Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/326130643a623238373a646164303a3a2f34342d3434203d3e20323038343337.roa
File: 326130643a623238373a646164303a3a2f34342d3434203d3e20323038343337.roa (raw, json)
Hash identifier: YpPTi9R5puadCgdU1ozZSs1eaFYHiNZs61jWCfgGXKA=
Subject key identifier: E1:71:71:F3:A3:AA:DE:8A:47:2C:E2:8B:3C:F5:3A:E6:AF:38:6D:AC
Certificate issuer: /CN=88cdd9c193da9185a4ac15b2ade875fe97b6f491
Certificate serial: 3DF9A1CA11C4976F0D35E0BC59C1C18C49F20595
Authority key identifier: 88:CD:D9:C1:93:DA:91:85:A4:AC:15:B2:AD:E8:75:FE:97:B6:F4:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iM3ZwZPakYWkrBWyreh1_pe29JE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/326130643a623238373a646164303a3a2f34342d3434203d3e20323038343337.roa
Signing time: Sat 18 Apr 2026 17:42:17 +0000
ROA not before: Sat 18 Apr 2026 17:37:17 +0000
ROA not after: Sat 17 Apr 2027 17:42:17 +0000
asID: 208437
IP address blocks: 2a0d:b287:dad0::/44 maxlen: 44
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/88CDD9C193DA9185A4AC15B2ADE875FE97B6F491.crl
rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/88CDD9C193DA9185A4AC15B2ADE875FE97B6F491.mft
rsync://rpki.ripe.net/repository/DEFAULT/iM3ZwZPakYWkrBWyreh1_pe29JE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 03:24:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:f9:a1:ca:11:c4:97:6f:0d:35:e0:bc:59:c1:c1:8c:49:f2:05:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88cdd9c193da9185a4ac15b2ade875fe97b6f491
Validity
Not Before: Apr 18 17:37:17 2026 GMT
Not After : Apr 17 17:42:17 2027 GMT
Subject: CN=E17171F3A3AADE8A472CE28B3CF53AE6AF386DAC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:89:7c:28:92:5b:00:86:e6:fa:67:a1:5a:75:
06:d5:cb:e9:c4:2f:2a:4e:80:73:8d:0e:b8:34:ba:
e1:c3:0c:01:09:0b:57:77:ef:43:54:bb:65:64:7a:
d1:fe:0a:a7:33:43:51:0d:9e:de:5e:ba:53:4d:d6:
37:21:ce:43:13:e8:7a:fb:30:77:24:2d:0c:2b:10:
56:47:09:10:4b:fc:23:31:21:bb:6c:e0:ef:0e:ba:
0c:83:23:c5:c9:f5:2d:3b:4a:6d:5d:5e:d4:d9:43:
b6:11:8d:a9:c9:7c:2f:6f:8c:d3:33:fc:92:34:9c:
03:97:01:be:f6:1d:b1:ee:ce:f9:d8:4a:fd:a5:c5:
30:cc:ab:fe:d8:12:b0:15:e6:60:ab:22:c2:06:6d:
ca:3c:01:97:e1:f6:8a:38:d8:38:2b:77:ec:25:b3:
6b:9f:de:81:92:8b:fe:34:ab:bd:94:c2:a6:2f:1f:
4e:22:74:c0:55:20:0a:7c:19:84:40:56:cd:d4:c6:
75:d3:85:50:6b:0a:45:fd:27:aa:3c:04:60:d4:70:
c1:b0:95:47:d8:01:8a:d9:6b:f4:80:32:5a:f7:94:
8a:5a:34:d4:f3:a5:11:56:7c:00:a1:8f:93:ae:41:
6c:7d:50:89:06:91:56:3b:a2:84:8b:03:a2:79:5f:
fc:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:71:71:F3:A3:AA:DE:8A:47:2C:E2:8B:3C:F5:3A:E6:AF:38:6D:AC
X509v3 Authority Key Identifier:
keyid:88:CD:D9:C1:93:DA:91:85:A4:AC:15:B2:AD:E8:75:FE:97:B6:F4:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/88CDD9C193DA9185A4AC15B2ADE875FE97B6F491.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iM3ZwZPakYWkrBWyreh1_pe29JE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/326130643a623238373a646164303a3a2f34342d3434203d3e20323038343337.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:b287:dad0::/44
Signature Algorithm: sha256WithRSAEncryption
3b:80:e8:8c:35:a0:bd:4a:5a:b7:ac:01:dd:21:92:b6:86:1d:
59:e6:73:ba:74:98:39:b2:82:8b:cc:de:08:ae:7c:5a:6d:db:
2d:ab:6a:12:38:61:d2:f1:3f:0d:41:64:13:ed:26:4b:f9:fd:
02:e4:d0:85:31:dd:81:8a:06:62:04:24:23:87:8f:4d:4a:5b:
f9:c3:99:72:93:f2:45:88:e0:4e:39:79:d5:6f:d4:0c:b4:37:
eb:6b:8f:df:ba:36:3a:4a:8a:70:20:4e:c9:dd:c9:98:fc:5b:
09:38:1a:da:94:c6:ad:18:5e:45:9f:b9:cf:05:ab:6a:6d:5b:
77:7d:8c:73:98:99:71:d2:83:96:62:70:4a:45:f8:b1:8e:92:
a8:c5:cf:11:73:8f:26:c7:46:1d:f4:23:7d:ab:e9:54:8b:34:
4c:57:3e:ad:53:5f:1e:5f:90:96:02:17:01:85:bc:61:bd:c1:
8d:54:ac:97:da:94:eb:e8:50:a0:73:4f:b0:88:f3:47:95:23:
99:8c:ab:21:74:8b:be:b2:fe:2e:56:f9:1e:f6:51:4c:01:14:
b7:44:a9:26:0b:05:bc:8b:1b:38:13:4c:ac:fe:d0:ea:63:69:
43:72:1f:89:74:7c:35:18:2b:39:01:5f:17:09:31:60:06:c7:
9a:c5:84:c9
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUPfmhyhHEl28NNeC8WcHBjEnyBZUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjZGQ5YzE5M2RhOTE4NWE0YWMxNWIyYWRlODc1ZmU5
N2I2ZjQ5MTAeFw0yNjA0MTgxNzM3MTdaFw0yNzA0MTcxNzQyMTdaMDMxMTAvBgNV
BAMTKEUxNzE3MUYzQTNBQURFOEE0NzJDRTI4QjNDRjUzQUU2QUYzODZEQUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHiXwoklsAhub6Z6FadQbVy+nE
LypOgHONDrg0uuHDDAEJC1d370NUu2VketH+CqczQ1ENnt5eulNN1jchzkMT6Hr7
MHckLQwrEFZHCRBL/CMxIbts4O8OugyDI8XJ9S07Sm1dXtTZQ7YRjanJfC9vjNMz
/JI0nAOXAb72HbHuzvnYSv2lxTDMq/7YErAV5mCrIsIGbco8AZfh9oo42Dgrd+wl
s2uf3oGSi/40q72UwqYvH04idMBVIAp8GYRAVs3UxnXThVBrCkX9J6o8BGDUcMGw
lUfYAYrZa/SAMlr3lIpaNNTzpRFWfAChj5OuQWx9UIkGkVY7ooSLA6J5X/w/AgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQU4XFx86Oq3opHLOKLPPU65q84bawwHwYDVR0j
BBgwFoAUiM3ZwZPakYWkrBWyreh1/pe29JEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTZhZmYyMzQtNjFjNS00MjkwLThhNmQtNWYyYjkwMjcz
MjJmLzAvODhDREQ5QzE5M0RBOTE4NUE0QUMxNUIyQURFODc1RkU5N0I2RjQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNM1p3WlBha1lXa3JCV3lyZWgxX3Bl
MjlKRS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTZhZmYyMzQt
NjFjNS00MjkwLThhNmQtNWYyYjkwMjczMjJmLzAvMzI2MTMwNjQzYTYyMzIzODM3
M2E2NDYxNjQzMDNhM2EyZjM0MzQyZDM0MzQyMDNkM2UyMDMyMzAzODM0MzMzNy5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHBCoNsofa0DANBgkqhkiG9w0BAQsFAAOCAQEAO4DojDWgvUpat6wB
3SGStoYdWeZzunSYObKCi8zeCK58Wm3bLatqEjhh0vE/DUFkE+0mS/n9AuTQhTHd
gYoGYgQkI4ePTUpb+cOZcpPyRYjgTjl51W/UDLQ362uP37o2OkqKcCBOyd3JmPxb
CTga2pTGrRheRZ+5zwWram1bd32Mc5iZcdKDlmJwSkX4sY6SqMXPEXOPJsdGHfQj
favpVIs0TFc+rVNfHl+QlgIXAYW8Yb3BjVSsl9qU6+hQoHNPsIjzR5UjmYyrIXSL
vrL+Llb5HvZRTAEUt0SpJgsFvIsbOBNMrP7Q6mNpQ3IfiXR8NRgrOQFfFwkxYAbH
msWEyQ==
-----END CERTIFICATE-----
Generated at Mon Apr 27 16:05:55 2026 by rpki-client