Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/326131333a393634343a31303a3a2f34362d3438203d3e203438313934.roa
File: 326131333a393634343a31303a3a2f34362d3438203d3e203438313934.roa (raw, json)
Hash identifier: 9LUtoeiyFR5uHzwoW1Snn+6cLSpTHjqMgoogsv4SuLw=
Subject key identifier: DB:19:96:55:E2:FE:00:52:B5:5D:5F:7F:C4:08:BB:A5:EF:BB:9E:B6
Certificate issuer: /CN=f1d0572fe72991bd32854bac716676ebdad22ace
Certificate serial: 64BC676BFA417869E7FF1C1112D336BDE50F1228
Authority key identifier: F1:D0:57:2F:E7:29:91:BD:32:85:4B:AC:71:66:76:EB:DA:D2:2A:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/326131333a393634343a31303a3a2f34362d3438203d3e203438313934.roa
Signing time: Thu 11 Jun 2026 16:51:37 +0000
ROA not before: Thu 11 Jun 2026 16:46:37 +0000
ROA not after: Thu 10 Jun 2027 16:51:37 +0000
asID: 48194
IP address blocks: 2a13:9644:10::/46 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.crl
rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.mft
rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 25 Jun 2026 23:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:bc:67:6b:fa:41:78:69:e7:ff:1c:11:12:d3:36:bd:e5:0f:12:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d0572fe72991bd32854bac716676ebdad22ace
Validity
Not Before: Jun 11 16:46:37 2026 GMT
Not After : Jun 10 16:51:37 2027 GMT
Subject: CN=DB199655E2FE0052B55D5F7FC408BBA5EFBB9EB6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:c3:32:4b:d7:c4:d4:29:8f:0d:e5:5a:05:7c:
72:23:3f:3f:18:9d:29:4c:33:b1:5e:8c:1f:b4:12:
9d:f1:0c:43:9a:f3:78:2d:0c:e5:f5:fd:52:f7:c4:
31:1b:98:cd:68:46:e5:35:59:f0:07:76:00:bb:f2:
40:ca:99:7c:8c:b7:f4:59:b7:69:42:59:ab:3e:60:
bf:ea:7a:05:06:e8:da:9f:9a:56:08:7d:99:35:1e:
7d:b1:ed:ad:eb:13:c1:27:6e:b8:f1:f6:40:44:33:
e3:d1:90:f8:a0:ee:52:e5:d3:7d:81:b1:04:9b:33:
6e:86:b7:c5:0b:be:f0:ee:65:e0:1d:cc:b1:f1:3c:
e6:6d:cd:29:d4:a5:7f:98:60:88:1c:47:95:25:51:
10:5a:c9:01:97:27:64:dd:0d:1f:3b:3a:24:4f:40:
32:b4:16:9e:ac:0e:05:5c:7a:f1:9c:f4:f2:2a:06:
c6:91:66:4b:3f:1d:e8:55:0d:bb:08:93:1b:25:0e:
3c:1d:77:d5:ce:d9:44:99:ca:d8:f7:9c:3d:a5:26:
3e:b5:97:8d:1e:b9:ff:d5:c1:31:40:f2:41:77:a7:
47:23:46:c2:a4:26:a1:73:2b:4b:ec:30:9e:3c:b0:
63:bd:a3:6c:ce:df:f4:08:c9:79:79:11:29:13:0f:
91:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:19:96:55:E2:FE:00:52:B5:5D:5F:7F:C4:08:BB:A5:EF:BB:9E:B6
X509v3 Authority Key Identifier:
keyid:F1:D0:57:2F:E7:29:91:BD:32:85:4B:AC:71:66:76:EB:DA:D2:2A:CE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/326131333a393634343a31303a3a2f34362d3438203d3e203438313934.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9644:10::/46
Signature Algorithm: sha256WithRSAEncryption
5f:f9:ee:c9:89:45:b1:d1:3a:64:a9:b4:cf:75:7a:35:09:65:
e8:f6:db:5a:55:0a:21:e6:81:18:de:57:57:69:16:7c:6e:a4:
6a:fa:ac:07:02:74:a8:53:be:4a:52:68:6f:58:f8:a2:29:b8:
62:37:0d:d3:1c:03:ba:12:3d:80:51:9d:c9:3a:5a:35:5b:9e:
04:f7:8f:ea:06:cd:72:74:b2:1d:38:6d:9e:64:83:f8:e3:51:
a1:d8:82:3f:12:ea:e1:02:ac:00:8a:23:4c:f9:d4:74:cd:52:
71:ce:a5:fd:f0:e8:54:b1:39:04:76:b6:76:62:53:cd:96:0c:
7b:b2:ec:bb:da:f2:61:53:6a:df:72:aa:1a:5d:96:c9:f8:1b:
dc:9e:4b:ac:c8:b1:d6:ec:69:96:19:3c:d3:37:cd:69:00:f0:
84:82:a9:76:40:b2:0e:2f:71:48:c3:ba:3b:ff:32:69:cf:64:
f7:43:c4:6a:d9:1e:64:a0:12:97:58:2e:26:b3:7c:25:3b:2e:
90:5f:a1:fc:1f:e1:b0:17:e0:15:40:cf:f3:05:bc:8a:16:24:
b8:c5:84:63:d4:5d:f7:d7:86:1c:21:76:40:f3:a9:42:18:6f:
c7:07:40:ad:bb:ed:25:b2:d4:5c:64:bd:39:cc:70:83:1a:84:
f1:a2:00:0d
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUZLxna/pBeGnn/xwREtM2veUPEigwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZjFkMDU3MmZlNzI5OTFiZDMyODU0YmFjNzE2Njc2ZWJk
YWQyMmFjZTAeFw0yNjA2MTExNjQ2MzdaFw0yNzA2MTAxNjUxMzdaMDMxMTAvBgNV
BAMTKERCMTk5NjU1RTJGRTAwNTJCNTVENUY3RkM0MDhCQkE1RUZCQjlFQjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDwzJL18TUKY8N5VoFfHIjPz8Y
nSlMM7FejB+0Ep3xDEOa83gtDOX1/VL3xDEbmM1oRuU1WfAHdgC78kDKmXyMt/RZ
t2lCWas+YL/qegUG6NqfmlYIfZk1Hn2x7a3rE8Enbrjx9kBEM+PRkPig7lLl032B
sQSbM26Gt8ULvvDuZeAdzLHxPOZtzSnUpX+YYIgcR5UlURBayQGXJ2TdDR87OiRP
QDK0Fp6sDgVcevGc9PIqBsaRZks/HehVDbsIkxslDjwdd9XO2USZytj3nD2lJj61
l40euf/VwTFA8kF3p0cjRsKkJqFzK0vsMJ48sGO9o2zO3/QIyXl5ESkTD5FzAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQU2xmWVeL+AFK1XV9/xAi7pe+7nrYwHwYDVR0j
BBgwFoAU8dBXL+cpkb0yhUuscWZ269rSKs4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTMwZGU4NGItNDAwYS00ZmQxLWFiOGEtZTc2MTZlMjQ1
YjQ5LzAvRjFEMDU3MkZFNzI5OTFCRDMyODU0QkFDNzE2Njc2RUJEQUQyMkFDRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzhkQlhMLWNwa2IweWhVdXNjV1oyNjly
U0tzNC5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTMwZGU4NGIt
NDAwYS00ZmQxLWFiOGEtZTc2MTZlMjQ1YjQ5LzAvMzI2MTMxMzMzYTM5MzYzNDM0
M2EzMTMwM2EzYTJmMzQzNjJkMzQzODIwM2QzZTIwMzQzODMxMzkzNC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHAioTlkQAEDANBgkqhkiG9w0BAQsFAAOCAQEAX/nuyYlFsdE6ZKm0z3V6NQll
6PbbWlUKIeaBGN5XV2kWfG6kavqsBwJ0qFO+SlJob1j4oim4YjcN0xwDuhI9gFGd
yTpaNVueBPeP6gbNcnSyHThtnmSD+ONRodiCPxLq4QKsAIojTPnUdM1Scc6l/fDo
VLE5BHa2dmJTzZYMe7Lsu9ryYVNq33KqGl2Wyfgb3J5LrMix1uxplhk80zfNaQDw
hIKpdkCyDi9xSMO6O/8yac9k90PEatkeZKASl1guJrN8JTsukF+h/B/hsBfgFUDP
8wW8ihYkuMWEY9Rd99eGHCF2QPOpQhhvxwdArbvtJbLUXGS9OcxwgxqE8aIADQ==
-----END CERTIFICATE-----
Generated at Thu Jun 25 08:10:40 2026 by rpki-client