Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/326131343a333863303a323a3a2f34382d3438203d3e20323135323438.roa
File: 326131343a333863303a323a3a2f34382d3438203d3e20323135323438.roa (raw, json)
Hash identifier: Gt/gvNKWEvpZiOgSTjOiNmwq6g9bcdEcu0fhoPo4ZiM=
Subject key identifier: 62:71:B0:39:85:9E:88:77:2E:97:B9:D5:65:21:1C:58:0A:0F:46:98
Certificate issuer: /CN=5cdc04bb23eaa4cecc791dfe04bb028b7e797b68
Certificate serial: 7566E6E1A1CEDA1AB75C96924C82DEC6226873D7
Authority key identifier: 5C:DC:04:BB:23:EA:A4:CE:CC:79:1D:FE:04:BB:02:8B:7E:79:7B:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XNwEuyPqpM7MeR3-BLsCi355e2g.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/326131343a333863303a323a3a2f34382d3438203d3e20323135323438.roa
Signing time: Mon 22 Jun 2026 20:27:58 +0000
ROA not before: Mon 22 Jun 2026 20:22:58 +0000
ROA not after: Mon 21 Jun 2027 20:27:58 +0000
asID: 215248
IP address blocks: 2a14:38c0:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/5CDC04BB23EAA4CECC791DFE04BB028B7E797B68.crl
rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/5CDC04BB23EAA4CECC791DFE04BB028B7E797B68.mft
rsync://rpki.ripe.net/repository/DEFAULT/XNwEuyPqpM7MeR3-BLsCi355e2g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Jun 2026 00:26:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:66:e6:e1:a1:ce:da:1a:b7:5c:96:92:4c:82:de:c6:22:68:73:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cdc04bb23eaa4cecc791dfe04bb028b7e797b68
Validity
Not Before: Jun 22 20:22:58 2026 GMT
Not After : Jun 21 20:27:58 2027 GMT
Subject: CN=6271B039859E88772E97B9D565211C580A0F4698
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:08:b6:21:cf:fa:3b:4d:63:11:89:13:5b:7c:
b8:f0:e9:62:ab:e1:0e:50:61:81:43:75:34:48:d0:
e1:6a:f6:aa:8c:10:cf:fb:a0:f8:13:77:c4:de:c3:
43:54:80:ef:37:56:d3:4e:f2:48:a0:13:15:e9:bf:
6a:ef:44:3e:7a:4d:d8:d1:40:15:a4:17:4e:61:5f:
84:4c:58:fa:75:04:dc:6c:a4:62:45:ac:ca:40:4d:
8c:86:1b:5b:90:f8:a7:6e:8a:98:b4:c9:d4:eb:df:
e2:14:bf:b0:77:13:b0:3c:78:fd:ae:db:dd:33:dd:
ee:d1:8c:0b:06:34:d3:f9:73:c0:b8:10:48:85:c5:
80:cb:a1:18:ef:b1:c0:ac:c0:be:e8:8d:85:5b:0b:
c7:d8:0c:59:5e:31:39:19:aa:e3:f9:49:ce:ba:32:
e4:f7:27:a3:39:5b:b8:6e:2d:92:4e:31:e0:b7:64:
1d:8a:b6:54:83:1b:9f:e3:ba:21:4d:9d:20:ff:11:
63:35:44:91:79:f9:58:ce:86:c3:b2:ed:34:84:4e:
4f:b7:e0:ce:c6:9c:05:40:2c:b3:09:bb:ee:80:a9:
4e:58:fa:9d:05:28:94:36:9e:f1:ed:01:f9:1a:14:
1a:0f:6d:2d:b9:3c:c1:65:35:b1:30:71:20:a4:97:
c3:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:71:B0:39:85:9E:88:77:2E:97:B9:D5:65:21:1C:58:0A:0F:46:98
X509v3 Authority Key Identifier:
keyid:5C:DC:04:BB:23:EA:A4:CE:CC:79:1D:FE:04:BB:02:8B:7E:79:7B:68
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/5CDC04BB23EAA4CECC791DFE04BB028B7E797B68.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XNwEuyPqpM7MeR3-BLsCi355e2g.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/326131343a333863303a323a3a2f34382d3438203d3e20323135323438.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:38c0:2::/48
Signature Algorithm: sha256WithRSAEncryption
90:e8:bd:30:90:db:e0:87:72:ee:41:49:e5:3f:e3:ca:f8:68:
0b:63:34:92:2e:d3:3d:9e:8a:89:f2:0a:47:25:27:9f:3b:f8:
0f:d5:26:1d:dc:5e:54:6b:46:f0:20:21:3d:7e:d5:34:92:81:
e0:cf:27:9f:a6:8b:ce:bd:32:14:71:7c:b3:47:96:3b:85:78:
d0:6f:a3:a6:3f:98:86:e9:0a:78:c2:38:c0:54:1b:0c:11:1f:
d7:cb:d4:99:9e:5a:23:11:d3:81:81:92:25:66:68:97:e5:83:
41:0b:cf:55:da:18:6b:a3:84:e7:d0:fb:f4:57:f1:3f:0f:79:
0a:2a:f1:d2:8f:71:68:65:dc:1e:12:a7:16:2e:47:0f:f0:c7:
e4:dc:d1:dc:49:09:07:43:e9:a0:48:6c:22:23:20:61:e9:63:
3b:4b:c4:7f:e2:44:f1:13:62:e2:9d:c3:6d:e1:3d:ec:01:3b:
d8:fa:97:28:2b:3d:2e:13:71:ba:28:e7:69:7e:21:79:b6:d0:
b0:e6:a3:e6:2f:02:28:e8:f5:8d:d7:e2:15:3d:67:66:d7:19:
94:b8:23:40:78:b4:eb:8b:27:9e:72:fe:9f:06:02:a7:8e:86:
c8:68:10:1c:74:42:b0:f7:4f:8c:da:b1:f0:34:10:bc:21:ad:
1a:26:24:cf
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUdWbm4aHO2hq3XJaSTILexiJoc9cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWNkYzA0YmIyM2VhYTRjZWNjNzkxZGZlMDRiYjAyOGI3
ZTc5N2I2ODAeFw0yNjA2MjIyMDIyNThaFw0yNzA2MjEyMDI3NThaMDMxMTAvBgNV
BAMTKDYyNzFCMDM5ODU5RTg4NzcyRTk3QjlENTY1MjExQzU4MEEwRjQ2OTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8CLYhz/o7TWMRiRNbfLjw6WKr
4Q5QYYFDdTRI0OFq9qqMEM/7oPgTd8Tew0NUgO83VtNO8kigExXpv2rvRD56TdjR
QBWkF05hX4RMWPp1BNxspGJFrMpATYyGG1uQ+Kduipi0ydTr3+IUv7B3E7A8eP2u
290z3e7RjAsGNNP5c8C4EEiFxYDLoRjvscCswL7ojYVbC8fYDFleMTkZquP5Sc66
MuT3J6M5W7huLZJOMeC3ZB2KtlSDG5/juiFNnSD/EWM1RJF5+VjOhsOy7TSETk+3
4M7GnAVALLMJu+6AqU5Y+p0FKJQ2nvHtAfkaFBoPbS25PMFlNbEwcSCkl8ObAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUYnGwOYWeiHcul7nVZSEcWAoPRpgwHwYDVR0j
BBgwFoAUXNwEuyPqpM7MeR3+BLsCi355e2gwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2QxOWRiMjAtNDY1My00OGQ0LThmYzQtNTgwZDEzNjli
N2M0LzAvNUNEQzA0QkIyM0VBQTRDRUNDNzkxREZFMDRCQjAyOEI3RTc5N0I2OC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hOd0V1eVBxcE03TWVSMy1CTHNDaTM1
NWUyZy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2QxOWRiMjAt
NDY1My00OGQ0LThmYzQtNTgwZDEzNjliN2M0LzAvMzI2MTMxMzQzYTMzMzg2MzMw
M2EzMjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzNTMyMzQzOC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHACoUOMAAAjANBgkqhkiG9w0BAQsFAAOCAQEAkOi9MJDb4Idy7kFJ5T/jyvho
C2M0ki7TPZ6KifIKRyUnnzv4D9UmHdxeVGtG8CAhPX7VNJKB4M8nn6aLzr0yFHF8
s0eWO4V40G+jpj+YhukKeMI4wFQbDBEf18vUmZ5aIxHTgYGSJWZol+WDQQvPVdoY
a6OE59D79FfxPw95Cirx0o9xaGXcHhKnFi5HD/DH5NzR3EkJB0PpoEhsIiMgYelj
O0vEf+JE8RNi4p3DbeE97AE72PqXKCs9LhNxuijnaX4hebbQsOaj5i8CKOj1jdfi
FT1nZtcZlLgjQHi064snnnL+nwYCp46GyGgQHHRCsPdPjNqx8DQQvCGtGiYkzw==
-----END CERTIFICATE-----
Generated at Mon Jun 29 10:43:23 2026 by rpki-client