Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a343030303a3a2f34302d3438203d3e203235303835.roa
File: 326130663a316363353a343030303a3a2f34302d3438203d3e203235303835.roa (raw, json)
Hash identifier: 0+9zLfRpu7uv27Wt8ZhCfGqDfWoyKuerJ9gGEmUdW8Y=
Subject key identifier: 86:A4:DC:45:F1:9A:3B:79:40:49:F5:69:93:84:D5:F3:33:34:B7:0C
Certificate issuer: /CN=1be240021a287f298973d9ea28dfc80735fd5800
Certificate serial: 5877332D8DBB441AEDC3D34B1573EDFE94379F45
Authority key identifier: 1B:E2:40:02:1A:28:7F:29:89:73:D9:EA:28:DF:C8:07:35:FD:58:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a343030303a3a2f34302d3438203d3e203235303835.roa
Signing time: Fri 05 Jun 2026 08:43:27 +0000
ROA not before: Fri 05 Jun 2026 08:38:27 +0000
ROA not after: Fri 04 Jun 2027 08:43:27 +0000
asID: 25085
IP address blocks: 2a0f:1cc5:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.crl
rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.mft
rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 10:05:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:77:33:2d:8d:bb:44:1a:ed:c3:d3:4b:15:73:ed:fe:94:37:9f:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1be240021a287f298973d9ea28dfc80735fd5800
Validity
Not Before: Jun 5 08:38:27 2026 GMT
Not After : Jun 4 08:43:27 2027 GMT
Subject: CN=86A4DC45F19A3B794049F5699384D5F33334B70C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:67:22:8a:c5:b9:93:3d:57:ee:d2:6c:79:92:
40:df:fd:1c:e1:99:a1:51:49:22:0e:99:0f:87:86:
1d:8f:6b:c4:62:5a:c1:18:d3:b5:90:b6:22:50:3f:
a8:12:a0:89:0d:c6:9d:b6:07:27:92:ef:ca:4f:32:
f8:a1:75:f4:e0:b3:1d:dc:12:7a:d1:ee:a4:49:1a:
23:06:73:bb:78:58:66:b4:d7:60:0d:8b:d1:cb:21:
0f:1e:f1:bc:c7:f6:a2:bd:bc:c2:78:99:ae:a5:1e:
e7:29:ce:ea:29:a7:17:d0:06:e3:e6:ed:4f:23:47:
09:92:d5:7c:10:f6:46:20:e1:9a:01:df:39:ef:3c:
8a:51:af:e8:78:0b:6c:2b:78:15:b1:41:e9:88:66:
c4:a9:84:4d:a9:14:ee:4e:08:9e:2a:67:7f:9a:0d:
8a:3c:86:14:ca:44:2d:1f:7d:15:13:4b:4c:fe:67:
63:35:c0:6f:83:d1:08:df:22:a6:dc:43:ad:3d:d7:
f1:f0:52:41:ae:8d:e8:cb:7c:3d:2c:d2:07:54:01:
4a:89:4f:73:d4:c1:14:dc:e8:df:f6:80:d9:46:b9:
4a:e9:b7:38:ff:01:df:4d:97:5f:61:63:b3:72:96:
a9:2d:f1:49:ca:35:56:88:21:0f:ed:59:04:c0:62:
18:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:A4:DC:45:F1:9A:3B:79:40:49:F5:69:93:84:D5:F3:33:34:B7:0C
X509v3 Authority Key Identifier:
keyid:1B:E2:40:02:1A:28:7F:29:89:73:D9:EA:28:DF:C8:07:35:FD:58:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a343030303a3a2f34302d3438203d3e203235303835.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1cc5:4000::/40
Signature Algorithm: sha256WithRSAEncryption
29:8b:22:64:8c:35:88:fd:1f:45:4f:07:85:d5:69:79:d9:96:
89:d1:27:ea:79:67:78:d8:73:48:c8:f0:23:0f:30:c2:c7:27:
7c:33:b2:f2:7a:42:97:66:91:8d:fc:4c:9e:94:83:75:d1:a1:
74:55:96:31:6b:e4:8d:69:0e:c8:a9:3f:02:69:9f:c7:2c:19:
b6:88:3b:95:7e:c0:fb:da:c7:4b:85:76:36:25:73:4b:d8:32:
d7:ca:a2:1c:7f:65:a3:62:f3:9d:55:d6:16:28:b1:fc:27:2f:
c3:98:48:90:26:87:55:47:70:c5:78:5b:86:00:0e:9d:de:8a:
6d:bb:fe:ec:53:eb:ba:c7:85:26:fd:14:22:e1:ed:08:02:57:
12:ca:cb:c5:3e:a6:a4:bd:2c:e6:e1:95:1c:df:9e:d6:54:6d:
6d:9b:98:f4:3f:9c:50:d1:c5:ef:b6:35:ed:45:2e:a7:3a:55:
c1:57:1c:49:96:91:5a:69:f9:78:16:65:16:8c:14:a0:d7:ae:
4a:12:f6:cc:30:ce:5d:0f:4d:d3:ad:c6:44:ba:9b:7f:19:41:
72:08:1b:00:56:95:46:ed:ca:c9:b8:fb:40:b3:77:37:a1:6e:
8f:89:f4:31:f4:30:2c:e3:77:c2:be:ac:80:22:a7:bc:f9:b0:
93:8d:cc:cb
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIUWHczLY27RBrtw9NLFXPt/pQ3n0UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMWJlMjQwMDIxYTI4N2YyOTg5NzNkOWVhMjhkZmM4MDcz
NWZkNTgwMDAeFw0yNjA2MDUwODM4MjdaFw0yNzA2MDQwODQzMjdaMDMxMTAvBgNV
BAMTKDg2QTREQzQ1RjE5QTNCNzk0MDQ5RjU2OTkzODRENUYzMzMzNEI3MEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIZyKKxbmTPVfu0mx5kkDf/Rzh
maFRSSIOmQ+Hhh2Pa8RiWsEY07WQtiJQP6gSoIkNxp22ByeS78pPMvihdfTgsx3c
EnrR7qRJGiMGc7t4WGa012ANi9HLIQ8e8bzH9qK9vMJ4ma6lHucpzuoppxfQBuPm
7U8jRwmS1XwQ9kYg4ZoB3znvPIpRr+h4C2wreBWxQemIZsSphE2pFO5OCJ4qZ3+a
DYo8hhTKRC0ffRUTS0z+Z2M1wG+D0QjfIqbcQ6091/HwUkGujejLfD0s0gdUAUqJ
T3PUwRTc6N/2gNlGuUrptzj/Ad9Nl19hY7Nylqkt8UnKNVaIIQ/tWQTAYhjlAgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQUhqTcRfGaO3lASfVpk4TV8zM0twwwHwYDVR0j
BBgwFoAUG+JAAhoofymJc9nqKN/IBzX9WAAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGFmYjVmZTItM2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0
ZjBlLzAvMUJFMjQwMDIxQTI4N0YyOTg5NzNEOUVBMjhERkM4MDczNUZENTgwMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0ctSkFBaG9vZnltSmM5bnFLTl9JQnpY
OVdBQS5jZXIwgbUGCCsGAQUFBwELBIGoMIGlMIGiBggrBgEFBQcwC4aBlXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGFmYjVmZTIt
M2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0ZjBlLzAvMzI2MTMwNjYzYTMxNjM2MzM1
M2EzNDMwMzAzMDNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDMyMzUzMDM4MzUucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4E
AgACMAgDBgAqDxzFQDANBgkqhkiG9w0BAQsFAAOCAQEAKYsiZIw1iP0fRU8HhdVp
edmWidEn6nlneNhzSMjwIw8wwscnfDOy8npCl2aRjfxMnpSDddGhdFWWMWvkjWkO
yKk/AmmfxywZtog7lX7A+9rHS4V2NiVzS9gy18qiHH9lo2LznVXWFiix/Ccvw5hI
kCaHVUdwxXhbhgAOnd6Kbbv+7FPruseFJv0UIuHtCAJXEsrLxT6mpL0s5uGVHN+e
1lRtbZuY9D+cUNHF77Y17UUupzpVwVccSZaRWmn5eBZlFowUoNeuShL2zDDOXQ9N
063GRLqbfxlBcggbAFaVRu3Kybj7QLN3N6Fuj4n0MfQwLON3wr6sgCKnvPmwk43M
yw==
-----END CERTIFICATE-----
Generated at Thu Jun 11 19:13:04 2026 by rpki-client