Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a313630303a3a2f34302d3438203d3e20313939333130.roa
File: 326130663a316363353a313630303a3a2f34302d3438203d3e20313939333130.roa (raw, json)
Hash identifier: rIvoX368ddKFoAwHL05zudAg6MeHR2qiw661zDsdWMM=
Subject key identifier: 4D:7B:92:77:36:D5:9C:88:E0:5C:2A:D9:11:C3:EF:4D:92:CB:20:26
Certificate issuer: /CN=1be240021a287f298973d9ea28dfc80735fd5800
Certificate serial: 58625DE254FF72C4D78E575C9913555F9683BAB6
Authority key identifier: 1B:E2:40:02:1A:28:7F:29:89:73:D9:EA:28:DF:C8:07:35:FD:58:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a313630303a3a2f34302d3438203d3e20313939333130.roa
Signing time: Tue 02 Jun 2026 12:18:01 +0000
ROA not before: Tue 02 Jun 2026 12:13:01 +0000
ROA not after: Tue 01 Jun 2027 12:18:01 +0000
asID: 199310
IP address blocks: 2a0f:1cc5:1600::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.crl
rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.mft
rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Jun 2026 02:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:62:5d:e2:54:ff:72:c4:d7:8e:57:5c:99:13:55:5f:96:83:ba:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1be240021a287f298973d9ea28dfc80735fd5800
Validity
Not Before: Jun 2 12:13:01 2026 GMT
Not After : Jun 1 12:18:01 2027 GMT
Subject: CN=4D7B927736D59C88E05C2AD911C3EF4D92CB2026
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:0d:0c:44:d6:cb:18:54:87:50:41:1c:47:3f:
d1:dc:4d:f1:3c:22:0f:fe:0d:0d:ec:be:ae:ee:3b:
a1:90:fa:3e:d1:1f:90:3b:80:84:0f:86:ff:e3:c8:
08:d3:e8:da:6a:8e:3e:80:b0:87:b3:b6:40:7e:36:
a0:63:6e:a4:e3:05:90:fa:8b:55:ef:a0:bb:53:5c:
f2:88:6c:6f:75:ff:b7:90:ee:1d:79:e4:bf:e1:61:
94:6a:18:77:25:70:41:81:af:17:34:7f:c6:e8:f2:
4f:ad:45:07:06:bb:a6:3d:7c:4b:fc:4c:cf:d7:78:
e6:b6:67:e0:de:9c:88:87:89:b8:b8:82:3e:56:f1:
ba:2b:97:b8:9e:64:3a:fa:be:0a:a1:9d:c7:65:53:
e5:ce:e4:63:14:e8:e4:ff:cf:32:a0:69:a6:71:51:
eb:5a:fb:4d:93:f3:b9:dc:37:be:3c:37:92:f4:de:
b2:2e:91:71:e4:2c:db:d3:b9:db:ca:6b:71:99:5b:
98:d9:ac:b3:5d:8a:76:1a:d9:e0:e4:1e:50:ed:b2:
65:ff:33:67:23:90:e8:71:40:ab:27:35:4b:de:0b:
3f:11:17:05:c8:de:0c:a7:99:11:26:70:53:ce:6f:
4f:4f:43:3a:b5:f9:94:5f:0c:ee:c6:cd:c2:99:09:
bf:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:7B:92:77:36:D5:9C:88:E0:5C:2A:D9:11:C3:EF:4D:92:CB:20:26
X509v3 Authority Key Identifier:
keyid:1B:E2:40:02:1A:28:7F:29:89:73:D9:EA:28:DF:C8:07:35:FD:58:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a313630303a3a2f34302d3438203d3e20313939333130.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1cc5:1600::/40
Signature Algorithm: sha256WithRSAEncryption
45:61:20:c6:4e:9c:29:1c:06:b2:7a:82:6d:6b:cc:28:bf:6d:
3e:79:a4:4c:88:12:ea:55:d2:88:46:2b:50:b2:2f:4a:54:f8:
9c:19:13:51:90:90:8f:10:ba:3c:a4:a8:bb:96:a6:90:50:be:
0f:8c:0f:39:2f:d8:04:84:42:a0:54:5c:77:12:a7:ce:a8:ca:
88:a4:04:a7:c0:4a:c5:2c:d4:5a:41:65:fd:4e:65:c2:e7:88:
15:d6:3a:9c:f9:be:be:79:03:b5:a2:c7:66:9d:f0:72:b7:29:
d7:00:68:95:f3:6a:7b:2e:38:dd:92:19:a6:44:83:bc:97:9a:
96:51:a2:57:e3:44:d5:cd:1c:d0:3d:a1:69:23:be:a5:95:61:
01:86:fa:fb:7c:eb:bb:70:9c:78:a7:ae:3a:76:6a:63:d8:14:
be:3b:9d:78:3e:1c:00:5c:1f:d1:2a:c1:15:75:17:e2:7a:3b:
93:e7:a0:11:16:57:25:2e:cf:1c:69:ba:76:3b:c8:5d:b6:23:
25:ab:ca:33:9c:9b:31:ef:a5:6a:a6:b6:e3:ca:28:f6:a9:7f:
99:15:9e:79:ff:22:c4:2e:7d:2b:c0:f8:e9:2b:5e:14:6d:e4:
5f:a7:f3:bb:a7:e2:55:e3:89:8c:a2:29:bc:df:18:83:44:34:
63:bc:d0:8f
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIUWGJd4lT/csTXjldcmRNVX5aDurYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMWJlMjQwMDIxYTI4N2YyOTg5NzNkOWVhMjhkZmM4MDcz
NWZkNTgwMDAeFw0yNjA2MDIxMjEzMDFaFw0yNzA2MDExMjE4MDFaMDMxMTAvBgNV
BAMTKDREN0I5Mjc3MzZENTlDODhFMDVDMkFEOTExQzNFRjREOTJDQjIwMjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzDQxE1ssYVIdQQRxHP9HcTfE8
Ig/+DQ3svq7uO6GQ+j7RH5A7gIQPhv/jyAjT6Npqjj6AsIeztkB+NqBjbqTjBZD6
i1XvoLtTXPKIbG91/7eQ7h155L/hYZRqGHclcEGBrxc0f8bo8k+tRQcGu6Y9fEv8
TM/XeOa2Z+DenIiHibi4gj5W8borl7ieZDr6vgqhncdlU+XO5GMU6OT/zzKgaaZx
Ueta+02T87ncN748N5L03rIukXHkLNvTudvKa3GZW5jZrLNdinYa2eDkHlDtsmX/
M2cjkOhxQKsnNUveCz8RFwXI3gynmREmcFPOb09PQzq1+ZRfDO7GzcKZCb8nAgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQUTXuSdzbVnIjgXCrZEcPvTZLLICYwHwYDVR0j
BBgwFoAUG+JAAhoofymJc9nqKN/IBzX9WAAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGFmYjVmZTItM2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0
ZjBlLzAvMUJFMjQwMDIxQTI4N0YyOTg5NzNEOUVBMjhERkM4MDczNUZENTgwMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0ctSkFBaG9vZnltSmM5bnFLTl9JQnpY
OVdBQS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGFmYjVmZTIt
M2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0ZjBlLzAvMzI2MTMwNjYzYTMxNjM2MzM1
M2EzMTM2MzAzMDNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDMxMzkzOTMzMzEzMC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw
DgQCAAIwCAMGACoPHMUWMA0GCSqGSIb3DQEBCwUAA4IBAQBFYSDGTpwpHAayeoJt
a8wov20+eaRMiBLqVdKIRitQsi9KVPicGRNRkJCPELo8pKi7lqaQUL4PjA85L9gE
hEKgVFx3EqfOqMqIpASnwErFLNRaQWX9TmXC54gV1jqc+b6+eQO1osdmnfBytynX
AGiV82p7LjjdkhmmRIO8l5qWUaJX40TVzRzQPaFpI76llWEBhvr7fOu7cJx4p646
dmpj2BS+O514PhwAXB/RKsEVdRfiejuT56ARFlclLs8cabp2O8hdtiMlq8oznJsx
76Vqprbjyij2qX+ZFZ55/yLELn0rwPjpK14UbeRfp/O7p+JV44mMoim83xiDRDRj
vNCP
-----END CERTIFICATE-----
Generated at Sat Jun 6 08:24:10 2026 by rpki-client