Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a3330303a3a2f34302d3438203d3e20313939303138.roa
File: 326130663a316363353a3330303a3a2f34302d3438203d3e20313939303138.roa (raw, json)
Hash identifier: YjZrWf4ZBsu2YoZ50kQJBS6J9bthL4ihiRV70VLowvA=
Subject key identifier: 56:23:5F:52:E4:89:40:1B:7A:F5:A8:EF:93:A3:07:1B:95:A0:8C:E1
Certificate issuer: /CN=1be240021a287f298973d9ea28dfc80735fd5800
Certificate serial: 2A64C6D9E9413AF0F804EEF8B2328F121BF0599B
Authority key identifier: 1B:E2:40:02:1A:28:7F:29:89:73:D9:EA:28:DF:C8:07:35:FD:58:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a3330303a3a2f34302d3438203d3e20313939303138.roa
Signing time: Tue 02 Jun 2026 12:18:17 +0000
ROA not before: Tue 02 Jun 2026 12:13:17 +0000
ROA not after: Tue 01 Jun 2027 12:18:17 +0000
asID: 199018
IP address blocks: 2a0f:1cc5:300::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.crl
rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.mft
rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Jun 2026 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:64:c6:d9:e9:41:3a:f0:f8:04:ee:f8:b2:32:8f:12:1b:f0:59:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1be240021a287f298973d9ea28dfc80735fd5800
Validity
Not Before: Jun 2 12:13:17 2026 GMT
Not After : Jun 1 12:18:17 2027 GMT
Subject: CN=56235F52E489401B7AF5A8EF93A3071B95A08CE1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:cc:64:b6:d2:7c:27:e5:75:02:58:63:d7:18:
2f:52:59:dd:dd:95:d6:d4:5e:47:dd:f5:dd:0f:75:
45:c0:37:2a:17:08:c6:ec:7f:66:00:47:42:27:4f:
2e:03:1a:a0:0b:47:e9:49:c0:3e:3c:13:ba:73:7f:
87:0c:56:7c:ed:81:93:7c:cc:cb:0a:eb:be:cf:d7:
6e:73:1e:e4:64:e9:64:a8:b3:0f:0e:58:ca:98:2e:
15:75:29:38:3c:d0:27:90:3b:6f:95:f7:80:1a:6a:
c5:2c:c8:1d:62:77:00:ce:e7:29:f2:56:bc:83:cf:
16:8c:64:b9:5e:4c:7a:c9:d5:c3:0b:7c:7f:31:37:
b8:9e:7d:ea:31:bf:61:0c:51:f0:90:43:0b:78:0b:
4f:4e:f4:91:78:11:07:58:49:92:19:82:de:a2:31:
b2:69:01:ea:95:84:7b:96:3a:dc:72:d9:fa:db:c0:
28:ed:04:14:c1:32:31:1f:12:e2:45:8c:41:89:25:
59:95:0e:df:11:b8:a7:c4:d0:82:7f:0a:0e:20:48:
d3:49:79:c8:ed:7d:7a:00:ee:49:9d:1b:a3:a6:37:
f3:d3:c4:9a:45:4a:8e:e9:ad:fd:69:cf:d3:33:4b:
d3:b3:70:dd:8f:b3:16:d5:67:45:1c:7b:ae:65:c7:
1e:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:23:5F:52:E4:89:40:1B:7A:F5:A8:EF:93:A3:07:1B:95:A0:8C:E1
X509v3 Authority Key Identifier:
keyid:1B:E2:40:02:1A:28:7F:29:89:73:D9:EA:28:DF:C8:07:35:FD:58:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a3330303a3a2f34302d3438203d3e20313939303138.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1cc5:300::/40
Signature Algorithm: sha256WithRSAEncryption
5e:2c:27:26:cb:2a:78:e1:f1:21:43:05:b4:f5:f1:d5:b5:65:
96:3d:14:7f:6a:ed:ac:44:28:a2:2e:65:7b:bd:18:c9:8c:4c:
19:74:21:09:35:24:90:73:32:5d:7d:d8:1d:29:ec:36:e6:3d:
c9:0e:76:dd:3d:03:81:a6:29:b3:88:d1:e9:a9:9a:a9:1b:20:
72:94:c5:56:bb:28:b3:43:7f:97:f1:27:39:7c:08:68:c5:cf:
dd:fb:db:3f:6c:bd:74:93:ed:ed:8a:72:ac:34:80:89:e5:89:
93:c6:b7:d9:f1:53:8d:1b:4e:72:d5:52:c3:e4:85:0a:08:06:
13:ab:6d:83:14:04:d7:9f:c7:4d:55:33:aa:ce:6b:45:a3:e1:
9e:a0:d1:7d:fa:6c:07:4c:42:07:3a:51:da:b0:03:3a:1d:f9:
d4:bd:67:4c:62:87:b2:6b:f4:cf:66:1c:f6:71:d9:66:53:a4:
97:09:70:c6:e2:3a:30:74:f1:6c:95:1b:a7:0e:56:45:7f:e1:
ac:cb:de:ce:49:4b:18:b2:33:9c:75:72:5c:ca:2e:58:ea:5f:
67:6b:41:d4:e9:56:f0:a1:15:40:64:c2:90:f4:dc:10:41:38:
12:19:4e:71:fa:46:1f:c1:d3:ce:90:24:87:d2:28:3b:d0:e9:
18:da:10:ad
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIUKmTG2elBOvD4BO74sjKPEhvwWZswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMWJlMjQwMDIxYTI4N2YyOTg5NzNkOWVhMjhkZmM4MDcz
NWZkNTgwMDAeFw0yNjA2MDIxMjEzMTdaFw0yNzA2MDExMjE4MTdaMDMxMTAvBgNV
BAMTKDU2MjM1RjUyRTQ4OTQwMUI3QUY1QThFRjkzQTMwNzFCOTVBMDhDRTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCLzGS20nwn5XUCWGPXGC9SWd3d
ldbUXkfd9d0PdUXANyoXCMbsf2YAR0InTy4DGqALR+lJwD48E7pzf4cMVnztgZN8
zMsK677P125zHuRk6WSosw8OWMqYLhV1KTg80CeQO2+V94AaasUsyB1idwDO5yny
VryDzxaMZLleTHrJ1cMLfH8xN7iefeoxv2EMUfCQQwt4C09O9JF4EQdYSZIZgt6i
MbJpAeqVhHuWOtxy2frbwCjtBBTBMjEfEuJFjEGJJVmVDt8RuKfE0IJ/Cg4gSNNJ
ecjtfXoA7kmdG6OmN/PTxJpFSo7prf1pz9MzS9OzcN2PsxbVZ0Uce65lxx57AgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQUViNfUuSJQBt69ajvk6MHG5WgjOEwHwYDVR0j
BBgwFoAUG+JAAhoofymJc9nqKN/IBzX9WAAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGFmYjVmZTItM2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0
ZjBlLzAvMUJFMjQwMDIxQTI4N0YyOTg5NzNEOUVBMjhERkM4MDczNUZENTgwMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0ctSkFBaG9vZnltSmM5bnFLTl9JQnpY
OVdBQS5jZXIwgbUGCCsGAQUFBwELBIGoMIGlMIGiBggrBgEFBQcwC4aBlXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGFmYjVmZTIt
M2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0ZjBlLzAvMzI2MTMwNjYzYTMxNjM2MzM1
M2EzMzMwMzAzYTNhMmYzNDMwMmQzNDM4MjAzZDNlMjAzMTM5MzkzMDMxMzgucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4E
AgACMAgDBgAqDxzFAzANBgkqhkiG9w0BAQsFAAOCAQEAXiwnJssqeOHxIUMFtPXx
1bVllj0Uf2rtrEQooi5le70YyYxMGXQhCTUkkHMyXX3YHSnsNuY9yQ523T0DgaYp
s4jR6amaqRsgcpTFVrsos0N/l/EnOXwIaMXP3fvbP2y9dJPt7YpyrDSAieWJk8a3
2fFTjRtOctVSw+SFCggGE6ttgxQE15/HTVUzqs5rRaPhnqDRffpsB0xCBzpR2rAD
Oh351L1nTGKHsmv0z2Yc9nHZZlOklwlwxuI6MHTxbJUbpw5WRX/hrMvezklLGLIz
nHVyXMouWOpfZ2tB1OlW8KEVQGTCkPTcEEE4EhlOcfpGH8HTzpAkh9IoO9DpGNoQ
rQ==
-----END CERTIFICATE-----
Generated at Sun Jun 7 09:14:53 2026 by rpki-client