Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/326130643a623238373a656230303a3a2f34302d3430203d3e20323133373039.roa
File: 326130643a623238373a656230303a3a2f34302d3430203d3e20323133373039.roa (raw, json)
Hash identifier: c/O7QOCGP6dZWdMg85nw8EMYpXMSqcsPpnlxKsXEJxg=
Subject key identifier: 56:1E:D5:BD:67:80:6D:1F:0E:03:EA:24:80:8E:86:59:5B:AB:12:1C
Certificate issuer: /CN=88cdd9c193da9185a4ac15b2ade875fe97b6f491
Certificate serial: 0DF08AD10010BEA989D00B3A00A795D9C9CB784A
Authority key identifier: 88:CD:D9:C1:93:DA:91:85:A4:AC:15:B2:AD:E8:75:FE:97:B6:F4:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iM3ZwZPakYWkrBWyreh1_pe29JE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/326130643a623238373a656230303a3a2f34302d3430203d3e20323133373039.roa
Signing time: Mon 20 Apr 2026 14:42:18 +0000
ROA not before: Mon 20 Apr 2026 14:37:18 +0000
ROA not after: Mon 19 Apr 2027 14:42:18 +0000
asID: 213709
IP address blocks: 2a0d:b287:eb00::/40 maxlen: 40
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/88CDD9C193DA9185A4AC15B2ADE875FE97B6F491.crl
rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/88CDD9C193DA9185A4AC15B2ADE875FE97B6F491.mft
rsync://rpki.ripe.net/repository/DEFAULT/iM3ZwZPakYWkrBWyreh1_pe29JE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 03:24:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:f0:8a:d1:00:10:be:a9:89:d0:0b:3a:00:a7:95:d9:c9:cb:78:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88cdd9c193da9185a4ac15b2ade875fe97b6f491
Validity
Not Before: Apr 20 14:37:18 2026 GMT
Not After : Apr 19 14:42:18 2027 GMT
Subject: CN=561ED5BD67806D1F0E03EA24808E86595BAB121C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:b6:17:04:de:bd:a7:64:26:ce:de:99:cf:20:
15:a3:b8:fd:b5:e6:bb:c5:ba:f5:13:2f:96:b2:11:
f7:52:79:80:bd:7f:90:1f:72:c4:8a:ba:38:60:9d:
ac:c7:9f:69:91:64:9b:56:fe:7f:63:53:6a:25:65:
cc:a6:6c:97:79:b5:88:67:15:41:02:25:7b:29:c3:
34:a8:75:90:3b:9c:fb:3e:60:e4:41:d4:ef:0c:1b:
50:e0:07:66:01:6e:c7:4b:fd:6a:21:c2:2a:94:51:
bc:e5:85:b3:7e:a2:74:12:41:49:87:2e:61:f4:98:
1b:d1:39:e8:e1:3b:d5:a0:84:f1:94:ad:96:5e:5b:
21:2d:eb:cf:47:40:8c:63:8e:2a:7e:64:97:83:f0:
50:ca:cc:25:8b:d8:e6:45:ce:d5:4f:85:59:3e:ba:
d8:69:3c:07:71:ea:d5:be:bb:9e:b1:e2:74:83:5a:
14:5f:c9:f9:df:09:fd:db:ff:13:fd:9d:a4:b4:b4:
ae:67:fc:2e:8c:24:0e:4d:0d:42:65:9b:a5:46:66:
6a:82:96:79:2c:a7:b1:49:1f:88:ce:cf:ca:55:03:
9a:16:a6:01:95:a2:93:f8:e0:50:93:2f:53:13:85:
b8:b1:4d:e3:ef:8c:2a:a2:28:6f:ac:4d:8f:4f:c5:
dc:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:1E:D5:BD:67:80:6D:1F:0E:03:EA:24:80:8E:86:59:5B:AB:12:1C
X509v3 Authority Key Identifier:
keyid:88:CD:D9:C1:93:DA:91:85:A4:AC:15:B2:AD:E8:75:FE:97:B6:F4:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/88CDD9C193DA9185A4AC15B2ADE875FE97B6F491.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iM3ZwZPakYWkrBWyreh1_pe29JE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/326130643a623238373a656230303a3a2f34302d3430203d3e20323133373039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:b287:eb00::/40
Signature Algorithm: sha256WithRSAEncryption
75:43:db:29:8d:82:23:a5:76:91:cf:e2:45:d0:68:ae:42:d2:
e8:ee:f1:3e:a4:b3:0d:b7:89:40:60:7e:da:51:14:63:ab:01:
c0:36:35:90:d5:72:00:44:d6:14:6e:e8:e3:cf:8a:af:01:c6:
5f:c5:e4:cc:0d:dd:5f:0f:d4:4d:21:c7:08:02:71:56:0e:52:
7c:7f:55:6f:fe:52:5a:48:13:72:8d:93:6b:d8:0d:c5:54:cb:
23:4d:4c:ab:7b:79:f7:30:d6:3a:32:06:90:77:bd:7c:08:20:
b6:09:72:48:10:2d:b7:29:9c:5f:dd:0b:ae:57:cd:2b:c0:13:
1f:41:0e:e4:d9:cb:ff:2a:76:30:94:94:d5:e2:ca:69:49:98:
61:d6:bf:11:54:d4:c9:11:dd:95:7f:98:03:d0:e8:03:98:63:
40:de:7f:ef:f8:80:17:0c:b5:35:55:8e:96:69:4c:1e:b8:71:
5b:7c:d6:6c:76:a5:2e:42:75:ca:57:8c:4c:fb:f3:ed:c0:d9:
54:5e:13:73:8c:03:5a:d1:88:ac:48:43:8f:1b:82:01:c0:d9:
cd:b1:d8:48:44:eb:4b:71:43:e8:73:41:44:67:23:15:bb:20:
00:5f:a6:7e:70:39:87:3f:a7:0f:3e:da:84:04:c4:91:17:c9:
7a:86:5e:02
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIUDfCK0QAQvqmJ0As6AKeV2cnLeEowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjZGQ5YzE5M2RhOTE4NWE0YWMxNWIyYWRlODc1ZmU5
N2I2ZjQ5MTAeFw0yNjA0MjAxNDM3MThaFw0yNzA0MTkxNDQyMThaMDMxMTAvBgNV
BAMTKDU2MUVENUJENjc4MDZEMUYwRTAzRUEyNDgwOEU4NjU5NUJBQjEyMUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCythcE3r2nZCbO3pnPIBWjuP21
5rvFuvUTL5ayEfdSeYC9f5AfcsSKujhgnazHn2mRZJtW/n9jU2olZcymbJd5tYhn
FUECJXspwzSodZA7nPs+YORB1O8MG1DgB2YBbsdL/WohwiqUUbzlhbN+onQSQUmH
LmH0mBvROejhO9WghPGUrZZeWyEt689HQIxjjip+ZJeD8FDKzCWL2OZFztVPhVk+
uthpPAdx6tW+u56x4nSDWhRfyfnfCf3b/xP9naS0tK5n/C6MJA5NDUJlm6VGZmqC
lnksp7FJH4jOz8pVA5oWpgGVopP44FCTL1MThbixTePvjCqiKG+sTY9PxdzpAgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQUVh7VvWeAbR8OA+okgI6GWVurEhwwHwYDVR0j
BBgwFoAUiM3ZwZPakYWkrBWyreh1/pe29JEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTZhZmYyMzQtNjFjNS00MjkwLThhNmQtNWYyYjkwMjcz
MjJmLzAvODhDREQ5QzE5M0RBOTE4NUE0QUMxNUIyQURFODc1RkU5N0I2RjQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNM1p3WlBha1lXa3JCV3lyZWgxX3Bl
MjlKRS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTZhZmYyMzQt
NjFjNS00MjkwLThhNmQtNWYyYjkwMjczMjJmLzAvMzI2MTMwNjQzYTYyMzIzODM3
M2E2NTYyMzAzMDNhM2EyZjM0MzAyZDM0MzAyMDNkM2UyMDMyMzEzMzM3MzAzOS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw
DgQCAAIwCAMGACoNsofrMA0GCSqGSIb3DQEBCwUAA4IBAQB1Q9spjYIjpXaRz+JF
0GiuQtLo7vE+pLMNt4lAYH7aURRjqwHANjWQ1XIARNYUbujjz4qvAcZfxeTMDd1f
D9RNIccIAnFWDlJ8f1Vv/lJaSBNyjZNr2A3FVMsjTUyre3n3MNY6MgaQd718CCC2
CXJIEC23KZxf3QuuV80rwBMfQQ7k2cv/KnYwlJTV4sppSZhh1r8RVNTJEd2Vf5gD
0OgDmGNA3n/v+IAXDLU1VY6WaUweuHFbfNZsdqUuQnXKV4xM+/PtwNlUXhNzjANa
0YisSEOPG4IBwNnNsdhIROtLcUPoc0FEZyMVuyAAX6Z+cDmHP6cPPtqEBMSRF8l6
hl4C
-----END CERTIFICATE-----
Generated at Mon Apr 27 16:05:52 2026 by rpki-client