Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a34303a3a2f34342d3438203d3e20323131353735.roa
File: 326130663a316363353a34303a3a2f34342d3438203d3e20323131353735.roa (raw, json)
Hash identifier: JiGoF310N4Mg6JR7JyzQZEJJ0OVChPxwokHkgtKEcXs=
Subject key identifier: 36:F6:31:6F:EE:4C:3E:52:D2:BE:21:44:C2:22:EE:E7:C9:96:42:B6
Certificate issuer: /CN=1be240021a287f298973d9ea28dfc80735fd5800
Certificate serial: 37134F105F095806003098FBC5FA7D27454BCC50
Authority key identifier: 1B:E2:40:02:1A:28:7F:29:89:73:D9:EA:28:DF:C8:07:35:FD:58:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a34303a3a2f34342d3438203d3e20323131353735.roa
Signing time: Tue 02 Jun 2026 12:18:19 +0000
ROA not before: Tue 02 Jun 2026 12:13:19 +0000
ROA not after: Tue 01 Jun 2027 12:18:19 +0000
asID: 211575
IP address blocks: 2a0f:1cc5:40::/44 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.crl
rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.mft
rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 10:05:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:13:4f:10:5f:09:58:06:00:30:98:fb:c5:fa:7d:27:45:4b:cc:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1be240021a287f298973d9ea28dfc80735fd5800
Validity
Not Before: Jun 2 12:13:19 2026 GMT
Not After : Jun 1 12:18:19 2027 GMT
Subject: CN=36F6316FEE4C3E52D2BE2144C222EEE7C99642B6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:a0:6d:05:a3:3b:ec:14:e7:19:63:f2:94:86:
8d:42:32:bd:5f:a7:1f:53:c7:29:24:68:5c:27:a2:
06:e0:b4:d1:75:a3:cf:c9:40:69:ab:18:84:2c:52:
34:da:f7:bc:3b:56:38:43:70:1a:b3:11:85:b8:f7:
0b:f7:0b:e3:45:55:c6:33:c1:24:1f:93:fe:03:06:
15:b3:15:3e:12:f7:c3:57:38:2e:24:f7:ca:0b:35:
97:3e:e1:8e:14:50:fd:2a:7e:15:be:61:66:1f:8a:
56:9d:12:93:2a:ae:41:7e:00:8b:94:6c:c8:69:27:
41:1d:92:2b:8d:5b:93:34:84:93:e7:9d:f8:6a:bb:
de:33:a6:ff:54:57:3c:ae:57:03:b1:9b:40:45:a3:
d6:eb:b2:46:83:87:e4:6f:32:72:ae:c9:d2:1e:c2:
c6:28:a4:08:87:69:d4:0b:d6:65:3a:e0:c3:0a:0b:
78:fc:d9:59:f2:33:98:44:f8:1d:ae:b6:e5:c9:7b:
25:9b:e2:6b:fa:5d:00:a1:0c:86:f4:80:c3:5f:06:
fa:c7:48:ca:09:a3:a4:a4:47:ae:d4:fe:21:67:1a:
22:56:3f:96:71:62:e3:66:0e:b2:9b:10:6b:dd:e7:
70:bd:d5:4e:8f:46:fd:2a:e2:a0:bd:5c:9c:93:d4:
25:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:F6:31:6F:EE:4C:3E:52:D2:BE:21:44:C2:22:EE:E7:C9:96:42:B6
X509v3 Authority Key Identifier:
keyid:1B:E2:40:02:1A:28:7F:29:89:73:D9:EA:28:DF:C8:07:35:FD:58:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a34303a3a2f34342d3438203d3e20323131353735.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1cc5:40::/44
Signature Algorithm: sha256WithRSAEncryption
1b:87:2b:8b:d6:16:b5:6c:d8:9d:54:e1:a3:7c:1a:93:63:e6:
82:15:24:c0:b9:62:03:65:fe:a1:46:29:a8:ca:27:5b:0c:eb:
a5:37:5a:59:0a:99:ae:99:4e:e4:9f:f8:5a:b4:1a:d2:ca:65:
aa:b8:5d:24:ae:11:ec:a4:08:0a:27:04:8c:19:49:3c:f8:b2:
ce:e3:ad:2b:bb:e8:13:af:23:ab:e6:82:55:d2:9a:95:00:07:
37:35:58:4e:08:a2:b8:1f:00:2c:8e:eb:9a:18:85:93:e8:2d:
f9:a5:1b:aa:6b:d8:22:25:b7:24:21:c0:29:39:69:04:fe:98:
8f:ee:7f:0a:18:bc:a7:35:b7:5c:5d:ff:1a:04:d0:ac:64:a8:
a0:dc:c8:f8:d1:5e:3c:5c:c5:57:ac:5e:79:0d:20:20:14:72:
e0:05:5d:d0:4c:99:c4:b6:07:2b:05:1b:87:b6:8a:51:88:0b:
36:6f:fe:c8:f9:69:e8:1e:aa:24:81:23:6d:1f:36:f9:b0:99:
30:f8:52:d7:65:ce:75:3d:ad:16:36:34:4c:c5:89:71:a9:15:
fc:25:57:77:99:59:c3:0e:f8:41:4c:d8:5e:2c:e1:2d:b6:1e:
82:c1:72:04:3a:6f:d4:00:4f:62:99:91:c9:e5:67:ae:75:d0:
8a:ce:88:5a
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUNxNPEF8JWAYAMJj7xfp9J0VLzFAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMWJlMjQwMDIxYTI4N2YyOTg5NzNkOWVhMjhkZmM4MDcz
NWZkNTgwMDAeFw0yNjA2MDIxMjEzMTlaFw0yNzA2MDExMjE4MTlaMDMxMTAvBgNV
BAMTKDM2RjYzMTZGRUU0QzNFNTJEMkJFMjE0NEMyMjJFRUU3Qzk5NjQyQjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgoG0FozvsFOcZY/KUho1CMr1f
px9TxykkaFwnogbgtNF1o8/JQGmrGIQsUjTa97w7VjhDcBqzEYW49wv3C+NFVcYz
wSQfk/4DBhWzFT4S98NXOC4k98oLNZc+4Y4UUP0qfhW+YWYfiladEpMqrkF+AIuU
bMhpJ0EdkiuNW5M0hJPnnfhqu94zpv9UVzyuVwOxm0BFo9brskaDh+RvMnKuydIe
wsYopAiHadQL1mU64MMKC3j82VnyM5hE+B2utuXJeyWb4mv6XQChDIb0gMNfBvrH
SMoJo6SkR67U/iFnGiJWP5ZxYuNmDrKbEGvd53C91U6PRv0q4qC9XJyT1CVDAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUNvYxb+5MPlLSviFEwiLu58mWQrYwHwYDVR0j
BBgwFoAUG+JAAhoofymJc9nqKN/IBzX9WAAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGFmYjVmZTItM2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0
ZjBlLzAvMUJFMjQwMDIxQTI4N0YyOTg5NzNEOUVBMjhERkM4MDczNUZENTgwMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0ctSkFBaG9vZnltSmM5bnFLTl9JQnpY
OVdBQS5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGFmYjVmZTIt
M2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0ZjBlLzAvMzI2MTMwNjYzYTMxNjM2MzM1
M2EzNDMwM2EzYTJmMzQzNDJkMzQzODIwM2QzZTIwMzIzMTMxMzUzNzM1LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcEKg8cxQBAMA0GCSqGSIb3DQEBCwUAA4IBAQAbhyuL1ha1bNidVOGjfBqT
Y+aCFSTAuWIDZf6hRimoyidbDOulN1pZCpmumU7kn/hatBrSymWquF0krhHspAgK
JwSMGUk8+LLO460ru+gTryOr5oJV0pqVAAc3NVhOCKK4HwAsjuuaGIWT6C35pRuq
a9giJbckIcApOWkE/piP7n8KGLynNbdcXf8aBNCsZKig3Mj40V48XMVXrF55DSAg
FHLgBV3QTJnEtgcrBRuHtopRiAs2b/7I+WnoHqokgSNtHzb5sJkw+FLXZc51Pa0W
NjRMxYlxqRX8JVd3mVnDDvhBTNheLOEtth6CwXIEOm/UAE9imZHJ5WeuddCKzoha
-----END CERTIFICATE-----
Generated at Thu Jun 11 19:20:18 2026 by rpki-client