Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a343130303a3a2f34302d3438203d3e20323139343232.roa
File: 326130663a316363353a343130303a3a2f34302d3438203d3e20323139343232.roa (raw, json)
Hash identifier: F/PByT+P5lWrw7asmakukwgAZSRuPqmyS5WS9zvt+sE=
Subject key identifier: BB:D5:E5:EC:83:00:9F:D2:0F:D7:25:E6:EF:25:56:EB:24:D0:44:F5
Certificate issuer: /CN=1be240021a287f298973d9ea28dfc80735fd5800
Certificate serial: 76F23672878C8C81EF195D7D14E53F20B8E7FF6A
Authority key identifier: 1B:E2:40:02:1A:28:7F:29:89:73:D9:EA:28:DF:C8:07:35:FD:58:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a343130303a3a2f34302d3438203d3e20323139343232.roa
Signing time: Wed 17 Jun 2026 21:48:52 +0000
ROA not before: Wed 17 Jun 2026 21:43:52 +0000
ROA not after: Wed 16 Jun 2027 21:48:52 +0000
asID: 219422
IP address blocks: 2a0f:1cc5:4100::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.crl
rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.mft
rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 25 Jun 2026 07:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:f2:36:72:87:8c:8c:81:ef:19:5d:7d:14:e5:3f:20:b8:e7:ff:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1be240021a287f298973d9ea28dfc80735fd5800
Validity
Not Before: Jun 17 21:43:52 2026 GMT
Not After : Jun 16 21:48:52 2027 GMT
Subject: CN=BBD5E5EC83009FD20FD725E6EF2556EB24D044F5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:a6:fe:b3:0d:b8:be:65:f3:8b:57:6c:e0:f6:
6e:93:50:47:dd:e3:ff:26:1c:49:6b:58:20:3a:c6:
a7:98:8d:ef:f3:2e:1c:65:fe:22:60:0d:fd:42:f2:
f5:99:2f:77:8c:90:9c:3f:ac:ab:d2:cd:d5:aa:a4:
42:9a:40:64:7c:21:82:7c:cc:57:7d:45:b2:58:e9:
f9:1a:b1:38:0b:2e:63:52:10:ac:c7:bb:4e:d7:1e:
da:a1:6d:7f:e2:0f:ba:6b:46:b6:db:c1:a8:4b:77:
ee:cf:ba:3e:64:01:e0:07:21:12:28:c6:03:e4:bd:
4a:40:98:25:06:2d:0f:5b:2f:14:4f:aa:ed:40:e4:
e3:68:60:3e:8f:98:5b:5f:b6:e5:a4:9c:c0:b5:cc:
67:cd:b6:0b:66:21:f0:24:d9:80:8e:89:61:02:bd:
af:d6:c4:df:d2:87:d9:e2:38:7f:07:39:52:99:16:
76:8c:37:06:9d:b6:0c:e8:3e:ea:dc:74:de:cf:97:
e5:ad:db:92:cd:3c:71:3d:12:82:38:96:7b:d0:1e:
d8:71:5a:23:29:23:a5:b2:7d:2d:dd:64:88:e2:46:
5f:d9:8d:69:6d:b1:30:46:a4:d6:17:06:bf:4f:55:
fd:f7:87:a8:77:77:1d:94:2a:4e:25:5f:7e:7c:99:
c1:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:D5:E5:EC:83:00:9F:D2:0F:D7:25:E6:EF:25:56:EB:24:D0:44:F5
X509v3 Authority Key Identifier:
keyid:1B:E2:40:02:1A:28:7F:29:89:73:D9:EA:28:DF:C8:07:35:FD:58:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a343130303a3a2f34302d3438203d3e20323139343232.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1cc5:4100::/40
Signature Algorithm: sha256WithRSAEncryption
45:af:15:4e:41:d8:78:79:5e:39:d7:17:2a:26:a6:36:61:40:
52:7e:af:99:5f:21:71:ef:6e:0b:03:14:1a:b4:90:6a:69:b6:
7a:84:bb:14:89:11:53:40:82:bb:5d:d4:e7:19:60:45:8f:ad:
d8:46:7c:f5:12:91:ff:43:e5:30:17:d5:9a:99:c0:d3:44:5d:
57:57:0c:b9:0a:d1:bd:ee:69:6a:27:85:52:7c:7d:42:64:11:
30:81:49:ed:b1:ab:37:8b:3e:d5:50:e6:1d:a5:d4:b4:28:e2:
08:1e:91:0d:5f:ab:c8:67:a7:4a:85:7f:4d:ac:38:c6:51:b9:
04:e9:85:37:d1:32:10:b3:ff:b0:58:d6:f5:51:fd:8e:d5:47:
cc:34:ec:e3:2f:6f:84:6c:11:d2:97:65:cc:53:23:94:0a:80:
80:2d:c8:c1:4a:94:01:16:6f:28:fb:90:f4:0d:79:ae:3f:fe:
25:99:0f:09:5e:01:93:42:86:e4:a5:2e:77:54:ff:93:ef:b4:
73:ca:4c:52:83:ad:a6:cf:8a:49:3d:cf:af:9c:23:b7:03:bd:
76:fe:52:61:8d:8a:83:b3:a9:4c:58:7d:e9:d8:c9:52:01:b8:
84:35:0e:16:69:5d:55:6e:0c:68:78:0b:b1:49:41:d3:ee:2c:
c2:42:ed:d6
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIUdvI2coeMjIHvGV19FOU/ILjn/2owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMWJlMjQwMDIxYTI4N2YyOTg5NzNkOWVhMjhkZmM4MDcz
NWZkNTgwMDAeFw0yNjA2MTcyMTQzNTJaFw0yNzA2MTYyMTQ4NTJaMDMxMTAvBgNV
BAMTKEJCRDVFNUVDODMwMDlGRDIwRkQ3MjVFNkVGMjU1NkVCMjREMDQ0RjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmpv6zDbi+ZfOLV2zg9m6TUEfd
4/8mHElrWCA6xqeYje/zLhxl/iJgDf1C8vWZL3eMkJw/rKvSzdWqpEKaQGR8IYJ8
zFd9RbJY6fkasTgLLmNSEKzHu07XHtqhbX/iD7prRrbbwahLd+7Puj5kAeAHIRIo
xgPkvUpAmCUGLQ9bLxRPqu1A5ONoYD6PmFtftuWknMC1zGfNtgtmIfAk2YCOiWEC
va/WxN/Sh9niOH8HOVKZFnaMNwadtgzoPurcdN7Pl+Wt25LNPHE9EoI4lnvQHthx
WiMpI6WyfS3dZIjiRl/ZjWltsTBGpNYXBr9PVf33h6h3dx2UKk4lX358mcGzAgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQUu9Xl7IMAn9IP1yXm7yVW6yTQRPUwHwYDVR0j
BBgwFoAUG+JAAhoofymJc9nqKN/IBzX9WAAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGFmYjVmZTItM2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0
ZjBlLzAvMUJFMjQwMDIxQTI4N0YyOTg5NzNEOUVBMjhERkM4MDczNUZENTgwMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0ctSkFBaG9vZnltSmM5bnFLTl9JQnpY
OVdBQS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGFmYjVmZTIt
M2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0ZjBlLzAvMzI2MTMwNjYzYTMxNjM2MzM1
M2EzNDMxMzAzMDNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDMyMzEzOTM0MzIzMi5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw
DgQCAAIwCAMGACoPHMVBMA0GCSqGSIb3DQEBCwUAA4IBAQBFrxVOQdh4eV451xcq
JqY2YUBSfq+ZXyFx724LAxQatJBqabZ6hLsUiRFTQIK7XdTnGWBFj63YRnz1EpH/
Q+UwF9WamcDTRF1XVwy5CtG97mlqJ4VSfH1CZBEwgUntsas3iz7VUOYdpdS0KOII
HpENX6vIZ6dKhX9NrDjGUbkE6YU30TIQs/+wWNb1Uf2O1UfMNOzjL2+EbBHSl2XM
UyOUCoCALcjBSpQBFm8o+5D0DXmuP/4lmQ8JXgGTQobkpS53VP+T77RzykxSg62m
z4pJPc+vnCO3A712/lJhjYqDs6lMWH3p2MlSAbiENQ4WaV1VbgxoeAuxSUHT7izC
Qu3W
-----END CERTIFICATE-----
Generated at Thu Jun 25 00:16:47 2026 by rpki-client