Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/326131343a333863303a313a3a2f34382d3438203d3e20333936303634.roa
File: 326131343a333863303a313a3a2f34382d3438203d3e20333936303634.roa (raw, json)
Hash identifier: 7gGIPAnlG4b/UkUjKnAxgbeLd3KfOqg2CBMhQZ58dWk=
Subject key identifier: 24:FC:A8:63:83:A6:42:FB:05:76:8B:9D:8B:57:A1:28:58:9D:7E:ED
Certificate issuer: /CN=5cdc04bb23eaa4cecc791dfe04bb028b7e797b68
Certificate serial: 5D13C6403FEE95B8E070C08CCA6A842FA02E9AA2
Authority key identifier: 5C:DC:04:BB:23:EA:A4:CE:CC:79:1D:FE:04:BB:02:8B:7E:79:7B:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XNwEuyPqpM7MeR3-BLsCi355e2g.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/326131343a333863303a313a3a2f34382d3438203d3e20333936303634.roa
Signing time: Mon 22 Jun 2026 20:27:57 +0000
ROA not before: Mon 22 Jun 2026 20:22:57 +0000
ROA not after: Mon 21 Jun 2027 20:27:57 +0000
asID: 396064
IP address blocks: 2a14:38c0:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/5CDC04BB23EAA4CECC791DFE04BB028B7E797B68.crl
rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/5CDC04BB23EAA4CECC791DFE04BB028B7E797B68.mft
rsync://rpki.ripe.net/repository/DEFAULT/XNwEuyPqpM7MeR3-BLsCi355e2g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Jun 2026 00:26:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:13:c6:40:3f:ee:95:b8:e0:70:c0:8c:ca:6a:84:2f:a0:2e:9a:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cdc04bb23eaa4cecc791dfe04bb028b7e797b68
Validity
Not Before: Jun 22 20:22:57 2026 GMT
Not After : Jun 21 20:27:57 2027 GMT
Subject: CN=24FCA86383A642FB05768B9D8B57A128589D7EED
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:6f:82:1b:af:a8:1f:45:75:83:a4:e1:f8:57:
38:7c:8d:da:9a:89:7d:8a:e6:47:ee:0d:f8:4f:20:
6f:3c:45:99:ef:46:dd:47:de:7f:96:e4:1a:d0:fb:
4f:d3:15:d1:91:cc:aa:c7:db:71:fd:a9:d9:6c:07:
61:c9:37:16:d9:96:30:af:e8:47:70:e4:b8:c6:7c:
36:9f:9a:fa:f3:41:6a:eb:19:a4:5a:09:04:39:64:
b1:88:d8:ba:95:07:06:4d:28:ef:6c:ca:6b:91:3e:
fd:67:4a:38:1c:c6:5e:68:10:fa:66:5a:e6:fb:a9:
0a:b7:13:08:d8:37:d1:2c:1b:03:49:ae:3b:d0:5b:
46:9c:d5:30:5c:1d:0b:c8:92:78:31:bf:fe:df:11:
d3:13:43:9e:aa:79:b4:49:2e:6e:ad:4c:67:73:c8:
47:5c:80:3f:ea:d4:cc:8d:b3:d0:17:66:69:ca:0d:
df:d7:58:1b:6e:a2:a6:b1:71:47:b8:45:2f:08:78:
b7:9e:3c:ba:8d:f2:51:cf:c8:86:ec:d3:ab:db:b8:
b4:b9:9b:05:e1:c3:12:f0:20:f5:c2:ee:b0:82:a2:
7b:53:6d:43:69:60:09:42:b0:a4:00:b0:98:d6:1a:
7b:78:7f:b1:e1:7b:16:71:72:83:93:da:4a:e6:27:
20:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:FC:A8:63:83:A6:42:FB:05:76:8B:9D:8B:57:A1:28:58:9D:7E:ED
X509v3 Authority Key Identifier:
keyid:5C:DC:04:BB:23:EA:A4:CE:CC:79:1D:FE:04:BB:02:8B:7E:79:7B:68
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/5CDC04BB23EAA4CECC791DFE04BB028B7E797B68.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XNwEuyPqpM7MeR3-BLsCi355e2g.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/326131343a333863303a313a3a2f34382d3438203d3e20333936303634.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:38c0:1::/48
Signature Algorithm: sha256WithRSAEncryption
b0:ab:7d:5f:d1:6f:b2:ee:5a:da:74:93:ca:5f:04:1e:5f:c9:
99:4d:d5:57:77:08:08:68:d3:68:d9:ab:95:47:ec:f3:29:d1:
fe:eb:de:bd:e3:78:a2:75:aa:51:e1:d5:af:f3:85:ad:db:a4:
d3:1b:9d:52:12:d7:5b:11:ab:76:b5:89:de:5b:70:fb:7a:d4:
7d:af:63:50:4e:a4:3a:7a:c4:10:23:5b:3b:ed:3e:9c:8a:bf:
6b:76:d8:c7:22:66:d8:41:d6:e5:db:35:b7:99:1c:e0:67:fc:
dd:f3:ce:73:00:9b:fd:20:c6:7e:f8:3e:3d:72:7f:76:b3:84:
ee:4e:3b:9c:cc:58:7d:4b:c4:ef:a8:a5:b7:ad:c9:d0:21:c0:
4f:d1:fb:0e:40:1e:f0:ae:05:5c:1c:63:9f:0c:84:12:34:df:
c6:71:13:2c:72:d4:33:56:c5:b3:f0:04:ab:95:06:3e:ec:e8:
bf:43:16:96:2d:d3:36:54:4b:34:ea:97:cf:42:8d:08:ce:e6:
89:24:ee:93:0b:ad:0d:1c:14:04:01:5a:23:a3:2d:f1:d5:54:
c0:25:6a:7b:a1:3d:ff:97:7f:4e:90:9c:f6:56:81:32:30:c3:
48:18:86:7b:12:70:ba:fa:5d:f7:72:c2:36:ca:2a:b0:48:21:
7c:da:4f:af
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUXRPGQD/ulbjgcMCMymqEL6AumqIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWNkYzA0YmIyM2VhYTRjZWNjNzkxZGZlMDRiYjAyOGI3
ZTc5N2I2ODAeFw0yNjA2MjIyMDIyNTdaFw0yNzA2MjEyMDI3NTdaMDMxMTAvBgNV
BAMTKDI0RkNBODYzODNBNjQyRkIwNTc2OEI5RDhCNTdBMTI4NTg5RDdFRUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7b4Ibr6gfRXWDpOH4Vzh8jdqa
iX2K5kfuDfhPIG88RZnvRt1H3n+W5BrQ+0/TFdGRzKrH23H9qdlsB2HJNxbZljCv
6Edw5LjGfDafmvrzQWrrGaRaCQQ5ZLGI2LqVBwZNKO9symuRPv1nSjgcxl5oEPpm
Wub7qQq3EwjYN9EsGwNJrjvQW0ac1TBcHQvIkngxv/7fEdMTQ56qebRJLm6tTGdz
yEdcgD/q1MyNs9AXZmnKDd/XWBtuoqaxcUe4RS8IeLeePLqN8lHPyIbs06vbuLS5
mwXhwxLwIPXC7rCContTbUNpYAlCsKQAsJjWGnt4f7HhexZxcoOT2krmJyBJAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUJPyoY4OmQvsFdoudi1ehKFidfu0wHwYDVR0j
BBgwFoAUXNwEuyPqpM7MeR3+BLsCi355e2gwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2QxOWRiMjAtNDY1My00OGQ0LThmYzQtNTgwZDEzNjli
N2M0LzAvNUNEQzA0QkIyM0VBQTRDRUNDNzkxREZFMDRCQjAyOEI3RTc5N0I2OC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hOd0V1eVBxcE03TWVSMy1CTHNDaTM1
NWUyZy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2QxOWRiMjAt
NDY1My00OGQ0LThmYzQtNTgwZDEzNjliN2M0LzAvMzI2MTMxMzQzYTMzMzg2MzMw
M2EzMTNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMzMzkzNjMwMzYzNC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHACoUOMAAATANBgkqhkiG9w0BAQsFAAOCAQEAsKt9X9Fvsu5a2nSTyl8EHl/J
mU3VV3cICGjTaNmrlUfs8ynR/uveveN4onWqUeHVr/OFrduk0xudUhLXWxGrdrWJ
3ltw+3rUfa9jUE6kOnrEECNbO+0+nIq/a3bYxyJm2EHW5ds1t5kc4Gf83fPOcwCb
/SDGfvg+PXJ/drOE7k47nMxYfUvE76ilt63J0CHAT9H7DkAe8K4FXBxjnwyEEjTf
xnETLHLUM1bFs/AEq5UGPuzov0MWli3TNlRLNOqXz0KNCM7miSTukwutDRwUBAFa
I6Mt8dVUwCVqe6E9/5d/TpCc9laBMjDDSBiGexJwuvpd93LCNsoqsEghfNpPrw==
-----END CERTIFICATE-----
Generated at Mon Jun 29 10:42:23 2026 by rpki-client