Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b3f2aaae-23cf-4a37-9403-743b15ec2a8e/0/326130613a643638313a3a2f33322d3438203d3e20313339373931.roa
File: 326130613a643638313a3a2f33322d3438203d3e20313339373931.roa (raw, json)
Hash identifier: LD70u5QlVqEB9vvyRbLQY7rIc7jKzVNRzxV1VLwEmOE=
Subject key identifier: 72:69:50:41:4D:D8:84:36:6B:48:0B:27:84:86:67:8D:DC:90:EA:CF
Certificate issuer: /CN=0e70ae0acd0be83d2d458ca207b1d4ffa3c3e4ea
Certificate serial: 766B327AE1BB268C381B68E8CBFA51E4EF606555
Authority key identifier: 0E:70:AE:0A:CD:0B:E8:3D:2D:45:8C:A2:07:B1:D4:FF:A3:C3:E4:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DnCuCs0L6D0tRYyiB7HU_6PD5Oo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b3f2aaae-23cf-4a37-9403-743b15ec2a8e/0/326130613a643638313a3a2f33322d3438203d3e20313339373931.roa
Signing time: Thu 04 Jun 2026 01:30:00 +0000
ROA not before: Thu 04 Jun 2026 01:25:00 +0000
ROA not after: Thu 03 Jun 2027 01:30:00 +0000
asID: 139791
IP address blocks: 2a0a:d681::/32 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b3f2aaae-23cf-4a37-9403-743b15ec2a8e/0/0E70AE0ACD0BE83D2D458CA207B1D4FFA3C3E4EA.crl
rsync://rsync.paas.rpki.ripe.net/repository/b3f2aaae-23cf-4a37-9403-743b15ec2a8e/0/0E70AE0ACD0BE83D2D458CA207B1D4FFA3C3E4EA.mft
rsync://rpki.ripe.net/repository/DEFAULT/DnCuCs0L6D0tRYyiB7HU_6PD5Oo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 06 Jun 2026 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:6b:32:7a:e1:bb:26:8c:38:1b:68:e8:cb:fa:51:e4:ef:60:65:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e70ae0acd0be83d2d458ca207b1d4ffa3c3e4ea
Validity
Not Before: Jun 4 01:25:00 2026 GMT
Not After : Jun 3 01:30:00 2027 GMT
Subject: CN=726950414DD884366B480B278486678DDC90EACF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:3f:d4:6d:71:0e:6a:0f:ca:dd:a9:c3:1c:9a:
05:10:2d:ba:c1:43:d4:0b:bf:f2:61:e0:ab:92:1a:
74:92:50:71:e6:c0:20:22:d4:0f:ec:01:c0:a4:76:
31:52:29:87:4a:ef:85:0e:f2:be:5d:07:5a:d2:28:
a6:1b:50:7e:3c:13:37:f4:fa:be:ae:2e:f6:19:11:
19:fa:69:10:07:32:eb:93:4d:8b:dc:6f:67:5e:ff:
e8:b9:67:47:6d:3b:67:80:49:f6:18:d5:1a:f0:ae:
4e:f6:a0:61:f2:ec:83:35:ad:0d:74:ad:5e:9c:32:
dd:92:e8:8b:8a:09:3c:34:b6:48:02:cf:3d:d9:50:
3c:35:fe:40:7e:b4:e7:5b:85:88:3e:8a:88:ff:0a:
58:83:e8:55:13:6b:1c:76:2c:9e:8f:18:1a:d7:b3:
06:61:8f:5f:ce:46:05:0d:0d:02:b7:14:66:45:3d:
76:5e:fa:34:46:5b:34:83:0e:c2:9e:e1:4a:0d:1b:
35:66:1c:58:6e:45:0b:14:54:d0:f1:f8:6a:bf:63:
99:27:a1:84:0f:88:b9:8f:86:12:da:f8:59:c9:c2:
91:1d:b7:57:e6:05:ac:3e:04:8c:26:df:4d:ca:a6:
96:29:1b:3c:3c:d3:66:59:ef:78:cf:64:fe:11:1d:
79:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:69:50:41:4D:D8:84:36:6B:48:0B:27:84:86:67:8D:DC:90:EA:CF
X509v3 Authority Key Identifier:
keyid:0E:70:AE:0A:CD:0B:E8:3D:2D:45:8C:A2:07:B1:D4:FF:A3:C3:E4:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b3f2aaae-23cf-4a37-9403-743b15ec2a8e/0/0E70AE0ACD0BE83D2D458CA207B1D4FFA3C3E4EA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DnCuCs0L6D0tRYyiB7HU_6PD5Oo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b3f2aaae-23cf-4a37-9403-743b15ec2a8e/0/326130613a643638313a3a2f33322d3438203d3e20313339373931.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:d681::/32
Signature Algorithm: sha256WithRSAEncryption
53:1a:a1:20:6a:64:d0:8b:ac:bc:80:f0:78:56:f6:32:c7:47:
42:1c:39:0b:ab:69:2f:ee:33:d1:72:00:7b:50:66:97:45:66:
cd:8e:3c:3c:e4:51:85:e6:85:ff:40:8a:56:f0:0b:df:c9:44:
d6:2e:41:81:a2:8a:16:c3:17:86:b9:32:50:c5:c1:6a:09:d5:
f1:19:ef:df:1b:46:20:12:21:fd:54:20:6e:2a:ab:02:bc:9e:
09:29:97:7c:ed:bb:54:43:bd:3f:4a:46:9c:3d:fb:72:19:ed:
94:29:e0:8b:50:54:1f:c5:6b:71:b2:4c:5e:66:d8:3e:0b:b5:
3c:01:58:f4:fa:27:3c:e8:94:ad:e1:a7:4d:6f:fb:31:15:a5:
95:10:03:4c:0e:58:e9:9f:6f:d4:6d:23:0b:9e:cb:00:e8:df:
99:84:f2:08:72:58:8d:dc:cc:23:d6:90:b8:1b:f5:0d:42:48:
e8:73:4c:56:9c:36:93:f2:8a:d9:c2:5a:18:f1:a2:6d:f1:d4:
01:ec:05:94:9d:6a:29:55:f0:da:11:4f:2c:89:49:38:14:0b:
0f:a8:80:7d:1e:3d:94:e2:91:34:e5:8e:13:56:ac:8f:5a:71:
d9:eb:66:61:69:21:9c:fd:91:8f:dc:be:9a:cf:1d:fc:f8:49:
f9:51:b8:e7
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIUdmsyeuG7Jow4G2joy/pR5O9gZVUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGU3MGFlMGFjZDBiZTgzZDJkNDU4Y2EyMDdiMWQ0ZmZh
M2MzZTRlYTAeFw0yNjA2MDQwMTI1MDBaFw0yNzA2MDMwMTMwMDBaMDMxMTAvBgNV
BAMTKDcyNjk1MDQxNEREODg0MzY2QjQ4MEIyNzg0ODY2NzhEREM5MEVBQ0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfP9RtcQ5qD8rdqcMcmgUQLbrB
Q9QLv/Jh4KuSGnSSUHHmwCAi1A/sAcCkdjFSKYdK74UO8r5dB1rSKKYbUH48Ezf0
+r6uLvYZERn6aRAHMuuTTYvcb2de/+i5Z0dtO2eASfYY1Rrwrk72oGHy7IM1rQ10
rV6cMt2S6IuKCTw0tkgCzz3ZUDw1/kB+tOdbhYg+ioj/CliD6FUTaxx2LJ6PGBrX
swZhj1/ORgUNDQK3FGZFPXZe+jRGWzSDDsKe4UoNGzVmHFhuRQsUVNDx+Gq/Y5kn
oYQPiLmPhhLa+FnJwpEdt1fmBaw+BIwm303KppYpGzw802ZZ73jPZP4RHXmTAgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQUcmlQQU3YhDZrSAsnhIZnjdyQ6s8wHwYDVR0j
BBgwFoAUDnCuCs0L6D0tRYyiB7HU/6PD5OowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjNmMmFhYWUtMjNjZi00YTM3LTk0MDMtNzQzYjE1ZWMy
YThlLzAvMEU3MEFFMEFDRDBCRTgzRDJENDU4Q0EyMDdCMUQ0RkZBM0MzRTRFQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RuQ3VDczBMNkQwdFJZeWlCN0hVXzZQ
RDVPby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjNmMmFhYWUt
MjNjZi00YTM3LTk0MDMtNzQzYjE1ZWMyYThlLzAvMzI2MTMwNjEzYTY0MzYzODMx
M2EzYTJmMzMzMjJkMzQzODIwM2QzZTIwMzEzMzM5MzczOTMxLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUA
KgrWgTANBgkqhkiG9w0BAQsFAAOCAQEAUxqhIGpk0IusvIDweFb2MsdHQhw5C6tp
L+4z0XIAe1Bml0VmzY48PORRheaF/0CKVvAL38lE1i5BgaKKFsMXhrkyUMXBagnV
8Rnv3xtGIBIh/VQgbiqrAryeCSmXfO27VEO9P0pGnD37chntlCngi1BUH8VrcbJM
XmbYPgu1PAFY9PonPOiUreGnTW/7MRWllRADTA5Y6Z9v1G0jC57LAOjfmYTyCHJY
jdzMI9aQuBv1DUJI6HNMVpw2k/KK2cJaGPGibfHUAewFlJ1qKVXw2hFPLIlJOBQL
D6iAfR49lOKRNOWOE1asj1px2etmYWkhnP2Rj9y+ms8d/PhJ+VG45w==
-----END CERTIFICATE-----
Generated at Sat Jun 6 05:40:01 2026 by rpki-client