Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563373a666661303a3a2f34382d3438203d3e20323133353135.roa
File: 326131343a316563373a666661303a3a2f34382d3438203d3e20323133353135.roa (raw, json)
Hash identifier: xZUrImBqLTyDeR72wpVM4lsAOoGQUUCtTTKhcbIof5E=
Subject key identifier: CC:29:B6:4A:ED:B3:35:C2:EB:A3:5F:D6:40:A6:30:C7:2C:5D:99:85
Certificate issuer: /CN=3134ee987e08d8b5583feef621a03150c4f35434
Certificate serial: 7258AC6B9BB05C4D539EC8361807DE6CE7706D34
Authority key identifier: 31:34:EE:98:7E:08:D8:B5:58:3F:EE:F6:21:A0:31:50:C4:F3:54:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563373a666661303a3a2f34382d3438203d3e20323133353135.roa
Signing time: Thu 12 Mar 2026 20:55:50 +0000
ROA not before: Thu 12 Mar 2026 20:50:50 +0000
ROA not after: Thu 11 Mar 2027 20:55:50 +0000
asID: 213515
IP address blocks: 2a14:1ec7:ffa0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.crl
rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.mft
rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:58:ac:6b:9b:b0:5c:4d:53:9e:c8:36:18:07:de:6c:e7:70:6d:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3134ee987e08d8b5583feef621a03150c4f35434
Validity
Not Before: Mar 12 20:50:50 2026 GMT
Not After : Mar 11 20:55:50 2027 GMT
Subject: CN=CC29B64AEDB335C2EBA35FD640A630C72C5D9985
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:46:9f:e9:49:34:27:2a:4f:66:b1:36:fa:9d:
ce:9b:10:37:e8:01:17:2e:32:73:5c:b1:7f:24:6d:
7f:3c:96:16:fa:dd:f7:65:77:6e:19:39:2a:62:aa:
f0:1f:db:cd:65:4d:4c:ef:f3:4a:0d:be:55:26:6b:
4e:f2:84:e1:fd:df:ea:fc:77:dc:38:7b:4f:c3:e7:
26:8f:3f:b7:63:0c:0c:28:ef:64:0b:36:49:8c:52:
5d:66:11:06:52:77:61:3d:58:f9:91:c6:ad:da:73:
72:64:46:d3:29:a9:ba:70:28:98:6d:e2:74:e1:6f:
93:5a:e9:23:92:82:9b:07:45:e0:bf:8d:b2:a5:57:
f5:f8:09:03:30:22:6b:f4:b8:24:a8:55:d5:34:a3:
2c:2c:ae:47:21:37:89:db:12:60:57:8c:ae:c0:f1:
4b:80:02:c7:53:a8:62:f3:e7:af:f1:1c:95:d4:da:
8d:df:96:98:ea:0c:5f:9e:a1:5e:97:30:9b:46:d9:
00:0c:6e:40:2a:7d:7f:08:a1:33:f6:aa:43:35:07:
2b:01:06:5c:3f:fd:f1:04:27:3a:e1:d1:c7:c2:ee:
94:af:69:f6:2e:00:72:0d:57:2a:bd:51:ea:48:66:
6d:a4:d4:e0:be:10:b2:06:95:90:db:fb:80:5c:14:
e2:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:29:B6:4A:ED:B3:35:C2:EB:A3:5F:D6:40:A6:30:C7:2C:5D:99:85
X509v3 Authority Key Identifier:
keyid:31:34:EE:98:7E:08:D8:B5:58:3F:EE:F6:21:A0:31:50:C4:F3:54:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563373a666661303a3a2f34382d3438203d3e20323133353135.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:1ec7:ffa0::/48
Signature Algorithm: sha256WithRSAEncryption
87:01:66:ae:1d:9d:f2:e7:44:b8:be:3c:c4:60:12:08:54:2c:
a3:64:7e:4c:5d:d3:88:c6:39:36:97:3d:eb:0c:7c:4f:a2:92:
ad:39:6e:54:05:5c:c0:83:a9:c2:fe:e7:70:41:94:2c:04:a9:
13:f4:2d:05:9f:a3:39:78:6a:1c:98:f7:2a:ec:4a:ed:df:cb:
06:00:cf:cf:45:c5:19:ae:c6:0d:26:0c:ba:c0:4c:c0:18:71:
fc:f2:c1:1b:ff:f0:e4:b8:2b:47:eb:2f:c5:e0:41:1b:55:67:
7e:30:65:d6:1c:cf:5c:a6:f8:2d:c3:73:7f:b0:7e:3f:5b:10:
d0:fe:39:6c:f2:86:d8:de:9b:4c:57:24:a0:b5:ed:91:07:c1:
74:49:ee:fe:d7:8f:48:38:0c:9c:a2:77:54:b3:42:c1:dc:80:
1d:44:8b:d3:09:b9:1e:2d:af:f1:08:c7:78:6f:8a:ca:3e:62:
ef:bc:01:6f:0f:30:9a:19:61:b1:6f:c9:b6:f2:6d:cf:95:d1:
3e:e3:36:36:1c:ef:a4:1d:97:00:67:75:58:79:72:30:c3:ab:
88:2c:97:c0:83:45:2a:ed:6f:9d:93:fe:82:83:d6:0f:dd:7d:
dc:f8:ea:a6:7e:3d:3f:9f:ef:be:e5:bc:3c:e8:11:9e:27:74:
1e:4f:25:35
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUclisa5uwXE1Tnsg2GAfebOdwbTQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzEzNGVlOTg3ZTA4ZDhiNTU4M2ZlZWY2MjFhMDMxNTBj
NGYzNTQzNDAeFw0yNjAzMTIyMDUwNTBaFw0yNzAzMTEyMDU1NTBaMDMxMTAvBgNV
BAMTKENDMjlCNjRBRURCMzM1QzJFQkEzNUZENjQwQTYzMEM3MkM1RDk5ODUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4Rp/pSTQnKk9msTb6nc6bEDfo
ARcuMnNcsX8kbX88lhb63fdld24ZOSpiqvAf281lTUzv80oNvlUma07yhOH93+r8
d9w4e0/D5yaPP7djDAwo72QLNkmMUl1mEQZSd2E9WPmRxq3ac3JkRtMpqbpwKJht
4nThb5Na6SOSgpsHReC/jbKlV/X4CQMwImv0uCSoVdU0oywsrkchN4nbEmBXjK7A
8UuAAsdTqGLz56/xHJXU2o3flpjqDF+eoV6XMJtG2QAMbkAqfX8IoTP2qkM1BysB
Blw//fEEJzrh0cfC7pSvafYuAHINVyq9UepIZm2k1OC+ELIGlZDb+4BcFOLbAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUzCm2Su2zNcLro1/WQKYwxyxdmYUwHwYDVR0j
BBgwFoAUMTTumH4I2LVYP+72IaAxUMTzVDQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWEzYmI5M2YtOThhNC00YzdlLWEwZTEtODA1N2E0ZjA4
NmM5LzAvMzEzNEVFOTg3RTA4RDhCNTU4M0ZFRUY2MjFBMDMxNTBDNEYzNTQzNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL01UVHVtSDRJMkxWWVAtNzJJYUF4VU1U
elZEUS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWEzYmI5M2Yt
OThhNC00YzdlLWEwZTEtODA1N2E0ZjA4NmM5LzAvMzI2MTMxMzQzYTMxNjU2MzM3
M2E2NjY2NjEzMDNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzMzM1MzEzNS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoUHsf/oDANBgkqhkiG9w0BAQsFAAOCAQEAhwFmrh2d8udEuL48
xGASCFQso2R+TF3TiMY5Npc96wx8T6KSrTluVAVcwIOpwv7ncEGULASpE/QtBZ+j
OXhqHJj3KuxK7d/LBgDPz0XFGa7GDSYMusBMwBhx/PLBG//w5LgrR+svxeBBG1Vn
fjBl1hzPXKb4LcNzf7B+P1sQ0P45bPKG2N6bTFckoLXtkQfBdEnu/tePSDgMnKJ3
VLNCwdyAHUSL0wm5Hi2v8QjHeG+Kyj5i77wBbw8wmhlhsW/JtvJtz5XRPuM2Nhzv
pB2XAGd1WHlyMMOriCyXwINFKu1vnZP+goPWD9193Pjqpn49P5/vvuW8POgRnid0
Hk8lNQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 02:47:19 2026 by rpki-client