Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a323330303a3a2f34302d3438203d3e20323031373635.roa
File: 326130663a316363353a323330303a3a2f34302d3438203d3e20323031373635.roa (raw, json)
Hash identifier: YQqpLtWMSEJTihp/RGPV0KcQT65tbJ/7w79ppxWk6dI=
Subject key identifier: 4A:13:7E:B4:E2:80:31:20:03:30:7D:FC:85:25:D5:3D:3B:28:A1:C2
Certificate issuer: /CN=1be240021a287f298973d9ea28dfc80735fd5800
Certificate serial: 1EA00697C2BCF6009EC146080412B577723EB841
Authority key identifier: 1B:E2:40:02:1A:28:7F:29:89:73:D9:EA:28:DF:C8:07:35:FD:58:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a323330303a3a2f34302d3438203d3e20323031373635.roa
Signing time: Tue 02 Jun 2026 12:18:03 +0000
ROA not before: Tue 02 Jun 2026 12:13:03 +0000
ROA not after: Tue 01 Jun 2027 12:18:03 +0000
asID: 201765
IP address blocks: 2a0f:1cc5:2300::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.crl
rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.mft
rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 10:05:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:a0:06:97:c2:bc:f6:00:9e:c1:46:08:04:12:b5:77:72:3e:b8:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1be240021a287f298973d9ea28dfc80735fd5800
Validity
Not Before: Jun 2 12:13:03 2026 GMT
Not After : Jun 1 12:18:03 2027 GMT
Subject: CN=4A137EB4E280312003307DFC8525D53D3B28A1C2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:1d:54:eb:98:b3:44:29:d7:44:52:3e:c3:4f:
9e:93:b8:8d:64:91:d3:51:ec:7a:54:e1:a5:e5:ec:
4c:00:94:79:f8:93:db:15:3e:47:f5:c4:a7:14:90:
8e:66:17:15:ba:4a:0e:b4:c2:cf:56:64:79:ad:2d:
13:6d:5e:22:a7:a1:c1:e0:78:d0:61:2c:89:ec:fe:
f1:25:25:73:24:fb:03:90:3c:d6:17:5c:6f:81:eb:
73:bd:c5:12:ad:5f:a8:3b:a9:23:b2:5a:b7:08:3d:
11:28:13:ef:2e:99:03:93:1f:88:c5:a3:37:2e:c1:
20:56:50:10:a8:5e:8b:3a:c0:6f:d0:f2:d7:8d:67:
9d:70:ec:ee:45:62:b1:34:8c:45:fd:29:7b:ab:91:
df:dc:15:10:07:0f:a9:0d:58:29:fc:fb:6f:b3:7b:
2b:a0:3b:b3:5f:f4:59:14:53:28:81:26:e4:cd:28:
e3:c6:ad:19:c2:b9:5c:ea:d0:93:36:19:8a:41:0c:
ca:f8:fd:bc:b3:67:71:3e:c2:3c:05:10:17:f0:ec:
e8:68:3e:9e:32:ac:e5:0b:f5:db:12:60:24:cb:66:
e8:60:35:e1:8e:87:6b:21:f3:c3:6a:d0:ea:94:8e:
fc:c0:ca:67:bb:e4:df:e9:74:2f:f6:7d:a0:b0:b4:
b0:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:13:7E:B4:E2:80:31:20:03:30:7D:FC:85:25:D5:3D:3B:28:A1:C2
X509v3 Authority Key Identifier:
keyid:1B:E2:40:02:1A:28:7F:29:89:73:D9:EA:28:DF:C8:07:35:FD:58:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a323330303a3a2f34302d3438203d3e20323031373635.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1cc5:2300::/40
Signature Algorithm: sha256WithRSAEncryption
08:97:7e:62:02:9d:a4:37:e6:4b:a2:f2:68:6e:2e:45:c2:08:
70:94:42:5f:8d:3a:31:48:6e:f5:aa:b2:96:4a:f9:41:69:69:
4d:4f:43:1d:c3:7f:83:f9:0c:a4:18:ed:e1:13:73:58:20:a4:
0c:c0:3a:2c:a7:3f:f0:dd:89:d4:f6:bf:bc:55:1b:ab:57:0b:
ac:01:fd:3e:5c:9e:6e:7e:20:19:34:a4:3b:8f:a7:76:54:b1:
5b:1d:d6:a9:24:ed:2d:33:98:f7:e8:47:89:da:2c:a6:e9:11:
e4:01:2b:58:61:c7:c2:e7:c8:c9:fd:82:f5:d8:11:a1:2d:2d:
8a:88:14:cb:ad:26:60:4b:e4:2a:a6:9f:b7:57:84:3f:81:59:
a2:cd:f4:94:df:ff:30:6e:5f:41:65:33:98:cd:75:33:8d:f9:
09:60:a4:cd:1d:2d:f8:82:ab:4f:15:6f:33:2a:2f:9c:da:28:
fa:fd:81:b7:8a:e0:15:f4:6f:a7:63:cb:9a:6a:02:65:cd:1c:
d5:28:3f:1f:12:cb:5f:ed:dd:7c:f6:8c:87:18:66:70:da:6b:
5a:4b:a7:2f:af:18:8b:f9:e0:cf:7a:26:12:27:a0:cb:6e:88:
e9:d1:90:9e:06:69:67:05:68:3d:e4:a6:cb:69:4a:69:ab:fb:
a8:2d:40:0a
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIUHqAGl8K89gCewUYIBBK1d3I+uEEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMWJlMjQwMDIxYTI4N2YyOTg5NzNkOWVhMjhkZmM4MDcz
NWZkNTgwMDAeFw0yNjA2MDIxMjEzMDNaFw0yNzA2MDExMjE4MDNaMDMxMTAvBgNV
BAMTKDRBMTM3RUI0RTI4MDMxMjAwMzMwN0RGQzg1MjVENTNEM0IyOEExQzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgHVTrmLNEKddEUj7DT56TuI1k
kdNR7HpU4aXl7EwAlHn4k9sVPkf1xKcUkI5mFxW6Sg60ws9WZHmtLRNtXiKnocHg
eNBhLIns/vElJXMk+wOQPNYXXG+B63O9xRKtX6g7qSOyWrcIPREoE+8umQOTH4jF
ozcuwSBWUBCoXos6wG/Q8teNZ51w7O5FYrE0jEX9KXurkd/cFRAHD6kNWCn8+2+z
eyugO7Nf9FkUUyiBJuTNKOPGrRnCuVzq0JM2GYpBDMr4/byzZ3E+wjwFEBfw7Oho
Pp4yrOUL9dsSYCTLZuhgNeGOh2sh88Nq0OqUjvzAyme75N/pdC/2faCwtLDXAgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQUShN+tOKAMSADMH38hSXVPTsoocIwHwYDVR0j
BBgwFoAUG+JAAhoofymJc9nqKN/IBzX9WAAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGFmYjVmZTItM2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0
ZjBlLzAvMUJFMjQwMDIxQTI4N0YyOTg5NzNEOUVBMjhERkM4MDczNUZENTgwMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0ctSkFBaG9vZnltSmM5bnFLTl9JQnpY
OVdBQS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGFmYjVmZTIt
M2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0ZjBlLzAvMzI2MTMwNjYzYTMxNjM2MzM1
M2EzMjMzMzAzMDNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDMyMzAzMTM3MzYzNS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw
DgQCAAIwCAMGACoPHMUjMA0GCSqGSIb3DQEBCwUAA4IBAQAIl35iAp2kN+ZLovJo
bi5FwghwlEJfjToxSG71qrKWSvlBaWlNT0Mdw3+D+QykGO3hE3NYIKQMwDospz/w
3YnU9r+8VRurVwusAf0+XJ5ufiAZNKQ7j6d2VLFbHdapJO0tM5j36EeJ2iym6RHk
AStYYcfC58jJ/YL12BGhLS2KiBTLrSZgS+Qqpp+3V4Q/gVmizfSU3/8wbl9BZTOY
zXUzjfkJYKTNHS34gqtPFW8zKi+c2ij6/YG3iuAV9G+nY8uaagJlzRzVKD8fEstf
7d189oyHGGZw2mtaS6cvrxiL+eDPeiYSJ6DLbojp0ZCeBmlnBWg95KbLaUppq/uo
LUAK
-----END CERTIFICATE-----
Generated at Thu Jun 11 19:20:42 2026 by rpki-client