Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a313830303a3a2f34302d3438203d3e20323132343833.roa
File: 326130663a316363353a313830303a3a2f34302d3438203d3e20323132343833.roa (raw, json)
Hash identifier: TvITV8J8gtzpTu95n1bmqeuh6Ctm4ZytgfJ3pwXkBUg=
Subject key identifier: F4:7D:84:C3:48:70:AA:37:9E:C6:31:C5:D2:EF:FF:23:47:75:ED:4E
Certificate issuer: /CN=1be240021a287f298973d9ea28dfc80735fd5800
Certificate serial: 5DE112F582717AE89470E9C14DD4FA4E22972F36
Authority key identifier: 1B:E2:40:02:1A:28:7F:29:89:73:D9:EA:28:DF:C8:07:35:FD:58:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a313830303a3a2f34302d3438203d3e20323132343833.roa
Signing time: Tue 02 Jun 2026 12:18:08 +0000
ROA not before: Tue 02 Jun 2026 12:13:08 +0000
ROA not after: Tue 01 Jun 2027 12:18:08 +0000
asID: 212483
IP address blocks: 2a0f:1cc5:1800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.crl
rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.mft
rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Jun 2026 17:14:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:e1:12:f5:82:71:7a:e8:94:70:e9:c1:4d:d4:fa:4e:22:97:2f:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1be240021a287f298973d9ea28dfc80735fd5800
Validity
Not Before: Jun 2 12:13:08 2026 GMT
Not After : Jun 1 12:18:08 2027 GMT
Subject: CN=F47D84C34870AA379EC631C5D2EFFF234775ED4E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:b3:be:99:d9:1f:9e:1f:22:a8:be:0b:30:8c:
1d:44:bc:50:b9:bf:f6:3a:87:01:50:03:c6:91:d1:
55:a1:c7:d0:4a:dd:77:b3:46:62:b5:6f:dd:40:ef:
7d:0f:e1:86:46:54:7a:08:e7:d6:60:d8:51:27:8f:
27:e4:40:7e:fa:24:fa:e8:88:09:26:a6:dd:9a:ba:
32:27:7d:c5:09:6a:c2:c5:2d:12:a3:9b:f4:77:a6:
14:41:08:71:fe:be:35:8f:37:7b:69:4d:59:aa:84:
3c:32:04:ef:ab:38:88:72:8b:6e:ba:fc:e6:8d:72:
eb:d8:5a:6f:e0:a4:f4:7c:23:4a:5d:d3:a8:95:bd:
61:20:33:68:c8:7e:d3:55:aa:f9:53:91:a0:fd:6d:
b1:0d:1c:88:c1:10:61:30:cf:80:65:cc:12:3a:20:
2a:14:6c:cd:f3:6a:13:d5:83:eb:d0:e2:ab:8a:f2:
1c:55:fd:a4:c7:32:95:dd:c2:9b:d3:1a:ea:7c:39:
b7:6d:09:7d:f3:d4:bb:11:90:9e:e3:c4:9d:5a:75:
22:45:4e:ad:e8:dc:57:89:37:c7:22:d9:d0:75:e9:
51:f7:e4:b3:48:6a:63:8c:ba:2f:71:58:d1:f8:65:
03:da:43:d2:c0:9e:e1:f3:23:50:4e:ae:17:49:e2:
00:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:7D:84:C3:48:70:AA:37:9E:C6:31:C5:D2:EF:FF:23:47:75:ED:4E
X509v3 Authority Key Identifier:
keyid:1B:E2:40:02:1A:28:7F:29:89:73:D9:EA:28:DF:C8:07:35:FD:58:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a313830303a3a2f34302d3438203d3e20323132343833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1cc5:1800::/40
Signature Algorithm: sha256WithRSAEncryption
21:86:2d:67:b3:9a:d2:29:78:b0:f2:8d:17:79:a8:c1:4a:ce:
15:a2:42:fc:d6:21:b2:f9:f3:31:61:36:aa:36:18:8d:03:52:
55:fd:cc:22:0a:a4:27:97:f1:82:4a:85:8f:cb:0b:ed:90:e6:
7f:84:05:23:ae:50:ff:30:0c:93:d8:dc:d5:fa:c9:63:2b:dc:
c9:57:30:ee:6f:38:42:c5:91:f2:9e:c3:a0:95:b7:ec:44:40:
24:ab:c4:c5:65:35:10:72:85:b0:00:2a:2b:cd:20:94:ec:fa:
ae:45:f9:37:35:87:47:28:4d:bc:d5:6c:97:f7:26:e4:86:a0:
00:f2:c0:90:96:e9:10:40:f7:c6:30:a6:54:07:2d:e5:d3:6a:
99:6f:10:65:96:21:5b:4c:3a:d1:cb:85:ae:c6:a7:77:07:a0:
86:08:9f:6e:c9:e6:b5:da:57:02:e8:8b:6e:71:6a:6d:f7:47:
d2:e1:6c:25:e3:3a:83:40:b2:ca:30:ec:b4:50:9b:dc:f9:8e:
dd:07:07:1a:e7:8a:ea:fd:87:bd:4e:7b:c1:b6:a9:40:41:7b:
2b:7b:3b:e3:e8:db:b5:42:08:7f:b2:a7:69:25:2e:67:f1:2c:
bd:c6:f7:fc:1d:75:9e:27:77:eb:32:c4:fb:5a:16:21:bc:93:
96:cc:34:5d
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIUXeES9YJxeuiUcOnBTdT6TiKXLzYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMWJlMjQwMDIxYTI4N2YyOTg5NzNkOWVhMjhkZmM4MDcz
NWZkNTgwMDAeFw0yNjA2MDIxMjEzMDhaFw0yNzA2MDExMjE4MDhaMDMxMTAvBgNV
BAMTKEY0N0Q4NEMzNDg3MEFBMzc5RUM2MzFDNUQyRUZGRjIzNDc3NUVENEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCss76Z2R+eHyKovgswjB1EvFC5
v/Y6hwFQA8aR0VWhx9BK3XezRmK1b91A730P4YZGVHoI59Zg2FEnjyfkQH76JPro
iAkmpt2aujInfcUJasLFLRKjm/R3phRBCHH+vjWPN3tpTVmqhDwyBO+rOIhyi266
/OaNcuvYWm/gpPR8I0pd06iVvWEgM2jIftNVqvlTkaD9bbENHIjBEGEwz4BlzBI6
ICoUbM3zahPVg+vQ4quK8hxV/aTHMpXdwpvTGup8ObdtCX3z1LsRkJ7jxJ1adSJF
Tq3o3FeJN8ci2dB16VH35LNIamOMui9xWNH4ZQPaQ9LAnuHzI1BOrhdJ4gApAgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQU9H2Ew0hwqjeexjHF0u//I0d17U4wHwYDVR0j
BBgwFoAUG+JAAhoofymJc9nqKN/IBzX9WAAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGFmYjVmZTItM2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0
ZjBlLzAvMUJFMjQwMDIxQTI4N0YyOTg5NzNEOUVBMjhERkM4MDczNUZENTgwMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0ctSkFBaG9vZnltSmM5bnFLTl9JQnpY
OVdBQS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGFmYjVmZTIt
M2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0ZjBlLzAvMzI2MTMwNjYzYTMxNjM2MzM1
M2EzMTM4MzAzMDNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDMyMzEzMjM0MzgzMy5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw
DgQCAAIwCAMGACoPHMUYMA0GCSqGSIb3DQEBCwUAA4IBAQAhhi1ns5rSKXiw8o0X
eajBSs4VokL81iGy+fMxYTaqNhiNA1JV/cwiCqQnl/GCSoWPywvtkOZ/hAUjrlD/
MAyT2NzV+sljK9zJVzDubzhCxZHynsOglbfsREAkq8TFZTUQcoWwACorzSCU7Pqu
Rfk3NYdHKE281WyX9ybkhqAA8sCQlukQQPfGMKZUBy3l02qZbxBlliFbTDrRy4Wu
xqd3B6CGCJ9uyea12lcC6ItucWpt90fS4Wwl4zqDQLLKMOy0UJvc+Y7dBwca54rq
/Ye9TnvBtqlAQXsrezvj6Nu1Qgh/sqdpJS5n8Sy9xvf8HXWeJ3frMsT7WhYhvJOW
zDRd
-----END CERTIFICATE-----
Generated at Sun Jun 7 02:59:48 2026 by rpki-client