Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/326131333a393634323a3130303a3a2f34382d3438203d3e203438323830.roa
File: 326131333a393634323a3130303a3a2f34382d3438203d3e203438323830.roa (raw, json)
Hash identifier: Hzx6dqgk5VbAzguBV4HZyt3Vsd0Nsl/R+Zel28Ftt2o=
Subject key identifier: A8:6A:0D:64:7B:8A:2E:84:F9:1B:4B:D4:92:94:D8:6A:54:6C:7B:B5
Certificate issuer: /CN=f1d0572fe72991bd32854bac716676ebdad22ace
Certificate serial: 58FAFC3D678860F867AE4BACB16921A0963AE08D
Authority key identifier: F1:D0:57:2F:E7:29:91:BD:32:85:4B:AC:71:66:76:EB:DA:D2:2A:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/326131333a393634323a3130303a3a2f34382d3438203d3e203438323830.roa
Signing time: Thu 11 Jun 2026 16:50:53 +0000
ROA not before: Thu 11 Jun 2026 16:45:53 +0000
ROA not after: Thu 10 Jun 2027 16:50:53 +0000
asID: 48280
IP address blocks: 2a13:9642:100::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.crl
rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.mft
rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 25 Jun 2026 23:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:fa:fc:3d:67:88:60:f8:67:ae:4b:ac:b1:69:21:a0:96:3a:e0:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d0572fe72991bd32854bac716676ebdad22ace
Validity
Not Before: Jun 11 16:45:53 2026 GMT
Not After : Jun 10 16:50:53 2027 GMT
Subject: CN=A86A0D647B8A2E84F91B4BD49294D86A546C7BB5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:ea:52:7c:3e:8f:df:7b:a7:e0:f5:62:37:83:
49:e1:5d:34:60:c6:4f:1f:46:f2:2d:91:b5:d4:6f:
66:e1:75:4f:dd:2b:8e:fe:f2:14:bc:5c:1e:ef:85:
4c:0e:45:37:80:9b:55:b7:b5:9f:d3:48:53:59:50:
a7:f8:3c:89:e8:56:ef:03:ec:5c:6d:7c:ac:8c:f0:
63:93:64:18:63:83:22:79:1f:bb:b7:1f:de:d7:71:
83:26:eb:b4:dc:fa:20:a0:04:c7:a0:a9:fe:cb:94:
b9:67:d5:38:97:84:1f:d7:51:15:52:d1:64:94:fb:
ee:b9:b4:da:8f:97:c9:4d:a1:13:58:f0:a2:2a:3d:
2f:d6:4d:bb:73:96:c6:03:86:a4:20:1f:ec:42:18:
65:ac:a6:ce:c3:2c:86:ee:26:cd:26:1b:e0:ce:f5:
ce:15:18:30:9c:75:52:65:d3:50:c7:43:f9:95:31:
c2:51:01:a6:ca:53:3f:15:fd:cf:ef:48:db:11:c2:
ac:c5:11:76:cc:2b:df:f8:fb:61:82:a8:8b:d3:a0:
20:03:ba:94:bf:2c:ef:ba:bc:7a:d2:d0:79:cb:de:
85:fc:e1:35:12:05:f8:9e:3b:dc:9a:a7:a8:37:72:
b2:58:20:b1:c0:52:f4:49:23:09:12:90:e0:2c:4e:
f9:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:6A:0D:64:7B:8A:2E:84:F9:1B:4B:D4:92:94:D8:6A:54:6C:7B:B5
X509v3 Authority Key Identifier:
keyid:F1:D0:57:2F:E7:29:91:BD:32:85:4B:AC:71:66:76:EB:DA:D2:2A:CE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/326131333a393634323a3130303a3a2f34382d3438203d3e203438323830.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9642:100::/48
Signature Algorithm: sha256WithRSAEncryption
a4:6b:92:e2:16:cd:ed:9b:7f:54:e7:69:d4:a2:af:67:65:86:
41:82:a0:b8:28:0a:f2:12:09:54:fb:85:cd:18:99:05:2f:ab:
7d:0a:fe:bc:d4:46:fb:f0:7b:34:33:84:48:00:9f:ce:6a:cc:
aa:a1:bd:d6:60:35:10:7e:ed:9f:69:32:0d:f0:60:cc:dc:81:
3d:99:b5:bd:4a:08:8d:f9:f5:a3:73:45:5d:bc:bd:a6:a9:04:
e6:6a:ac:f0:1e:62:b0:02:28:59:f5:b3:a1:18:ee:f2:ad:5c:
8f:4e:75:1f:a5:f2:74:9a:75:53:fd:51:38:9f:ad:66:0d:32:
72:79:eb:16:6c:c0:99:3a:c4:37:a3:09:cd:7f:70:60:e6:ab:
0a:30:26:d3:b4:40:d9:e8:e5:10:4c:cb:d6:30:ad:28:62:9e:
15:8b:ad:6b:47:ea:df:62:7e:88:5e:35:43:97:4f:cc:b4:4a:
06:4f:bc:55:0c:ac:2a:48:25:03:a6:25:e1:3c:35:12:47:88:
fd:f3:8e:47:ce:d9:ef:08:ed:8a:81:9c:ee:9d:2f:72:9f:e1:
55:58:ea:6d:74:a9:73:82:42:82:9e:d8:51:38:42:41:86:0c:
8b:df:40:97:a0:b7:35:15:b2:72:ca:73:59:71:3c:0c:d0:95:
dc:b5:8d:9e
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUWPr8PWeIYPhnrkussWkhoJY64I0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZjFkMDU3MmZlNzI5OTFiZDMyODU0YmFjNzE2Njc2ZWJk
YWQyMmFjZTAeFw0yNjA2MTExNjQ1NTNaFw0yNzA2MTAxNjUwNTNaMDMxMTAvBgNV
BAMTKEE4NkEwRDY0N0I4QTJFODRGOTFCNEJENDkyOTREODZBNTQ2QzdCQjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDC6lJ8Po/fe6fg9WI3g0nhXTRg
xk8fRvItkbXUb2bhdU/dK47+8hS8XB7vhUwORTeAm1W3tZ/TSFNZUKf4PInoVu8D
7FxtfKyM8GOTZBhjgyJ5H7u3H97XcYMm67Tc+iCgBMegqf7LlLln1TiXhB/XURVS
0WSU++65tNqPl8lNoRNY8KIqPS/WTbtzlsYDhqQgH+xCGGWsps7DLIbuJs0mG+DO
9c4VGDCcdVJl01DHQ/mVMcJRAabKUz8V/c/vSNsRwqzFEXbMK9/4+2GCqIvToCAD
upS/LO+6vHrS0HnL3oX84TUSBfieO9yap6g3crJYILHAUvRJIwkSkOAsTvlVAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUqGoNZHuKLoT5G0vUkpTYalRse7UwHwYDVR0j
BBgwFoAU8dBXL+cpkb0yhUuscWZ269rSKs4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTMwZGU4NGItNDAwYS00ZmQxLWFiOGEtZTc2MTZlMjQ1
YjQ5LzAvRjFEMDU3MkZFNzI5OTFCRDMyODU0QkFDNzE2Njc2RUJEQUQyMkFDRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzhkQlhMLWNwa2IweWhVdXNjV1oyNjly
U0tzNC5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTMwZGU4NGIt
NDAwYS00ZmQxLWFiOGEtZTc2MTZlMjQ1YjQ5LzAvMzI2MTMxMzMzYTM5MzYzNDMy
M2EzMTMwMzAzYTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzNDM4MzIzODMwLnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAKhOWQgEAMA0GCSqGSIb3DQEBCwUAA4IBAQCka5LiFs3tm39U52nUoq9n
ZYZBgqC4KAryEglU+4XNGJkFL6t9Cv681Eb78Hs0M4RIAJ/Oasyqob3WYDUQfu2f
aTIN8GDM3IE9mbW9SgiN+fWjc0VdvL2mqQTmaqzwHmKwAihZ9bOhGO7yrVyPTnUf
pfJ0mnVT/VE4n61mDTJyeesWbMCZOsQ3ownNf3Bg5qsKMCbTtEDZ6OUQTMvWMK0o
Yp4Vi61rR+rfYn6IXjVDl0/MtEoGT7xVDKwqSCUDpiXhPDUSR4j9845HztnvCO2K
gZzunS9yn+FVWOptdKlzgkKCnthROEJBhgyL30CXoLc1FbJyynNZcTwM0JXctY2e
-----END CERTIFICATE-----
Generated at Thu Jun 25 08:10:57 2026 by rpki-client