Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/326131333a393634343a34303a3a2f34342d3438203d3e20323136333336.roa
File: 326131333a393634343a34303a3a2f34342d3438203d3e20323136333336.roa (raw, json)
Hash identifier: aN0l+seOjIzBWiIpg74ha3XMl613ui3F5BnuU6cUgOI=
Subject key identifier: 12:A2:AA:1A:F1:84:00:92:50:8A:D1:5F:4D:FF:13:D0:24:14:E5:4E
Certificate issuer: /CN=f1d0572fe72991bd32854bac716676ebdad22ace
Certificate serial: 294E0562BFA446E08CFDECB6C42675066BB67ECB
Authority key identifier: F1:D0:57:2F:E7:29:91:BD:32:85:4B:AC:71:66:76:EB:DA:D2:2A:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/326131333a393634343a34303a3a2f34342d3438203d3e20323136333336.roa
Signing time: Fri 29 May 2026 09:50:53 +0000
ROA not before: Fri 29 May 2026 09:45:53 +0000
ROA not after: Fri 28 May 2027 09:50:53 +0000
asID: 216336
IP address blocks: 2a13:9644:40::/44 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.crl
rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.mft
rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 25 Jun 2026 23:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:4e:05:62:bf:a4:46:e0:8c:fd:ec:b6:c4:26:75:06:6b:b6:7e:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d0572fe72991bd32854bac716676ebdad22ace
Validity
Not Before: May 29 09:45:53 2026 GMT
Not After : May 28 09:50:53 2027 GMT
Subject: CN=12A2AA1AF1840092508AD15F4DFF13D02414E54E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:0e:64:e0:51:69:49:7d:41:b7:d5:39:3c:93:
67:17:69:e1:3e:15:b6:48:9f:73:8b:c1:de:6f:91:
99:5e:a4:5f:88:22:62:8d:7f:9f:c4:d1:e6:c9:c5:
06:26:bd:fc:c6:fc:56:f0:8b:73:75:a9:97:9d:9f:
7f:45:89:d8:e8:4d:65:3d:54:3b:ed:7b:13:c9:50:
51:de:70:2f:30:b6:99:07:80:e0:a6:77:17:49:e4:
bf:0a:ab:bf:46:70:b2:33:52:e6:28:de:81:49:9b:
c8:18:d2:bc:14:66:86:45:61:a3:28:73:bb:a9:ac:
51:fe:e8:83:9d:ac:ae:43:e5:2d:a3:df:25:d0:d4:
ef:ca:a5:dc:c1:96:b7:1c:49:e8:27:15:88:37:c8:
c2:15:ee:a2:54:2b:75:c5:6f:be:82:58:39:28:27:
5d:fe:ab:46:ba:bd:00:40:44:d7:86:04:82:99:fd:
a0:87:2f:0e:db:24:81:7e:3a:4b:c3:0e:e2:22:27:
50:26:fb:0b:04:66:a8:4c:86:90:a1:bb:22:e8:c1:
d7:39:0d:57:99:72:c5:ce:31:61:2f:49:4d:fe:0e:
41:9b:06:1b:12:9d:41:76:dc:47:0b:71:9d:f2:8c:
d3:95:22:79:41:6c:be:25:3a:f3:27:1f:a1:00:56:
76:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:A2:AA:1A:F1:84:00:92:50:8A:D1:5F:4D:FF:13:D0:24:14:E5:4E
X509v3 Authority Key Identifier:
keyid:F1:D0:57:2F:E7:29:91:BD:32:85:4B:AC:71:66:76:EB:DA:D2:2A:CE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/326131333a393634343a34303a3a2f34342d3438203d3e20323136333336.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9644:40::/44
Signature Algorithm: sha256WithRSAEncryption
22:e8:b2:2a:22:9b:fe:4f:07:d1:f3:10:02:37:a8:98:77:e3:
05:d1:dc:17:e9:8f:30:40:20:b8:e9:75:7f:bf:da:85:ad:16:
27:b5:cc:f8:22:34:b3:ed:88:4e:14:f3:14:37:70:e7:48:a2:
c8:a1:7a:c3:de:20:c9:14:f4:d8:2e:97:7b:6d:63:9c:91:14:
ca:96:8d:c4:02:d2:ec:fb:f2:55:77:0d:18:d6:31:ea:88:cb:
6c:3e:cd:14:95:04:aa:dd:2e:94:d6:f7:17:1f:62:d6:0b:8a:
04:fd:6c:67:e0:ea:2c:7b:20:ae:fe:11:bb:72:a1:77:c9:b0:
ff:5a:f0:62:d0:75:6c:34:e6:38:d1:26:4f:7d:16:b0:61:b2:
f4:f7:40:64:59:dc:41:8b:34:a6:ef:69:4f:2b:ee:92:51:a4:
4f:7d:ee:19:26:be:93:9e:b6:97:d7:32:a0:52:41:39:1a:0d:
3f:bf:54:cb:f1:9f:63:c1:a8:c2:9f:b6:a7:78:65:de:b9:97:
7e:0d:8f:49:11:b7:7f:3d:c8:9b:34:5b:e8:c0:6a:b1:9c:d7:
f5:27:b4:5b:09:ab:53:44:d4:e6:eb:00:62:ef:7f:f8:e2:6b:
79:a7:a5:61:ee:b2:e4:88:17:d2:16:ef:4e:5d:2a:1d:7f:8c:
35:cd:0c:f1
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUKU4FYr+kRuCM/ey2xCZ1Bmu2fsswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZjFkMDU3MmZlNzI5OTFiZDMyODU0YmFjNzE2Njc2ZWJk
YWQyMmFjZTAeFw0yNjA1MjkwOTQ1NTNaFw0yNzA1MjgwOTUwNTNaMDMxMTAvBgNV
BAMTKDEyQTJBQTFBRjE4NDAwOTI1MDhBRDE1RjRERkYxM0QwMjQxNEU1NEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD2DmTgUWlJfUG31Tk8k2cXaeE+
FbZIn3OLwd5vkZlepF+IImKNf5/E0ebJxQYmvfzG/Fbwi3N1qZedn39FidjoTWU9
VDvtexPJUFHecC8wtpkHgOCmdxdJ5L8Kq79GcLIzUuYo3oFJm8gY0rwUZoZFYaMo
c7uprFH+6IOdrK5D5S2j3yXQ1O/KpdzBlrccSegnFYg3yMIV7qJUK3XFb76CWDko
J13+q0a6vQBARNeGBIKZ/aCHLw7bJIF+OkvDDuIiJ1Am+wsEZqhMhpChuyLowdc5
DVeZcsXOMWEvSU3+DkGbBhsSnUF23EcLcZ3yjNOVInlBbL4lOvMnH6EAVna3AgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUEqKqGvGEAJJQitFfTf8T0CQU5U4wHwYDVR0j
BBgwFoAU8dBXL+cpkb0yhUuscWZ269rSKs4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTMwZGU4NGItNDAwYS00ZmQxLWFiOGEtZTc2MTZlMjQ1
YjQ5LzAvRjFEMDU3MkZFNzI5OTFCRDMyODU0QkFDNzE2Njc2RUJEQUQyMkFDRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzhkQlhMLWNwa2IweWhVdXNjV1oyNjly
U0tzNC5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTMwZGU4NGIt
NDAwYS00ZmQxLWFiOGEtZTc2MTZlMjQ1YjQ5LzAvMzI2MTMxMzMzYTM5MzYzNDM0
M2EzNDMwM2EzYTJmMzQzNDJkMzQzODIwM2QzZTIwMzIzMTM2MzMzMzM2LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcEKhOWRABAMA0GCSqGSIb3DQEBCwUAA4IBAQAi6LIqIpv+TwfR8xACN6iY
d+MF0dwX6Y8wQCC46XV/v9qFrRYntcz4IjSz7YhOFPMUN3DnSKLIoXrD3iDJFPTY
Lpd7bWOckRTKlo3EAtLs+/JVdw0Y1jHqiMtsPs0UlQSq3S6U1vcXH2LWC4oE/Wxn
4OoseyCu/hG7cqF3ybD/WvBi0HVsNOY40SZPfRawYbL090BkWdxBizSm72lPK+6S
UaRPfe4ZJr6TnraX1zKgUkE5Gg0/v1TL8Z9jwajCn7aneGXeuZd+DY9JEbd/Pcib
NFvowGqxnNf1J7RbCatTRNTm6wBi73/44mt5p6Vh7rLkiBfSFu9OXSodf4w1zQzx
-----END CERTIFICATE-----
Generated at Thu Jun 25 08:10:41 2026 by rpki-client