Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b3f2aaae-23cf-4a37-9403-743b15ec2a8e/0/326130613a643638373a666630313a3a2f34382d3438203d3e20323139353435.roa
File: 326130613a643638373a666630313a3a2f34382d3438203d3e20323139353435.roa (raw, json)
Hash identifier: rL8ASD59Ti8nB9XD3UXOLC8XxvqgDesYATRPUcKVSuY=
Subject key identifier: FF:38:E8:9E:1F:3A:0C:4A:F2:FC:98:CC:A1:9C:3C:B8:04:C1:EE:53
Certificate issuer: /CN=0e70ae0acd0be83d2d458ca207b1d4ffa3c3e4ea
Certificate serial: 77065087E55E6C351D3E2513F606C8151D955CA9
Authority key identifier: 0E:70:AE:0A:CD:0B:E8:3D:2D:45:8C:A2:07:B1:D4:FF:A3:C3:E4:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DnCuCs0L6D0tRYyiB7HU_6PD5Oo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b3f2aaae-23cf-4a37-9403-743b15ec2a8e/0/326130613a643638373a666630313a3a2f34382d3438203d3e20323139353435.roa
Signing time: Thu 04 Jun 2026 01:32:24 +0000
ROA not before: Thu 04 Jun 2026 01:27:24 +0000
ROA not after: Thu 03 Jun 2027 01:32:24 +0000
asID: 219545
IP address blocks: 2a0a:d687:ff01::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b3f2aaae-23cf-4a37-9403-743b15ec2a8e/0/0E70AE0ACD0BE83D2D458CA207B1D4FFA3C3E4EA.crl
rsync://rsync.paas.rpki.ripe.net/repository/b3f2aaae-23cf-4a37-9403-743b15ec2a8e/0/0E70AE0ACD0BE83D2D458CA207B1D4FFA3C3E4EA.mft
rsync://rpki.ripe.net/repository/DEFAULT/DnCuCs0L6D0tRYyiB7HU_6PD5Oo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 06 Jun 2026 19:11:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:06:50:87:e5:5e:6c:35:1d:3e:25:13:f6:06:c8:15:1d:95:5c:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e70ae0acd0be83d2d458ca207b1d4ffa3c3e4ea
Validity
Not Before: Jun 4 01:27:24 2026 GMT
Not After : Jun 3 01:32:24 2027 GMT
Subject: CN=FF38E89E1F3A0C4AF2FC98CCA19C3CB804C1EE53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:fb:e2:5c:85:d4:e3:2d:5e:72:94:78:6a:2b:
9e:e8:08:0c:eb:f9:3d:ff:59:f4:8e:71:b6:e0:6d:
2f:0e:49:88:7f:63:9f:9c:a1:99:ad:26:f5:d2:cb:
1b:58:43:3d:f4:25:35:44:37:50:7c:ce:54:d5:70:
85:cf:62:c2:54:b9:14:31:f2:a4:9e:0c:2a:34:ac:
a1:d2:67:50:a1:24:e2:b7:ad:7c:c7:e3:23:26:43:
0e:83:93:c9:8a:75:46:6c:52:70:47:d3:34:0a:e0:
74:7b:63:41:38:bc:b5:de:b0:47:d3:d3:dd:e6:df:
b1:8a:c3:c6:a0:27:42:f1:e5:28:30:8c:45:49:22:
da:22:7b:f4:fa:8c:e0:6d:8e:f5:9b:89:d8:e6:7a:
8f:2e:c2:8c:05:4f:0b:08:7b:cf:73:37:b0:48:cc:
07:41:a0:91:a3:51:87:e2:65:4c:85:02:1b:bd:ce:
73:9e:a8:96:1e:76:e2:7b:cf:0f:16:73:5e:7d:f9:
d4:8f:7e:85:d6:8c:c1:f8:4e:dc:7a:a9:d0:6d:2c:
df:7c:6d:f1:07:d0:e6:e3:1d:b9:b6:b5:f2:3c:5b:
01:10:e3:a2:41:4b:37:3c:04:7e:d5:d2:38:d4:f9:
cc:6c:69:ba:04:4b:d4:5b:c3:be:56:23:63:fc:89:
54:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:38:E8:9E:1F:3A:0C:4A:F2:FC:98:CC:A1:9C:3C:B8:04:C1:EE:53
X509v3 Authority Key Identifier:
keyid:0E:70:AE:0A:CD:0B:E8:3D:2D:45:8C:A2:07:B1:D4:FF:A3:C3:E4:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b3f2aaae-23cf-4a37-9403-743b15ec2a8e/0/0E70AE0ACD0BE83D2D458CA207B1D4FFA3C3E4EA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DnCuCs0L6D0tRYyiB7HU_6PD5Oo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b3f2aaae-23cf-4a37-9403-743b15ec2a8e/0/326130613a643638373a666630313a3a2f34382d3438203d3e20323139353435.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:d687:ff01::/48
Signature Algorithm: sha256WithRSAEncryption
54:69:b4:49:45:7d:3b:57:54:7b:fe:00:a7:78:79:ff:ea:1e:
85:4f:37:81:f0:04:f1:73:ec:bc:bc:dd:02:29:f1:4a:ff:c7:
34:7f:3b:3c:18:12:ed:76:1e:ed:59:24:86:1c:46:e0:bc:2f:
18:cd:5c:1a:1b:26:12:e6:3a:a6:96:e7:82:79:5b:2e:d8:fd:
86:2c:ee:02:68:37:82:bf:a9:28:c4:dd:67:9e:94:f3:20:36:
d2:2d:73:24:1b:ee:b8:2c:f3:2e:9d:82:7d:fd:c5:c8:52:b1:
21:11:d3:b7:96:f2:e0:ff:d5:3d:57:b7:6d:dc:e4:66:50:f7:
9b:6c:2b:30:0d:c2:f3:94:5d:be:b3:9d:84:6a:8d:42:7e:a1:
1b:da:8e:68:86:08:a3:c6:b4:08:b9:cd:03:51:62:71:bd:ab:
51:f5:c2:a0:41:8f:af:49:1e:57:0f:46:77:2d:e4:02:f0:7b:
96:52:6d:a6:00:32:ca:77:ac:fd:21:35:ff:9a:9e:e5:ad:11:
15:e7:f1:d8:7d:59:26:06:60:71:38:d6:04:f5:3f:61:a6:10:
f8:7b:94:cb:70:10:f3:49:aa:9f:ce:b6:3f:b9:65:5e:c0:98:
51:7a:fe:ff:6c:1c:84:06:73:47:5a:db:63:cb:c5:8f:87:ea:
94:b7:0a:b2
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUdwZQh+VebDUdPiUT9gbIFR2VXKkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGU3MGFlMGFjZDBiZTgzZDJkNDU4Y2EyMDdiMWQ0ZmZh
M2MzZTRlYTAeFw0yNjA2MDQwMTI3MjRaFw0yNzA2MDMwMTMyMjRaMDMxMTAvBgNV
BAMTKEZGMzhFODlFMUYzQTBDNEFGMkZDOThDQ0ExOUMzQ0I4MDRDMUVFNTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9++JchdTjLV5ylHhqK57oCAzr
+T3/WfSOcbbgbS8OSYh/Y5+coZmtJvXSyxtYQz30JTVEN1B8zlTVcIXPYsJUuRQx
8qSeDCo0rKHSZ1ChJOK3rXzH4yMmQw6Dk8mKdUZsUnBH0zQK4HR7Y0E4vLXesEfT
093m37GKw8agJ0Lx5SgwjEVJItoie/T6jOBtjvWbidjmeo8uwowFTwsIe89zN7BI
zAdBoJGjUYfiZUyFAhu9znOeqJYeduJ7zw8Wc159+dSPfoXWjMH4Ttx6qdBtLN98
bfEH0ObjHbm2tfI8WwEQ46JBSzc8BH7V0jjU+cxsaboES9Rbw75WI2P8iVR/AgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQU/zjonh86DEry/JjMoZw8uATB7lMwHwYDVR0j
BBgwFoAUDnCuCs0L6D0tRYyiB7HU/6PD5OowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjNmMmFhYWUtMjNjZi00YTM3LTk0MDMtNzQzYjE1ZWMy
YThlLzAvMEU3MEFFMEFDRDBCRTgzRDJENDU4Q0EyMDdCMUQ0RkZBM0MzRTRFQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RuQ3VDczBMNkQwdFJZeWlCN0hVXzZQ
RDVPby5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjNmMmFhYWUt
MjNjZi00YTM3LTk0MDMtNzQzYjE1ZWMyYThlLzAvMzI2MTMwNjEzYTY0MzYzODM3
M2E2NjY2MzAzMTNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzOTM1MzQzNS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoK1of/ATANBgkqhkiG9w0BAQsFAAOCAQEAVGm0SUV9O1dUe/4A
p3h5/+oehU83gfAE8XPsvLzdAinxSv/HNH87PBgS7XYe7VkkhhxG4LwvGM1cGhsm
EuY6ppbngnlbLtj9hizuAmg3gr+pKMTdZ56U8yA20i1zJBvuuCzzLp2Cff3FyFKx
IRHTt5by4P/VPVe3bdzkZlD3m2wrMA3C85RdvrOdhGqNQn6hG9qOaIYIo8a0CLnN
A1Ficb2rUfXCoEGPr0keVw9Gdy3kAvB7llJtpgAyynes/SE1/5qe5a0RFefx2H1Z
JgZgcTjWBPU/YaYQ+HuUy3AQ80mqn862P7llXsCYUXr+/2wchAZzR1rbY8vFj4fq
lLcKsg==
-----END CERTIFICATE-----
Generated at Sat Jun 6 08:15:28 2026 by rpki-client