Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/326131343a333863303a313a3a2f34382d3438203d3e20323135323438.roa
File: 326131343a333863303a313a3a2f34382d3438203d3e20323135323438.roa (raw, json)
Hash identifier: G4G7qpeiXc1dZVsN/BNStkgkB9ctxJY8dVaZnuFV5eA=
Subject key identifier: 01:DE:AA:E1:07:36:0D:A1:B0:24:1C:11:7D:57:D5:C0:51:9F:F5:4C
Certificate issuer: /CN=5cdc04bb23eaa4cecc791dfe04bb028b7e797b68
Certificate serial: 7E6A6EAA2672D7950E1A1AE18F8EF33200F9A097
Authority key identifier: 5C:DC:04:BB:23:EA:A4:CE:CC:79:1D:FE:04:BB:02:8B:7E:79:7B:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XNwEuyPqpM7MeR3-BLsCi355e2g.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/326131343a333863303a313a3a2f34382d3438203d3e20323135323438.roa
Signing time: Mon 22 Jun 2026 20:27:57 +0000
ROA not before: Mon 22 Jun 2026 20:22:57 +0000
ROA not after: Mon 21 Jun 2027 20:27:57 +0000
asID: 215248
IP address blocks: 2a14:38c0:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/5CDC04BB23EAA4CECC791DFE04BB028B7E797B68.crl
rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/5CDC04BB23EAA4CECC791DFE04BB028B7E797B68.mft
rsync://rpki.ripe.net/repository/DEFAULT/XNwEuyPqpM7MeR3-BLsCi355e2g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Jun 2026 00:26:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:6a:6e:aa:26:72:d7:95:0e:1a:1a:e1:8f:8e:f3:32:00:f9:a0:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cdc04bb23eaa4cecc791dfe04bb028b7e797b68
Validity
Not Before: Jun 22 20:22:57 2026 GMT
Not After : Jun 21 20:27:57 2027 GMT
Subject: CN=01DEAAE107360DA1B0241C117D57D5C0519FF54C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:54:77:bb:f7:9d:50:fd:74:99:07:0d:d7:57:
ed:bd:cf:8e:c3:8e:14:25:d1:d4:53:ff:39:ff:ef:
95:a3:14:77:cc:f4:fd:2e:78:32:e6:a7:0d:4a:58:
17:6a:76:da:5d:41:ba:c7:54:32:b6:d2:a9:cb:95:
96:a2:f6:3f:4a:9b:cb:a8:9f:2e:a3:bf:1a:f6:c5:
03:94:96:c9:41:62:5a:ea:1e:5c:43:0a:f3:5e:90:
d7:a4:6e:af:30:af:ee:80:10:d6:95:4e:3e:59:d6:
e2:b7:79:36:fa:26:de:02:4d:fb:eb:fc:cd:36:75:
9d:bd:4b:68:28:96:32:9a:47:2a:7a:64:3c:01:ea:
92:ee:b9:01:df:38:18:5c:31:c3:44:24:15:00:60:
f2:07:e4:ac:b7:e9:6b:fb:64:83:06:e0:01:5f:db:
48:20:ee:f1:79:41:2f:bd:41:7c:22:07:a7:10:c7:
82:bf:58:a4:d3:31:9e:4c:b3:f2:2a:51:c2:46:91:
05:20:76:ec:68:43:a0:96:fc:46:27:74:8e:5f:a9:
e1:3e:0b:8c:4e:79:a4:26:63:5e:87:ca:1f:89:e6:
e7:b3:8d:dc:34:48:4d:fd:52:5b:0a:e1:1c:78:de:
29:53:3e:27:e8:d2:5b:0f:34:a6:fc:a0:07:2b:3c:
a5:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:DE:AA:E1:07:36:0D:A1:B0:24:1C:11:7D:57:D5:C0:51:9F:F5:4C
X509v3 Authority Key Identifier:
keyid:5C:DC:04:BB:23:EA:A4:CE:CC:79:1D:FE:04:BB:02:8B:7E:79:7B:68
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/5CDC04BB23EAA4CECC791DFE04BB028B7E797B68.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XNwEuyPqpM7MeR3-BLsCi355e2g.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/326131343a333863303a313a3a2f34382d3438203d3e20323135323438.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:38c0:1::/48
Signature Algorithm: sha256WithRSAEncryption
b6:37:73:8c:ce:24:0b:f7:cc:b6:14:80:87:fc:1f:b1:d7:5d:
c7:45:e2:60:8c:56:d2:04:38:d8:2b:18:40:98:64:a8:f6:6d:
51:2d:2c:db:75:7f:2b:e3:73:b6:71:27:28:b5:14:f9:46:c2:
8e:4f:d9:31:68:a4:12:a4:b1:fc:d8:44:11:bf:3e:76:31:30:
5b:3b:fe:c2:8f:ec:6f:ec:8c:2c:26:55:e2:73:5a:6c:d6:8d:
b5:2a:58:a4:1c:ee:03:59:28:fa:e5:9a:fd:37:c9:7f:81:62:
71:7e:a3:61:38:5b:e3:2c:c3:ea:c4:89:12:22:88:a7:41:b1:
ef:8e:a3:53:75:36:3b:fb:83:c9:02:f1:18:f5:9c:ef:72:d5:
f6:03:ed:dd:ad:f7:b4:4b:20:86:90:bb:b9:11:3e:8f:97:da:
4d:df:ef:c7:5e:a6:66:2f:49:e7:03:5f:e3:b2:94:3c:23:09:
83:c0:cf:1c:aa:12:b8:03:8b:9b:51:29:cc:46:aa:37:61:03:
21:5c:cd:2a:1b:88:3f:c7:ec:f3:8f:2b:a4:f0:e9:57:6e:75:
8e:34:10:4f:c6:d8:96:88:12:4b:55:31:15:98:da:0c:06:7f:
8e:40:2f:82:fa:90:d6:27:93:74:aa:09:f6:55:1b:b7:8f:fd:
74:05:53:8f
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUfmpuqiZy15UOGhrhj47zMgD5oJcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWNkYzA0YmIyM2VhYTRjZWNjNzkxZGZlMDRiYjAyOGI3
ZTc5N2I2ODAeFw0yNjA2MjIyMDIyNTdaFw0yNzA2MjEyMDI3NTdaMDMxMTAvBgNV
BAMTKDAxREVBQUUxMDczNjBEQTFCMDI0MUMxMTdENTdENUMwNTE5RkY1NEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrVHe7951Q/XSZBw3XV+29z47D
jhQl0dRT/zn/75WjFHfM9P0ueDLmpw1KWBdqdtpdQbrHVDK20qnLlZai9j9Km8uo
ny6jvxr2xQOUlslBYlrqHlxDCvNekNekbq8wr+6AENaVTj5Z1uK3eTb6Jt4CTfvr
/M02dZ29S2goljKaRyp6ZDwB6pLuuQHfOBhcMcNEJBUAYPIH5Ky36Wv7ZIMG4AFf
20gg7vF5QS+9QXwiB6cQx4K/WKTTMZ5Ms/IqUcJGkQUgduxoQ6CW/EYndI5fqeE+
C4xOeaQmY16Hyh+J5uezjdw0SE39UlsK4Rx43ilTPifo0lsPNKb8oAcrPKV5AgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUAd6q4Qc2DaGwJBwRfVfVwFGf9UwwHwYDVR0j
BBgwFoAUXNwEuyPqpM7MeR3+BLsCi355e2gwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2QxOWRiMjAtNDY1My00OGQ0LThmYzQtNTgwZDEzNjli
N2M0LzAvNUNEQzA0QkIyM0VBQTRDRUNDNzkxREZFMDRCQjAyOEI3RTc5N0I2OC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hOd0V1eVBxcE03TWVSMy1CTHNDaTM1
NWUyZy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2QxOWRiMjAt
NDY1My00OGQ0LThmYzQtNTgwZDEzNjliN2M0LzAvMzI2MTMxMzQzYTMzMzg2MzMw
M2EzMTNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzNTMyMzQzOC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHACoUOMAAATANBgkqhkiG9w0BAQsFAAOCAQEAtjdzjM4kC/fMthSAh/wfsddd
x0XiYIxW0gQ42CsYQJhkqPZtUS0s23V/K+NztnEnKLUU+UbCjk/ZMWikEqSx/NhE
Eb8+djEwWzv+wo/sb+yMLCZV4nNabNaNtSpYpBzuA1ko+uWa/TfJf4FicX6jYThb
4yzD6sSJEiKIp0Gx746jU3U2O/uDyQLxGPWc73LV9gPt3a33tEsghpC7uRE+j5fa
Td/vx16mZi9J5wNf47KUPCMJg8DPHKoSuAOLm1EpzEaqN2EDIVzNKhuIP8fs848r
pPDpV251jjQQT8bYlogSS1UxFZjaDAZ/jkAvgvqQ1ieTdKoJ9lUbt4/9dAVTjw==
-----END CERTIFICATE-----
Generated at Mon Jun 29 11:39:51 2026 by rpki-client