Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b3f2aaae-23cf-4a37-9403-743b15ec2a8e/0/326130613a643638373a666630303a3a2f34382d3438203d3e20313937323133.roa
File: 326130613a643638373a666630303a3a2f34382d3438203d3e20313937323133.roa (raw, json)
Hash identifier: SkwT1h/rOaQClLo9nHFAVUlnnxxHoz85B/heCrM8trg=
Subject key identifier: A7:72:94:BF:4B:CB:EB:60:D7:5D:DB:46:3B:97:3B:EF:51:50:2C:91
Certificate issuer: /CN=0e70ae0acd0be83d2d458ca207b1d4ffa3c3e4ea
Certificate serial: 174CD0E5A00FD1646C27C7637F1F1E15E16680
Authority key identifier: 0E:70:AE:0A:CD:0B:E8:3D:2D:45:8C:A2:07:B1:D4:FF:A3:C3:E4:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DnCuCs0L6D0tRYyiB7HU_6PD5Oo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b3f2aaae-23cf-4a37-9403-743b15ec2a8e/0/326130613a643638373a666630303a3a2f34382d3438203d3e20313937323133.roa
Signing time: Thu 04 Jun 2026 01:30:30 +0000
ROA not before: Thu 04 Jun 2026 01:25:30 +0000
ROA not after: Thu 03 Jun 2027 01:30:30 +0000
asID: 197213
IP address blocks: 2a0a:d687:ff00::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b3f2aaae-23cf-4a37-9403-743b15ec2a8e/0/0E70AE0ACD0BE83D2D458CA207B1D4FFA3C3E4EA.crl
rsync://rsync.paas.rpki.ripe.net/repository/b3f2aaae-23cf-4a37-9403-743b15ec2a8e/0/0E70AE0ACD0BE83D2D458CA207B1D4FFA3C3E4EA.mft
rsync://rpki.ripe.net/repository/DEFAULT/DnCuCs0L6D0tRYyiB7HU_6PD5Oo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 06 Jun 2026 19:11:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:4c:d0:e5:a0:0f:d1:64:6c:27:c7:63:7f:1f:1e:15:e1:66:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e70ae0acd0be83d2d458ca207b1d4ffa3c3e4ea
Validity
Not Before: Jun 4 01:25:30 2026 GMT
Not After : Jun 3 01:30:30 2027 GMT
Subject: CN=A77294BF4BCBEB60D75DDB463B973BEF51502C91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:00:94:77:e7:af:57:0d:66:03:e3:df:05:1d:
d5:12:c1:ef:60:7f:b6:43:f0:c7:ad:46:26:e0:fa:
4c:6f:6d:e6:25:ee:de:50:82:ca:ac:8b:e6:10:db:
ae:ec:ca:29:fb:27:c4:11:a0:a2:e6:65:cd:ab:44:
ce:fb:f5:f2:d4:60:13:50:34:9f:ad:69:23:c0:ab:
2a:f7:02:8d:e6:f8:7b:45:2f:80:cd:06:fe:e2:1e:
8b:cb:c8:7c:81:18:aa:49:bd:81:e3:29:f7:b0:69:
08:b6:94:38:3b:f9:c2:5c:83:78:4a:e9:d2:d8:29:
98:86:01:d5:a2:64:22:6d:46:81:d0:a0:51:15:e4:
c9:c2:5a:b8:86:a9:c0:c7:a9:ca:ad:6e:7d:3d:ef:
e1:d1:ec:7b:29:66:e7:fd:81:de:25:d3:b8:26:73:
19:94:f8:4f:aa:4c:97:2a:30:1d:ac:24:7d:12:49:
45:7b:66:f0:fb:c8:5e:4b:fb:7f:b1:0c:5a:13:bd:
dc:30:c8:a3:16:b0:8c:70:1e:28:ce:00:f9:80:2d:
4c:90:8a:78:e2:d7:cf:d6:d4:0b:32:be:53:3d:5f:
74:f2:1e:5d:26:b5:9d:bf:9d:d2:4b:fb:d2:f7:54:
6e:1c:8c:53:cb:e7:56:6c:ab:ca:46:21:8a:64:1b:
d7:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:72:94:BF:4B:CB:EB:60:D7:5D:DB:46:3B:97:3B:EF:51:50:2C:91
X509v3 Authority Key Identifier:
keyid:0E:70:AE:0A:CD:0B:E8:3D:2D:45:8C:A2:07:B1:D4:FF:A3:C3:E4:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b3f2aaae-23cf-4a37-9403-743b15ec2a8e/0/0E70AE0ACD0BE83D2D458CA207B1D4FFA3C3E4EA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DnCuCs0L6D0tRYyiB7HU_6PD5Oo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b3f2aaae-23cf-4a37-9403-743b15ec2a8e/0/326130613a643638373a666630303a3a2f34382d3438203d3e20313937323133.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:d687:ff00::/48
Signature Algorithm: sha256WithRSAEncryption
4a:4d:2e:61:f6:26:1e:b5:2a:e9:a4:a6:99:0a:04:19:aa:60:
f4:1d:db:27:49:de:21:48:51:60:2a:cf:1b:82:02:24:4d:38:
46:f1:51:81:99:f7:45:3d:f7:b6:f5:b6:2b:2b:0c:1a:e0:63:
de:54:da:37:a3:cc:3a:2b:5a:0f:b6:a9:58:13:ac:25:d8:cf:
d0:fb:34:0e:b1:5c:a7:b8:94:44:f1:34:d8:aa:21:e1:97:38:
2a:53:dd:34:49:ba:f4:8e:30:54:03:cf:a6:dd:2e:34:52:93:
fb:7b:99:9e:61:4c:db:dc:9c:23:ba:da:86:67:94:a5:62:6a:
6e:60:db:1a:44:02:3c:6f:55:36:5b:5b:3c:5b:ca:f4:38:3e:
ca:15:40:cd:9c:c2:28:a2:0c:68:68:44:f6:32:b5:55:34:7e:
9a:1e:78:ba:30:9b:b3:ed:e1:d5:70:ff:99:1c:24:34:c0:3b:
93:56:7a:b1:fe:de:e4:31:91:09:92:a3:4f:87:00:45:4f:24:
86:9f:ed:4a:45:ea:c2:3d:64:c5:73:ba:05:41:ac:8c:53:52:
0f:57:76:a6:d7:17:63:10:c0:33:7e:43:d3:cd:b5:87:14:24:
d2:81:87:51:25:3d:9f:7d:7d:c0:42:7e:47:22:45:72:38:7c:
e1:71:cf:b7
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgITF0zQ5aAP0WRsJ8djfx8eFeFmgDANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEygwZTcwYWUwYWNkMGJlODNkMmQ0NThjYTIwN2IxZDRmZmEz
YzNlNGVhMB4XDTI2MDYwNDAxMjUzMFoXDTI3MDYwMzAxMzAzMFowMzExMC8GA1UE
AxMoQTc3Mjk0QkY0QkNCRUI2MEQ3NUREQjQ2M0I5NzNCRUY1MTUwMkM5MTCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMcAlHfnr1cNZgPj3wUd1RLB72B/
tkPwx61GJuD6TG9t5iXu3lCCyqyL5hDbruzKKfsnxBGgouZlzatEzvv18tRgE1A0
n61pI8CrKvcCjeb4e0UvgM0G/uIei8vIfIEYqkm9geMp97BpCLaUODv5wlyDeErp
0tgpmIYB1aJkIm1GgdCgURXkycJauIapwMepyq1ufT3v4dHseylm5/2B3iXTuCZz
GZT4T6pMlyowHawkfRJJRXtm8PvIXkv7f7EMWhO93DDIoxawjHAeKM4A+YAtTJCK
eOLXz9bUCzK+Uz1fdPIeXSa1nb+d0kv70vdUbhyMU8vnVmyrykYhimQb1zkCAwEA
AaOCAkowggJGMB0GA1UdDgQWBBSncpS/S8vrYNdd20Y7lzvvUVAskTAfBgNVHSME
GDAWgBQOcK4KzQvoPS1FjKIHsdT/o8Pk6jAOBgNVHQ8BAf8EBAMCB4AwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5u
ZXQvcmVwb3NpdG9yeS9iM2YyYWFhZS0yM2NmLTRhMzctOTQwMy03NDNiMTVlYzJh
OGUvMC8wRTcwQUUwQUNEMEJFODNEMkQ0NThDQTIwN0IxRDRGRkEzQzNFNEVBLmNy
bDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvRG5DdUNzMEw2RDB0Ull5aUI3SFVfNlBE
NU9vLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUFBzALhoGXcnN5bmM6
Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9iM2YyYWFhZS0y
M2NmLTRhMzctOTQwMy03NDNiMTVlYzJhOGUvMC8zMjYxMzA2MTNhNjQzNjM4Mzcz
YTY2NjYzMDMwM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzEzOTM3MzIzMTMzLnJv
YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAKgrWh/8AMA0GCSqGSIb3DQEBCwUAA4IBAQBKTS5h9iYetSrppKaZ
CgQZqmD0HdsnSd4hSFFgKs8bggIkTThG8VGBmfdFPfe29bYrKwwa4GPeVNo3o8w6
K1oPtqlYE6wl2M/Q+zQOsVynuJRE8TTYqiHhlzgqU900Sbr0jjBUA8+m3S40UpP7
e5meYUzb3JwjutqGZ5SlYmpuYNsaRAI8b1U2W1s8W8r0OD7KFUDNnMIoogxoaET2
MrVVNH6aHni6MJuz7eHVcP+ZHCQ0wDuTVnqx/t7kMZEJkqNPhwBFTySGn+1KRerC
PWTFc7oFQayMU1IPV3am1xdjEMAzfkPTzbWHFCTSgYdRJT2ffX3AQn5HIkVyOHzh
cc+3
-----END CERTIFICATE-----
Generated at Sat Jun 6 08:15:28 2026 by rpki-client