Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a316530303a3a2f34302d3438203d3e20323134393638.roa
File: 326130663a316363353a316530303a3a2f34302d3438203d3e20323134393638.roa (raw, json)
Hash identifier: 1yNT6diVclZU6XdqKvMVTQtAelH512PIWWFdpIUT+wM=
Subject key identifier: C6:8E:3A:E0:1C:7C:B6:AC:DD:C6:42:7B:B6:75:88:43:F1:9F:B7:B3
Certificate issuer: /CN=1be240021a287f298973d9ea28dfc80735fd5800
Certificate serial: 78106AD4F96D195B58C52A9647ECC80764E990B8
Authority key identifier: 1B:E2:40:02:1A:28:7F:29:89:73:D9:EA:28:DF:C8:07:35:FD:58:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a316530303a3a2f34302d3438203d3e20323134393638.roa
Signing time: Tue 02 Jun 2026 12:17:59 +0000
ROA not before: Tue 02 Jun 2026 12:12:59 +0000
ROA not after: Tue 01 Jun 2027 12:17:59 +0000
asID: 214968
IP address blocks: 2a0f:1cc5:1e00::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.crl
rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.mft
rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Jun 2026 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:10:6a:d4:f9:6d:19:5b:58:c5:2a:96:47:ec:c8:07:64:e9:90:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1be240021a287f298973d9ea28dfc80735fd5800
Validity
Not Before: Jun 2 12:12:59 2026 GMT
Not After : Jun 1 12:17:59 2027 GMT
Subject: CN=C68E3AE01C7CB6ACDDC6427BB6758843F19FB7B3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:63:55:a1:5c:d4:11:92:36:d0:23:a8:29:a1:
a5:a3:10:3a:b7:2d:d2:01:1a:25:ae:68:1a:42:1c:
b6:4e:c7:15:7c:b8:3a:e8:a4:8c:00:90:82:31:ab:
ee:19:1e:18:33:d8:ae:9f:50:50:31:63:2c:e6:d5:
98:63:58:87:30:d7:d4:81:50:dd:22:9f:74:c2:67:
12:89:1a:1a:e3:37:be:aa:73:27:8a:00:2d:57:f8:
4e:5b:19:b8:da:29:33:ba:f7:50:72:a8:ca:67:d6:
99:36:9b:b2:be:5c:fa:7d:f2:73:48:e5:9d:00:37:
d4:d6:22:23:c6:1f:7d:3f:dc:fc:03:63:04:87:cd:
5a:fe:79:d9:b4:b3:fd:9f:89:37:f7:b0:7e:fa:88:
96:fd:3c:58:f4:db:94:1f:b6:00:9e:11:a4:f1:62:
eb:36:52:be:78:0c:c4:6f:b5:ef:69:4f:86:92:e6:
7d:b4:77:0c:f0:36:bc:39:04:d6:f2:80:8b:45:26:
63:b0:93:63:52:2f:8f:49:cd:ce:2d:f1:35:e2:25:
b2:1d:1b:89:e3:d1:4f:93:5b:c3:98:51:cc:1c:b0:
d5:79:22:69:7c:43:3a:7b:7c:18:13:bd:cd:81:32:
dd:a6:b9:26:6d:7a:c8:61:1d:b8:b8:a7:6f:6c:88:
1a:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:8E:3A:E0:1C:7C:B6:AC:DD:C6:42:7B:B6:75:88:43:F1:9F:B7:B3
X509v3 Authority Key Identifier:
keyid:1B:E2:40:02:1A:28:7F:29:89:73:D9:EA:28:DF:C8:07:35:FD:58:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a316530303a3a2f34302d3438203d3e20323134393638.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1cc5:1e00::/40
Signature Algorithm: sha256WithRSAEncryption
23:ed:b7:da:c4:42:f4:29:95:b3:6e:49:07:ee:ed:76:86:dc:
27:9f:98:53:f7:b8:61:48:66:f1:61:3b:26:9d:e2:5f:16:1e:
6d:0f:66:23:3d:28:f0:61:34:73:62:b2:f3:f4:f1:88:c5:57:
49:20:54:58:81:26:b1:6a:8c:6a:c3:a9:47:b4:b9:9c:0a:cb:
72:e0:13:e3:ee:f1:f0:84:cf:9c:5f:03:70:21:a4:2a:8f:9e:
08:68:46:22:91:6b:fa:15:aa:e8:8c:57:bf:92:d3:eb:db:5d:
50:68:be:29:d9:45:d3:18:8b:79:85:e9:4d:58:f0:54:be:99:
5b:83:cb:f3:c6:c8:91:46:24:12:d1:c3:6f:fd:8b:a2:df:c0:
eb:c3:fa:04:3b:06:78:50:cf:45:87:5d:01:21:93:7e:29:79:
32:a2:88:04:95:b5:e0:64:9c:b9:14:74:03:a6:3f:33:e4:9e:
22:df:f5:16:29:68:bb:69:4c:b0:90:e2:93:ba:65:fc:27:4c:
fc:46:ca:dd:f5:81:8a:93:77:ad:a6:84:2d:d4:f8:bd:fc:7b:
bb:57:23:2d:c8:23:d8:0b:32:70:ac:07:3a:e6:51:a0:d1:1d:
74:c4:bd:1f:78:16:84:ea:23:a3:c0:99:cd:0c:00:12:b7:b3:
91:b7:05:35
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIUeBBq1PltGVtYxSqWR+zIB2TpkLgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMWJlMjQwMDIxYTI4N2YyOTg5NzNkOWVhMjhkZmM4MDcz
NWZkNTgwMDAeFw0yNjA2MDIxMjEyNTlaFw0yNzA2MDExMjE3NTlaMDMxMTAvBgNV
BAMTKEM2OEUzQUUwMUM3Q0I2QUNEREM2NDI3QkI2NzU4ODQzRjE5RkI3QjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvY1WhXNQRkjbQI6gpoaWjEDq3
LdIBGiWuaBpCHLZOxxV8uDropIwAkIIxq+4ZHhgz2K6fUFAxYyzm1ZhjWIcw19SB
UN0in3TCZxKJGhrjN76qcyeKAC1X+E5bGbjaKTO691ByqMpn1pk2m7K+XPp98nNI
5Z0AN9TWIiPGH30/3PwDYwSHzVr+edm0s/2fiTf3sH76iJb9PFj025QftgCeEaTx
Yus2Ur54DMRvte9pT4aS5n20dwzwNrw5BNbygItFJmOwk2NSL49Jzc4t8TXiJbId
G4nj0U+TW8OYUcwcsNV5Iml8Qzp7fBgTvc2BMt2muSZteshhHbi4p29siBpjAgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQUxo464Bx8tqzdxkJ7tnWIQ/Gft7MwHwYDVR0j
BBgwFoAUG+JAAhoofymJc9nqKN/IBzX9WAAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGFmYjVmZTItM2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0
ZjBlLzAvMUJFMjQwMDIxQTI4N0YyOTg5NzNEOUVBMjhERkM4MDczNUZENTgwMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0ctSkFBaG9vZnltSmM5bnFLTl9JQnpY
OVdBQS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGFmYjVmZTIt
M2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0ZjBlLzAvMzI2MTMwNjYzYTMxNjM2MzM1
M2EzMTY1MzAzMDNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDMyMzEzNDM5MzYzOC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw
DgQCAAIwCAMGACoPHMUeMA0GCSqGSIb3DQEBCwUAA4IBAQAj7bfaxEL0KZWzbkkH
7u12htwnn5hT97hhSGbxYTsmneJfFh5tD2YjPSjwYTRzYrLz9PGIxVdJIFRYgSax
aoxqw6lHtLmcCsty4BPj7vHwhM+cXwNwIaQqj54IaEYikWv6FarojFe/ktPr211Q
aL4p2UXTGIt5helNWPBUvplbg8vzxsiRRiQS0cNv/Yui38Drw/oEOwZ4UM9Fh10B
IZN+KXkyoogElbXgZJy5FHQDpj8z5J4i3/UWKWi7aUywkOKTumX8J0z8Rsrd9YGK
k3etpoQt1Pi9/Hu7VyMtyCPYCzJwrAc65lGg0R10xL0feBaE6iOjwJnNDAASt7OR
twU1
-----END CERTIFICATE-----
Generated at Sun Jun 7 09:14:20 2026 by rpki-client