Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c5df7bba-6d8c-49e9-bbe3-c525f53d4206/1/326131343a623430303a3a2f33312d3331203d3e2030.roa
File: 326131343a623430303a3a2f33312d3331203d3e2030.roa (raw, json)
Hash identifier: TSZA08L1jZT+5Qa9xo1wIebR2Ro2rcIanRIxNUOMcd0=
Subject key identifier: D1:C3:D7:25:4C:F3:00:91:7C:D2:1B:FA:17:0F:28:A3:39:5F:79:2E
Certificate issuer: /CN=a1e4de695d846c0e5864e4c865d9bd5e80e5f694
Certificate serial: 2A06AD0D55B0ABB9379FF565F1558F7AEEFDD26D
Authority key identifier: A1:E4:DE:69:5D:84:6C:0E:58:64:E4:C8:65:D9:BD:5E:80:E5:F6:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oeTeaV2EbA5YZOTIZdm9XoDl9pQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c5df7bba-6d8c-49e9-bbe3-c525f53d4206/1/326131343a623430303a3a2f33312d3331203d3e2030.roa
Signing time: Thu 30 Apr 2026 09:15:16 +0000
ROA not before: Thu 30 Apr 2026 09:10:16 +0000
ROA not after: Thu 29 Apr 2027 09:15:16 +0000
asID: 0
IP address blocks: 2a14:b400::/31 maxlen: 31
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c5df7bba-6d8c-49e9-bbe3-c525f53d4206/1/A1E4DE695D846C0E5864E4C865D9BD5E80E5F694.crl
rsync://rsync.paas.rpki.ripe.net/repository/c5df7bba-6d8c-49e9-bbe3-c525f53d4206/1/A1E4DE695D846C0E5864E4C865D9BD5E80E5F694.mft
rsync://rpki.ripe.net/repository/DEFAULT/oeTeaV2EbA5YZOTIZdm9XoDl9pQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 01 May 2026 07:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:06:ad:0d:55:b0:ab:b9:37:9f:f5:65:f1:55:8f:7a:ee:fd:d2:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a1e4de695d846c0e5864e4c865d9bd5e80e5f694
Validity
Not Before: Apr 30 09:10:16 2026 GMT
Not After : Apr 29 09:15:16 2027 GMT
Subject: CN=D1C3D7254CF300917CD21BFA170F28A3395F792E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:28:f0:c2:51:0e:1e:fd:0e:f7:cc:5a:ab:14:
15:a8:28:31:c7:dc:6c:43:77:cc:37:5a:2b:be:97:
0c:cd:8a:78:a1:89:80:86:c1:d4:7d:83:6e:1a:d5:
b6:bd:b8:ec:1a:e6:1f:d0:59:9b:1a:ce:18:34:6c:
b5:e3:56:0e:0c:26:28:ea:f5:c1:57:5c:04:e7:d9:
e3:dd:5d:05:05:f9:48:eb:0f:f6:c1:08:26:50:39:
26:3e:16:5e:47:8a:1c:46:4d:91:29:46:1f:3b:92:
a5:5e:6b:43:f4:51:cc:d7:0e:d4:3e:13:e6:59:2d:
c3:38:5f:57:a5:62:00:9e:65:49:c2:78:22:a6:cd:
c8:35:30:54:65:5e:15:33:57:f8:fe:8b:eb:33:68:
91:5a:18:e6:e7:80:31:3d:35:d2:99:fd:fa:41:a8:
5c:d9:94:bd:11:2a:aa:f1:7c:1e:df:9a:af:6e:7e:
29:c1:4c:8d:a6:5c:0f:4f:02:42:78:14:1f:0d:4e:
2a:f4:a7:bc:67:2d:c8:91:2e:6d:33:90:98:ff:98:
ed:e3:b3:77:0c:34:2b:ef:ba:5e:ec:ef:78:57:83:
d7:f2:d2:6f:a7:7c:54:0d:8d:fd:ed:0e:03:1d:9e:
d1:fd:4e:eb:9e:b4:bc:9b:03:21:56:29:d1:fc:1b:
6a:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:C3:D7:25:4C:F3:00:91:7C:D2:1B:FA:17:0F:28:A3:39:5F:79:2E
X509v3 Authority Key Identifier:
keyid:A1:E4:DE:69:5D:84:6C:0E:58:64:E4:C8:65:D9:BD:5E:80:E5:F6:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c5df7bba-6d8c-49e9-bbe3-c525f53d4206/1/A1E4DE695D846C0E5864E4C865D9BD5E80E5F694.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oeTeaV2EbA5YZOTIZdm9XoDl9pQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c5df7bba-6d8c-49e9-bbe3-c525f53d4206/1/326131343a623430303a3a2f33312d3331203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:b400::/31
Signature Algorithm: sha256WithRSAEncryption
45:b0:d4:e1:36:ef:55:1d:a8:68:e7:36:90:25:4c:91:8a:ca:
21:22:36:31:cd:13:ce:46:5d:02:b8:84:50:5a:b2:01:e3:ef:
11:75:a6:69:52:30:04:30:c7:4a:96:ab:ce:a9:e6:00:d1:a8:
ff:8c:7e:f6:88:98:23:b9:77:c0:1c:7d:41:1a:63:4d:71:f1:
b9:06:6d:ac:ad:6f:8f:44:3f:ca:0e:71:27:5d:3b:be:b6:eb:
e2:48:c7:63:4e:76:97:b6:3c:ed:1d:43:3c:49:3f:45:fa:79:
c1:b8:30:78:1b:70:0f:ce:08:71:74:d1:da:b6:0c:bd:86:ec:
f2:00:a1:70:51:97:ea:43:c1:a8:17:5e:b6:d6:16:59:5d:89:
42:cc:a0:fc:0d:b9:fb:8b:8e:c9:2e:1a:88:49:a8:33:b4:f9:
28:c0:04:91:dd:8a:f5:12:ec:ca:da:1e:d2:e8:84:7e:fb:69:
2f:99:9b:e4:bc:d8:bb:49:58:af:9b:55:f2:a5:6a:74:83:c5:
06:9c:0d:aa:63:a3:0a:31:da:f9:2e:c7:8e:11:95:42:02:8a:
f3:29:2f:b2:77:a0:2d:37:de:ae:d6:bb:69:b8:8e:07:f2:be:
81:19:5e:1d:22:aa:a4:4b:05:bd:bf:bd:54:ac:e1:21:bf:91:
91:54:eb:0d
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUKgatDVWwq7k3n/Vl8VWPeu790m0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTFlNGRlNjk1ZDg0NmMwZTU4NjRlNGM4NjVkOWJkNWU4
MGU1ZjY5NDAeFw0yNjA0MzAwOTEwMTZaFw0yNzA0MjkwOTE1MTZaMDMxMTAvBgNV
BAMTKEQxQzNENzI1NENGMzAwOTE3Q0QyMUJGQTE3MEYyOEEzMzk1Rjc5MkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDdKPDCUQ4e/Q73zFqrFBWoKDHH
3GxDd8w3Wiu+lwzNinihiYCGwdR9g24a1ba9uOwa5h/QWZsazhg0bLXjVg4MJijq
9cFXXATn2ePdXQUF+UjrD/bBCCZQOSY+Fl5HihxGTZEpRh87kqVea0P0UczXDtQ+
E+ZZLcM4X1elYgCeZUnCeCKmzcg1MFRlXhUzV/j+i+szaJFaGObngDE9NdKZ/fpB
qFzZlL0RKqrxfB7fmq9ufinBTI2mXA9PAkJ4FB8NTir0p7xnLciRLm0zkJj/mO3j
s3cMNCvvul7s73hXg9fy0m+nfFQNjf3tDgMdntH9TuuetLybAyFWKdH8G2rHAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQU0cPXJUzzAJF80hv6Fw8oozlfeS4wHwYDVR0j
BBgwFoAUoeTeaV2EbA5YZOTIZdm9XoDl9pQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzVkZjdiYmEtNmQ4Yy00OWU5LWJiZTMtYzUyNWY1M2Q0
MjA2LzEvQTFFNERFNjk1RDg0NkMwRTU4NjRFNEM4NjVEOUJENUU4MEU1RjY5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL29lVGVhVjJFYkE1WVpPVElaZG05WG9E
bDlwUS5jZXIwgaMGCCsGAQUFBwELBIGWMIGTMIGQBggrBgEFBQcwC4aBg3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzVkZjdiYmEt
NmQ4Yy00OWU5LWJiZTMtYzUyNWY1M2Q0MjA2LzEvMzI2MTMxMzQzYTYyMzQzMDMw
M2EzYTJmMzMzMTJkMzMzMTIwM2QzZTIwMzAucm9hMBgGA1UdIAEB/wQOMAwwCgYI
KwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQEqFLQAMA0GCSqG
SIb3DQEBCwUAA4IBAQBFsNThNu9VHaho5zaQJUyRisohIjYxzRPORl0CuIRQWrIB
4+8RdaZpUjAEMMdKlqvOqeYA0aj/jH72iJgjuXfAHH1BGmNNcfG5Bm2srW+PRD/K
DnEnXTu+tuviSMdjTnaXtjztHUM8ST9F+nnBuDB4G3APzghxdNHatgy9huzyAKFw
UZfqQ8GoF1621hZZXYlCzKD8Dbn7i47JLhqISagztPkowASR3Yr1EuzK2h7S6IR+
+2kvmZvkvNi7SVivm1XypWp0g8UGnA2qY6MKMdr5LseOEZVCAorzKS+yd6AtN96u
1rtpuI4H8r6BGV4dIqqkSwW9v71UrOEhv5GRVOsN
-----END CERTIFICATE-----
Generated at Thu Apr 30 13:43:12 2026 by rpki-client