Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a316330303a3a2f34302d3438203d3e20323037333033.roa
File: 326130663a316363353a316330303a3a2f34302d3438203d3e20323037333033.roa (raw, json)
Hash identifier: PlghruDk7M48MYRXO+5ygiadTMuTXVGB0J3HCEoYU/o=
Subject key identifier: 89:F3:E1:E8:50:56:2E:46:C7:F9:0D:EF:BD:43:C4:BE:FE:11:C1:5B
Certificate issuer: /CN=1be240021a287f298973d9ea28dfc80735fd5800
Certificate serial: 14EA9A7DA34A243EE1C3B24F4F26FBCFEFF0767A
Authority key identifier: 1B:E2:40:02:1A:28:7F:29:89:73:D9:EA:28:DF:C8:07:35:FD:58:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a316330303a3a2f34302d3438203d3e20323037333033.roa
Signing time: Tue 02 Jun 2026 12:18:05 +0000
ROA not before: Tue 02 Jun 2026 12:13:05 +0000
ROA not after: Tue 01 Jun 2027 12:18:05 +0000
asID: 207303
IP address blocks: 2a0f:1cc5:1c00::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.crl
rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.mft
rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Jun 2026 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:ea:9a:7d:a3:4a:24:3e:e1:c3:b2:4f:4f:26:fb:cf:ef:f0:76:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1be240021a287f298973d9ea28dfc80735fd5800
Validity
Not Before: Jun 2 12:13:05 2026 GMT
Not After : Jun 1 12:18:05 2027 GMT
Subject: CN=89F3E1E850562E46C7F90DEFBD43C4BEFE11C15B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:33:c1:ab:bd:98:5e:7c:02:6f:90:be:17:b4:
d7:c4:a0:e9:04:8a:78:15:17:19:9a:ae:32:3c:63:
10:69:b2:a9:b3:f3:0d:71:7f:6c:52:c6:59:4d:91:
f1:bd:0d:3d:18:26:a1:de:cc:b8:49:36:78:01:fe:
d4:c2:09:f2:6e:b3:41:7f:8f:8f:20:2f:64:2b:0f:
b5:30:a0:c4:50:0b:fc:23:cd:37:09:23:70:a0:26:
85:85:dc:a1:5b:d1:af:e2:50:03:4a:f7:e9:1e:d1:
f9:41:d2:b9:f0:99:1d:b0:db:44:40:6c:45:3b:05:
69:d7:d5:08:c7:b5:62:c5:3a:32:d5:76:b8:1a:25:
0f:1c:cb:3f:fa:ef:ed:eb:d8:ee:19:16:d0:62:3b:
10:01:04:57:cc:23:a0:38:d6:c6:5a:15:ff:29:55:
ca:76:c6:92:ce:28:c7:3d:39:5d:9b:36:17:53:79:
ef:e3:59:f8:5d:7f:d4:63:98:59:6f:26:58:de:43:
e0:83:c0:c8:4e:8e:e2:8c:71:38:a7:35:77:ef:b9:
23:26:80:20:36:3b:89:d4:18:32:61:bc:b9:b5:37:
1f:2c:20:4d:9e:f8:47:4b:1f:3c:1a:bc:f7:df:2b:
4e:03:b7:05:af:f0:5d:5b:79:6c:67:af:c5:c8:6a:
fd:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:F3:E1:E8:50:56:2E:46:C7:F9:0D:EF:BD:43:C4:BE:FE:11:C1:5B
X509v3 Authority Key Identifier:
keyid:1B:E2:40:02:1A:28:7F:29:89:73:D9:EA:28:DF:C8:07:35:FD:58:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a316330303a3a2f34302d3438203d3e20323037333033.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1cc5:1c00::/40
Signature Algorithm: sha256WithRSAEncryption
5f:38:c4:16:bb:6c:37:69:f1:bd:b2:b8:c6:7e:a3:af:50:a1:
e6:f7:50:6c:32:cc:f0:3f:55:54:70:9a:75:8c:0a:b8:95:64:
2c:70:04:05:be:23:1d:fb:32:6c:41:66:31:e9:c0:34:ec:07:
5c:14:72:8f:93:71:f6:fd:ea:6e:ba:39:3e:f4:f0:f7:42:9c:
bb:96:1a:64:3e:5e:c5:fb:4a:a9:de:f8:5e:e9:49:39:74:65:
33:b5:f3:e8:8d:2c:34:b3:e4:71:27:2b:56:6b:3c:d4:aa:fc:
1e:67:92:5b:04:0c:a4:63:0c:1d:93:52:0a:a9:93:e4:e9:60:
5d:17:3e:19:98:8a:f3:c4:36:c0:d9:bf:8a:98:9a:e3:80:07:
f0:45:96:e5:cb:a1:eb:37:94:8f:28:81:03:6d:91:a4:e0:9e:
85:cb:af:0e:5f:8a:38:c9:56:62:9c:dd:2f:20:d9:4f:de:55:
22:f5:5d:47:c3:dc:f7:03:84:18:79:71:60:21:ab:8d:f2:79:
a2:93:b1:68:f4:1d:7d:c2:9a:7b:e3:52:bb:10:7b:bd:01:fc:
8f:20:c6:d2:73:15:0d:d7:9a:71:32:4c:75:f7:f3:85:7c:51:
08:2f:36:53:0d:63:2e:13:ae:4d:28:22:97:cd:d4:64:9a:21:
49:ac:c4:56
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIUFOqafaNKJD7hw7JPTyb7z+/wdnowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMWJlMjQwMDIxYTI4N2YyOTg5NzNkOWVhMjhkZmM4MDcz
NWZkNTgwMDAeFw0yNjA2MDIxMjEzMDVaFw0yNzA2MDExMjE4MDVaMDMxMTAvBgNV
BAMTKDg5RjNFMUU4NTA1NjJFNDZDN0Y5MERFRkJENDNDNEJFRkUxMUMxNUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDM8GrvZhefAJvkL4XtNfEoOkE
ingVFxmarjI8YxBpsqmz8w1xf2xSxllNkfG9DT0YJqHezLhJNngB/tTCCfJus0F/
j48gL2QrD7UwoMRQC/wjzTcJI3CgJoWF3KFb0a/iUANK9+ke0flB0rnwmR2w20RA
bEU7BWnX1QjHtWLFOjLVdrgaJQ8cyz/67+3r2O4ZFtBiOxABBFfMI6A41sZaFf8p
Vcp2xpLOKMc9OV2bNhdTee/jWfhdf9RjmFlvJljeQ+CDwMhOjuKMcTinNXfvuSMm
gCA2O4nUGDJhvLm1Nx8sIE2e+EdLHzwavPffK04DtwWv8F1beWxnr8XIav1TAgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQUifPh6FBWLkbH+Q3vvUPEvv4RwVswHwYDVR0j
BBgwFoAUG+JAAhoofymJc9nqKN/IBzX9WAAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGFmYjVmZTItM2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0
ZjBlLzAvMUJFMjQwMDIxQTI4N0YyOTg5NzNEOUVBMjhERkM4MDczNUZENTgwMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0ctSkFBaG9vZnltSmM5bnFLTl9JQnpY
OVdBQS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGFmYjVmZTIt
M2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0ZjBlLzAvMzI2MTMwNjYzYTMxNjM2MzM1
M2EzMTYzMzAzMDNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDMyMzAzNzMzMzAzMy5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw
DgQCAAIwCAMGACoPHMUcMA0GCSqGSIb3DQEBCwUAA4IBAQBfOMQWu2w3afG9srjG
fqOvUKHm91BsMszwP1VUcJp1jAq4lWQscAQFviMd+zJsQWYx6cA07AdcFHKPk3H2
/epuujk+9PD3Qpy7lhpkPl7F+0qp3vhe6Uk5dGUztfPojSw0s+RxJytWazzUqvwe
Z5JbBAykYwwdk1IKqZPk6WBdFz4ZmIrzxDbA2b+KmJrjgAfwRZbly6HrN5SPKIED
bZGk4J6Fy68OX4o4yVZinN0vINlP3lUi9V1Hw9z3A4QYeXFgIauN8nmik7Fo9B19
wpp741K7EHu9AfyPIMbScxUN15pxMkx19/OFfFEILzZTDWMuE65NKCKXzdRkmiFJ
rMRW
-----END CERTIFICATE-----
Generated at Sun Jun 7 09:31:28 2026 by rpki-client