Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b3f2aaae-23cf-4a37-9403-743b15ec2a8e/0/326130613a643638373a653130303a3a2f34332d3438203d3e20323139343333.roa
File: 326130613a643638373a653130303a3a2f34332d3438203d3e20323139343333.roa (raw, json)
Hash identifier: g1wT/6cmNUPL0/+gCGthFM4aX0wibSOImG3Rr13sSvQ=
Subject key identifier: 5F:6F:9C:CE:9E:05:E2:8B:09:8C:73:74:33:45:1F:D4:05:38:F8:C7
Certificate issuer: /CN=0e70ae0acd0be83d2d458ca207b1d4ffa3c3e4ea
Certificate serial: 243A33A99F75548E55F440C062B191E340E91867
Authority key identifier: 0E:70:AE:0A:CD:0B:E8:3D:2D:45:8C:A2:07:B1:D4:FF:A3:C3:E4:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DnCuCs0L6D0tRYyiB7HU_6PD5Oo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b3f2aaae-23cf-4a37-9403-743b15ec2a8e/0/326130613a643638373a653130303a3a2f34332d3438203d3e20323139343333.roa
Signing time: Wed 17 Jun 2026 15:53:04 +0000
ROA not before: Wed 17 Jun 2026 15:48:04 +0000
ROA not after: Wed 16 Jun 2027 15:53:04 +0000
asID: 219433
IP address blocks: 2a0a:d687:e100::/43 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b3f2aaae-23cf-4a37-9403-743b15ec2a8e/0/0E70AE0ACD0BE83D2D458CA207B1D4FFA3C3E4EA.crl
rsync://rsync.paas.rpki.ripe.net/repository/b3f2aaae-23cf-4a37-9403-743b15ec2a8e/0/0E70AE0ACD0BE83D2D458CA207B1D4FFA3C3E4EA.mft
rsync://rpki.ripe.net/repository/DEFAULT/DnCuCs0L6D0tRYyiB7HU_6PD5Oo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 24 Jun 2026 19:13:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:3a:33:a9:9f:75:54:8e:55:f4:40:c0:62:b1:91:e3:40:e9:18:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e70ae0acd0be83d2d458ca207b1d4ffa3c3e4ea
Validity
Not Before: Jun 17 15:48:04 2026 GMT
Not After : Jun 16 15:53:04 2027 GMT
Subject: CN=5F6F9CCE9E05E28B098C737433451FD40538F8C7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:27:ff:23:12:1a:55:3c:23:1c:b0:6f:57:4b:
7a:3e:6c:69:c0:d1:14:fe:bc:de:7a:65:a4:e1:39:
11:1b:b0:cf:dc:7c:b0:4f:b1:82:58:27:f1:bf:b7:
1a:aa:9f:50:08:c7:4b:11:38:2e:5c:14:a0:27:e0:
02:ac:c7:f9:0b:7a:6a:55:ca:ce:dd:f8:26:ec:85:
c4:61:b7:63:db:51:6a:f6:66:51:df:2a:2f:0c:21:
36:26:1f:04:d3:2d:45:cf:5d:f3:58:60:37:c1:20:
d0:6b:7f:75:17:f6:be:b2:27:fc:d8:f7:43:04:54:
34:14:55:59:50:82:f0:8d:a5:5a:39:2a:f7:d6:32:
fc:74:b0:f3:19:cd:25:05:ac:63:13:cc:49:3f:7d:
d9:04:a7:91:29:59:9a:ef:e9:ab:aa:43:f8:72:32:
7b:6b:be:f0:e2:e9:7e:41:ac:06:18:79:d1:13:c9:
3a:7d:10:19:6b:b3:fc:d9:29:81:74:aa:a8:11:79:
4e:1f:69:da:54:fc:d0:94:cf:d4:8d:4d:28:2a:a0:
03:1f:09:37:e7:f6:e3:8f:e5:0e:c2:38:3f:72:b6:
a6:50:8b:39:e3:c8:03:fb:7c:6a:f8:23:5a:aa:45:
d1:91:b8:46:9a:02:45:76:7a:0f:49:e9:e2:70:4f:
8e:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:6F:9C:CE:9E:05:E2:8B:09:8C:73:74:33:45:1F:D4:05:38:F8:C7
X509v3 Authority Key Identifier:
keyid:0E:70:AE:0A:CD:0B:E8:3D:2D:45:8C:A2:07:B1:D4:FF:A3:C3:E4:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b3f2aaae-23cf-4a37-9403-743b15ec2a8e/0/0E70AE0ACD0BE83D2D458CA207B1D4FFA3C3E4EA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DnCuCs0L6D0tRYyiB7HU_6PD5Oo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b3f2aaae-23cf-4a37-9403-743b15ec2a8e/0/326130613a643638373a653130303a3a2f34332d3438203d3e20323139343333.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:d687:e100::/43
Signature Algorithm: sha256WithRSAEncryption
38:2a:5a:09:ce:e2:94:24:01:a0:49:cb:0b:6f:26:9c:fa:d0:
48:1f:82:b8:f2:06:f8:58:28:f3:f7:d3:f0:5a:1f:85:39:c9:
47:fc:ef:64:bd:87:87:8c:d2:a9:25:6c:fd:91:f3:84:06:7c:
a2:45:59:b7:9d:56:9b:8a:60:93:9c:27:4d:df:9c:f5:8e:9b:
c2:70:3d:76:23:b9:00:d6:11:a6:f2:f6:9d:d2:d9:1b:fb:fe:
76:cb:23:25:cc:2d:9f:d4:cc:3a:ae:b3:4a:bf:64:eb:89:e7:
3c:19:b1:43:6e:4a:c9:b7:90:11:a9:6b:7d:11:27:35:a0:b9:
e5:27:7b:62:e4:83:da:45:62:eb:9b:c8:ee:c5:57:16:70:34:
29:42:fb:a8:3f:11:e5:09:e9:b0:7a:ee:d1:c8:5a:9a:12:db:
4b:b0:54:e0:53:67:c2:88:57:cf:fa:83:4e:f9:18:9d:1f:c8:
19:77:7c:0d:f0:53:cd:bb:c8:b9:ea:05:73:fb:1a:25:71:6a:
b8:a1:a5:25:0e:f0:2a:7d:bc:f1:8d:8c:fc:a7:3c:41:4e:d3:
f3:4d:59:17:ac:f5:c0:67:c1:2d:69:7d:32:81:c7:a3:62:d1:
3e:1c:8e:28:ce:fa:78:9c:54:5f:0f:c7:da:dd:3e:a6:fe:76:
cb:68:58:87
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUJDozqZ91VI5V9EDAYrGR40DpGGcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGU3MGFlMGFjZDBiZTgzZDJkNDU4Y2EyMDdiMWQ0ZmZh
M2MzZTRlYTAeFw0yNjA2MTcxNTQ4MDRaFw0yNzA2MTYxNTUzMDRaMDMxMTAvBgNV
BAMTKDVGNkY5Q0NFOUUwNUUyOEIwOThDNzM3NDMzNDUxRkQ0MDUzOEY4QzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/J/8jEhpVPCMcsG9XS3o+bGnA
0RT+vN56ZaThOREbsM/cfLBPsYJYJ/G/txqqn1AIx0sROC5cFKAn4AKsx/kLempV
ys7d+CbshcRht2PbUWr2ZlHfKi8MITYmHwTTLUXPXfNYYDfBINBrf3UX9r6yJ/zY
90MEVDQUVVlQgvCNpVo5KvfWMvx0sPMZzSUFrGMTzEk/fdkEp5EpWZrv6auqQ/hy
MntrvvDi6X5BrAYYedETyTp9EBlrs/zZKYF0qqgReU4fadpU/NCUz9SNTSgqoAMf
CTfn9uOP5Q7COD9ytqZQiznjyAP7fGr4I1qqRdGRuEaaAkV2eg9J6eJwT45RAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUX2+czp4F4osJjHN0M0Uf1AU4+McwHwYDVR0j
BBgwFoAUDnCuCs0L6D0tRYyiB7HU/6PD5OowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjNmMmFhYWUtMjNjZi00YTM3LTk0MDMtNzQzYjE1ZWMy
YThlLzAvMEU3MEFFMEFDRDBCRTgzRDJENDU4Q0EyMDdCMUQ0RkZBM0MzRTRFQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RuQ3VDczBMNkQwdFJZeWlCN0hVXzZQ
RDVPby5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjNmMmFhYWUt
MjNjZi00YTM3LTk0MDMtNzQzYjE1ZWMyYThlLzAvMzI2MTMwNjEzYTY0MzYzODM3
M2E2NTMxMzAzMDNhM2EyZjM0MzMyZDM0MzgyMDNkM2UyMDMyMzEzOTM0MzMzMy5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHBSoK1ofhADANBgkqhkiG9w0BAQsFAAOCAQEAOCpaCc7ilCQBoEnL
C28mnPrQSB+CuPIG+Fgo8/fT8FofhTnJR/zvZL2Hh4zSqSVs/ZHzhAZ8okVZt51W
m4pgk5wnTd+c9Y6bwnA9diO5ANYRpvL2ndLZG/v+dssjJcwtn9TMOq6zSr9k64nn
PBmxQ25KybeQEalrfREnNaC55Sd7YuSD2kVi65vI7sVXFnA0KUL7qD8R5QnpsHru
0chamhLbS7BU4FNnwohXz/qDTvkYnR/IGXd8DfBTzbvIueoFc/saJXFquKGlJQ7w
Kn288Y2M/Kc8QU7T801ZF6z1wGfBLWl9MoHHo2LRPhyOKM76eJxUXw/H2t0+pv52
y2hYhw==
-----END CERTIFICATE-----
Generated at Wed Jun 24 01:07:13 2026 by rpki-client