Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/326131343a333863303a3a2f32392d3239203d3e20333936303634.roa
File: 326131343a333863303a3a2f32392d3239203d3e20333936303634.roa (raw, json)
Hash identifier: i/cX6lQlTJGwnE6H+YCxQ9GOxa5PQSUkSRvWXrHtbS8=
Subject key identifier: 7D:C0:0F:86:EA:7C:A8:48:AD:05:62:09:A9:BA:16:CE:9D:91:25:84
Certificate issuer: /CN=5cdc04bb23eaa4cecc791dfe04bb028b7e797b68
Certificate serial: 4B0A2F954EBF20620BEE41620F3ED534F4393704
Authority key identifier: 5C:DC:04:BB:23:EA:A4:CE:CC:79:1D:FE:04:BB:02:8B:7E:79:7B:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XNwEuyPqpM7MeR3-BLsCi355e2g.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/326131343a333863303a3a2f32392d3239203d3e20333936303634.roa
Signing time: Mon 22 Jun 2026 21:28:00 +0000
ROA not before: Mon 22 Jun 2026 21:23:00 +0000
ROA not after: Mon 21 Jun 2027 21:28:00 +0000
asID: 396064
IP address blocks: 2a14:38c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/5CDC04BB23EAA4CECC791DFE04BB028B7E797B68.crl
rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/5CDC04BB23EAA4CECC791DFE04BB028B7E797B68.mft
rsync://rpki.ripe.net/repository/DEFAULT/XNwEuyPqpM7MeR3-BLsCi355e2g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Jun 2026 00:26:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:0a:2f:95:4e:bf:20:62:0b:ee:41:62:0f:3e:d5:34:f4:39:37:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cdc04bb23eaa4cecc791dfe04bb028b7e797b68
Validity
Not Before: Jun 22 21:23:00 2026 GMT
Not After : Jun 21 21:28:00 2027 GMT
Subject: CN=7DC00F86EA7CA848AD056209A9BA16CE9D912584
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:63:dc:74:7a:54:31:69:31:a0:af:a4:bb:0d:
1b:70:5b:7a:86:6c:dc:00:e1:6f:a2:54:92:f6:fd:
8d:55:1e:18:03:52:4c:cd:dc:d4:97:7f:68:a7:70:
47:44:eb:13:ea:b1:71:d8:6c:69:a4:0b:42:c0:24:
2d:b9:7a:9f:ca:22:09:e1:e5:82:8c:47:9a:29:68:
ba:71:e9:79:a7:72:a3:3a:d1:bc:e2:4e:4c:c2:2f:
2f:ff:fc:0a:a0:07:db:37:1c:93:14:ae:5b:83:99:
6c:f5:0b:a1:2d:57:a3:f9:70:60:8a:15:8b:24:02:
2d:18:79:de:b3:49:db:1c:29:8a:64:ac:01:d4:93:
0d:18:d9:64:83:5a:21:bf:81:23:59:1b:c6:be:89:
99:72:59:06:a8:9c:37:38:6c:d1:41:4f:2c:e4:66:
36:04:4b:4f:89:c6:8e:3d:31:61:7e:9f:85:af:97:
4e:bd:f4:0c:90:45:32:1a:c5:cc:d8:c6:4f:16:dc:
30:26:dd:80:11:5d:72:3e:64:af:ce:9a:73:a9:be:
dc:82:00:da:03:9c:b1:84:92:89:5f:e7:0d:71:73:
04:69:bc:08:98:e3:6a:a0:b8:c7:5e:ed:f3:e7:02:
7f:ca:28:4c:32:8b:52:12:e6:a0:44:16:34:e1:82:
6e:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:C0:0F:86:EA:7C:A8:48:AD:05:62:09:A9:BA:16:CE:9D:91:25:84
X509v3 Authority Key Identifier:
keyid:5C:DC:04:BB:23:EA:A4:CE:CC:79:1D:FE:04:BB:02:8B:7E:79:7B:68
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/5CDC04BB23EAA4CECC791DFE04BB028B7E797B68.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XNwEuyPqpM7MeR3-BLsCi355e2g.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/326131343a333863303a3a2f32392d3239203d3e20333936303634.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:38c0::/29
Signature Algorithm: sha256WithRSAEncryption
6a:2d:7f:cc:ba:a4:38:98:db:44:62:8b:64:46:d3:c7:7c:6a:
a8:ce:fd:df:1c:83:96:82:98:2d:fd:a7:85:fe:c6:b5:2c:35:
51:01:4d:b7:d6:2f:5e:a7:e1:6d:36:7c:c2:b4:64:e4:c3:24:
3c:40:18:5b:3a:4b:cf:86:2a:e2:31:cd:61:55:50:bc:e7:0d:
67:de:8b:fa:15:b6:58:2f:ef:92:ec:9e:eb:f9:71:3e:8f:da:
30:ff:f3:c5:e2:ea:c9:0f:78:fe:38:f6:a1:57:74:6b:db:dc:
ef:1e:c7:bc:d4:b9:92:8d:b2:5f:24:9f:37:7b:a3:eb:b8:a9:
e8:15:ee:87:a9:51:2a:f9:34:99:2e:a4:db:41:38:f9:70:94:
2a:d8:5c:f1:3b:20:db:a2:cb:fc:66:6f:57:02:36:b7:65:66:
5c:c4:de:d9:73:c1:5b:b9:b6:1a:7d:d1:8c:e8:81:ac:a4:70:
70:7b:b0:97:c2:32:a2:57:54:71:ef:9d:83:b6:92:26:05:6e:
cf:fd:e1:37:ed:f4:b6:4d:22:15:13:3b:2f:3b:41:f7:59:06:
21:c2:c6:26:e8:72:bb:93:70:30:8e:26:57:37:cb:f9:f2:cd:
7f:27:60:9d:f7:88:ab:ec:d5:50:6e:45:95:fd:0f:4b:59:31:
b3:e8:c8:73
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIUSwovlU6/IGIL7kFiDz7VNPQ5NwQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWNkYzA0YmIyM2VhYTRjZWNjNzkxZGZlMDRiYjAyOGI3
ZTc5N2I2ODAeFw0yNjA2MjIyMTIzMDBaFw0yNzA2MjEyMTI4MDBaMDMxMTAvBgNV
BAMTKDdEQzAwRjg2RUE3Q0E4NDhBRDA1NjIwOUE5QkExNkNFOUQ5MTI1ODQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCY9x0elQxaTGgr6S7DRtwW3qG
bNwA4W+iVJL2/Y1VHhgDUkzN3NSXf2incEdE6xPqsXHYbGmkC0LAJC25ep/KIgnh
5YKMR5opaLpx6XmncqM60bziTkzCLy///AqgB9s3HJMUrluDmWz1C6EtV6P5cGCK
FYskAi0Yed6zSdscKYpkrAHUkw0Y2WSDWiG/gSNZG8a+iZlyWQaonDc4bNFBTyzk
ZjYES0+Jxo49MWF+n4Wvl0699AyQRTIaxczYxk8W3DAm3YARXXI+ZK/OmnOpvtyC
ANoDnLGEkolf5w1xcwRpvAiY42qguMde7fPnAn/KKEwyi1IS5qBEFjThgm55AgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQUfcAPhup8qEitBWIJqboWzp2RJYQwHwYDVR0j
BBgwFoAUXNwEuyPqpM7MeR3+BLsCi355e2gwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2QxOWRiMjAtNDY1My00OGQ0LThmYzQtNTgwZDEzNjli
N2M0LzAvNUNEQzA0QkIyM0VBQTRDRUNDNzkxREZFMDRCQjAyOEI3RTc5N0I2OC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hOd0V1eVBxcE03TWVSMy1CTHNDaTM1
NWUyZy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2QxOWRiMjAt
NDY1My00OGQ0LThmYzQtNTgwZDEzNjliN2M0LzAvMzI2MTMxMzQzYTMzMzg2MzMw
M2EzYTJmMzIzOTJkMzIzOTIwM2QzZTIwMzMzOTM2MzAzNjM0LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUD
KhQ4wDANBgkqhkiG9w0BAQsFAAOCAQEAai1/zLqkOJjbRGKLZEbTx3xqqM793xyD
loKYLf2nhf7GtSw1UQFNt9YvXqfhbTZ8wrRk5MMkPEAYWzpLz4Yq4jHNYVVQvOcN
Z96L+hW2WC/vkuye6/lxPo/aMP/zxeLqyQ94/jj2oVd0a9vc7x7HvNS5ko2yXySf
N3uj67ip6BXuh6lRKvk0mS6k20E4+XCUKthc8Tsg26LL/GZvVwI2t2VmXMTe2XPB
W7m2Gn3RjOiBrKRwcHuwl8IyoldUce+dg7aSJgVuz/3hN+30tk0iFRM7LztB91kG
IcLGJuhyu5NwMI4mVzfL+fLNfydgnfeIq+zVUG5Flf0PS1kxs+jIcw==
-----END CERTIFICATE-----
Generated at Mon Jun 29 10:41:51 2026 by rpki-client