Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563373a313030303a3a2f33362d3438203d3e20323134343831.roa
File: 326131343a316563373a313030303a3a2f33362d3438203d3e20323134343831.roa (raw, json)
Hash identifier: 6sbDIpUdSHX0FTMOKlearYu/OQGfXVeJ+MaPKM9U7ig=
Subject key identifier: AA:A2:B0:15:20:DC:D1:29:8D:34:6A:D5:A0:53:DC:AA:06:7E:A4:72
Certificate issuer: /CN=3134ee987e08d8b5583feef621a03150c4f35434
Certificate serial: 724DA76CC8A4EED6DD98D916C27B1ABD06653C60
Authority key identifier: 31:34:EE:98:7E:08:D8:B5:58:3F:EE:F6:21:A0:31:50:C4:F3:54:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563373a313030303a3a2f33362d3438203d3e20323134343831.roa
Signing time: Thu 12 Mar 2026 18:55:50 +0000
ROA not before: Thu 12 Mar 2026 18:50:50 +0000
ROA not after: Thu 11 Mar 2027 18:55:50 +0000
asID: 214481
IP address blocks: 2a14:1ec7:1000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.crl
rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.mft
rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 01:10:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:4d:a7:6c:c8:a4:ee:d6:dd:98:d9:16:c2:7b:1a:bd:06:65:3c:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3134ee987e08d8b5583feef621a03150c4f35434
Validity
Not Before: Mar 12 18:50:50 2026 GMT
Not After : Mar 11 18:55:50 2027 GMT
Subject: CN=AAA2B01520DCD1298D346AD5A053DCAA067EA472
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:05:27:39:c1:92:1a:29:a7:6c:c8:9c:36:14:
25:e5:78:52:1c:84:32:2e:d6:22:86:7a:96:ea:97:
a7:9b:e7:cc:a3:1c:19:82:1e:44:71:7e:e7:d4:cb:
cb:37:d5:8a:f1:2a:1c:96:7b:63:2d:17:81:57:ad:
d7:b0:cb:67:25:7e:05:17:bf:80:e8:59:91:a2:c1:
e1:64:a3:94:20:37:67:5a:81:a6:94:3d:7d:16:7c:
72:a6:33:c7:8b:97:7b:0e:f9:6e:23:61:d0:25:e7:
25:b1:bc:95:47:cb:cf:83:8c:74:13:84:b6:01:a0:
cb:ec:71:1c:2a:f3:0d:3b:04:ee:77:8e:de:56:f0:
ec:ee:50:80:ea:49:88:49:b1:d4:8f:6d:79:c9:28:
0d:f5:cb:c7:31:fd:78:30:6b:2e:f4:4b:81:0c:e4:
f9:f7:f8:ac:f0:24:f8:31:70:46:2b:51:7d:fd:e7:
18:0f:b0:15:48:fc:fe:b9:11:62:a9:18:4c:ed:81:
b1:67:e9:e1:92:1b:4f:ab:31:51:05:65:a7:8b:e3:
48:48:f5:b0:58:c4:b0:8a:d9:a4:57:0d:ea:e6:eb:
12:53:ec:4d:20:a3:83:ce:5d:bb:80:6d:16:2a:58:
c3:1d:2b:95:3c:fb:f6:fb:ff:06:39:ca:e7:1a:85:
a3:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:A2:B0:15:20:DC:D1:29:8D:34:6A:D5:A0:53:DC:AA:06:7E:A4:72
X509v3 Authority Key Identifier:
keyid:31:34:EE:98:7E:08:D8:B5:58:3F:EE:F6:21:A0:31:50:C4:F3:54:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563373a313030303a3a2f33362d3438203d3e20323134343831.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:1ec7:1000::/36
Signature Algorithm: sha256WithRSAEncryption
72:3d:24:f6:2e:f6:fc:07:d2:09:49:4f:b9:42:6b:92:8a:5d:
59:f8:e2:7b:f1:bc:37:61:0b:71:64:75:20:81:4a:2b:58:b8:
82:13:80:c3:62:29:85:37:21:47:f9:bf:7f:bf:4c:5d:97:de:
76:16:3a:c6:cd:f7:7e:c1:22:b4:3a:18:e5:3b:05:f9:5d:7c:
de:c9:38:43:55:f7:2e:b1:fb:50:a2:04:d0:63:ad:3b:86:d3:
66:da:3d:1d:cc:37:1f:5b:fb:0e:30:62:9b:09:3f:5f:8c:07:
ec:50:d0:62:72:c7:19:e4:99:8d:67:16:fe:73:d1:e5:8b:b1:
3e:18:7c:15:b4:70:1f:6f:39:ac:92:7f:83:fc:28:1d:f4:68:
e3:6d:ad:6a:9c:9c:c1:e2:2f:a6:c3:c6:0e:4c:b4:dd:32:13:
32:29:0e:ee:b2:86:8c:a8:f4:d0:74:33:35:93:ab:ba:e1:5f:
03:06:c8:30:33:5a:7e:84:a3:53:f6:b3:f2:64:a1:ee:03:d7:
62:95:84:dc:56:43:66:f6:9a:43:06:ec:e1:2e:18:b0:8c:1b:
bb:9b:52:ea:2c:75:52:0d:31:70:61:b1:54:c9:94:b0:15:a7:
04:f3:c7:01:37:43:84:05:7c:45:1b:3d:f9:37:a9:92:8f:11:
f6:71:99:e9
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIUck2nbMik7tbdmNkWwnsavQZlPGAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzEzNGVlOTg3ZTA4ZDhiNTU4M2ZlZWY2MjFhMDMxNTBj
NGYzNTQzNDAeFw0yNjAzMTIxODUwNTBaFw0yNzAzMTExODU1NTBaMDMxMTAvBgNV
BAMTKEFBQTJCMDE1MjBEQ0QxMjk4RDM0NkFENUEwNTNEQ0FBMDY3RUE0NzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrBSc5wZIaKadsyJw2FCXleFIc
hDIu1iKGepbql6eb58yjHBmCHkRxfufUy8s31YrxKhyWe2MtF4FXrdewy2clfgUX
v4DoWZGiweFko5QgN2dagaaUPX0WfHKmM8eLl3sO+W4jYdAl5yWxvJVHy8+DjHQT
hLYBoMvscRwq8w07BO53jt5W8OzuUIDqSYhJsdSPbXnJKA31y8cx/Xgway70S4EM
5Pn3+KzwJPgxcEYrUX395xgPsBVI/P65EWKpGEztgbFn6eGSG0+rMVEFZaeL40hI
9bBYxLCK2aRXDerm6xJT7E0go4POXbuAbRYqWMMdK5U8+/b7/wY5yucahaPbAgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQUqqKwFSDc0SmNNGrVoFPcqgZ+pHIwHwYDVR0j
BBgwFoAUMTTumH4I2LVYP+72IaAxUMTzVDQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWEzYmI5M2YtOThhNC00YzdlLWEwZTEtODA1N2E0ZjA4
NmM5LzAvMzEzNEVFOTg3RTA4RDhCNTU4M0ZFRUY2MjFBMDMxNTBDNEYzNTQzNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL01UVHVtSDRJMkxWWVAtNzJJYUF4VU1U
elZEUS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWEzYmI5M2Yt
OThhNC00YzdlLWEwZTEtODA1N2E0ZjA4NmM5LzAvMzI2MTMxMzQzYTMxNjU2MzM3
M2EzMTMwMzAzMDNhM2EyZjMzMzYyZDM0MzgyMDNkM2UyMDMyMzEzNDM0MzgzMS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw
DgQCAAIwCAMGBCoUHscQMA0GCSqGSIb3DQEBCwUAA4IBAQByPST2Lvb8B9IJSU+5
QmuSil1Z+OJ78bw3YQtxZHUggUorWLiCE4DDYimFNyFH+b9/v0xdl952FjrGzfd+
wSK0OhjlOwX5XXzeyThDVfcusftQogTQY607htNm2j0dzDcfW/sOMGKbCT9fjAfs
UNBicscZ5JmNZxb+c9Hli7E+GHwVtHAfbzmskn+D/Cgd9Gjjba1qnJzB4i+mw8YO
TLTdMhMyKQ7usoaMqPTQdDM1k6u64V8DBsgwM1p+hKNT9rPyZKHuA9dilYTcVkNm
9ppDBuzhLhiwjBu7m1LqLHVSDTFwYbFUyZSwFacE88cBN0OEBXxFGz35N6mSjxH2
cZnp
-----END CERTIFICATE-----
Generated at Thu Mar 26 19:30:06 2026 by rpki-client