Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a6230303a3a2f34302d3438203d3e20323134353735.roa
File: 326130663a316363353a6230303a3a2f34302d3438203d3e20323134353735.roa (raw, json)
Hash identifier: sQBQeASD124hDVNKdwteIJuvHBcK7dK97gK1NQhvlpE=
Subject key identifier: A0:3F:8E:11:44:C1:E6:5F:69:77:20:56:C3:A3:92:34:A0:D4:42:D5
Certificate issuer: /CN=1be240021a287f298973d9ea28dfc80735fd5800
Certificate serial: 76C32E7B3B43894A39F1BBC34A95BECB58D87798
Authority key identifier: 1B:E2:40:02:1A:28:7F:29:89:73:D9:EA:28:DF:C8:07:35:FD:58:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a6230303a3a2f34302d3438203d3e20323134353735.roa
Signing time: Tue 02 Jun 2026 12:18:17 +0000
ROA not before: Tue 02 Jun 2026 12:13:17 +0000
ROA not after: Tue 01 Jun 2027 12:18:17 +0000
asID: 214575
IP address blocks: 2a0f:1cc5:b00::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.crl
rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.mft
rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 05 Jun 2026 00:09:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:c3:2e:7b:3b:43:89:4a:39:f1:bb:c3:4a:95:be:cb:58:d8:77:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1be240021a287f298973d9ea28dfc80735fd5800
Validity
Not Before: Jun 2 12:13:17 2026 GMT
Not After : Jun 1 12:18:17 2027 GMT
Subject: CN=A03F8E1144C1E65F69772056C3A39234A0D442D5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:e2:37:81:36:bf:6b:68:b0:a9:af:29:a0:19:
fc:62:d9:c3:76:b5:20:fd:5f:0d:bb:66:e4:2c:f2:
06:80:02:87:87:2d:79:e1:df:19:a4:e4:3a:7f:7e:
1b:5a:50:33:7d:b7:38:5b:bb:b4:e0:79:84:d2:65:
69:75:be:44:42:c3:d9:e9:0d:e1:38:3b:16:0b:da:
d4:63:c2:b8:19:23:e5:3f:ae:88:a1:c7:f1:16:9b:
41:2e:29:68:fc:43:df:6e:ae:6c:69:ed:28:77:23:
21:48:7e:28:06:0a:36:78:cd:95:2b:43:26:96:59:
cc:c8:0f:b7:63:75:a3:bf:12:24:f5:59:34:84:40:
b1:72:5a:04:58:8d:87:75:5d:98:c7:56:1e:26:46:
e2:df:5f:aa:99:19:bc:18:c5:95:9a:a9:0a:65:1a:
82:9f:10:af:14:1a:74:94:d4:fe:e9:9e:f8:ba:c1:
da:28:29:4e:df:bc:c4:1e:3e:5d:fd:a4:ff:ff:9a:
d6:c5:4a:61:3f:05:87:40:75:15:d2:3d:25:c9:29:
cc:fa:15:bb:f8:e6:92:f3:d8:81:97:7b:89:67:82:
7a:f7:5b:ff:e5:b2:95:af:b3:9e:84:f3:12:ab:6b:
81:37:38:54:fb:9c:52:99:91:d7:26:2e:c6:3a:25:
b8:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:3F:8E:11:44:C1:E6:5F:69:77:20:56:C3:A3:92:34:A0:D4:42:D5
X509v3 Authority Key Identifier:
keyid:1B:E2:40:02:1A:28:7F:29:89:73:D9:EA:28:DF:C8:07:35:FD:58:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a6230303a3a2f34302d3438203d3e20323134353735.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1cc5:b00::/40
Signature Algorithm: sha256WithRSAEncryption
54:03:64:d2:46:a7:a7:99:ef:fd:0d:e3:90:83:ff:46:4f:5e:
3d:85:f2:a2:6f:7e:6c:47:e3:c5:eb:f1:be:10:af:4d:aa:b9:
fa:cc:7b:67:b3:06:89:8d:71:12:6d:9e:76:11:b8:77:44:6e:
2d:00:eb:a6:6f:96:57:dd:e6:24:f6:9a:92:73:4b:4d:b8:57:
25:5a:5d:7f:b6:9e:ec:65:71:f7:94:a4:16:fb:59:c8:4b:e3:
73:e2:b9:5c:b6:b5:70:d7:99:af:43:8f:7d:8f:55:99:61:04:
55:6f:c4:8b:3a:43:43:cd:1b:20:75:fa:2f:ac:4f:33:04:4b:
de:24:07:e7:05:c8:9e:e0:1f:84:b2:6f:72:80:1f:4d:c8:6f:
45:47:06:77:40:6c:b6:f8:6d:c6:ad:30:9b:75:0d:15:8f:ab:
f1:5f:3b:40:63:f4:bf:cd:6c:8b:7c:c9:b8:b7:e7:06:e7:74:
58:2c:b1:67:57:6a:33:4b:28:a6:56:5f:59:54:5f:bc:ff:ae:
2b:61:2e:77:6b:a1:aa:f4:a7:17:2c:9a:88:e7:cb:12:7b:da:
32:e0:b4:c8:01:f7:45:94:de:36:48:2e:a3:d0:b0:08:9b:24:
77:b4:c0:17:32:3c:e9:39:b9:ca:69:9a:d5:a7:47:20:2d:f2:
35:f9:c4:31
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIUdsMueztDiUo58bvDSpW+y1jYd5gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMWJlMjQwMDIxYTI4N2YyOTg5NzNkOWVhMjhkZmM4MDcz
NWZkNTgwMDAeFw0yNjA2MDIxMjEzMTdaFw0yNzA2MDExMjE4MTdaMDMxMTAvBgNV
BAMTKEEwM0Y4RTExNDRDMUU2NUY2OTc3MjA1NkMzQTM5MjM0QTBENDQyRDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC54jeBNr9raLCprymgGfxi2cN2
tSD9Xw27ZuQs8gaAAoeHLXnh3xmk5Dp/fhtaUDN9tzhbu7TgeYTSZWl1vkRCw9np
DeE4OxYL2tRjwrgZI+U/roihx/EWm0EuKWj8Q99urmxp7Sh3IyFIfigGCjZ4zZUr
QyaWWczID7djdaO/EiT1WTSEQLFyWgRYjYd1XZjHVh4mRuLfX6qZGbwYxZWaqQpl
GoKfEK8UGnSU1P7pnvi6wdooKU7fvMQePl39pP//mtbFSmE/BYdAdRXSPSXJKcz6
Fbv45pLz2IGXe4lngnr3W//lspWvs56E8xKra4E3OFT7nFKZkdcmLsY6Jbg/AgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQUoD+OEUTB5l9pdyBWw6OSNKDUQtUwHwYDVR0j
BBgwFoAUG+JAAhoofymJc9nqKN/IBzX9WAAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGFmYjVmZTItM2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0
ZjBlLzAvMUJFMjQwMDIxQTI4N0YyOTg5NzNEOUVBMjhERkM4MDczNUZENTgwMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0ctSkFBaG9vZnltSmM5bnFLTl9JQnpY
OVdBQS5jZXIwgbUGCCsGAQUFBwELBIGoMIGlMIGiBggrBgEFBQcwC4aBlXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGFmYjVmZTIt
M2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0ZjBlLzAvMzI2MTMwNjYzYTMxNjM2MzM1
M2E2MjMwMzAzYTNhMmYzNDMwMmQzNDM4MjAzZDNlMjAzMjMxMzQzNTM3MzUucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4E
AgACMAgDBgAqDxzFCzANBgkqhkiG9w0BAQsFAAOCAQEAVANk0kanp5nv/Q3jkIP/
Rk9ePYXyom9+bEfjxevxvhCvTaq5+sx7Z7MGiY1xEm2edhG4d0RuLQDrpm+WV93m
JPaaknNLTbhXJVpdf7ae7GVx95SkFvtZyEvjc+K5XLa1cNeZr0OPfY9VmWEEVW/E
izpDQ80bIHX6L6xPMwRL3iQH5wXInuAfhLJvcoAfTchvRUcGd0Bstvhtxq0wm3UN
FY+r8V87QGP0v81si3zJuLfnBud0WCyxZ1dqM0soplZfWVRfvP+uK2Eud2uhqvSn
FyyaiOfLEnvaMuC0yAH3RZTeNkguo9CwCJskd7TAFzI86Tm5ymma1adHIC3yNfnE
MQ==
-----END CERTIFICATE-----
Generated at Thu Jun 4 15:04:49 2026 by rpki-client