Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/326131333a393634343a333030303a3a2f34302d3438203d3e20323131343331.roa
File: 326131333a393634343a333030303a3a2f34302d3438203d3e20323131343331.roa (raw, json)
Hash identifier: 55K704u0CSR1H8gbRHKofiBTrVbrlViI8IfSELQiTbk=
Subject key identifier: 60:8F:A9:AF:B1:0B:25:3E:7F:FF:8C:7B:26:AF:CF:44:21:14:83:2D
Certificate issuer: /CN=f1d0572fe72991bd32854bac716676ebdad22ace
Certificate serial: 2FAB1F48BF4E821DCCE48BB5AF01794A32840E2B
Authority key identifier: F1:D0:57:2F:E7:29:91:BD:32:85:4B:AC:71:66:76:EB:DA:D2:2A:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/326131333a393634343a333030303a3a2f34302d3438203d3e20323131343331.roa
Signing time: Thu 11 Jun 2026 16:50:54 +0000
ROA not before: Thu 11 Jun 2026 16:45:54 +0000
ROA not after: Thu 10 Jun 2027 16:50:54 +0000
asID: 211431
IP address blocks: 2a13:9644:3000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.crl
rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.mft
rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 25 Jun 2026 11:30:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:ab:1f:48:bf:4e:82:1d:cc:e4:8b:b5:af:01:79:4a:32:84:0e:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d0572fe72991bd32854bac716676ebdad22ace
Validity
Not Before: Jun 11 16:45:54 2026 GMT
Not After : Jun 10 16:50:54 2027 GMT
Subject: CN=608FA9AFB10B253E7FFF8C7B26AFCF442114832D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:85:21:36:5c:55:c4:8e:1e:f3:1f:d5:bc:e1:
d5:9e:5d:b2:31:ce:df:ef:66:7c:f0:ed:1a:3a:c9:
13:11:3d:ba:28:46:4b:d3:07:ee:a6:2b:cf:36:f4:
31:b6:bb:79:b2:d9:8b:bf:f8:52:ec:21:43:f2:5e:
c9:f8:a6:7e:86:0e:c2:79:75:56:0f:79:c3:48:83:
1b:c7:26:6d:b8:9e:42:93:9b:35:8d:e5:c2:ac:37:
2f:83:47:04:42:4a:55:3d:c5:5b:bd:71:79:9f:7b:
ad:7a:97:c6:89:f9:a2:45:24:d7:cd:ac:a0:4c:db:
f9:4f:88:97:d1:13:89:5c:1d:54:c8:a3:00:2b:06:
04:95:21:5c:87:0d:cc:04:0c:d4:1a:bb:ad:59:79:
91:d5:f0:f3:04:92:9b:eb:3d:ee:04:43:d0:fc:2b:
24:11:c6:0e:c3:30:fa:5a:10:ba:f5:62:d5:29:eb:
3e:ce:87:99:e3:38:3e:60:e0:9e:a7:b1:c5:aa:da:
2a:ba:21:d2:90:8f:31:02:40:ef:f8:5a:cd:08:ee:
aa:fa:d8:5e:4f:f8:5a:d4:fa:95:48:19:24:6e:ec:
56:c6:ed:04:38:04:20:5d:ae:06:21:0f:1e:7c:e7:
ad:12:57:74:27:3a:35:fc:e1:c3:84:d0:1a:cf:ee:
f6:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:8F:A9:AF:B1:0B:25:3E:7F:FF:8C:7B:26:AF:CF:44:21:14:83:2D
X509v3 Authority Key Identifier:
keyid:F1:D0:57:2F:E7:29:91:BD:32:85:4B:AC:71:66:76:EB:DA:D2:2A:CE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/326131333a393634343a333030303a3a2f34302d3438203d3e20323131343331.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9644:3000::/40
Signature Algorithm: sha256WithRSAEncryption
d0:17:13:55:3c:81:3e:b6:4e:ae:e1:b3:72:0a:29:6f:d9:9b:
f3:ad:6f:12:6a:cf:5c:84:85:53:38:fc:87:7d:06:fb:4d:0b:
da:0f:60:a8:5f:12:7f:a7:98:94:70:d6:28:64:11:44:44:7d:
01:f6:f8:8e:9b:a0:91:83:76:1c:b5:75:10:39:7f:7f:71:af:
75:72:83:6f:44:97:04:82:cd:a1:67:f1:8b:57:6e:7b:d8:26:
bb:16:52:59:2e:63:51:04:12:42:d9:d9:b5:af:b0:ab:1f:0e:
30:7c:fa:33:a8:a7:8c:21:46:86:bc:5e:08:02:67:03:05:2c:
8f:3a:2f:7a:f6:53:0b:1a:17:77:d2:f0:c9:22:95:aa:4b:40:
fd:d8:9f:34:dd:3a:50:2a:d7:c5:bd:b6:af:44:27:00:79:22:
80:8d:2b:5c:05:4b:cf:16:70:25:9d:02:ca:da:24:9c:ee:ce:
64:00:3c:81:e7:16:2e:ec:e7:b5:a2:46:83:9b:1c:3c:20:a9:
59:4e:1c:03:db:14:d9:f1:55:2a:c1:88:7c:02:f0:c2:21:ff:
ea:f7:f4:f8:c6:0a:86:a2:85:ff:a9:16:f8:18:e1:42:2e:90:
36:75:3b:c2:6e:7b:fe:52:59:84:ba:48:a1:89:de:01:ee:29:
f4:b4:66:31
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIUL6sfSL9Ogh3M5Iu1rwF5SjKEDiswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZjFkMDU3MmZlNzI5OTFiZDMyODU0YmFjNzE2Njc2ZWJk
YWQyMmFjZTAeFw0yNjA2MTExNjQ1NTRaFw0yNzA2MTAxNjUwNTRaMDMxMTAvBgNV
BAMTKDYwOEZBOUFGQjEwQjI1M0U3RkZGOEM3QjI2QUZDRjQ0MjExNDgzMkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+hSE2XFXEjh7zH9W84dWeXbIx
zt/vZnzw7Ro6yRMRPbooRkvTB+6mK8829DG2u3my2Yu/+FLsIUPyXsn4pn6GDsJ5
dVYPecNIgxvHJm24nkKTmzWN5cKsNy+DRwRCSlU9xVu9cXmfe616l8aJ+aJFJNfN
rKBM2/lPiJfRE4lcHVTIowArBgSVIVyHDcwEDNQau61ZeZHV8PMEkpvrPe4EQ9D8
KyQRxg7DMPpaELr1YtUp6z7Oh5njOD5g4J6nscWq2iq6IdKQjzECQO/4Ws0I7qr6
2F5P+FrU+pVIGSRu7FbG7QQ4BCBdrgYhDx58560SV3QnOjX84cOE0BrP7vajAgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQUYI+pr7ELJT5//4x7Jq/PRCEUgy0wHwYDVR0j
BBgwFoAU8dBXL+cpkb0yhUuscWZ269rSKs4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTMwZGU4NGItNDAwYS00ZmQxLWFiOGEtZTc2MTZlMjQ1
YjQ5LzAvRjFEMDU3MkZFNzI5OTFCRDMyODU0QkFDNzE2Njc2RUJEQUQyMkFDRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzhkQlhMLWNwa2IweWhVdXNjV1oyNjly
U0tzNC5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTMwZGU4NGIt
NDAwYS00ZmQxLWFiOGEtZTc2MTZlMjQ1YjQ5LzAvMzI2MTMxMzMzYTM5MzYzNDM0
M2EzMzMwMzAzMDNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDMyMzEzMTM0MzMzMS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw
DgQCAAIwCAMGACoTlkQwMA0GCSqGSIb3DQEBCwUAA4IBAQDQFxNVPIE+tk6u4bNy
Cilv2ZvzrW8Sas9chIVTOPyHfQb7TQvaD2CoXxJ/p5iUcNYoZBFERH0B9viOm6CR
g3YctXUQOX9/ca91coNvRJcEgs2hZ/GLV2572Ca7FlJZLmNRBBJC2dm1r7CrHw4w
fPozqKeMIUaGvF4IAmcDBSyPOi969lMLGhd30vDJIpWqS0D92J803TpQKtfFvbav
RCcAeSKAjStcBUvPFnAlnQLK2iSc7s5kADyB5xYu7Oe1okaDmxw8IKlZThwD2xTZ
8VUqwYh8AvDCIf/q9/T4xgqGooX/qRb4GOFCLpA2dTvCbnv+UlmEukihid4B7in0
tGYx
-----END CERTIFICATE-----
Generated at Thu Jun 25 06:02:08 2026 by rpki-client