Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563373a313130303a3a2f34302d3438203d3e20323135343337.roa
File: 326131343a316563373a313130303a3a2f34302d3438203d3e20323135343337.roa (raw, json)
Hash identifier: GteUCmh41PQnI+LFn8535WZp6ulnCzD7jSzbqBKEqUE=
Subject key identifier: 9B:81:08:A4:B5:32:AF:65:D2:AD:B9:B8:43:82:31:7C:73:C1:FF:2C
Certificate issuer: /CN=3134ee987e08d8b5583feef621a03150c4f35434
Certificate serial: 32F68F5158DD5623E9669B540CD81DBDB77299DD
Authority key identifier: 31:34:EE:98:7E:08:D8:B5:58:3F:EE:F6:21:A0:31:50:C4:F3:54:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563373a313130303a3a2f34302d3438203d3e20323135343337.roa
Signing time: Thu 30 Apr 2026 20:55:51 +0000
ROA not before: Thu 30 Apr 2026 20:50:51 +0000
ROA not after: Thu 29 Apr 2027 20:55:51 +0000
asID: 215437
IP address blocks: 2a14:1ec7:1100::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.crl
rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.mft
rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 11:18:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:f6:8f:51:58:dd:56:23:e9:66:9b:54:0c:d8:1d:bd:b7:72:99:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3134ee987e08d8b5583feef621a03150c4f35434
Validity
Not Before: Apr 30 20:50:51 2026 GMT
Not After : Apr 29 20:55:51 2027 GMT
Subject: CN=9B8108A4B532AF65D2ADB9B84382317C73C1FF2C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:45:cc:8a:9c:74:df:61:d3:19:38:2f:c6:e1:
e6:22:88:23:99:1d:dc:e9:a4:f2:87:1f:1e:f6:f5:
12:e1:35:d8:a3:b9:e5:d7:d4:86:65:7b:87:fc:9f:
20:54:27:49:08:11:51:ee:c9:02:c7:5f:bd:fc:b6:
d0:63:4f:dc:b5:0e:58:e8:07:fa:0f:19:9d:14:86:
7f:c3:77:56:a6:27:06:c3:f0:c7:84:36:89:c5:c1:
c1:c5:03:a7:0e:67:26:61:f1:f5:f5:31:90:ca:a6:
8c:e0:6c:ad:db:90:fa:e5:e8:0b:43:a2:b1:5f:7b:
c6:17:e1:0e:3a:77:30:69:f8:66:cd:cb:b5:fc:0b:
ed:e5:c3:88:ae:16:ed:e2:fa:d9:c9:f4:5b:6f:fb:
c7:5d:98:ba:fb:64:3c:7e:f4:ca:d9:54:a8:27:77:
d6:5d:78:ce:1e:d2:11:cb:df:3a:3c:87:45:18:95:
db:13:77:4c:57:38:b2:a3:eb:32:2c:54:f6:b2:4c:
f6:d1:dd:06:df:b7:55:15:2f:75:2c:f4:74:01:36:
27:4b:82:cb:ac:ee:1d:e1:be:9e:dd:83:d7:d2:aa:
4d:36:57:16:33:c0:46:22:e9:8d:29:d1:3e:e2:ab:
e3:db:ff:f7:a1:43:3e:39:15:0c:3a:7b:5e:ae:c1:
bb:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:81:08:A4:B5:32:AF:65:D2:AD:B9:B8:43:82:31:7C:73:C1:FF:2C
X509v3 Authority Key Identifier:
keyid:31:34:EE:98:7E:08:D8:B5:58:3F:EE:F6:21:A0:31:50:C4:F3:54:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563373a313130303a3a2f34302d3438203d3e20323135343337.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:1ec7:1100::/40
Signature Algorithm: sha256WithRSAEncryption
79:58:a3:ec:94:df:27:c2:62:86:88:bc:e6:2d:02:2c:ef:08:
e8:1b:ec:73:77:41:f0:0f:da:f0:09:57:d8:1e:3e:10:ea:ac:
29:8c:5d:c6:ff:2a:ca:4c:4c:a8:ec:87:16:d2:9e:52:f9:29:
9e:09:0b:10:58:df:5b:94:64:45:de:52:46:80:f0:0d:d2:f6:
f9:06:36:07:9e:db:37:12:f0:54:59:94:fe:cd:93:c9:1b:6a:
28:b1:ce:1c:71:f1:99:82:36:dc:73:0b:6c:5e:2e:62:b1:c6:
05:ae:38:bf:3e:ef:8f:3f:a5:91:00:e3:f4:4a:e0:64:99:f7:
70:24:de:e4:ba:32:6b:62:e7:3c:00:e4:23:17:72:7f:6f:91:
2e:53:72:2a:68:cd:5d:67:04:01:68:e2:c3:56:b8:7f:2e:94:
b6:79:3c:29:0e:ff:12:d0:5c:65:83:93:e8:b3:19:cc:56:c9:
22:8e:6a:46:7c:cd:84:66:a9:14:54:c5:a5:ff:30:9b:3a:78:
a1:a1:f1:fc:76:88:37:1b:15:fe:70:b2:ce:95:ce:e7:05:20:
dc:6c:0c:7d:94:7f:55:4d:b7:ca:74:1b:1d:c1:28:87:a8:e5:
4c:f3:11:28:be:6e:4d:b9:f2:3c:04:86:e8:47:3a:d0:44:61:
5e:35:68:5c
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIUMvaPUVjdViPpZptUDNgdvbdymd0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzEzNGVlOTg3ZTA4ZDhiNTU4M2ZlZWY2MjFhMDMxNTBj
NGYzNTQzNDAeFw0yNjA0MzAyMDUwNTFaFw0yNzA0MjkyMDU1NTFaMDMxMTAvBgNV
BAMTKDlCODEwOEE0QjUzMkFGNjVEMkFEQjlCODQzODIzMTdDNzNDMUZGMkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPRcyKnHTfYdMZOC/G4eYiiCOZ
HdzppPKHHx729RLhNdijueXX1IZle4f8nyBUJ0kIEVHuyQLHX738ttBjT9y1Dljo
B/oPGZ0Uhn/Dd1amJwbD8MeENonFwcHFA6cOZyZh8fX1MZDKpozgbK3bkPrl6AtD
orFfe8YX4Q46dzBp+GbNy7X8C+3lw4iuFu3i+tnJ9Ftv+8ddmLr7ZDx+9MrZVKgn
d9ZdeM4e0hHL3zo8h0UYldsTd0xXOLKj6zIsVPayTPbR3Qbft1UVL3Us9HQBNidL
gsus7h3hvp7dg9fSqk02VxYzwEYi6Y0p0T7iq+Pb//ehQz45FQw6e16uwbtjAgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQUm4EIpLUyr2XSrbm4Q4IxfHPB/ywwHwYDVR0j
BBgwFoAUMTTumH4I2LVYP+72IaAxUMTzVDQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWEzYmI5M2YtOThhNC00YzdlLWEwZTEtODA1N2E0ZjA4
NmM5LzAvMzEzNEVFOTg3RTA4RDhCNTU4M0ZFRUY2MjFBMDMxNTBDNEYzNTQzNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL01UVHVtSDRJMkxWWVAtNzJJYUF4VU1U
elZEUS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWEzYmI5M2Yt
OThhNC00YzdlLWEwZTEtODA1N2E0ZjA4NmM5LzAvMzI2MTMxMzQzYTMxNjU2MzM3
M2EzMTMxMzAzMDNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDMyMzEzNTM0MzMzNy5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw
DgQCAAIwCAMGACoUHscRMA0GCSqGSIb3DQEBCwUAA4IBAQB5WKPslN8nwmKGiLzm
LQIs7wjoG+xzd0HwD9rwCVfYHj4Q6qwpjF3G/yrKTEyo7IcW0p5S+SmeCQsQWN9b
lGRF3lJGgPAN0vb5BjYHnts3EvBUWZT+zZPJG2oosc4ccfGZgjbccwtsXi5iscYF
rji/Pu+PP6WRAOP0SuBkmfdwJN7kujJrYuc8AOQjF3J/b5EuU3IqaM1dZwQBaOLD
Vrh/LpS2eTwpDv8S0Fxlg5PosxnMVskijmpGfM2EZqkUVMWl/zCbOnihofH8dog3
GxX+cLLOlc7nBSDcbAx9lH9VTbfKdBsdwSiHqOVM8xEovm5NufI8BIboRzrQRGFe
NWhc
-----END CERTIFICATE-----
Generated at Tue May 12 21:30:26 2026 by rpki-client