Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/326130643a623238373a646430303a3a2f34302d3430203d3e20323136333039.roa
File: 326130643a623238373a646430303a3a2f34302d3430203d3e20323136333039.roa (raw, json)
Hash identifier: IWxDGwnCe47DwB/QE0frhiu04YnzGfcmOau8r6CSuq0=
Subject key identifier: 69:0C:17:3E:29:BE:40:CC:1D:C4:86:6E:10:71:55:0D:96:F5:51:28
Certificate issuer: /CN=88cdd9c193da9185a4ac15b2ade875fe97b6f491
Certificate serial: 63CDDFBB9E1F8936540BA584B0976046D94AFA69
Authority key identifier: 88:CD:D9:C1:93:DA:91:85:A4:AC:15:B2:AD:E8:75:FE:97:B6:F4:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iM3ZwZPakYWkrBWyreh1_pe29JE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/326130643a623238373a646430303a3a2f34302d3430203d3e20323136333039.roa
Signing time: Tue 26 May 2026 20:42:19 +0000
ROA not before: Tue 26 May 2026 20:37:19 +0000
ROA not after: Tue 25 May 2027 20:42:19 +0000
asID: 216309
IP address blocks: 2a0d:b287:dd00::/40 maxlen: 40
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/88CDD9C193DA9185A4AC15B2ADE875FE97B6F491.crl
rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/88CDD9C193DA9185A4AC15B2ADE875FE97B6F491.mft
rsync://rpki.ripe.net/repository/DEFAULT/iM3ZwZPakYWkrBWyreh1_pe29JE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 13:48:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:cd:df:bb:9e:1f:89:36:54:0b:a5:84:b0:97:60:46:d9:4a:fa:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88cdd9c193da9185a4ac15b2ade875fe97b6f491
Validity
Not Before: May 26 20:37:19 2026 GMT
Not After : May 25 20:42:19 2027 GMT
Subject: CN=690C173E29BE40CC1DC4866E1071550D96F55128
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:b8:d4:1b:ce:8a:11:c5:cc:38:b4:5f:7d:3b:
21:4a:c2:b0:59:a9:d6:2b:49:c7:9d:a4:4d:be:34:
9c:b6:51:d7:d7:1a:24:73:f3:08:43:18:c6:41:b5:
dc:89:99:29:69:2b:5b:fb:15:40:d4:ed:c0:68:c6:
78:e6:d7:ca:93:d1:90:29:e6:94:db:12:99:f8:20:
b5:23:e8:43:40:d6:21:ba:89:af:7c:95:e7:00:59:
d5:75:e3:8e:9c:81:d3:ad:ef:72:ac:b2:aa:97:3a:
72:93:b6:3e:fe:94:eb:9a:7d:21:9c:b2:a0:95:98:
a7:b8:e9:c7:81:90:3e:0f:52:c9:c8:4a:c7:47:0d:
95:dd:98:36:47:02:7e:73:1f:1a:cf:ce:3c:de:b2:
da:d0:32:57:9d:f2:11:13:04:b4:4e:33:97:89:6c:
82:a8:0b:3f:9b:bc:9c:b5:13:f1:2b:9e:8c:39:54:
76:66:e8:18:1d:01:cd:69:82:39:57:69:96:d8:2f:
57:84:2f:9a:19:99:d2:fc:44:02:8e:5c:8c:e5:47:
7b:45:78:c8:87:04:0d:45:b5:e7:26:a1:86:bb:85:
0f:0c:19:ce:ba:b3:95:fb:46:f3:20:43:63:9c:20:
4a:04:d5:22:cb:2a:73:9c:c8:9e:94:9b:65:67:cb:
34:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:0C:17:3E:29:BE:40:CC:1D:C4:86:6E:10:71:55:0D:96:F5:51:28
X509v3 Authority Key Identifier:
keyid:88:CD:D9:C1:93:DA:91:85:A4:AC:15:B2:AD:E8:75:FE:97:B6:F4:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/88CDD9C193DA9185A4AC15B2ADE875FE97B6F491.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iM3ZwZPakYWkrBWyreh1_pe29JE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/326130643a623238373a646430303a3a2f34302d3430203d3e20323136333039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:b287:dd00::/40
Signature Algorithm: sha256WithRSAEncryption
b1:cf:6f:e6:86:14:9c:4c:80:87:f1:55:a1:27:ef:4a:7b:22:
5a:23:9b:a9:ee:6f:9a:43:c2:cd:df:5a:1b:cd:e6:06:94:4f:
42:27:22:cf:c6:66:67:0c:a8:9b:ff:85:d0:8e:52:96:62:12:
42:93:67:6e:62:42:7b:c7:11:8b:d7:d3:d6:80:5e:7a:d8:4b:
a3:fd:9b:83:2c:58:27:2b:6f:1a:ce:a1:ca:10:26:45:22:b6:
e1:0e:99:07:82:ec:6b:7e:2c:04:db:7e:2c:1e:7b:ae:61:f5:
9a:76:b5:93:85:e0:7a:be:96:39:08:8a:85:0c:dc:7b:82:81:
bb:03:b0:c1:a0:5d:b9:0a:1c:aa:89:9c:d0:0a:3f:df:f9:17:
48:37:84:51:8a:c3:27:bc:f7:a0:58:e4:bb:f3:3d:80:12:67:
29:5f:5f:c2:6f:e7:8b:21:32:bd:9e:b9:2d:ba:3c:9b:69:ac:
0d:e7:eb:8c:b4:f9:23:55:21:c7:d2:ad:be:6d:52:eb:81:8f:
f0:fc:36:b1:eb:5c:66:cf:70:de:a3:f1:09:f2:8c:67:e9:fa:
f6:8b:87:7b:3f:61:fd:f8:2d:99:67:57:0b:fb:36:03:2b:c7:
13:f2:c4:10:42:53:72:9e:b0:19:31:78:92:46:7a:97:6e:0a:
cd:fb:f1:58
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIUY83fu54fiTZUC6WEsJdgRtlK+mkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjZGQ5YzE5M2RhOTE4NWE0YWMxNWIyYWRlODc1ZmU5
N2I2ZjQ5MTAeFw0yNjA1MjYyMDM3MTlaFw0yNzA1MjUyMDQyMTlaMDMxMTAvBgNV
BAMTKDY5MEMxNzNFMjlCRTQwQ0MxREM0ODY2RTEwNzE1NTBEOTZGNTUxMjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDuuNQbzooRxcw4tF99OyFKwrBZ
qdYrScedpE2+NJy2UdfXGiRz8whDGMZBtdyJmSlpK1v7FUDU7cBoxnjm18qT0ZAp
5pTbEpn4ILUj6ENA1iG6ia98lecAWdV1446cgdOt73KssqqXOnKTtj7+lOuafSGc
sqCVmKe46ceBkD4PUsnISsdHDZXdmDZHAn5zHxrPzjzestrQMled8hETBLROM5eJ
bIKoCz+bvJy1E/Ernow5VHZm6BgdAc1pgjlXaZbYL1eEL5oZmdL8RAKOXIzlR3tF
eMiHBA1FtecmoYa7hQ8MGc66s5X7RvMgQ2OcIEoE1SLLKnOcyJ6Um2VnyzR9AgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQUaQwXPim+QMwdxIZuEHFVDZb1USgwHwYDVR0j
BBgwFoAUiM3ZwZPakYWkrBWyreh1/pe29JEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTZhZmYyMzQtNjFjNS00MjkwLThhNmQtNWYyYjkwMjcz
MjJmLzAvODhDREQ5QzE5M0RBOTE4NUE0QUMxNUIyQURFODc1RkU5N0I2RjQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNM1p3WlBha1lXa3JCV3lyZWgxX3Bl
MjlKRS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTZhZmYyMzQt
NjFjNS00MjkwLThhNmQtNWYyYjkwMjczMjJmLzAvMzI2MTMwNjQzYTYyMzIzODM3
M2E2NDY0MzAzMDNhM2EyZjM0MzAyZDM0MzAyMDNkM2UyMDMyMzEzNjMzMzAzOS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw
DgQCAAIwCAMGACoNsofdMA0GCSqGSIb3DQEBCwUAA4IBAQCxz2/mhhScTICH8VWh
J+9KeyJaI5up7m+aQ8LN31obzeYGlE9CJyLPxmZnDKib/4XQjlKWYhJCk2duYkJ7
xxGL19PWgF562Euj/ZuDLFgnK28azqHKECZFIrbhDpkHguxrfiwE234sHnuuYfWa
drWTheB6vpY5CIqFDNx7goG7A7DBoF25ChyqiZzQCj/f+RdIN4RRisMnvPegWOS7
8z2AEmcpX1/Cb+eLITK9nrktujybaawN5+uMtPkjVSHH0q2+bVLrgY/w/Dax61xm
z3Deo/EJ8oxn6fr2i4d7P2H9+C2ZZ1cL+zYDK8cT8sQQQlNynrAZMXiSRnqXbgrN
+/FY
-----END CERTIFICATE-----
Generated at Fri Jun 12 01:36:52 2026 by rpki-client