Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a3630303a3a2f34302d3438203d3e20323134393333.roa
File: 326130663a316363353a3630303a3a2f34302d3438203d3e20323134393333.roa (raw, json)
Hash identifier: daneV0uoxWMe9Rra8qkM3ouUm6uVMZSKjuUSthm5F7c=
Subject key identifier: F2:00:77:46:AC:AC:F0:17:E4:6C:54:E7:57:23:76:37:A7:D3:A8:C2
Certificate issuer: /CN=1be240021a287f298973d9ea28dfc80735fd5800
Certificate serial: 56FD35F046DA462D8CC641061A05EB438540C12E
Authority key identifier: 1B:E2:40:02:1A:28:7F:29:89:73:D9:EA:28:DF:C8:07:35:FD:58:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a3630303a3a2f34302d3438203d3e20323134393333.roa
Signing time: Tue 02 Jun 2026 12:18:04 +0000
ROA not before: Tue 02 Jun 2026 12:13:04 +0000
ROA not after: Tue 01 Jun 2027 12:18:04 +0000
asID: 214933
IP address blocks: 2a0f:1cc5:600::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.crl
rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.mft
rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Jun 2026 02:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:fd:35:f0:46:da:46:2d:8c:c6:41:06:1a:05:eb:43:85:40:c1:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1be240021a287f298973d9ea28dfc80735fd5800
Validity
Not Before: Jun 2 12:13:04 2026 GMT
Not After : Jun 1 12:18:04 2027 GMT
Subject: CN=F2007746ACACF017E46C54E757237637A7D3A8C2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:96:1f:d1:d3:a2:3f:54:f7:59:6d:4f:75:67:
9e:31:7c:3c:1c:45:f7:b6:d7:09:6a:7d:34:f6:95:
1d:6c:75:cd:44:81:9f:b3:1a:01:a1:62:47:ad:a4:
c2:6f:1c:3a:d9:6f:66:26:77:10:f4:52:db:b4:2d:
e3:7f:51:e1:75:a1:27:72:58:6b:b1:99:cf:0e:7f:
8f:4e:07:43:cb:dc:c0:13:75:76:53:ef:ea:9d:a0:
e5:db:72:63:2e:e8:77:7c:bc:4d:1c:65:ee:3c:ef:
15:a3:49:82:96:08:8b:d8:2b:33:e4:9a:ea:a2:aa:
13:ff:da:c9:ee:bd:e7:a2:69:c5:e3:40:fa:9a:f2:
21:28:12:6b:f7:22:38:6a:5f:d9:a3:b3:6f:96:6a:
02:76:91:69:1e:36:3b:9c:71:5e:4b:93:a5:52:27:
5d:8b:87:25:13:ba:04:e9:24:c8:f9:1b:a0:85:b8:
c9:17:c5:6e:24:3e:34:d1:f8:82:55:35:04:53:68:
09:2a:c0:24:d8:bb:a5:e8:5f:dd:10:e0:7b:7d:66:
69:0d:d0:22:88:63:d6:6e:05:87:14:0a:18:57:60:
d9:55:96:87:29:38:34:1d:fa:df:04:26:3b:b5:65:
be:65:df:89:11:3e:78:41:f5:c4:34:82:21:9d:a1:
34:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:00:77:46:AC:AC:F0:17:E4:6C:54:E7:57:23:76:37:A7:D3:A8:C2
X509v3 Authority Key Identifier:
keyid:1B:E2:40:02:1A:28:7F:29:89:73:D9:EA:28:DF:C8:07:35:FD:58:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a3630303a3a2f34302d3438203d3e20323134393333.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1cc5:600::/40
Signature Algorithm: sha256WithRSAEncryption
85:9d:6e:3c:d7:23:b4:31:55:8b:68:20:9b:41:83:e3:20:34:
43:33:0a:11:8b:81:80:20:18:2e:c3:bf:7e:a4:e2:7f:05:3a:
2c:bc:c1:dc:61:cb:0f:d4:cb:db:89:df:5a:50:e7:ef:5d:72:
71:fc:a3:bf:3a:5b:f6:66:3a:cd:ab:a2:ad:fd:9d:e9:37:ec:
24:8b:d5:cc:f0:e6:b8:c3:91:6a:d1:16:7f:3f:d4:dd:bc:d3:
86:59:80:2c:1f:66:62:26:49:1b:76:39:f6:3d:15:39:54:6c:
9a:17:41:ab:c8:0c:aa:4c:fc:a5:5d:2b:98:15:d9:29:7f:47:
eb:f7:a5:b6:2d:10:70:fa:6f:02:27:54:f3:50:79:52:db:fe:
91:4a:91:42:56:77:72:07:f9:37:d5:a4:af:1a:0e:f3:88:67:
3f:ef:21:f3:bb:fe:e4:9f:0b:d3:62:f5:9b:7c:20:e0:9a:a2:
b0:aa:97:28:25:f9:03:7e:07:01:fc:ae:e1:39:54:91:c4:b6:
6b:e6:08:06:ad:87:c4:2a:69:49:82:6c:94:f2:15:fc:7e:de:
ef:cf:da:53:2c:1a:e8:af:39:e7:17:4d:58:43:c3:53:77:59:
a9:76:3d:cd:bf:76:ee:47:44:6c:f0:b3:50:10:76:04:d9:fe:
d9:8f:5c:a8
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIUVv018EbaRi2MxkEGGgXrQ4VAwS4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMWJlMjQwMDIxYTI4N2YyOTg5NzNkOWVhMjhkZmM4MDcz
NWZkNTgwMDAeFw0yNjA2MDIxMjEzMDRaFw0yNzA2MDExMjE4MDRaMDMxMTAvBgNV
BAMTKEYyMDA3NzQ2QUNBQ0YwMTdFNDZDNTRFNzU3MjM3NjM3QTdEM0E4QzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDelh/R06I/VPdZbU91Z54xfDwc
Rfe21wlqfTT2lR1sdc1EgZ+zGgGhYketpMJvHDrZb2YmdxD0Utu0LeN/UeF1oSdy
WGuxmc8Of49OB0PL3MATdXZT7+qdoOXbcmMu6Hd8vE0cZe487xWjSYKWCIvYKzPk
muqiqhP/2snuveeiacXjQPqa8iEoEmv3IjhqX9mjs2+WagJ2kWkeNjuccV5Lk6VS
J12LhyUTugTpJMj5G6CFuMkXxW4kPjTR+IJVNQRTaAkqwCTYu6XoX90Q4Ht9ZmkN
0CKIY9ZuBYcUChhXYNlVlocpODQd+t8EJju1Zb5l34kRPnhB9cQ0giGdoTQrAgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQU8gB3Rqys8BfkbFTnVyN2N6fTqMIwHwYDVR0j
BBgwFoAUG+JAAhoofymJc9nqKN/IBzX9WAAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGFmYjVmZTItM2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0
ZjBlLzAvMUJFMjQwMDIxQTI4N0YyOTg5NzNEOUVBMjhERkM4MDczNUZENTgwMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0ctSkFBaG9vZnltSmM5bnFLTl9JQnpY
OVdBQS5jZXIwgbUGCCsGAQUFBwELBIGoMIGlMIGiBggrBgEFBQcwC4aBlXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGFmYjVmZTIt
M2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0ZjBlLzAvMzI2MTMwNjYzYTMxNjM2MzM1
M2EzNjMwMzAzYTNhMmYzNDMwMmQzNDM4MjAzZDNlMjAzMjMxMzQzOTMzMzMucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4E
AgACMAgDBgAqDxzFBjANBgkqhkiG9w0BAQsFAAOCAQEAhZ1uPNcjtDFVi2ggm0GD
4yA0QzMKEYuBgCAYLsO/fqTifwU6LLzB3GHLD9TL24nfWlDn711ycfyjvzpb9mY6
zauirf2d6TfsJIvVzPDmuMORatEWfz/U3bzThlmALB9mYiZJG3Y59j0VOVRsmhdB
q8gMqkz8pV0rmBXZKX9H6/elti0QcPpvAidU81B5Utv+kUqRQlZ3cgf5N9WkrxoO
84hnP+8h87v+5J8L02L1m3wg4JqisKqXKCX5A34HAfyu4TlUkcS2a+YIBq2HxCpp
SYJslPIV/H7e78/aUywa6K855xdNWEPDU3dZqXY9zb927kdEbPCzUBB2BNn+2Y9c
qA==
-----END CERTIFICATE-----
Generated at Sat Jun 6 10:45:21 2026 by rpki-client