Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a333530303a3a2f34302d3438203d3e20323034313432.roa
File: 326130663a316363353a333530303a3a2f34302d3438203d3e20323034313432.roa (raw, json)
Hash identifier: M0kHi4zq4sezIflashHbWNk+UGyoBJI0dxEDmz2jSiQ=
Subject key identifier: 57:CA:42:35:58:33:F0:E5:66:2E:15:4A:61:1A:E1:E9:15:07:0B:34
Certificate issuer: /CN=1be240021a287f298973d9ea28dfc80735fd5800
Certificate serial: 172A76BC9637F77325967E10841A84DFD41B120A
Authority key identifier: 1B:E2:40:02:1A:28:7F:29:89:73:D9:EA:28:DF:C8:07:35:FD:58:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a333530303a3a2f34302d3438203d3e20323034313432.roa
Signing time: Tue 02 Jun 2026 12:18:21 +0000
ROA not before: Tue 02 Jun 2026 12:13:21 +0000
ROA not after: Tue 01 Jun 2027 12:18:21 +0000
asID: 204142
IP address blocks: 2a0f:1cc5:3500::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.crl
rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.mft
rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jun 2026 14:33:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:2a:76:bc:96:37:f7:73:25:96:7e:10:84:1a:84:df:d4:1b:12:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1be240021a287f298973d9ea28dfc80735fd5800
Validity
Not Before: Jun 2 12:13:21 2026 GMT
Not After : Jun 1 12:18:21 2027 GMT
Subject: CN=57CA42355833F0E5662E154A611AE1E915070B34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:f8:54:ef:f3:a1:6b:7a:9b:bc:b2:1e:fc:47:
47:28:26:4c:47:61:90:71:97:64:8c:88:a2:53:37:
cd:e1:b3:a4:a2:86:10:48:c3:50:4a:e3:3f:5a:a9:
a2:b8:cc:9c:b4:99:55:48:5c:36:6d:41:16:b1:8c:
37:fa:8a:b7:a2:c6:56:96:4a:b4:d3:3a:dd:41:cd:
37:05:c1:a9:f2:30:a9:3a:59:82:1a:1c:dc:6f:54:
07:81:ea:a8:38:26:45:97:aa:fe:78:1b:ee:a5:9a:
d5:f1:ce:47:6c:43:e3:b9:2f:74:42:77:be:90:83:
67:b6:48:2d:6d:93:e1:d2:f7:59:b2:ff:d8:43:2d:
38:25:c5:73:5f:04:2f:e4:ce:59:c5:20:e6:62:89:
80:a9:06:14:4e:ee:8d:71:9d:60:1a:32:53:7a:dc:
70:9a:ee:04:5f:69:1d:7e:5f:f0:e7:64:3b:fa:39:
bd:74:63:0f:40:52:57:9f:1d:09:df:e2:29:cd:f9:
f4:16:e3:18:85:8b:79:51:1d:e2:71:e6:cc:3e:2a:
3d:39:3b:28:d0:39:03:47:ed:6e:3e:6c:74:ce:31:
a4:0a:0c:12:fb:ad:f9:79:56:89:bf:b5:b5:db:cd:
a2:35:25:f0:ac:62:7d:b9:72:38:7e:5c:1f:e7:0a:
0c:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:CA:42:35:58:33:F0:E5:66:2E:15:4A:61:1A:E1:E9:15:07:0B:34
X509v3 Authority Key Identifier:
keyid:1B:E2:40:02:1A:28:7F:29:89:73:D9:EA:28:DF:C8:07:35:FD:58:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a333530303a3a2f34302d3438203d3e20323034313432.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1cc5:3500::/40
Signature Algorithm: sha256WithRSAEncryption
1f:d1:e7:65:7e:f2:61:af:9b:b8:4e:64:0a:04:a5:d6:df:aa:
61:78:f0:0f:6b:9e:32:9f:b3:28:c6:c5:9c:f2:fb:65:09:84:
66:67:17:12:14:08:42:5e:fc:38:c8:7b:c9:56:6e:b6:58:dd:
af:69:7d:6e:13:89:cf:78:97:ab:dc:2c:48:dd:a3:db:33:49:
47:1c:f1:dc:d8:1e:86:a5:28:c0:bc:73:1b:f9:88:66:61:a4:
ad:ca:c1:d0:3e:e8:14:a9:9b:a5:40:8d:20:59:fd:90:b1:01:
89:36:78:f9:04:f0:6f:5a:59:8f:61:d4:60:93:7b:fd:58:e0:
01:a5:9d:e7:70:3a:7c:07:22:0f:e3:67:85:59:aa:e4:b5:ee:
6c:f3:6e:6b:03:13:e0:cb:8c:86:31:e3:99:e5:e0:80:4e:65:
9d:d4:ac:a6:7e:84:89:04:72:36:ff:7b:eb:9d:9b:18:92:c8:
01:e6:59:0a:17:21:35:ef:cd:c0:d0:cd:10:05:86:e7:31:32:
86:ad:52:47:ea:4e:82:62:d0:12:fc:46:54:c5:f8:f7:4d:d6:
a7:d2:7c:21:55:13:1f:d8:a5:61:c6:12:af:09:73:a1:83:c4:
de:11:7f:3b:e9:f0:ed:e7:f4:f5:f9:44:bf:d8:b2:91:65:f1:
c9:20:cb:8f
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIUFyp2vJY393Mlln4QhBqE39QbEgowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMWJlMjQwMDIxYTI4N2YyOTg5NzNkOWVhMjhkZmM4MDcz
NWZkNTgwMDAeFw0yNjA2MDIxMjEzMjFaFw0yNzA2MDExMjE4MjFaMDMxMTAvBgNV
BAMTKDU3Q0E0MjM1NTgzM0YwRTU2NjJFMTU0QTYxMUFFMUU5MTUwNzBCMzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCP+FTv86Frepu8sh78R0coJkxH
YZBxl2SMiKJTN83hs6SihhBIw1BK4z9aqaK4zJy0mVVIXDZtQRaxjDf6ireixlaW
SrTTOt1BzTcFwanyMKk6WYIaHNxvVAeB6qg4JkWXqv54G+6lmtXxzkdsQ+O5L3RC
d76Qg2e2SC1tk+HS91my/9hDLTglxXNfBC/kzlnFIOZiiYCpBhRO7o1xnWAaMlN6
3HCa7gRfaR1+X/DnZDv6Ob10Yw9AUlefHQnf4inN+fQW4xiFi3lRHeJx5sw+Kj05
OyjQOQNH7W4+bHTOMaQKDBL7rfl5Vom/tbXbzaI1JfCsYn25cjh+XB/nCgwfAgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQUV8pCNVgz8OVmLhVKYRrh6RUHCzQwHwYDVR0j
BBgwFoAUG+JAAhoofymJc9nqKN/IBzX9WAAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGFmYjVmZTItM2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0
ZjBlLzAvMUJFMjQwMDIxQTI4N0YyOTg5NzNEOUVBMjhERkM4MDczNUZENTgwMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0ctSkFBaG9vZnltSmM5bnFLTl9JQnpY
OVdBQS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGFmYjVmZTIt
M2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0ZjBlLzAvMzI2MTMwNjYzYTMxNjM2MzM1
M2EzMzM1MzAzMDNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDMyMzAzNDMxMzQzMi5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw
DgQCAAIwCAMGACoPHMU1MA0GCSqGSIb3DQEBCwUAA4IBAQAf0edlfvJhr5u4TmQK
BKXW36phePAPa54yn7MoxsWc8vtlCYRmZxcSFAhCXvw4yHvJVm62WN2vaX1uE4nP
eJer3CxI3aPbM0lHHPHc2B6GpSjAvHMb+YhmYaStysHQPugUqZulQI0gWf2QsQGJ
Nnj5BPBvWlmPYdRgk3v9WOABpZ3ncDp8ByIP42eFWarkte5s825rAxPgy4yGMeOZ
5eCATmWd1KymfoSJBHI2/3vrnZsYksgB5lkKFyE1783A0M0QBYbnMTKGrVJH6k6C
YtAS/EZUxfj3Tdan0nwhVRMf2KVhxhKvCXOhg8TeEX876fDt5/T1+US/2LKRZfHJ
IMuP
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:39:27 2026 by rpki-client