Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/326131343a333863303a323a3a2f34382d3438203d3e20333936303634.roa
File: 326131343a333863303a323a3a2f34382d3438203d3e20333936303634.roa (raw, json)
Hash identifier: 4ywChVru+Mr51BXc7GfSQJrEjIwczwnAeZX2cm5y+x0=
Subject key identifier: 6E:65:2E:13:AF:CC:02:01:42:B6:82:68:DD:AA:66:99:EF:60:DC:7F
Certificate issuer: /CN=5cdc04bb23eaa4cecc791dfe04bb028b7e797b68
Certificate serial: 6C9E850E08F33A79449FA8A71021EAA26D47CB18
Authority key identifier: 5C:DC:04:BB:23:EA:A4:CE:CC:79:1D:FE:04:BB:02:8B:7E:79:7B:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XNwEuyPqpM7MeR3-BLsCi355e2g.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/326131343a333863303a323a3a2f34382d3438203d3e20333936303634.roa
Signing time: Mon 22 Jun 2026 20:27:57 +0000
ROA not before: Mon 22 Jun 2026 20:22:57 +0000
ROA not after: Mon 21 Jun 2027 20:27:57 +0000
asID: 396064
IP address blocks: 2a14:38c0:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/5CDC04BB23EAA4CECC791DFE04BB028B7E797B68.crl
rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/5CDC04BB23EAA4CECC791DFE04BB028B7E797B68.mft
rsync://rpki.ripe.net/repository/DEFAULT/XNwEuyPqpM7MeR3-BLsCi355e2g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Jun 2026 00:26:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:9e:85:0e:08:f3:3a:79:44:9f:a8:a7:10:21:ea:a2:6d:47:cb:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cdc04bb23eaa4cecc791dfe04bb028b7e797b68
Validity
Not Before: Jun 22 20:22:57 2026 GMT
Not After : Jun 21 20:27:57 2027 GMT
Subject: CN=6E652E13AFCC020142B68268DDAA6699EF60DC7F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:30:a8:79:15:21:fa:e4:b7:a5:a5:e5:d9:ef:
7b:7d:14:0d:f6:48:59:4e:8b:93:52:a2:c9:bb:fc:
10:87:d5:9c:ec:80:5d:a6:9d:29:b9:b6:e0:ce:ae:
91:34:a6:88:bc:62:14:2f:7d:d2:78:af:ee:52:4d:
79:18:86:8c:a9:0f:5b:5d:81:0a:49:e5:c0:66:4c:
c0:5a:7c:53:80:c0:1f:88:a8:4b:5d:9a:5c:bf:ea:
d9:d0:89:61:6d:0e:44:d0:3f:bf:51:e8:5c:25:f4:
74:30:23:a5:e5:20:7f:dc:cd:97:23:48:ac:42:55:
8a:e5:a5:ea:b1:ea:7e:f0:2a:cc:8a:b7:49:23:67:
5e:6b:5b:1c:f2:48:31:ac:1a:bc:89:7e:dc:f0:25:
57:17:82:de:ba:27:aa:e7:d9:85:0f:be:9f:8a:68:
4f:5d:0a:e8:78:dc:0b:5c:20:c5:04:bc:f1:44:a9:
99:8f:01:f8:eb:e9:92:ad:a6:ae:8e:b3:f5:b3:20:
16:32:fb:5a:af:36:f4:d6:b1:30:88:4d:15:06:8c:
07:b9:52:e6:09:b4:3d:5c:3f:2b:cd:58:63:8b:73:
29:db:f3:ae:8e:86:25:36:60:44:67:d1:ac:b4:b8:
31:46:1c:93:52:66:9c:a1:bc:d0:b5:d9:f1:9e:b6:
ea:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:65:2E:13:AF:CC:02:01:42:B6:82:68:DD:AA:66:99:EF:60:DC:7F
X509v3 Authority Key Identifier:
keyid:5C:DC:04:BB:23:EA:A4:CE:CC:79:1D:FE:04:BB:02:8B:7E:79:7B:68
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/5CDC04BB23EAA4CECC791DFE04BB028B7E797B68.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XNwEuyPqpM7MeR3-BLsCi355e2g.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/326131343a333863303a323a3a2f34382d3438203d3e20333936303634.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:38c0:2::/48
Signature Algorithm: sha256WithRSAEncryption
68:a8:6e:88:d3:89:40:f5:9c:90:89:57:76:5a:d3:2d:02:35:
68:80:64:c8:ed:34:50:c1:9b:ae:59:f7:5e:8f:0e:1f:b0:6e:
7c:77:77:af:99:91:ed:e9:3f:d6:fc:e4:0e:a2:22:d7:20:35:
03:8b:da:63:9c:74:94:df:6f:8f:4a:89:0c:7c:8b:95:89:da:
01:99:7c:11:20:98:05:d1:1d:8c:3d:38:ef:96:8f:1e:1d:ce:
4d:43:40:4b:c7:e2:bf:09:25:b5:ae:aa:ef:5b:fc:73:78:41:
2f:c9:03:ca:af:74:dc:50:41:44:b0:bf:c1:44:55:46:9e:da:
20:9b:c7:0c:06:ed:87:6c:19:60:75:af:d4:3d:3c:26:f6:85:
0e:36:70:98:75:2a:bc:ee:6d:c1:41:f2:51:bc:69:c4:fd:02:
82:d2:5d:92:3a:cb:13:1d:e9:29:0b:43:df:aa:32:36:79:41:
8d:c1:fd:2c:9f:3c:92:77:ed:2c:5f:02:4c:6f:50:15:1b:15:
04:a8:bc:99:57:8d:14:ae:fb:20:03:05:2b:9e:16:07:28:df:
a1:e1:56:ba:ca:a6:98:8e:ab:06:b1:f4:7d:d2:3c:f4:c6:7e:
ef:bb:eb:7f:0e:89:4a:7d:57:33:24:1d:65:d8:cc:74:fb:83:
47:a9:6e:ae
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUbJ6FDgjzOnlEn6inECHqom1HyxgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWNkYzA0YmIyM2VhYTRjZWNjNzkxZGZlMDRiYjAyOGI3
ZTc5N2I2ODAeFw0yNjA2MjIyMDIyNTdaFw0yNzA2MjEyMDI3NTdaMDMxMTAvBgNV
BAMTKDZFNjUyRTEzQUZDQzAyMDE0MkI2ODI2OEREQUE2Njk5RUY2MERDN0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDqMKh5FSH65LelpeXZ73t9FA32
SFlOi5NSosm7/BCH1ZzsgF2mnSm5tuDOrpE0poi8YhQvfdJ4r+5STXkYhoypD1td
gQpJ5cBmTMBafFOAwB+IqEtdmly/6tnQiWFtDkTQP79R6Fwl9HQwI6XlIH/czZcj
SKxCVYrlpeqx6n7wKsyKt0kjZ15rWxzySDGsGryJftzwJVcXgt66J6rn2YUPvp+K
aE9dCuh43AtcIMUEvPFEqZmPAfjr6ZKtpq6Os/WzIBYy+1qvNvTWsTCITRUGjAe5
UuYJtD1cPyvNWGOLcynb866OhiU2YERn0ay0uDFGHJNSZpyhvNC12fGetup/AgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUbmUuE6/MAgFCtoJo3apmme9g3H8wHwYDVR0j
BBgwFoAUXNwEuyPqpM7MeR3+BLsCi355e2gwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2QxOWRiMjAtNDY1My00OGQ0LThmYzQtNTgwZDEzNjli
N2M0LzAvNUNEQzA0QkIyM0VBQTRDRUNDNzkxREZFMDRCQjAyOEI3RTc5N0I2OC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hOd0V1eVBxcE03TWVSMy1CTHNDaTM1
NWUyZy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2QxOWRiMjAt
NDY1My00OGQ0LThmYzQtNTgwZDEzNjliN2M0LzAvMzI2MTMxMzQzYTMzMzg2MzMw
M2EzMjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMzMzkzNjMwMzYzNC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHACoUOMAAAjANBgkqhkiG9w0BAQsFAAOCAQEAaKhuiNOJQPWckIlXdlrTLQI1
aIBkyO00UMGbrln3Xo8OH7BufHd3r5mR7ek/1vzkDqIi1yA1A4vaY5x0lN9vj0qJ
DHyLlYnaAZl8ESCYBdEdjD0475aPHh3OTUNAS8fivwklta6q71v8c3hBL8kDyq90
3FBBRLC/wURVRp7aIJvHDAbth2wZYHWv1D08JvaFDjZwmHUqvO5twUHyUbxpxP0C
gtJdkjrLEx3pKQtD36oyNnlBjcH9LJ88knftLF8CTG9QFRsVBKi8mVeNFK77IAMF
K54WByjfoeFWusqmmI6rBrH0fdI89MZ+77vrfw6JSn1XMyQdZdjMdPuDR6lurg==
-----END CERTIFICATE-----
Generated at Mon Jun 29 10:42:22 2026 by rpki-client