Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a323530303a3a2f34302d3438203d3e20313533333736.roa
File: 326130663a316363353a323530303a3a2f34302d3438203d3e20313533333736.roa (raw, json)
Hash identifier: Hu23wOpIPd74pAwM0uNW7sNpI2YcN3O+GX9wd39em64=
Subject key identifier: 7E:80:01:5B:97:29:7B:1D:63:76:91:1E:74:9E:A0:69:14:40:36:60
Certificate issuer: /CN=1be240021a287f298973d9ea28dfc80735fd5800
Certificate serial: 196CD42B368874852BEC3C85D242D0B0465F9E05
Authority key identifier: 1B:E2:40:02:1A:28:7F:29:89:73:D9:EA:28:DF:C8:07:35:FD:58:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a323530303a3a2f34302d3438203d3e20313533333736.roa
Signing time: Tue 02 Jun 2026 12:18:14 +0000
ROA not before: Tue 02 Jun 2026 12:13:14 +0000
ROA not after: Tue 01 Jun 2027 12:18:14 +0000
asID: 153376
IP address blocks: 2a0f:1cc5:2500::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.crl
rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.mft
rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:6c:d4:2b:36:88:74:85:2b:ec:3c:85:d2:42:d0:b0:46:5f:9e:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1be240021a287f298973d9ea28dfc80735fd5800
Validity
Not Before: Jun 2 12:13:14 2026 GMT
Not After : Jun 1 12:18:14 2027 GMT
Subject: CN=7E80015B97297B1D6376911E749EA06914403660
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:22:68:64:d8:fd:8b:39:e4:65:10:e1:4c:b0:
e7:55:00:37:46:42:cd:ae:af:91:82:c1:29:29:c6:
32:76:68:11:a9:cc:dd:10:fa:da:32:63:47:60:06:
d9:cb:71:2c:20:df:d7:27:ae:85:38:bf:6d:73:94:
92:36:ad:d1:6b:60:3f:3d:c2:ee:9f:e2:e0:f9:ed:
89:d2:ce:bc:21:a2:2c:72:e8:fc:ea:f9:9d:de:4d:
2d:5b:0d:97:2a:b1:02:94:1c:28:bb:a5:8a:64:ac:
7e:ec:74:89:80:a6:f6:b5:b7:c7:b5:4f:86:f0:9d:
df:02:1f:05:4f:1d:14:c3:69:c1:c1:49:0b:0a:21:
9e:6f:8f:05:67:d5:6c:e7:6a:4a:5f:bf:3e:64:03:
fa:20:c1:95:31:bf:2e:50:92:e6:a7:22:32:fd:37:
d1:79:e2:0d:12:4e:73:4d:b0:4b:69:5e:3d:09:0c:
9e:ac:5f:ca:a0:c3:5b:f8:da:c1:61:de:5d:57:ef:
2e:4b:5c:6e:23:8c:40:e3:36:cb:52:29:ca:c5:10:
85:d8:31:7e:ae:a9:89:f7:4d:c1:6e:60:7a:8c:c5:
3e:e0:71:30:9b:63:5d:35:c4:99:f4:9d:8c:9f:18:
65:e9:8b:1d:9c:86:a1:5a:72:ef:84:ff:d6:4d:8e:
5d:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:80:01:5B:97:29:7B:1D:63:76:91:1E:74:9E:A0:69:14:40:36:60
X509v3 Authority Key Identifier:
keyid:1B:E2:40:02:1A:28:7F:29:89:73:D9:EA:28:DF:C8:07:35:FD:58:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a323530303a3a2f34302d3438203d3e20313533333736.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1cc5:2500::/40
Signature Algorithm: sha256WithRSAEncryption
79:19:54:ea:51:a7:78:2a:05:cf:b3:48:5d:d5:4b:c2:19:d9:
24:98:b7:be:93:3a:f6:07:9f:49:6a:b1:63:c8:2c:21:94:d9:
bb:cd:0a:2b:06:9c:20:46:03:1a:a2:e1:60:58:aa:ed:98:aa:
c4:34:47:94:4d:51:d2:68:72:f1:ae:ef:5c:36:f9:cb:7e:87:
82:76:2c:fa:36:c1:7d:b6:ea:fc:f6:02:22:51:d4:09:63:95:
ff:03:13:b0:b5:be:01:bc:98:fb:dc:ca:27:56:11:e9:d1:ec:
eb:d5:86:04:05:bf:17:0e:89:fc:7c:ba:8b:03:c2:5a:d6:6a:
34:27:18:2d:bc:c2:49:18:7e:33:f3:4e:46:e0:8c:4e:a4:4b:
f5:ac:88:17:ef:14:8b:52:74:b3:68:58:b7:86:90:53:fb:29:
ee:63:ce:2f:f2:46:f8:65:99:f7:f9:ca:53:d9:ee:1f:b4:45:
d6:45:00:c5:81:fd:b8:56:a4:1e:16:1b:41:0b:d5:f4:9c:fd:
3c:49:97:27:29:14:7c:e3:38:fe:aa:60:c0:70:c1:e9:18:c2:
ec:e3:61:36:2a:21:94:cc:62:c0:27:21:21:4e:3b:5a:84:33:
49:1c:27:4e:94:c0:88:0c:65:e4:2c:5e:fd:58:40:8b:06:5c:
43:0b:f3:17
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIUGWzUKzaIdIUr7DyF0kLQsEZfngUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMWJlMjQwMDIxYTI4N2YyOTg5NzNkOWVhMjhkZmM4MDcz
NWZkNTgwMDAeFw0yNjA2MDIxMjEzMTRaFw0yNzA2MDExMjE4MTRaMDMxMTAvBgNV
BAMTKDdFODAwMTVCOTcyOTdCMUQ2Mzc2OTExRTc0OUVBMDY5MTQ0MDM2NjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtImhk2P2LOeRlEOFMsOdVADdG
Qs2ur5GCwSkpxjJ2aBGpzN0Q+toyY0dgBtnLcSwg39cnroU4v21zlJI2rdFrYD89
wu6f4uD57YnSzrwhoixy6Pzq+Z3eTS1bDZcqsQKUHCi7pYpkrH7sdImApva1t8e1
T4bwnd8CHwVPHRTDacHBSQsKIZ5vjwVn1Wznakpfvz5kA/ogwZUxvy5QkuanIjL9
N9F54g0STnNNsEtpXj0JDJ6sX8qgw1v42sFh3l1X7y5LXG4jjEDjNstSKcrFEIXY
MX6uqYn3TcFuYHqMxT7gcTCbY101xJn0nYyfGGXpix2chqFacu+E/9ZNjl03AgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQUfoABW5cpex1jdpEedJ6gaRRANmAwHwYDVR0j
BBgwFoAUG+JAAhoofymJc9nqKN/IBzX9WAAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGFmYjVmZTItM2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0
ZjBlLzAvMUJFMjQwMDIxQTI4N0YyOTg5NzNEOUVBMjhERkM4MDczNUZENTgwMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0ctSkFBaG9vZnltSmM5bnFLTl9JQnpY
OVdBQS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGFmYjVmZTIt
M2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0ZjBlLzAvMzI2MTMwNjYzYTMxNjM2MzM1
M2EzMjM1MzAzMDNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDMxMzUzMzMzMzczNi5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw
DgQCAAIwCAMGACoPHMUlMA0GCSqGSIb3DQEBCwUAA4IBAQB5GVTqUad4KgXPs0hd
1UvCGdkkmLe+kzr2B59JarFjyCwhlNm7zQorBpwgRgMaouFgWKrtmKrENEeUTVHS
aHLxru9cNvnLfoeCdiz6NsF9tur89gIiUdQJY5X/AxOwtb4BvJj73MonVhHp0ezr
1YYEBb8XDon8fLqLA8Ja1mo0JxgtvMJJGH4z805G4IxOpEv1rIgX7xSLUnSzaFi3
hpBT+ynuY84v8kb4ZZn3+cpT2e4ftEXWRQDFgf24VqQeFhtBC9X0nP08SZcnKRR8
4zj+qmDAcMHpGMLs42E2KiGUzGLAJyEhTjtahDNJHCdOlMCIDGXkLF79WECLBlxD
C/MX
-----END CERTIFICATE-----
Generated at Thu Jun 4 03:24:50 2026 by rpki-client