Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a36303a3a2f34342d3438203d3e20323038373533.roa
File: 326130663a316363353a36303a3a2f34342d3438203d3e20323038373533.roa (raw, json)
Hash identifier: WLL1ODdZ3Wc1V/0kmP5ajAh+J5KY+jrzctqJcimPCtI=
Subject key identifier: 34:B9:69:31:7B:4F:98:84:96:A8:55:E7:50:C7:83:14:05:74:CF:6D
Certificate issuer: /CN=1be240021a287f298973d9ea28dfc80735fd5800
Certificate serial: 3FC462871B757DAAC4037F97448F7722C25488A0
Authority key identifier: 1B:E2:40:02:1A:28:7F:29:89:73:D9:EA:28:DF:C8:07:35:FD:58:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a36303a3a2f34342d3438203d3e20323038373533.roa
Signing time: Tue 02 Jun 2026 12:18:13 +0000
ROA not before: Tue 02 Jun 2026 12:13:13 +0000
ROA not after: Tue 01 Jun 2027 12:18:13 +0000
asID: 208753
IP address blocks: 2a0f:1cc5:60::/44 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.crl
rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.mft
rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 10:05:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:c4:62:87:1b:75:7d:aa:c4:03:7f:97:44:8f:77:22:c2:54:88:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1be240021a287f298973d9ea28dfc80735fd5800
Validity
Not Before: Jun 2 12:13:13 2026 GMT
Not After : Jun 1 12:18:13 2027 GMT
Subject: CN=34B969317B4F988496A855E750C783140574CF6D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:31:82:26:21:67:3f:38:bd:4d:23:e2:bb:59:
10:35:d3:a9:81:27:12:c7:57:50:77:f8:2a:6d:d3:
aa:25:1e:06:13:14:eb:22:e3:66:c9:06:78:a2:91:
04:51:72:4d:f8:57:39:45:c4:a9:3d:99:8c:97:59:
ef:82:16:7f:41:bc:83:8b:f6:ab:8c:1f:76:1f:d3:
43:a6:f2:2c:86:5d:a6:9e:f6:2c:6c:ef:ae:e0:c9:
f4:94:09:bf:46:1a:f6:c0:94:e1:e5:ea:39:c2:5e:
01:fd:85:5f:62:3e:82:cf:1e:e2:ab:8e:e5:05:b0:
1c:60:f7:03:ad:1f:63:3a:b6:0a:7c:2c:32:20:2d:
5c:cd:b7:ad:50:4c:33:91:d3:ce:e6:d3:35:4f:0c:
96:ed:3b:9f:01:22:19:f5:8c:4c:f2:05:29:30:a6:
b2:3d:90:66:7c:22:b9:15:1f:13:c5:7f:17:d0:82:
61:6d:26:7d:fe:d9:9f:e8:c6:30:3e:c5:05:16:32:
c9:b3:3a:6f:6e:b2:45:fe:71:fe:11:b9:37:18:ea:
4d:3a:0d:8c:26:9b:47:89:c7:cd:40:7c:12:f0:2d:
8b:a0:3a:57:d9:0d:7b:93:f2:ff:d7:bf:a4:aa:b3:
ca:e5:63:52:21:7f:0c:3c:61:6e:10:cd:d1:0a:25:
cb:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:B9:69:31:7B:4F:98:84:96:A8:55:E7:50:C7:83:14:05:74:CF:6D
X509v3 Authority Key Identifier:
keyid:1B:E2:40:02:1A:28:7F:29:89:73:D9:EA:28:DF:C8:07:35:FD:58:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a36303a3a2f34342d3438203d3e20323038373533.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1cc5:60::/44
Signature Algorithm: sha256WithRSAEncryption
35:4f:2e:19:9e:05:5d:0d:7b:63:79:34:9a:ea:58:04:86:64:
cc:94:81:f0:b8:75:3a:4b:a8:07:dc:f2:23:71:41:18:6f:b7:
ad:75:69:02:19:eb:ec:0e:51:e7:e8:03:7f:a5:2b:4b:45:3d:
26:09:c8:6a:13:4a:60:9c:c2:f3:5c:2e:d0:86:21:eb:db:71:
f0:fc:1c:7b:7d:6e:bf:80:52:2d:8e:c2:91:1e:62:8a:1e:de:
c2:01:c1:be:6b:26:8b:36:69:15:3f:db:91:a2:6d:cf:16:ab:
a9:85:34:9e:52:20:f2:12:cd:f8:fc:90:7c:a5:99:9a:f6:dc:
9b:85:87:a3:ab:8c:ae:66:55:a6:98:ed:77:ff:6a:e1:2f:a5:
86:ee:d6:8c:dc:bf:bf:e9:7b:04:4b:6f:cb:58:28:b7:a3:7a:
b7:32:2c:f4:a2:ea:1d:28:b0:76:2e:cf:0a:82:51:bc:d6:2d:
a0:61:ab:ac:36:cf:04:5d:90:30:cf:a0:f8:c7:96:62:6a:06:
7d:30:be:33:7c:1a:76:a2:65:3d:1f:b6:40:20:97:61:1c:dc:
39:66:bb:22:e5:92:ee:c4:2d:3d:37:b4:42:bc:79:4d:09:2c:
9f:87:8e:50:d7:ac:50:d6:a3:10:b8:41:b4:5a:79:b0:75:14:
ab:9a:75:76
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUP8Rihxt1farEA3+XRI93IsJUiKAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMWJlMjQwMDIxYTI4N2YyOTg5NzNkOWVhMjhkZmM4MDcz
NWZkNTgwMDAeFw0yNjA2MDIxMjEzMTNaFw0yNzA2MDExMjE4MTNaMDMxMTAvBgNV
BAMTKDM0Qjk2OTMxN0I0Rjk4ODQ5NkE4NTVFNzUwQzc4MzE0MDU3NENGNkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFMYImIWc/OL1NI+K7WRA106mB
JxLHV1B3+Cpt06olHgYTFOsi42bJBniikQRRck34VzlFxKk9mYyXWe+CFn9BvIOL
9quMH3Yf00Om8iyGXaae9ixs767gyfSUCb9GGvbAlOHl6jnCXgH9hV9iPoLPHuKr
juUFsBxg9wOtH2M6tgp8LDIgLVzNt61QTDOR087m0zVPDJbtO58BIhn1jEzyBSkw
prI9kGZ8IrkVHxPFfxfQgmFtJn3+2Z/oxjA+xQUWMsmzOm9uskX+cf4RuTcY6k06
DYwmm0eJx81AfBLwLYugOlfZDXuT8v/Xv6Sqs8rlY1Ihfww8YW4QzdEKJcvnAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUNLlpMXtPmISWqFXnUMeDFAV0z20wHwYDVR0j
BBgwFoAUG+JAAhoofymJc9nqKN/IBzX9WAAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGFmYjVmZTItM2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0
ZjBlLzAvMUJFMjQwMDIxQTI4N0YyOTg5NzNEOUVBMjhERkM4MDczNUZENTgwMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0ctSkFBaG9vZnltSmM5bnFLTl9JQnpY
OVdBQS5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGFmYjVmZTIt
M2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0ZjBlLzAvMzI2MTMwNjYzYTMxNjM2MzM1
M2EzNjMwM2EzYTJmMzQzNDJkMzQzODIwM2QzZTIwMzIzMDM4MzczNTMzLnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcEKg8cxQBgMA0GCSqGSIb3DQEBCwUAA4IBAQA1Ty4ZngVdDXtjeTSa6lgE
hmTMlIHwuHU6S6gH3PIjcUEYb7etdWkCGevsDlHn6AN/pStLRT0mCchqE0pgnMLz
XC7QhiHr23Hw/Bx7fW6/gFItjsKRHmKKHt7CAcG+ayaLNmkVP9uRom3PFquphTSe
UiDyEs34/JB8pZma9tybhYejq4yuZlWmmO13/2rhL6WG7taM3L+/6XsES2/LWCi3
o3q3Miz0ouodKLB2Ls8KglG81i2gYausNs8EXZAwz6D4x5ZiagZ9ML4zfBp2omU9
H7ZAIJdhHNw5Zrsi5ZLuxC09N7RCvHlNCSyfh45Q16xQ1qMQuEG0WnmwdRSrmnV2
-----END CERTIFICATE-----
Generated at Fri Jun 12 02:58:49 2026 by rpki-client