Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563373a663430303a3a2f34302d3438203d3e203434373333.roa
File: 326131343a316563373a663430303a3a2f34302d3438203d3e203434373333.roa (raw, json)
Hash identifier: /e7JbqDKs1BolEyNEn2f2Nh4o1S2AbFtxsYtwSW1PKE=
Subject key identifier: AF:78:B8:8D:F5:4C:35:D7:C4:B2:C1:CE:2C:C4:6E:AC:19:64:76:CE
Certificate issuer: /CN=3134ee987e08d8b5583feef621a03150c4f35434
Certificate serial: 7E8C09CBB1617309DE9BD4C9D9015596375BF429
Authority key identifier: 31:34:EE:98:7E:08:D8:B5:58:3F:EE:F6:21:A0:31:50:C4:F3:54:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563373a663430303a3a2f34302d3438203d3e203434373333.roa
Signing time: Wed 22 Apr 2026 08:36:52 +0000
ROA not before: Wed 22 Apr 2026 08:31:52 +0000
ROA not after: Wed 21 Apr 2027 08:36:52 +0000
asID: 44733
IP address blocks: 2a14:1ec7:f400::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.crl
rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.mft
rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 11:18:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:8c:09:cb:b1:61:73:09:de:9b:d4:c9:d9:01:55:96:37:5b:f4:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3134ee987e08d8b5583feef621a03150c4f35434
Validity
Not Before: Apr 22 08:31:52 2026 GMT
Not After : Apr 21 08:36:52 2027 GMT
Subject: CN=AF78B88DF54C35D7C4B2C1CE2CC46EAC196476CE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:5a:a6:2f:48:92:64:a8:65:05:b0:a6:cc:30:
a9:2e:c9:10:d3:26:e0:d2:d7:4b:c6:5c:b2:12:3c:
33:c8:07:cf:90:87:4e:74:84:cc:ad:ff:68:dd:02:
ca:f1:90:9e:b2:42:6a:39:92:d6:9f:44:d0:3d:c2:
b5:62:e8:be:64:a3:60:59:f7:b8:2f:77:b8:0b:4b:
36:42:d4:7d:47:8d:cf:23:04:24:99:2f:35:c2:b1:
27:16:66:24:be:b9:ea:73:dc:19:9b:0d:41:a4:4b:
02:c6:e5:56:1f:48:9f:5f:4b:c8:d0:a4:88:92:be:
f7:f4:85:6b:1e:33:d4:29:e6:9a:3b:03:7e:9c:7a:
d7:c7:98:e0:a3:a6:00:e3:96:92:1c:f3:fa:fb:54:
0b:47:61:96:d1:e4:a8:7a:4a:df:5d:d4:e0:0b:65:
c0:99:8a:4e:6c:05:dd:5b:14:c0:02:d4:cd:77:ce:
49:58:a8:c3:b8:6b:ad:48:80:43:e4:d2:9d:62:48:
02:64:21:61:c1:05:62:35:97:d2:32:42:02:1c:c4:
d8:c7:45:2c:37:f2:b3:8c:0f:c7:e3:a7:c8:9d:94:
ce:a6:5c:12:07:1d:a1:f4:a3:3b:d0:6e:25:93:49:
81:b6:bc:90:1a:80:e5:fc:5f:23:ba:3e:26:54:e6:
c3:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:78:B8:8D:F5:4C:35:D7:C4:B2:C1:CE:2C:C4:6E:AC:19:64:76:CE
X509v3 Authority Key Identifier:
keyid:31:34:EE:98:7E:08:D8:B5:58:3F:EE:F6:21:A0:31:50:C4:F3:54:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563373a663430303a3a2f34302d3438203d3e203434373333.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:1ec7:f400::/40
Signature Algorithm: sha256WithRSAEncryption
22:b8:f1:2e:07:bc:37:0a:06:03:08:dc:b4:9d:eb:ae:57:01:
dd:2a:cd:12:90:58:8b:ea:85:65:d5:0b:a9:c0:f5:31:3b:13:
1e:7b:65:70:2a:bf:c9:0a:54:fa:50:da:43:39:92:8a:c0:46:
31:0b:0b:7f:dd:75:ae:4e:b0:51:3e:97:a7:e5:32:9b:4d:fa:
ce:c3:96:b4:27:4f:7b:6f:89:60:62:9c:9a:bd:34:c8:ba:f2:
27:f7:88:85:f6:43:05:13:85:9b:f3:e2:07:c8:9c:c7:5b:0f:
42:16:be:fc:55:68:7d:a4:be:5e:9e:68:f0:b0:d5:95:62:44:
04:47:fc:a5:42:1a:78:f9:1b:1b:6f:1e:60:94:2a:ce:e3:da:
0e:f4:36:be:9d:8e:db:c2:da:b8:91:c9:b3:e7:25:30:d0:18:
ce:8a:d3:67:42:92:b1:8a:15:b1:16:62:af:25:73:0e:1e:c0:
31:43:ab:d6:0e:ba:25:84:bc:62:29:6b:0b:20:f0:79:18:a1:
0c:e4:8a:4d:17:de:2e:bb:a6:07:91:0f:14:79:6c:02:d5:1d:
31:1b:a4:ba:e7:cb:52:d1:3e:95:f7:dd:b0:42:bd:25:03:b4:
be:77:aa:76:f3:d5:ef:65:7a:31:ec:f5:27:c8:c8:03:78:81:
47:13:cd:47
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIUfowJy7Fhcwnem9TJ2QFVljdb9CkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzEzNGVlOTg3ZTA4ZDhiNTU4M2ZlZWY2MjFhMDMxNTBj
NGYzNTQzNDAeFw0yNjA0MjIwODMxNTJaFw0yNzA0MjEwODM2NTJaMDMxMTAvBgNV
BAMTKEFGNzhCODhERjU0QzM1RDdDNEIyQzFDRTJDQzQ2RUFDMTk2NDc2Q0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLWqYvSJJkqGUFsKbMMKkuyRDT
JuDS10vGXLISPDPIB8+Qh050hMyt/2jdAsrxkJ6yQmo5ktafRNA9wrVi6L5ko2BZ
97gvd7gLSzZC1H1Hjc8jBCSZLzXCsScWZiS+uepz3BmbDUGkSwLG5VYfSJ9fS8jQ
pIiSvvf0hWseM9Qp5po7A36cetfHmOCjpgDjlpIc8/r7VAtHYZbR5Kh6St9d1OAL
ZcCZik5sBd1bFMAC1M13zklYqMO4a61IgEPk0p1iSAJkIWHBBWI1l9IyQgIcxNjH
RSw38rOMD8fjp8idlM6mXBIHHaH0ozvQbiWTSYG2vJAagOX8XyO6PiZU5sPBAgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQUr3i4jfVMNdfEssHOLMRurBlkds4wHwYDVR0j
BBgwFoAUMTTumH4I2LVYP+72IaAxUMTzVDQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWEzYmI5M2YtOThhNC00YzdlLWEwZTEtODA1N2E0ZjA4
NmM5LzAvMzEzNEVFOTg3RTA4RDhCNTU4M0ZFRUY2MjFBMDMxNTBDNEYzNTQzNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL01UVHVtSDRJMkxWWVAtNzJJYUF4VU1U
elZEUS5jZXIwgbUGCCsGAQUFBwELBIGoMIGlMIGiBggrBgEFBQcwC4aBlXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWEzYmI5M2Yt
OThhNC00YzdlLWEwZTEtODA1N2E0ZjA4NmM5LzAvMzI2MTMxMzQzYTMxNjU2MzM3
M2E2NjM0MzAzMDNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDM0MzQzNzMzMzMucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4E
AgACMAgDBgAqFB7H9DANBgkqhkiG9w0BAQsFAAOCAQEAIrjxLge8NwoGAwjctJ3r
rlcB3SrNEpBYi+qFZdULqcD1MTsTHntlcCq/yQpU+lDaQzmSisBGMQsLf911rk6w
UT6Xp+Uym036zsOWtCdPe2+JYGKcmr00yLryJ/eIhfZDBROFm/PiB8icx1sPQha+
/FVofaS+Xp5o8LDVlWJEBEf8pUIaePkbG28eYJQqzuPaDvQ2vp2O28LauJHJs+cl
MNAYzorTZ0KSsYoVsRZiryVzDh7AMUOr1g66JYS8YilrCyDweRihDOSKTRfeLrum
B5EPFHlsAtUdMRukuufLUtE+lffdsEK9JQO0vneqdvPV72V6Mez1J8jIA3iBRxPN
Rw==
-----END CERTIFICATE-----
Generated at Tue May 12 21:27:49 2026 by rpki-client