Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a316430303a3a2f34302d3438203d3e20323134323037.roa
File: 326130663a316363353a316430303a3a2f34302d3438203d3e20323134323037.roa (raw, json)
Hash identifier: 6PhZD+ljmWRF9ycco2Rag4r++e+0B1WL0M4vP9D1W/g=
Subject key identifier: A2:70:CB:C5:1A:26:19:F6:CC:33:AF:22:12:77:4B:D4:6F:27:F9:3D
Certificate issuer: /CN=1be240021a287f298973d9ea28dfc80735fd5800
Certificate serial: 048173A2E22900172E46385F3DE940A7C916B7AC
Authority key identifier: 1B:E2:40:02:1A:28:7F:29:89:73:D9:EA:28:DF:C8:07:35:FD:58:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a316430303a3a2f34302d3438203d3e20323134323037.roa
Signing time: Tue 02 Jun 2026 12:18:12 +0000
ROA not before: Tue 02 Jun 2026 12:13:12 +0000
ROA not after: Tue 01 Jun 2027 12:18:12 +0000
asID: 214207
IP address blocks: 2a0f:1cc5:1d00::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.crl
rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.mft
rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Jun 2026 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:81:73:a2:e2:29:00:17:2e:46:38:5f:3d:e9:40:a7:c9:16:b7:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1be240021a287f298973d9ea28dfc80735fd5800
Validity
Not Before: Jun 2 12:13:12 2026 GMT
Not After : Jun 1 12:18:12 2027 GMT
Subject: CN=A270CBC51A2619F6CC33AF2212774BD46F27F93D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:3c:97:1c:af:85:55:74:f9:6a:77:78:90:42:
de:17:89:0b:9c:90:f2:d3:a8:11:03:f5:9e:02:2b:
89:a6:3f:53:e9:29:0f:a7:ff:e5:45:6a:9f:1c:0e:
d6:48:93:fc:ca:a3:60:8d:5f:34:3f:89:9f:60:e7:
14:a6:be:fa:63:2e:b0:9a:1e:50:40:2a:e0:6c:24:
e8:49:be:72:f5:d6:cb:81:b1:98:50:3f:bf:26:97:
d2:a1:f3:dc:98:dc:7b:26:ac:0d:98:9d:ea:c1:ad:
bb:2f:02:fa:97:c0:07:ab:c9:03:55:47:51:7b:16:
0f:f3:35:e4:dc:0a:a7:06:ef:b7:55:10:1a:48:b4:
6b:b2:65:47:59:88:ce:88:17:1c:07:4a:9d:43:85:
90:9e:a9:eb:64:29:cf:0c:95:8d:09:6c:ef:53:dd:
57:0c:96:9b:9d:05:f1:5c:ca:22:2b:10:b9:71:ff:
22:af:52:27:c8:32:7f:a9:58:11:9a:8b:04:ad:0f:
c0:81:49:5c:55:57:47:92:38:33:29:a0:80:21:b0:
a5:35:3d:a9:80:92:42:54:d3:96:02:d3:41:ac:e7:
cd:77:83:99:eb:9a:8a:b9:5e:99:e2:3a:2d:75:e8:
b8:21:e9:47:bd:2d:16:b2:90:fe:25:7e:4d:94:bc:
3d:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:70:CB:C5:1A:26:19:F6:CC:33:AF:22:12:77:4B:D4:6F:27:F9:3D
X509v3 Authority Key Identifier:
keyid:1B:E2:40:02:1A:28:7F:29:89:73:D9:EA:28:DF:C8:07:35:FD:58:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a316430303a3a2f34302d3438203d3e20323134323037.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1cc5:1d00::/40
Signature Algorithm: sha256WithRSAEncryption
8a:3e:67:cb:5e:b2:74:32:cf:21:d4:b6:28:74:9e:b2:72:82:
8e:3a:0a:56:c5:70:2e:fb:3a:56:09:ad:c4:34:7b:9e:d6:33:
86:6d:3e:80:db:99:2d:4e:fd:c2:15:f0:dc:d8:0c:40:24:98:
fe:c0:44:71:cb:d5:1d:df:f4:5e:df:ef:2a:25:3b:4e:72:bb:
d9:7b:f0:8f:2e:ad:48:c4:9f:ae:f0:32:92:e8:55:0d:b7:1c:
c1:4c:4f:ea:36:6a:ac:4d:5c:09:69:08:84:fb:b3:20:77:11:
87:a7:14:3c:05:14:42:fd:67:ee:a7:ee:01:db:08:77:ef:4d:
f9:4c:d3:fe:b2:d6:ae:8f:09:75:22:09:a0:c8:1b:0b:6e:97:
b8:be:9b:fd:03:b3:3c:e1:06:04:e9:3c:22:3a:ff:d4:41:5a:
ea:be:f3:70:1d:00:e4:1f:4e:1d:81:f4:78:75:ba:a2:ea:94:
a2:77:78:63:db:63:3c:a1:50:a4:09:72:04:73:ed:8d:8b:45:
08:6c:dd:a9:a4:1b:06:79:87:76:f0:38:af:39:0c:ad:fa:42:
10:ad:14:c0:44:58:f9:a3:0b:56:f4:45:b9:f4:ec:23:09:4b:
4e:49:c7:29:45:b1:c9:f7:35:9e:6d:88:2d:be:bf:d8:03:cd:
33:26:ec:bf
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIUBIFzouIpABcuRjhfPelAp8kWt6wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMWJlMjQwMDIxYTI4N2YyOTg5NzNkOWVhMjhkZmM4MDcz
NWZkNTgwMDAeFw0yNjA2MDIxMjEzMTJaFw0yNzA2MDExMjE4MTJaMDMxMTAvBgNV
BAMTKEEyNzBDQkM1MUEyNjE5RjZDQzMzQUYyMjEyNzc0QkQ0NkYyN0Y5M0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKPJccr4VVdPlqd3iQQt4XiQuc
kPLTqBED9Z4CK4mmP1PpKQ+n/+VFap8cDtZIk/zKo2CNXzQ/iZ9g5xSmvvpjLrCa
HlBAKuBsJOhJvnL11suBsZhQP78ml9Kh89yY3HsmrA2YnerBrbsvAvqXwAeryQNV
R1F7Fg/zNeTcCqcG77dVEBpItGuyZUdZiM6IFxwHSp1DhZCeqetkKc8MlY0JbO9T
3VcMlpudBfFcyiIrELlx/yKvUifIMn+pWBGaiwStD8CBSVxVV0eSODMpoIAhsKU1
PamAkkJU05YC00Gs5813g5nrmoq5XpniOi116Lgh6Ue9LRaykP4lfk2UvD3TAgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQUonDLxRomGfbMM68iEndL1G8n+T0wHwYDVR0j
BBgwFoAUG+JAAhoofymJc9nqKN/IBzX9WAAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGFmYjVmZTItM2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0
ZjBlLzAvMUJFMjQwMDIxQTI4N0YyOTg5NzNEOUVBMjhERkM4MDczNUZENTgwMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0ctSkFBaG9vZnltSmM5bnFLTl9JQnpY
OVdBQS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGFmYjVmZTIt
M2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0ZjBlLzAvMzI2MTMwNjYzYTMxNjM2MzM1
M2EzMTY0MzAzMDNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDMyMzEzNDMyMzAzNy5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw
DgQCAAIwCAMGACoPHMUdMA0GCSqGSIb3DQEBCwUAA4IBAQCKPmfLXrJ0Ms8h1LYo
dJ6ycoKOOgpWxXAu+zpWCa3ENHue1jOGbT6A25ktTv3CFfDc2AxAJJj+wERxy9Ud
3/Re3+8qJTtOcrvZe/CPLq1IxJ+u8DKS6FUNtxzBTE/qNmqsTVwJaQiE+7MgdxGH
pxQ8BRRC/Wfup+4B2wh37035TNP+staujwl1IgmgyBsLbpe4vpv9A7M84QYE6Twi
Ov/UQVrqvvNwHQDkH04dgfR4dbqi6pSid3hj22M8oVCkCXIEc+2Ni0UIbN2ppBsG
eYd28DivOQyt+kIQrRTARFj5owtW9EW59OwjCUtOSccpRbHJ9zWebYgtvr/YA80z
Juy/
-----END CERTIFICATE-----
Generated at Sun Jun 7 09:14:38 2026 by rpki-client