Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a333730303a3a2f34302d3438203d3e20313530313834.roa
File: 326130663a316363353a333730303a3a2f34302d3438203d3e20313530313834.roa (raw, json)
Hash identifier: Zal8UbaBGIxm3DxTEGxB8HXQBh99tZu2ptad2gwFyiw=
Subject key identifier: BE:16:B2:CB:A7:79:AD:C1:4C:2D:49:F0:16:0E:83:9A:C5:06:4A:59
Certificate issuer: /CN=1be240021a287f298973d9ea28dfc80735fd5800
Certificate serial: 0673A511C4265EBE61B71B1F0F44153DB342A24B
Authority key identifier: 1B:E2:40:02:1A:28:7F:29:89:73:D9:EA:28:DF:C8:07:35:FD:58:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a333730303a3a2f34302d3438203d3e20313530313834.roa
Signing time: Tue 02 Jun 2026 12:18:28 +0000
ROA not before: Tue 02 Jun 2026 12:13:28 +0000
ROA not after: Tue 01 Jun 2027 12:18:28 +0000
asID: 150184
IP address blocks: 2a0f:1cc5:3700::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.crl
rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.mft
rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jun 2026 14:33:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:73:a5:11:c4:26:5e:be:61:b7:1b:1f:0f:44:15:3d:b3:42:a2:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1be240021a287f298973d9ea28dfc80735fd5800
Validity
Not Before: Jun 2 12:13:28 2026 GMT
Not After : Jun 1 12:18:28 2027 GMT
Subject: CN=BE16B2CBA779ADC14C2D49F0160E839AC5064A59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:c0:93:01:89:0a:a5:c7:a5:6b:52:38:f2:f8:
0a:e0:02:c0:45:36:9d:a6:a5:54:e3:15:d6:c7:c7:
97:6f:00:22:8e:a4:75:83:15:62:b5:14:c8:06:40:
e5:13:6f:87:79:f7:89:91:7d:97:27:a7:84:36:60:
39:76:64:51:9e:83:2f:f4:80:49:87:78:69:32:bb:
54:e6:4f:dd:5b:98:25:18:29:a3:33:53:15:31:60:
4a:65:ae:64:ca:b5:05:18:1c:db:20:7e:8d:42:3b:
d4:c3:6e:79:4d:e7:7e:4e:d2:04:48:7c:84:9e:77:
f0:8c:51:7d:b9:07:03:b6:ee:2b:62:66:ea:40:3e:
aa:cf:43:9f:a6:d4:a1:7f:b9:b2:22:a5:f8:5f:d2:
3c:69:e2:18:56:62:d7:5a:0c:9a:7b:6c:ca:fa:ff:
74:98:c6:d9:a7:ef:ba:69:76:f6:c7:4f:0a:f9:c6:
cc:5e:e4:b5:e7:79:df:bc:82:9f:08:c2:af:30:9d:
48:ec:be:3a:33:70:93:7b:85:7c:56:ad:42:48:e4:
26:f8:28:cf:fb:1a:36:d1:10:b9:21:af:27:d2:7d:
3c:cf:8e:82:2e:5d:e3:17:01:b4:c2:90:5b:01:e3:
c1:d9:d4:2f:b5:87:60:46:5e:c9:02:e5:17:06:b2:
73:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:16:B2:CB:A7:79:AD:C1:4C:2D:49:F0:16:0E:83:9A:C5:06:4A:59
X509v3 Authority Key Identifier:
keyid:1B:E2:40:02:1A:28:7F:29:89:73:D9:EA:28:DF:C8:07:35:FD:58:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a333730303a3a2f34302d3438203d3e20313530313834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1cc5:3700::/40
Signature Algorithm: sha256WithRSAEncryption
5c:b9:1c:70:e7:8c:23:aa:4a:af:cf:08:d2:fc:fb:6f:94:0d:
b5:00:a8:81:bb:7a:fa:0c:37:6d:3d:bd:e3:6d:5c:e6:29:aa:
0a:74:35:d7:b9:17:ca:cb:30:b2:b5:bd:28:7b:f2:73:89:f0:
71:94:e7:f3:df:46:b7:f8:28:37:d6:25:50:da:63:11:71:1c:
67:36:47:b1:a1:e9:65:5b:3a:52:c5:6e:9f:99:8a:fe:88:ba:
e2:a4:60:4b:29:26:2b:29:66:e2:3e:0c:18:12:0b:9e:92:35:
9c:80:9e:32:04:45:90:c7:f6:7a:4b:7a:2b:81:98:83:5a:57:
9b:b6:f8:76:70:1d:f9:65:b0:b7:33:b5:35:76:3a:c5:20:10:
ca:5c:73:cf:25:2f:6e:be:82:48:5a:5d:46:0c:74:76:47:fc:
38:a2:db:f9:35:b7:85:4b:c6:ce:27:c0:8b:ce:a6:b6:32:51:
0c:4d:5b:7b:84:46:4a:78:2a:5c:d4:ea:a7:fb:44:c3:57:cf:
8e:4f:53:96:0d:ee:53:f3:a5:ce:33:90:78:fb:27:24:7a:c9:
c8:d2:46:d9:c6:3a:06:f7:5b:4d:e4:4d:d3:37:e6:40:82:7b:
3e:69:27:7e:8b:0f:3b:2d:74:55:93:c5:1d:ac:b2:b2:d7:67:
5a:0d:c2:7d
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIUBnOlEcQmXr5htxsfD0QVPbNCokswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMWJlMjQwMDIxYTI4N2YyOTg5NzNkOWVhMjhkZmM4MDcz
NWZkNTgwMDAeFw0yNjA2MDIxMjEzMjhaFw0yNzA2MDExMjE4MjhaMDMxMTAvBgNV
BAMTKEJFMTZCMkNCQTc3OUFEQzE0QzJENDlGMDE2MEU4MzlBQzUwNjRBNTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDdwJMBiQqlx6VrUjjy+ArgAsBF
Np2mpVTjFdbHx5dvACKOpHWDFWK1FMgGQOUTb4d594mRfZcnp4Q2YDl2ZFGegy/0
gEmHeGkyu1TmT91bmCUYKaMzUxUxYEplrmTKtQUYHNsgfo1CO9TDbnlN535O0gRI
fISed/CMUX25BwO27itiZupAPqrPQ5+m1KF/ubIipfhf0jxp4hhWYtdaDJp7bMr6
/3SYxtmn77ppdvbHTwr5xsxe5LXned+8gp8Iwq8wnUjsvjozcJN7hXxWrUJI5Cb4
KM/7GjbRELkhryfSfTzPjoIuXeMXAbTCkFsB48HZ1C+1h2BGXskC5RcGsnOfAgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQUvhayy6d5rcFMLUnwFg6DmsUGSlkwHwYDVR0j
BBgwFoAUG+JAAhoofymJc9nqKN/IBzX9WAAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGFmYjVmZTItM2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0
ZjBlLzAvMUJFMjQwMDIxQTI4N0YyOTg5NzNEOUVBMjhERkM4MDczNUZENTgwMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0ctSkFBaG9vZnltSmM5bnFLTl9JQnpY
OVdBQS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGFmYjVmZTIt
M2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0ZjBlLzAvMzI2MTMwNjYzYTMxNjM2MzM1
M2EzMzM3MzAzMDNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDMxMzUzMDMxMzgzNC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw
DgQCAAIwCAMGACoPHMU3MA0GCSqGSIb3DQEBCwUAA4IBAQBcuRxw54wjqkqvzwjS
/PtvlA21AKiBu3r6DDdtPb3jbVzmKaoKdDXXuRfKyzCytb0oe/JzifBxlOfz30a3
+Cg31iVQ2mMRcRxnNkexoellWzpSxW6fmYr+iLripGBLKSYrKWbiPgwYEguekjWc
gJ4yBEWQx/Z6S3orgZiDWlebtvh2cB35ZbC3M7U1djrFIBDKXHPPJS9uvoJIWl1G
DHR2R/w4otv5NbeFS8bOJ8CLzqa2MlEMTVt7hEZKeCpc1Oqn+0TDV8+OT1OWDe5T
86XOM5B4+yckesnI0kbZxjoG91tN5E3TN+ZAgns+aSd+iw87LXRVk8UdrLKy12da
DcJ9
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:39:34 2026 by rpki-client