
Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/df49d7f7-bb3f-4187-be29-59ef2d89039a/0/323030313a3637383a6362303a3a2f34382d3438203d3e203630343331.roa
File: 323030313a3637383a6362303a3a2f34382d3438203d3e203630343331.roa (raw, json)
Hash identifier: w99lroiZv72N8oKbZJ+Jd++/KCNnlDGakkDAxtb04RI=
Subject key identifier: AA:5A:A6:E8:F3:EE:CF:CD:B1:55:C5:B5:23:0B:28:05:06:C7:5E:20
Certificate issuer: /CN=547bc28c92a229a5ac78c0de287d89ce37726409
Certificate serial: 2B9B5170EEEEB888FB9ACC692E988C9C2FE6459F
Authority key identifier: 54:7B:C2:8C:92:A2:29:A5:AC:78:C0:DE:28:7D:89:CE:37:72:64:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VHvCjJKiKaWseMDeKH2JzjdyZAk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/df49d7f7-bb3f-4187-be29-59ef2d89039a/0/323030313a3637383a6362303a3a2f34382d3438203d3e203630343331.roa
Signing time: Mon 22 Jun 2026 16:55:18 +0000
ROA not before: Mon 22 Jun 2026 16:50:18 +0000
ROA not after: Mon 21 Jun 2027 16:55:18 +0000
asID: 60431
IP address blocks: 2001:678:cb0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/df49d7f7-bb3f-4187-be29-59ef2d89039a/0/547BC28C92A229A5AC78C0DE287D89CE37726409.crl
rsync://rsync.paas.rpki.ripe.net/repository/df49d7f7-bb3f-4187-be29-59ef2d89039a/0/547BC28C92A229A5AC78C0DE287D89CE37726409.mft
rsync://rpki.ripe.net/repository/DEFAULT/VHvCjJKiKaWseMDeKH2JzjdyZAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 14 Jul 2026 06:52:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:9b:51:70:ee:ee:b8:88:fb:9a:cc:69:2e:98:8c:9c:2f:e6:45:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=547bc28c92a229a5ac78c0de287d89ce37726409
Validity
Not Before: Jun 22 16:50:18 2026 GMT
Not After : Jun 21 16:55:18 2027 GMT
Subject: CN=AA5AA6E8F3EECFCDB155C5B5230B280506C75E20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:6e:67:94:b7:7d:9d:c3:3a:80:76:40:cb:19:
09:7e:ed:21:d5:b4:66:ac:69:cc:63:20:e3:8a:76:
02:03:e2:f2:83:1b:c5:e4:4b:40:19:04:fe:4f:ed:
30:5d:42:f2:e3:36:27:b1:cd:8e:42:35:01:88:69:
bd:72:e3:d5:df:f2:ea:5e:37:43:eb:90:df:f7:21:
6e:3c:52:99:07:a6:0e:3a:50:5f:7e:80:2b:4d:72:
2a:a3:fd:83:cc:fe:8a:0a:b5:1e:ad:e2:42:f0:37:
77:dd:92:c5:49:7b:0c:bb:dd:ed:fa:7e:50:0e:de:
1b:09:27:d2:66:71:d3:eb:98:33:c2:2a:3d:4b:5d:
6f:17:07:92:17:ab:d7:e8:9b:e4:a1:a3:74:2e:56:
17:6c:83:2c:0f:cb:f8:39:82:31:47:ac:8c:91:04:
5f:46:65:17:32:54:81:00:fd:91:e0:d7:ed:bc:99:
2f:c9:bf:8e:45:98:ff:e1:11:df:2f:0d:7c:07:c7:
f8:5c:3c:1e:20:90:37:44:a6:c1:fc:40:89:9d:6f:
f9:4b:e6:ef:3b:2e:80:91:db:53:dc:19:2f:1a:79:
5b:41:66:9c:f6:69:d4:94:01:46:ff:25:7e:f6:c1:
a6:11:fd:d5:d0:ab:23:f9:d3:63:65:99:2b:2a:e1:
96:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:5A:A6:E8:F3:EE:CF:CD:B1:55:C5:B5:23:0B:28:05:06:C7:5E:20
X509v3 Authority Key Identifier:
keyid:54:7B:C2:8C:92:A2:29:A5:AC:78:C0:DE:28:7D:89:CE:37:72:64:09
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/df49d7f7-bb3f-4187-be29-59ef2d89039a/0/547BC28C92A229A5AC78C0DE287D89CE37726409.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VHvCjJKiKaWseMDeKH2JzjdyZAk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/df49d7f7-bb3f-4187-be29-59ef2d89039a/0/323030313a3637383a6362303a3a2f34382d3438203d3e203630343331.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:cb0::/48
Signature Algorithm: sha256WithRSAEncryption
3d:14:56:fa:5a:5c:e9:8d:78:f5:e2:b9:1d:e3:d2:eb:a5:a0:
26:23:ef:03:d2:55:71:25:2a:47:86:73:8f:6e:6a:e0:74:18:
00:d0:84:cb:4c:e7:b4:0b:a3:b7:14:fe:f9:8e:38:44:b1:b3:
c4:0f:19:33:c5:22:0c:36:27:73:d5:43:10:67:7d:07:2b:5b:
47:f7:c6:a4:52:cf:37:5b:52:da:4f:d5:2a:86:d6:91:49:a0:
f6:39:06:99:ad:36:20:74:76:00:be:0f:0d:00:be:dc:19:fa:
b5:84:1a:27:86:16:ce:fe:58:d6:49:3f:f0:77:95:a5:5d:06:
b5:d2:1a:80:c9:b7:2d:66:ab:60:37:b6:16:49:47:42:3c:17:
51:09:1d:db:cc:37:2e:8e:df:73:f4:58:0e:dc:5a:f9:e5:d1:
8a:33:2c:0a:ba:90:b8:db:82:5c:c0:64:0d:04:1d:a3:1c:35:
88:84:4d:66:4e:58:1c:b5:2f:c5:22:ff:5d:fb:1d:af:49:bb:
69:ac:be:1e:93:a5:6a:c5:ee:c3:05:1c:bd:69:cf:4e:5e:1f:
f7:f2:ab:29:6f:c7:3c:1f:4b:aa:8c:10:5d:6f:32:d8:9a:e6:
2f:88:39:7b:85:7f:d9:b1:3e:68:fa:a8:28:fc:d6:ab:ae:d0:
e9:0c:14:c2
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUK5tRcO7uuIj7msxpLpiMnC/mRZ8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTQ3YmMyOGM5MmEyMjlhNWFjNzhjMGRlMjg3ZDg5Y2Uz
NzcyNjQwOTAeFw0yNjA2MjIxNjUwMThaFw0yNzA2MjExNjU1MThaMDMxMTAvBgNV
BAMTKEFBNUFBNkU4RjNFRUNGQ0RCMTU1QzVCNTIzMEIyODA1MDZDNzVFMjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCubmeUt32dwzqAdkDLGQl+7SHV
tGasacxjIOOKdgID4vKDG8XkS0AZBP5P7TBdQvLjNiexzY5CNQGIab1y49Xf8upe
N0PrkN/3IW48UpkHpg46UF9+gCtNciqj/YPM/ooKtR6t4kLwN3fdksVJewy73e36
flAO3hsJJ9JmcdPrmDPCKj1LXW8XB5IXq9fom+Sho3QuVhdsgywPy/g5gjFHrIyR
BF9GZRcyVIEA/ZHg1+28mS/Jv45FmP/hEd8vDXwHx/hcPB4gkDdEpsH8QImdb/lL
5u87LoCR21PcGS8aeVtBZpz2adSUAUb/JX72waYR/dXQqyP502NlmSsq4ZarAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUqlqm6PPuz82xVcW1IwsoBQbHXiAwHwYDVR0j
BBgwFoAUVHvCjJKiKaWseMDeKH2JzjdyZAkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZGY0OWQ3ZjctYmIzZi00MTg3LWJlMjktNTllZjJkODkw
MzlhLzAvNTQ3QkMyOEM5MkEyMjlBNUFDNzhDMERFMjg3RDg5Q0UzNzcyNjQwOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1ZIdkNqSktpS2FXc2VNRGVLSDJKempk
eVpBay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZGY0OWQ3Zjct
YmIzZi00MTg3LWJlMjktNTllZjJkODkwMzlhLzAvMzIzMDMwMzEzYTM2MzczODNh
NjM2MjMwM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzYzMDM0MzMzMS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHACABBngMsDANBgkqhkiG9w0BAQsFAAOCAQEAPRRW+lpc6Y149eK5HePS66Wg
JiPvA9JVcSUqR4Zzj25q4HQYANCEy0zntAujtxT++Y44RLGzxA8ZM8UiDDYnc9VD
EGd9BytbR/fGpFLPN1tS2k/VKobWkUmg9jkGma02IHR2AL4PDQC+3Bn6tYQaJ4YW
zv5Y1kk/8HeVpV0GtdIagMm3LWarYDe2FklHQjwXUQkd28w3Lo7fc/RYDtxa+eXR
ijMsCrqQuNuCXMBkDQQdoxw1iIRNZk5YHLUvxSL/Xfsdr0m7aay+HpOlasXuwwUc
vWnPTl4f9/KrKW/HPB9LqowQXW8y2JrmL4g5e4V/2bE+aPqoKPzWq67Q6QwUwg==
-----END CERTIFICATE-----
Generated at Mon Jul 13 10:58:25 2026 by rpki-client