Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a313530303a3a2f34302d3438203d3e20313938303235.roa
File: 326130663a316363353a313530303a3a2f34302d3438203d3e20313938303235.roa (raw, json)
Hash identifier: tDb9hfGnprlQ1ba73RO+DNV6bYhEiH/XtiP0xxlIssg=
Subject key identifier: 4D:F2:AE:79:93:73:68:9A:BA:DF:05:84:4D:14:B5:3F:0C:B4:3C:B6
Certificate issuer: /CN=1be240021a287f298973d9ea28dfc80735fd5800
Certificate serial: 5AD2763B49889F1F5D61909E00A8AE97B13A87C9
Authority key identifier: 1B:E2:40:02:1A:28:7F:29:89:73:D9:EA:28:DF:C8:07:35:FD:58:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a313530303a3a2f34302d3438203d3e20313938303235.roa
Signing time: Tue 02 Jun 2026 12:18:22 +0000
ROA not before: Tue 02 Jun 2026 12:13:22 +0000
ROA not after: Tue 01 Jun 2027 12:18:22 +0000
asID: 198025
IP address blocks: 2a0f:1cc5:1500::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.crl
rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.mft
rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 10:05:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:d2:76:3b:49:88:9f:1f:5d:61:90:9e:00:a8:ae:97:b1:3a:87:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1be240021a287f298973d9ea28dfc80735fd5800
Validity
Not Before: Jun 2 12:13:22 2026 GMT
Not After : Jun 1 12:18:22 2027 GMT
Subject: CN=4DF2AE799373689ABADF05844D14B53F0CB43CB6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:4b:7b:88:0c:9c:19:27:fb:be:41:c6:b0:1d:
94:68:51:f7:ce:be:b6:7c:11:56:72:dd:8f:8a:7a:
b3:17:5d:6c:b7:de:87:f3:b7:b5:9f:e3:23:cc:aa:
d5:5a:6c:95:ca:b9:85:7e:69:08:57:85:42:14:79:
eb:92:ee:79:f1:ae:78:57:44:15:93:4a:49:42:26:
f7:54:30:86:12:69:20:c2:3b:5a:a2:0a:75:1e:16:
83:52:63:b0:0b:87:fa:eb:db:9c:4a:63:d1:c3:4c:
40:ef:6b:15:d2:e3:c5:e8:a1:68:c4:c8:eb:6f:b6:
48:c8:37:76:7c:de:7f:71:11:33:cc:dd:b7:55:d7:
2c:7b:8c:7c:18:d8:82:ce:56:63:c5:79:76:8c:e1:
7e:19:52:73:99:a0:95:9f:c1:b0:f8:83:9a:f0:5d:
f8:6c:79:08:9d:ff:63:b5:a3:a6:fa:ca:d5:81:84:
fb:2d:cf:46:f3:eb:f5:07:a3:f4:9e:e1:ce:33:18:
47:9b:38:e7:70:3c:fb:00:56:62:dd:25:f8:84:20:
be:e8:6f:2a:ea:76:2e:b6:9a:ea:b1:bd:89:8d:f8:
31:fb:78:4d:d0:d8:d1:81:1d:ab:4d:0b:d3:db:0d:
5c:a5:d3:ce:0c:36:1d:fa:27:f8:61:83:b5:7d:6f:
10:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:F2:AE:79:93:73:68:9A:BA:DF:05:84:4D:14:B5:3F:0C:B4:3C:B6
X509v3 Authority Key Identifier:
keyid:1B:E2:40:02:1A:28:7F:29:89:73:D9:EA:28:DF:C8:07:35:FD:58:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a313530303a3a2f34302d3438203d3e20313938303235.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1cc5:1500::/40
Signature Algorithm: sha256WithRSAEncryption
1d:be:ac:56:94:e4:06:04:74:7a:bb:46:f5:88:52:26:92:c5:
d6:70:15:6f:03:f1:25:09:ae:8a:df:2c:3c:fa:6d:b5:fc:a5:
0d:c3:92:a8:63:4c:e9:01:0d:a2:6f:cf:dd:16:83:cc:3a:0e:
e6:67:5c:13:96:1b:08:9b:eb:d8:85:e0:ab:a7:fa:e0:93:72:
f9:eb:f8:3e:2a:2d:4b:96:33:48:9c:90:da:8f:0b:21:8c:bd:
eb:96:ca:d6:a3:fa:fc:8e:6f:9b:37:fe:dd:66:97:8b:06:0b:
78:89:d2:60:0f:d4:66:37:42:6b:db:3f:e5:4a:bd:14:51:90:
ab:11:53:f6:e7:4d:31:4e:1a:1b:c4:87:76:8b:b7:0c:01:95:
32:fc:05:ac:f9:17:4b:8f:00:ec:64:40:21:9e:8d:94:5f:4c:
a4:77:02:7e:83:4f:ac:89:88:bf:27:26:9c:51:48:4d:9e:62:
1e:c8:0f:fd:29:f6:4e:97:ef:7c:85:d3:97:72:bd:54:d4:08:
b1:70:44:20:cf:87:69:6b:c0:1d:9f:bc:ff:41:f9:0e:6b:12:
87:15:8d:8a:db:87:98:6c:73:a5:87:3e:db:d0:1d:c3:16:fd:
c8:dd:fe:ca:c7:38:43:0c:04:18:63:18:56:d1:cd:94:58:70:
80:d5:fb:82
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIUWtJ2O0mInx9dYZCeAKiul7E6h8kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMWJlMjQwMDIxYTI4N2YyOTg5NzNkOWVhMjhkZmM4MDcz
NWZkNTgwMDAeFw0yNjA2MDIxMjEzMjJaFw0yNzA2MDExMjE4MjJaMDMxMTAvBgNV
BAMTKDRERjJBRTc5OTM3MzY4OUFCQURGMDU4NDREMTRCNTNGMENCNDNDQjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCNS3uIDJwZJ/u+QcawHZRoUffO
vrZ8EVZy3Y+KerMXXWy33ofzt7Wf4yPMqtVabJXKuYV+aQhXhUIUeeuS7nnxrnhX
RBWTSklCJvdUMIYSaSDCO1qiCnUeFoNSY7ALh/rr25xKY9HDTEDvaxXS48XooWjE
yOtvtkjIN3Z83n9xETPM3bdV1yx7jHwY2ILOVmPFeXaM4X4ZUnOZoJWfwbD4g5rw
XfhseQid/2O1o6b6ytWBhPstz0bz6/UHo/Se4c4zGEebOOdwPPsAVmLdJfiEIL7o
byrqdi62muqxvYmN+DH7eE3Q2NGBHatNC9PbDVyl084MNh36J/hhg7V9bxCZAgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQUTfKueZNzaJq63wWETRS1Pwy0PLYwHwYDVR0j
BBgwFoAUG+JAAhoofymJc9nqKN/IBzX9WAAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGFmYjVmZTItM2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0
ZjBlLzAvMUJFMjQwMDIxQTI4N0YyOTg5NzNEOUVBMjhERkM4MDczNUZENTgwMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0ctSkFBaG9vZnltSmM5bnFLTl9JQnpY
OVdBQS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGFmYjVmZTIt
M2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0ZjBlLzAvMzI2MTMwNjYzYTMxNjM2MzM1
M2EzMTM1MzAzMDNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDMxMzkzODMwMzIzNS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw
DgQCAAIwCAMGACoPHMUVMA0GCSqGSIb3DQEBCwUAA4IBAQAdvqxWlOQGBHR6u0b1
iFImksXWcBVvA/ElCa6K3yw8+m21/KUNw5KoY0zpAQ2ib8/dFoPMOg7mZ1wTlhsI
m+vYheCrp/rgk3L56/g+Ki1LljNInJDajwshjL3rlsrWo/r8jm+bN/7dZpeLBgt4
idJgD9RmN0Jr2z/lSr0UUZCrEVP2500xThobxId2i7cMAZUy/AWs+RdLjwDsZEAh
no2UX0ykdwJ+g0+siYi/JyacUUhNnmIeyA/9KfZOl+98hdOXcr1U1AixcEQgz4dp
a8Adn7z/QfkOaxKHFY2K24eYbHOlhz7b0B3DFv3I3f7KxzhDDAQYYxhW0c2UWHCA
1fuC
-----END CERTIFICATE-----
Generated at Thu Jun 11 19:20:19 2026 by rpki-client