Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/326130643a623238373a653966663a3a2f34382d3438203d3e20323038373533.roa
File: 326130643a623238373a653966663a3a2f34382d3438203d3e20323038373533.roa (raw, json)
Hash identifier: jCFWapAcSAL9ciWMikQNoNWJEA+G6RFzEYAyKbOa3n0=
Subject key identifier: DF:D2:FF:76:B9:43:CD:29:2C:39:47:2A:92:04:92:F3:39:FC:DD:35
Certificate issuer: /CN=88cdd9c193da9185a4ac15b2ade875fe97b6f491
Certificate serial: 27ADE4B3680E596B81D315108569C5520B3E92A9
Authority key identifier: 88:CD:D9:C1:93:DA:91:85:A4:AC:15:B2:AD:E8:75:FE:97:B6:F4:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iM3ZwZPakYWkrBWyreh1_pe29JE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/326130643a623238373a653966663a3a2f34382d3438203d3e20323038373533.roa
Signing time: Tue 03 Mar 2026 20:39:56 +0000
ROA not before: Tue 03 Mar 2026 20:34:56 +0000
ROA not after: Tue 02 Mar 2027 20:39:56 +0000
asID: 208753
IP address blocks: 2a0d:b287:e9ff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/88CDD9C193DA9185A4AC15B2ADE875FE97B6F491.crl
rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/88CDD9C193DA9185A4AC15B2ADE875FE97B6F491.mft
rsync://rpki.ripe.net/repository/DEFAULT/iM3ZwZPakYWkrBWyreh1_pe29JE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 13 Mar 2026 01:21:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:ad:e4:b3:68:0e:59:6b:81:d3:15:10:85:69:c5:52:0b:3e:92:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88cdd9c193da9185a4ac15b2ade875fe97b6f491
Validity
Not Before: Mar 3 20:34:56 2026 GMT
Not After : Mar 2 20:39:56 2027 GMT
Subject: CN=DFD2FF76B943CD292C39472A920492F339FCDD35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:8f:29:b2:53:38:ae:14:7c:65:32:bd:8b:2c:
b6:4b:d7:ba:1d:27:a6:1e:9d:d6:17:b6:75:a8:1e:
86:2c:d3:30:0b:e0:0a:99:ee:03:5f:49:8b:a0:ce:
e0:78:a0:7d:31:94:68:d8:ca:84:46:5d:f4:14:3c:
8c:a4:77:d8:8e:ef:46:56:0b:12:0a:d9:8b:c8:11:
e9:4c:68:38:33:c7:80:26:90:01:c2:c6:fa:3b:38:
66:94:4c:6d:83:41:f2:f2:a3:5f:43:b7:b5:ae:09:
36:d5:f6:53:59:75:5a:f7:61:1a:d6:95:86:5b:b8:
92:93:87:5e:bb:17:83:14:10:9a:84:ab:2d:fd:26:
63:41:97:c5:b2:97:0d:c6:62:b1:b8:d2:52:fd:49:
69:8f:af:11:bc:37:ea:01:bc:74:ee:ae:39:22:6d:
ae:27:5f:e9:a6:06:c2:4d:1b:ca:11:20:e1:a1:58:
35:38:c8:53:32:34:34:9b:64:6c:3c:21:44:2b:98:
81:3e:92:3a:cb:d2:7c:47:4b:3b:94:a5:9b:d7:05:
89:80:5c:e3:8a:0e:3c:04:82:77:4d:95:1f:12:19:
18:62:1d:25:ad:b6:c4:e2:90:fa:79:56:6b:60:b1:
14:78:59:71:ec:1a:57:b8:74:0d:c1:31:1f:e8:1a:
68:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:D2:FF:76:B9:43:CD:29:2C:39:47:2A:92:04:92:F3:39:FC:DD:35
X509v3 Authority Key Identifier:
keyid:88:CD:D9:C1:93:DA:91:85:A4:AC:15:B2:AD:E8:75:FE:97:B6:F4:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/88CDD9C193DA9185A4AC15B2ADE875FE97B6F491.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iM3ZwZPakYWkrBWyreh1_pe29JE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/326130643a623238373a653966663a3a2f34382d3438203d3e20323038373533.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:b287:e9ff::/48
Signature Algorithm: sha256WithRSAEncryption
80:79:b2:e5:42:b1:a8:24:43:b0:fa:6d:53:20:84:6c:d3:a7:
1f:07:42:76:dc:57:2b:f2:7c:67:1d:63:79:fc:fd:7f:5c:34:
7c:c3:d6:46:c2:5c:09:be:89:ae:0f:39:86:51:50:69:2f:53:
4a:59:b6:37:52:1b:d1:99:de:de:d1:2c:81:e0:08:b4:52:b3:
56:ff:f7:97:9d:42:01:7e:b2:63:1a:77:dd:14:f8:79:3c:25:
8c:bd:a0:c2:18:a0:89:9b:78:68:c6:30:91:b3:39:1e:39:03:
09:74:43:01:38:45:75:db:55:32:c2:d8:55:a5:62:90:5f:cc:
1c:43:6a:dd:d1:79:cb:67:00:fc:30:34:c0:37:fb:f2:b3:42:
b4:55:a5:2b:b1:99:96:71:3d:ad:96:3c:7d:9b:86:25:5e:3c:
e0:4f:e0:6b:09:d5:cf:44:8a:01:0f:3d:54:6e:06:68:12:23:
42:47:fd:f9:6e:ef:ca:80:24:16:72:d4:a0:43:6a:cd:ee:6e:
77:c3:39:c7:32:75:dc:af:78:6f:e4:69:8b:5e:6e:9f:52:54:
42:1f:76:e4:0d:52:46:bd:53:66:77:ea:a9:41:8c:f5:5b:2b:
0c:42:d2:58:99:08:82:a4:b1:5f:f4:f0:4c:43:a6:97:5a:d2:
9a:74:d7:ea
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUJ63ks2gOWWuB0xUQhWnFUgs+kqkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjZGQ5YzE5M2RhOTE4NWE0YWMxNWIyYWRlODc1ZmU5
N2I2ZjQ5MTAeFw0yNjAzMDMyMDM0NTZaFw0yNzAzMDIyMDM5NTZaMDMxMTAvBgNV
BAMTKERGRDJGRjc2Qjk0M0NEMjkyQzM5NDcyQTkyMDQ5MkYzMzlGQ0REMzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2jymyUziuFHxlMr2LLLZL17od
J6YendYXtnWoHoYs0zAL4AqZ7gNfSYugzuB4oH0xlGjYyoRGXfQUPIykd9iO70ZW
CxIK2YvIEelMaDgzx4AmkAHCxvo7OGaUTG2DQfLyo19Dt7WuCTbV9lNZdVr3YRrW
lYZbuJKTh167F4MUEJqEqy39JmNBl8Wylw3GYrG40lL9SWmPrxG8N+oBvHTurjki
ba4nX+mmBsJNG8oRIOGhWDU4yFMyNDSbZGw8IUQrmIE+kjrL0nxHSzuUpZvXBYmA
XOOKDjwEgndNlR8SGRhiHSWttsTikPp5VmtgsRR4WXHsGle4dA3BMR/oGmiBAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQU39L/drlDzSksOUcqkgSS8zn83TUwHwYDVR0j
BBgwFoAUiM3ZwZPakYWkrBWyreh1/pe29JEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTZhZmYyMzQtNjFjNS00MjkwLThhNmQtNWYyYjkwMjcz
MjJmLzAvODhDREQ5QzE5M0RBOTE4NUE0QUMxNUIyQURFODc1RkU5N0I2RjQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNM1p3WlBha1lXa3JCV3lyZWgxX3Bl
MjlKRS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTZhZmYyMzQt
NjFjNS00MjkwLThhNmQtNWYyYjkwMjczMjJmLzAvMzI2MTMwNjQzYTYyMzIzODM3
M2E2NTM5NjY2NjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAzODM3MzUzMy5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoNsofp/zANBgkqhkiG9w0BAQsFAAOCAQEAgHmy5UKxqCRDsPpt
UyCEbNOnHwdCdtxXK/J8Zx1jefz9f1w0fMPWRsJcCb6Jrg85hlFQaS9TSlm2N1Ib
0Zne3tEsgeAItFKzVv/3l51CAX6yYxp33RT4eTwljL2gwhigiZt4aMYwkbM5HjkD
CXRDAThFddtVMsLYVaVikF/MHENq3dF5y2cA/DA0wDf78rNCtFWlK7GZlnE9rZY8
fZuGJV484E/gawnVz0SKAQ89VG4GaBIjQkf9+W7vyoAkFnLUoENqze5ud8M5xzJ1
3K94b+Rpi15un1JUQh925A1SRr1TZnfqqUGM9VsrDELSWJkIgqSxX/TwTEOml1rS
mnTX6g==
-----END CERTIFICATE-----
Generated at Thu Mar 12 18:20:16 2026 by rpki-client