Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a6430303a3a2f34302d3438203d3e20323034323434.roa
File: 326130663a316363353a6430303a3a2f34302d3438203d3e20323034323434.roa (raw, json)
Hash identifier: i5kxYvZfi5HTNPIB6PU+pQmRB3s81BbeejrEBVqwJNM=
Subject key identifier: 99:5B:57:76:B6:E5:D7:FD:6E:7E:34:63:26:92:56:1B:48:F7:A3:3E
Certificate issuer: /CN=1be240021a287f298973d9ea28dfc80735fd5800
Certificate serial: 2825D6E582B431207351038839ED5ECC29417E5E
Authority key identifier: 1B:E2:40:02:1A:28:7F:29:89:73:D9:EA:28:DF:C8:07:35:FD:58:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a6430303a3a2f34302d3438203d3e20323034323434.roa
Signing time: Tue 02 Jun 2026 12:18:25 +0000
ROA not before: Tue 02 Jun 2026 12:13:25 +0000
ROA not after: Tue 01 Jun 2027 12:18:25 +0000
asID: 204244
IP address blocks: 2a0f:1cc5:d00::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.crl
rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.mft
rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Jun 2026 02:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:25:d6:e5:82:b4:31:20:73:51:03:88:39:ed:5e:cc:29:41:7e:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1be240021a287f298973d9ea28dfc80735fd5800
Validity
Not Before: Jun 2 12:13:25 2026 GMT
Not After : Jun 1 12:18:25 2027 GMT
Subject: CN=995B5776B6E5D7FD6E7E34632692561B48F7A33E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:06:3a:4e:59:bd:90:48:ab:b8:fe:7e:af:82:
b0:15:ad:85:db:a7:9d:8b:6d:a7:7d:a0:ba:e2:ce:
97:e4:a1:97:4f:fb:7b:27:46:28:98:48:96:0d:be:
15:4c:ab:c8:bc:06:5b:56:63:ec:7d:af:93:87:93:
d1:80:ea:4e:2f:1a:af:83:f7:b5:32:a5:71:bd:62:
7e:45:07:15:4e:fd:25:12:c6:cc:a1:71:2e:36:c7:
af:59:56:11:95:04:4f:27:ac:31:f0:50:55:f8:1c:
5c:e0:c8:73:7b:58:18:92:77:69:08:a3:6a:37:d3:
e4:67:2c:23:dd:0e:77:93:95:d5:27:5d:a5:f7:86:
88:d5:91:95:a6:a2:1c:36:99:e6:b1:22:27:73:64:
5f:31:31:15:6b:0f:55:ec:bf:a8:ca:65:8e:40:87:
0a:6e:9e:9e:32:bf:e7:84:4a:1a:f0:a6:32:5f:fe:
ae:4b:fb:8d:1d:76:28:08:a4:08:56:bb:21:30:71:
07:fe:40:cf:67:c3:42:92:00:ed:52:78:b6:2d:bd:
9d:2d:21:7d:76:e0:f4:42:c7:18:dc:6f:84:c6:66:
67:6a:6d:94:81:59:28:84:94:5a:f9:4f:18:03:4b:
4d:32:07:7e:56:61:45:bb:55:aa:fd:7b:80:45:c7:
39:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:5B:57:76:B6:E5:D7:FD:6E:7E:34:63:26:92:56:1B:48:F7:A3:3E
X509v3 Authority Key Identifier:
keyid:1B:E2:40:02:1A:28:7F:29:89:73:D9:EA:28:DF:C8:07:35:FD:58:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/1BE240021A287F298973D9EA28DFC80735FD5800.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G-JAAhoofymJc9nqKN_IBzX9WAA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a6430303a3a2f34302d3438203d3e20323034323434.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1cc5:d00::/40
Signature Algorithm: sha256WithRSAEncryption
7b:ad:10:bc:f3:bf:0f:0f:8b:3f:00:83:9c:1f:9e:86:fe:a5:
7f:8d:75:2b:bc:01:11:f2:93:08:ca:7f:48:09:eb:d7:ae:03:
ae:e3:e7:58:e0:d1:f9:be:53:bf:cb:5c:16:aa:03:52:2a:bd:
f1:82:d4:fe:d9:fc:6f:88:1c:ae:fb:80:58:3c:49:1b:27:27:
72:5c:57:62:e9:a8:44:cb:08:78:30:1e:c8:9a:87:cb:ef:49:
be:b5:df:63:aa:20:b3:c1:a5:53:a7:79:a9:51:4d:de:a9:73:
42:ae:71:38:75:83:4e:fa:55:56:07:cd:38:93:65:42:00:0f:
70:85:0d:07:bb:de:18:22:4f:e9:88:eb:97:3d:c9:58:de:b3:
b3:fe:89:bd:ae:b9:41:e6:3f:f6:cb:5b:bd:2e:54:e9:7a:4d:
44:98:4e:9a:22:06:4c:f9:de:8a:0f:92:26:1e:3b:6b:cd:73:
35:6a:a0:5e:cc:a9:0e:e5:42:4b:3b:23:d4:27:63:4a:be:b5:
a5:2a:9e:ef:3a:14:3f:6d:12:ae:a1:b7:63:a9:8a:e4:d9:6a:
5e:21:29:4a:ae:95:be:5a:1f:a7:f2:26:3c:f4:c6:59:b1:37:
b7:59:01:e6:3d:57:ce:bb:6f:a5:7c:e0:2d:63:4b:97:57:16:
65:8b:78:67
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIUKCXW5YK0MSBzUQOIOe1ezClBfl4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMWJlMjQwMDIxYTI4N2YyOTg5NzNkOWVhMjhkZmM4MDcz
NWZkNTgwMDAeFw0yNjA2MDIxMjEzMjVaFw0yNzA2MDExMjE4MjVaMDMxMTAvBgNV
BAMTKDk5NUI1Nzc2QjZFNUQ3RkQ2RTdFMzQ2MzI2OTI1NjFCNDhGN0EzM0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDcBjpOWb2QSKu4/n6vgrAVrYXb
p52Lbad9oLrizpfkoZdP+3snRiiYSJYNvhVMq8i8BltWY+x9r5OHk9GA6k4vGq+D
97UypXG9Yn5FBxVO/SUSxsyhcS42x69ZVhGVBE8nrDHwUFX4HFzgyHN7WBiSd2kI
o2o30+RnLCPdDneTldUnXaX3hojVkZWmohw2meaxIidzZF8xMRVrD1Xsv6jKZY5A
hwpunp4yv+eEShrwpjJf/q5L+40ddigIpAhWuyEwcQf+QM9nw0KSAO1SeLYtvZ0t
IX124PRCxxjcb4TGZmdqbZSBWSiElFr5TxgDS00yB35WYUW7Var9e4BFxzlVAgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQUmVtXdrbl1/1ufjRjJpJWG0j3oz4wHwYDVR0j
BBgwFoAUG+JAAhoofymJc9nqKN/IBzX9WAAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGFmYjVmZTItM2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0
ZjBlLzAvMUJFMjQwMDIxQTI4N0YyOTg5NzNEOUVBMjhERkM4MDczNUZENTgwMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0ctSkFBaG9vZnltSmM5bnFLTl9JQnpY
OVdBQS5jZXIwgbUGCCsGAQUFBwELBIGoMIGlMIGiBggrBgEFBQcwC4aBlXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGFmYjVmZTIt
M2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0ZjBlLzAvMzI2MTMwNjYzYTMxNjM2MzM1
M2E2NDMwMzAzYTNhMmYzNDMwMmQzNDM4MjAzZDNlMjAzMjMwMzQzMjM0MzQucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4E
AgACMAgDBgAqDxzFDTANBgkqhkiG9w0BAQsFAAOCAQEAe60QvPO/Dw+LPwCDnB+e
hv6lf411K7wBEfKTCMp/SAnr164DruPnWODR+b5Tv8tcFqoDUiq98YLU/tn8b4gc
rvuAWDxJGycnclxXYumoRMsIeDAeyJqHy+9JvrXfY6ogs8GlU6d5qVFN3qlzQq5x
OHWDTvpVVgfNOJNlQgAPcIUNB7veGCJP6Yjrlz3JWN6zs/6Jva65QeY/9stbvS5U
6XpNRJhOmiIGTPneig+SJh47a81zNWqgXsypDuVCSzsj1CdjSr61pSqe7zoUP20S
rqG3Y6mK5NlqXiEpSq6Vvlofp/ImPPTGWbE3t1kB5j1XzrtvpXzgLWNLl1cWZYt4
Zw==
-----END CERTIFICATE-----
Generated at Sat Jun 6 12:09:36 2026 by rpki-client