Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a3930303a3a2f34302d3438203d3e20323134383939.roa
File: 326130663a316363353a3930303a3a2f34302d3438203d3e20323134383939.roa (raw, json)
Hash identifier: EpjADbCMJtXwDb9+wTUPlIcvnbUbSWrvmGR039HdqcM=
Subject key identifier: 53:71:DD:C5:E7:C8:72:70:6E:77:BB:11:17:C1:27:AE:55:AD:BC:81
Certificate issuer: /CN=1be240021a287f298973d9ea28dfc80735fd5800
Certificate serial: 1E44C7704C0AA1E23384BA39C73C534DB7F924B9
Authority key identifier: 1B:E2:40:02:1A:28:7F:29:89:73:D9:EA:28:DF:C8:07:35:FD:58:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a3930303a3a2f34302d3438203d3e20323134383939.roa
Signing time: Tue 02 Jun 2026 12:18:11 +0000
ROA not before: Tue 02 Jun 2026 12:13:11 +0000
ROA not after: Tue 01 Jun 2027 12:18:11 +0000
asID: 214899
IP address blocks: 2a0f:1cc5:900::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.crl
rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.mft
rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Jun 2026 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:44:c7:70:4c:0a:a1:e2:33:84:ba:39:c7:3c:53:4d:b7:f9:24:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1be240021a287f298973d9ea28dfc80735fd5800
Validity
Not Before: Jun 2 12:13:11 2026 GMT
Not After : Jun 1 12:18:11 2027 GMT
Subject: CN=5371DDC5E7C872706E77BB1117C127AE55ADBC81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:5c:5a:d2:62:74:d0:a4:91:6f:d8:5b:f0:6d:
f2:a9:bf:02:3b:6c:b7:aa:a4:31:bc:a4:01:37:63:
2c:cd:aa:21:49:7f:37:8e:21:f4:5e:7a:13:51:d5:
88:f5:b6:41:7f:de:65:fd:95:1b:5a:88:24:68:7e:
21:9d:50:43:fb:70:21:59:50:10:8c:c0:8a:37:94:
70:61:99:1a:14:05:59:c2:6c:13:a0:4a:a0:fb:fa:
91:25:7e:35:db:12:12:77:dd:34:36:78:47:2c:97:
3a:01:49:d2:74:48:b5:c3:8b:79:84:fb:0e:6d:b7:
24:16:47:0c:0f:db:d8:ad:5f:db:58:45:f3:23:13:
24:f5:cf:63:75:b2:49:3d:82:6f:7a:54:be:d1:8a:
e8:3f:06:24:81:ba:c3:ee:81:52:89:7e:7e:92:da:
f0:8a:df:1a:73:52:f9:71:ad:a5:f5:2b:f8:15:b7:
e2:e5:a0:37:70:a1:88:6f:43:6f:de:26:3b:5b:ff:
06:0a:6a:4c:da:39:3c:70:c8:9d:e9:32:28:a7:06:
6a:ed:f7:35:42:cf:da:86:16:d0:94:d0:2b:b2:a5:
6d:cb:9b:6a:20:57:38:2b:2b:2b:7d:c0:26:02:b6:
9c:1b:54:a3:7f:43:6f:51:ea:21:f1:6c:84:ac:5f:
ef:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:71:DD:C5:E7:C8:72:70:6E:77:BB:11:17:C1:27:AE:55:AD:BC:81
X509v3 Authority Key Identifier:
keyid:1B:E2:40:02:1A:28:7F:29:89:73:D9:EA:28:DF:C8:07:35:FD:58:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a3930303a3a2f34302d3438203d3e20323134383939.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1cc5:900::/40
Signature Algorithm: sha256WithRSAEncryption
31:78:df:21:65:7f:13:fc:df:dc:15:54:86:44:a7:39:5e:ad:
42:e9:a5:56:56:64:38:f3:75:33:b2:a9:c0:f9:af:bd:01:a1:
5f:dd:cc:9d:10:b1:b6:60:08:fa:d1:66:ef:b8:ef:44:d5:21:
48:fd:0a:db:d1:1b:0b:bd:df:22:68:19:03:96:90:52:1e:d5:
9a:70:84:a8:0b:2e:cb:f4:52:03:8e:ad:18:42:b0:e1:5a:dc:
0a:73:99:a4:2b:9f:e7:20:5d:ce:f5:55:e2:96:bc:41:e3:c5:
b5:1c:70:3f:e4:2b:7f:41:2a:41:9a:a6:f8:b8:ae:a7:dc:18:
f0:94:d4:f8:d6:da:d8:da:3a:99:4e:3b:cf:0a:9c:59:9a:b0:
62:24:2a:7a:85:79:49:dd:4a:45:63:db:c0:4c:c2:1b:b7:31:
ca:bd:48:cb:91:7f:d3:5e:b7:c6:81:d8:48:af:0c:34:17:98:
74:8f:30:9a:a8:fd:da:5d:33:19:d7:75:e5:bc:b5:44:de:0a:
a7:f5:0a:c7:26:48:f2:55:ec:81:f7:73:18:75:0c:0d:b8:ca:
96:1a:59:2e:f8:24:24:b3:66:6a:be:7c:40:e1:f7:c7:95:f5:
3e:8f:9e:36:cd:ac:cf:31:23:b0:6e:b2:37:df:8a:3b:2a:0a:
1e:45:f1:aa
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIUHkTHcEwKoeIzhLo5xzxTTbf5JLkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMWJlMjQwMDIxYTI4N2YyOTg5NzNkOWVhMjhkZmM4MDcz
NWZkNTgwMDAeFw0yNjA2MDIxMjEzMTFaFw0yNzA2MDExMjE4MTFaMDMxMTAvBgNV
BAMTKDUzNzFEREM1RTdDODcyNzA2RTc3QkIxMTE3QzEyN0FFNTVBREJDODEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnXFrSYnTQpJFv2FvwbfKpvwI7
bLeqpDG8pAE3YyzNqiFJfzeOIfReehNR1Yj1tkF/3mX9lRtaiCRofiGdUEP7cCFZ
UBCMwIo3lHBhmRoUBVnCbBOgSqD7+pElfjXbEhJ33TQ2eEcslzoBSdJ0SLXDi3mE
+w5ttyQWRwwP29itX9tYRfMjEyT1z2N1skk9gm96VL7Riug/BiSBusPugVKJfn6S
2vCK3xpzUvlxraX1K/gVt+LloDdwoYhvQ2/eJjtb/wYKakzaOTxwyJ3pMiinBmrt
9zVCz9qGFtCU0CuypW3Lm2ogVzgrKyt9wCYCtpwbVKN/Q29R6iHxbISsX+83AgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQUU3HdxefIcnBud7sRF8EnrlWtvIEwHwYDVR0j
BBgwFoAUG+JAAhoofymJc9nqKN/IBzX9WAAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGFmYjVmZTItM2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0
ZjBlLzAvMUJFMjQwMDIxQTI4N0YyOTg5NzNEOUVBMjhERkM4MDczNUZENTgwMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0ctSkFBaG9vZnltSmM5bnFLTl9JQnpY
OVdBQS5jZXIwgbUGCCsGAQUFBwELBIGoMIGlMIGiBggrBgEFBQcwC4aBlXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGFmYjVmZTIt
M2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0ZjBlLzAvMzI2MTMwNjYzYTMxNjM2MzM1
M2EzOTMwMzAzYTNhMmYzNDMwMmQzNDM4MjAzZDNlMjAzMjMxMzQzODM5Mzkucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4E
AgACMAgDBgAqDxzFCTANBgkqhkiG9w0BAQsFAAOCAQEAMXjfIWV/E/zf3BVUhkSn
OV6tQumlVlZkOPN1M7KpwPmvvQGhX93MnRCxtmAI+tFm77jvRNUhSP0K29EbC73f
ImgZA5aQUh7VmnCEqAsuy/RSA46tGEKw4VrcCnOZpCuf5yBdzvVV4pa8QePFtRxw
P+Qrf0EqQZqm+Liup9wY8JTU+Nba2No6mU47zwqcWZqwYiQqeoV5Sd1KRWPbwEzC
G7cxyr1Iy5F/0163xoHYSK8MNBeYdI8wmqj92l0zGdd15by1RN4Kp/UKxyZI8lXs
gfdzGHUMDbjKlhpZLvgkJLNmar58QOH3x5X1Po+eNs2szzEjsG6yN9+KOyoKHkXx
qg==
-----END CERTIFICATE-----
Generated at Sun Jun 7 09:14:38 2026 by rpki-client