcQUnkw/IwED9n3cXpW+cJ/Rc5UvpJER/wZoQ6F
+gwGGshcu4TOqtu7lhXDo/ZHtLVymsvC+nl7GaQhWGDuZM5fTiK5HxzMW2WMNp3S
xSAhLoWZhqEHpxw1Ox6XLQ4+pOE4leLPTI0irK9qum3pbJOb9OgLAV7HcTJ45e7o
gYKLjreEDtI2oQQhR7aAnQ1lU+kKMxJ5l60qSSRfIi2U4kSOfNHrWILUeQrwKWZs
Pp2q1gcNgxOOeVr3esquRa6A92aXe87wiNV1QhLAmkv9xqLBG91HmD3QZFJVAgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQUCH/wqRlAwbVeYS3ZN6knFVZOWz4wHwYDVR0j
BBgwFoAUG+JAAhoofymJc9nqKN/IBzX9WAAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGFmYjVmZTItM2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0
ZjBlLzAvMUJFMjQwMDIxQTI4N0YyOTg5NzNEOUVBMjhERkM4MDczNUZENTgwMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0ctSkFBaG9vZnltSmM5bnFLTl9JQnpY
OVdBQS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGFmYjVmZTIt
M2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0ZjBlLzAvMzI2MTMwNjYzYTMxNjM2MzM1
M2EzMTM0MzAzMDNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDMyMzEzMzM4MzczOC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw
DgQCAAIwCAMGACoPHMUUMA0GCSqGSIb3DQEBCwUAA4IBAQBDaLnG/HS7RCuRvQD4
316VYzVhmjLWIahzkJRVlmrqcdN96Z3xto6mSPa2f/bpPMUWyFUsTli+oHvobGZC
faOBsyAs0rdKQ0zZ6maX/8q1ahKGSrQZDW6/+LG2DgRnx9jZ1dcgR0FDonpuPV10
fR4wjK5DjUpQczgnwQuaiNX2yb+6ZYZl8hgOLIxdz5mqu81JHJAhOEpV7kpOwFUC
fAMsvM3G/iuKi6u5a3jESHHPfhU9bCp6Yz++i0aj/XXAuRH+nITuG+vXWbfaByx9
19o6i2D5Dt1Uaqd4UoBWr9oTiZ1tmoAd1U4Pt8Q0NDgTbyZzuKr5OGxH+2Y1WYNP
yZZo
-----END CERTIFICATE-----
Generated at Sun Jun 7 09:14:54 2026 by rpki-client