Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c5df7bba-6d8c-49e9-bbe3-c525f53d4206/1/326131343a623430303a3a2f33322d3332203d3e20323133323739.roa
File: 326131343a623430303a3a2f33322d3332203d3e20323133323739.roa (raw, json)
Hash identifier: pEcoX+Tc0xOxgJ55vOp1eqI0XlRh+h6vJeMxfEC5Z5g=
Subject key identifier: 9A:26:E5:25:43:C8:EE:44:6F:5B:D1:BC:3C:57:97:BD:1C:2E:C4:3D
Certificate issuer: /CN=a1e4de695d846c0e5864e4c865d9bd5e80e5f694
Certificate serial: 38280F64B97909EB028344F161F04E555706AF0D
Authority key identifier: A1:E4:DE:69:5D:84:6C:0E:58:64:E4:C8:65:D9:BD:5E:80:E5:F6:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oeTeaV2EbA5YZOTIZdm9XoDl9pQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c5df7bba-6d8c-49e9-bbe3-c525f53d4206/1/326131343a623430303a3a2f33322d3332203d3e20323133323739.roa
Signing time: Thu 30 Apr 2026 09:15:15 +0000
ROA not before: Thu 30 Apr 2026 09:10:15 +0000
ROA not after: Thu 29 Apr 2027 09:15:15 +0000
asID: 213279
IP address blocks: 2a14:b400::/32 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c5df7bba-6d8c-49e9-bbe3-c525f53d4206/1/A1E4DE695D846C0E5864E4C865D9BD5E80E5F694.crl
rsync://rsync.paas.rpki.ripe.net/repository/c5df7bba-6d8c-49e9-bbe3-c525f53d4206/1/A1E4DE695D846C0E5864E4C865D9BD5E80E5F694.mft
rsync://rpki.ripe.net/repository/DEFAULT/oeTeaV2EbA5YZOTIZdm9XoDl9pQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 01 May 2026 07:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:28:0f:64:b9:79:09:eb:02:83:44:f1:61:f0:4e:55:57:06:af:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a1e4de695d846c0e5864e4c865d9bd5e80e5f694
Validity
Not Before: Apr 30 09:10:15 2026 GMT
Not After : Apr 29 09:15:15 2027 GMT
Subject: CN=9A26E52543C8EE446F5BD1BC3C5797BD1C2EC43D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:00:e5:69:75:62:dc:9e:f6:5e:d6:e8:58:14:
ff:4e:7b:96:29:08:18:22:66:a4:db:f4:82:c8:46:
58:89:fe:75:6b:32:29:38:ec:e6:0a:5c:3b:b4:e6:
e4:0e:41:2d:5d:6d:49:a7:ea:65:d7:ff:66:ef:ca:
e9:e3:c8:79:bd:29:a8:65:29:8b:5f:a9:8b:28:99:
9a:dd:6a:dd:39:77:95:0d:81:76:24:c6:f4:aa:e1:
3b:aa:e5:61:42:fa:8e:22:e3:7e:11:7a:c7:f8:c9:
87:4c:f3:d5:a0:09:f4:5f:df:0a:cf:4b:66:cc:93:
1f:06:d1:1e:e5:2b:83:80:15:fe:a9:c5:80:5f:2b:
0d:10:a2:f7:70:16:91:05:a8:1c:da:27:f1:7d:12:
db:73:40:66:c4:a6:ae:fb:64:a0:35:42:26:3f:27:
4a:1b:ff:ba:bf:56:f9:c9:a6:8b:c6:3e:25:dd:bd:
2c:78:19:0d:66:b9:bd:bd:b6:00:6a:2c:f5:4e:e4:
c3:64:23:77:b2:5b:2a:52:9c:78:28:a8:8b:07:45:
3e:17:bf:f5:16:ef:cc:08:31:70:3e:52:26:c1:7c:
37:15:3e:b0:d8:89:27:d2:fe:45:de:20:f4:3d:bd:
25:2b:49:5b:65:d7:10:19:3a:26:e8:1f:d6:b8:31:
1d:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:26:E5:25:43:C8:EE:44:6F:5B:D1:BC:3C:57:97:BD:1C:2E:C4:3D
X509v3 Authority Key Identifier:
keyid:A1:E4:DE:69:5D:84:6C:0E:58:64:E4:C8:65:D9:BD:5E:80:E5:F6:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c5df7bba-6d8c-49e9-bbe3-c525f53d4206/1/A1E4DE695D846C0E5864E4C865D9BD5E80E5F694.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oeTeaV2EbA5YZOTIZdm9XoDl9pQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c5df7bba-6d8c-49e9-bbe3-c525f53d4206/1/326131343a623430303a3a2f33322d3332203d3e20323133323739.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:b400::/32
Signature Algorithm: sha256WithRSAEncryption
4c:8d:cd:21:a1:10:f0:8d:c3:f3:46:60:c8:87:a7:71:3d:0d:
32:52:35:e6:03:ea:4e:f2:e3:67:e7:3a:32:11:84:99:7c:aa:
24:24:07:a4:16:b5:a6:96:5b:7b:a7:e9:1d:b9:d6:0d:c4:86:
98:04:3b:d5:54:19:4b:89:d9:73:14:d2:c0:a4:7e:ff:03:3b:
75:87:f0:05:f0:61:40:2d:4c:4b:e6:a9:03:9d:42:7c:fb:9f:
76:0e:17:66:b0:16:65:e0:33:95:56:7e:a7:70:b7:0e:8c:a8:
ff:80:2d:a5:08:8b:fb:7d:9a:3d:9c:41:88:dd:04:ef:b8:e7:
8f:e2:b9:b2:4b:42:f4:2d:02:d2:a2:0c:74:5c:5e:96:53:3d:
03:a7:99:d8:7a:ff:cc:97:ff:17:4e:e4:2f:b1:ed:22:9e:36:
26:87:b4:8b:dc:4d:36:e6:04:b1:98:54:62:6c:be:9e:32:44:
99:63:ff:99:17:63:21:51:18:61:a3:f7:58:bf:ca:ba:a8:10:
aa:3b:67:f1:6f:de:f8:2c:9e:fd:ce:16:da:c8:70:c5:d3:4d:
1d:3c:78:70:fe:7a:5a:c1:93:23:69:50:e1:28:cf:b2:46:96:
fc:5d:81:51:3f:81:4f:63:40:a7:eb:ff:9b:fa:38:ea:61:1a:
98:1e:2c:d0
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIUOCgPZLl5CesCg0TxYfBOVVcGrw0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTFlNGRlNjk1ZDg0NmMwZTU4NjRlNGM4NjVkOWJkNWU4
MGU1ZjY5NDAeFw0yNjA0MzAwOTEwMTVaFw0yNzA0MjkwOTE1MTVaMDMxMTAvBgNV
BAMTKDlBMjZFNTI1NDNDOEVFNDQ2RjVCRDFCQzNDNTc5N0JEMUMyRUM0M0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDuAOVpdWLcnvZe1uhYFP9Oe5Yp
CBgiZqTb9ILIRliJ/nVrMik47OYKXDu05uQOQS1dbUmn6mXX/2bvyunjyHm9Kahl
KYtfqYsomZrdat05d5UNgXYkxvSq4Tuq5WFC+o4i434Resf4yYdM89WgCfRf3wrP
S2bMkx8G0R7lK4OAFf6pxYBfKw0QovdwFpEFqBzaJ/F9EttzQGbEpq77ZKA1QiY/
J0ob/7q/VvnJpovGPiXdvSx4GQ1mub29tgBqLPVO5MNkI3eyWypSnHgoqIsHRT4X
v/UW78wIMXA+UibBfDcVPrDYiSfS/kXeIPQ9vSUrSVtl1xAZOiboH9a4MR3zAgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQUmiblJUPI7kRvW9G8PFeXvRwuxD0wHwYDVR0j
BBgwFoAUoeTeaV2EbA5YZOTIZdm9XoDl9pQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzVkZjdiYmEtNmQ4Yy00OWU5LWJiZTMtYzUyNWY1M2Q0
MjA2LzEvQTFFNERFNjk1RDg0NkMwRTU4NjRFNEM4NjVEOUJENUU4MEU1RjY5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL29lVGVhVjJFYkE1WVpPVElaZG05WG9E
bDlwUS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzVkZjdiYmEt
NmQ4Yy00OWU5LWJiZTMtYzUyNWY1M2Q0MjA2LzEvMzI2MTMxMzQzYTYyMzQzMDMw
M2EzYTJmMzMzMjJkMzMzMjIwM2QzZTIwMzIzMTMzMzIzNzM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUA
KhS0ADANBgkqhkiG9w0BAQsFAAOCAQEATI3NIaEQ8I3D80ZgyIencT0NMlI15gPq
TvLjZ+c6MhGEmXyqJCQHpBa1ppZbe6fpHbnWDcSGmAQ71VQZS4nZcxTSwKR+/wM7
dYfwBfBhQC1MS+apA51CfPufdg4XZrAWZeAzlVZ+p3C3Doyo/4AtpQiL+32aPZxB
iN0E77jnj+K5sktC9C0C0qIMdFxellM9A6eZ2Hr/zJf/F07kL7HtIp42Joe0i9xN
NuYEsZhUYmy+njJEmWP/mRdjIVEYYaP3WL/KuqgQqjtn8W/e+Cye/c4W2shwxdNN
HTx4cP56WsGTI2lQ4SjPskaW/F2BUT+BT2NAp+v/m/o46mEamB4s0A==
-----END CERTIFICATE-----
Generated at Thu Apr 30 13:43:47 2026 by rpki-client