Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/326130653a666434353a326130303a3a2f34302d3438203d3e20323133323533.roa
File: 326130653a666434353a326130303a3a2f34302d3438203d3e20323133323533.roa (raw, json)
Hash identifier: qDmc/WjuJm2+K6V+qH0YTGIzUkgJV2kWMCYDVdR94ng=
Subject key identifier: 2D:D5:6E:59:8D:C5:10:F9:7E:F2:AD:85:54:A7:25:36:16:C8:0C:E8
Certificate issuer: /CN=7f216f49a3b9a84a0e85e80a2c42874f09ea3985
Certificate serial: 56407DC7AC14DD11F6F5F0CC3045C44E7AC1B843
Authority key identifier: 7F:21:6F:49:A3:B9:A8:4A:0E:85:E8:0A:2C:42:87:4F:09:EA:39:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fyFvSaO5qEoOhegKLEKHTwnqOYU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/326130653a666434353a326130303a3a2f34302d3438203d3e20323133323533.roa
Signing time: Mon 04 May 2026 08:24:15 +0000
ROA not before: Mon 04 May 2026 08:19:15 +0000
ROA not after: Mon 03 May 2027 08:24:15 +0000
asID: 213253
IP address blocks: 2a0e:fd45:2a00::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.crl
rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.mft
rsync://rpki.ripe.net/repository/DEFAULT/fyFvSaO5qEoOhegKLEKHTwnqOYU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:40:7d:c7:ac:14:dd:11:f6:f5:f0:cc:30:45:c4:4e:7a:c1:b8:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7f216f49a3b9a84a0e85e80a2c42874f09ea3985
Validity
Not Before: May 4 08:19:15 2026 GMT
Not After : May 3 08:24:15 2027 GMT
Subject: CN=2DD56E598DC510F97EF2AD8554A7253616C80CE8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:a5:6d:19:b8:95:bd:33:43:ab:9f:36:09:0a:
68:68:8f:90:f6:d2:1e:97:58:0f:6a:38:db:f3:4a:
bc:4b:16:de:f0:2b:e1:71:f8:da:b0:29:5d:32:02:
22:ac:fc:97:78:26:bd:bb:34:2a:6b:e4:12:18:d4:
47:02:fa:e4:0b:89:d8:b8:6a:3c:a1:05:97:cf:f2:
16:69:cf:f0:82:c6:3c:75:9d:a1:e1:63:6f:72:a3:
71:7f:cd:09:6a:00:1f:a9:d4:34:55:09:54:cc:13:
e9:68:c8:e9:71:a4:12:ab:ab:5e:3a:15:8c:7c:a4:
ad:62:d4:57:68:0c:96:1f:04:e4:6b:95:ad:b3:98:
a6:91:27:3f:ff:35:1b:c7:bc:0f:1c:8b:d8:81:0a:
a1:6a:1d:c8:9e:4f:01:ba:0f:75:30:d7:c8:92:f5:
8f:f3:c9:8e:e5:35:46:af:bc:f5:dd:fd:c0:d3:e1:
b7:7e:77:9f:b1:85:93:6b:2c:34:b2:e3:92:4a:a3:
5d:a1:2f:3b:55:8d:3e:e7:17:fb:43:e0:a7:42:94:
6c:6d:ac:02:e2:90:07:a5:e5:d4:80:05:d0:12:ac:
4f:33:5a:37:48:24:62:73:cc:4a:b8:7a:d6:9b:75:
ac:e6:5e:14:94:68:58:98:b6:3c:d5:54:36:5c:90:
e2:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:D5:6E:59:8D:C5:10:F9:7E:F2:AD:85:54:A7:25:36:16:C8:0C:E8
X509v3 Authority Key Identifier:
keyid:7F:21:6F:49:A3:B9:A8:4A:0E:85:E8:0A:2C:42:87:4F:09:EA:39:85
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fyFvSaO5qEoOhegKLEKHTwnqOYU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/326130653a666434353a326130303a3a2f34302d3438203d3e20323133323533.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:fd45:2a00::/40
Signature Algorithm: sha256WithRSAEncryption
22:ca:3c:97:e3:4b:f8:6e:9f:e5:fa:dc:26:60:c8:a3:95:9d:
32:14:04:ff:fc:83:ec:b7:a2:f9:d6:26:1c:85:e8:70:69:7d:
91:22:d4:68:c3:ef:bc:4c:b8:aa:df:34:2c:f1:4c:4c:eb:31:
e7:53:bf:52:d7:ff:85:86:79:8d:d7:b1:09:4b:5e:3c:e6:5a:
ae:9f:36:63:bc:38:f8:e0:9e:71:bc:21:e0:0e:aa:60:9f:44:
e5:87:fe:fb:e6:f9:4b:c0:72:09:17:58:e1:b2:50:25:39:ff:
21:91:68:00:db:b4:b4:5f:6a:e2:f3:43:0b:df:0b:4f:2c:64:
39:46:34:83:ec:31:d0:59:9e:2b:b7:7a:ee:00:d4:36:b2:9b:
c9:f0:5d:7c:29:ee:5f:af:b5:96:39:04:21:20:1c:3e:c9:7b:
ac:06:28:11:95:d1:7e:68:c4:69:39:4f:66:08:a8:13:a2:c2:
f6:fe:f8:6c:ca:35:7c:f3:5d:00:24:68:3e:95:c3:3c:df:f3:
20:34:73:68:f6:23:1d:f2:e1:79:f8:66:e5:d2:23:ff:c7:4d:
d5:b2:cc:b2:e6:07:e5:84:a0:9e:17:ea:a0:b7:32:da:d4:f2:
02:ca:85:ec:32:20:77:90:e8:c4:26:94:3c:a7:96:2a:7a:af:
26:3c:c3:c8
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIUVkB9x6wU3RH29fDMMEXETnrBuEMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2YyMTZmNDlhM2I5YTg0YTBlODVlODBhMmM0Mjg3NGYw
OWVhMzk4NTAeFw0yNjA1MDQwODE5MTVaFw0yNzA1MDMwODI0MTVaMDMxMTAvBgNV
BAMTKDJERDU2RTU5OERDNTEwRjk3RUYyQUQ4NTU0QTcyNTM2MTZDODBDRTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCPpW0ZuJW9M0OrnzYJCmhoj5D2
0h6XWA9qONvzSrxLFt7wK+Fx+NqwKV0yAiKs/Jd4Jr27NCpr5BIY1EcC+uQLidi4
ajyhBZfP8hZpz/CCxjx1naHhY29yo3F/zQlqAB+p1DRVCVTME+loyOlxpBKrq146
FYx8pK1i1FdoDJYfBORrla2zmKaRJz//NRvHvA8ci9iBCqFqHcieTwG6D3Uw18iS
9Y/zyY7lNUavvPXd/cDT4bd+d5+xhZNrLDSy45JKo12hLztVjT7nF/tD4KdClGxt
rALikAel5dSABdASrE8zWjdIJGJzzEq4etabdazmXhSUaFiYtjzVVDZckOI7AgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQULdVuWY3FEPl+8q2FVKclNhbIDOgwHwYDVR0j
BBgwFoAUfyFvSaO5qEoOhegKLEKHTwnqOYUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmRmYjMwY2EtZTFjMi00OTIxLWIwNTQtZDRhZjA5MTY1
YWYxLzAvN0YyMTZGNDlBM0I5QTg0QTBFODVFODBBMkM0Mjg3NEYwOUVBMzk4NS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Z5RnZTYU81cUVvT2hlZ0tMRUtIVHdu
cU9ZVS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmRmYjMwY2Et
ZTFjMi00OTIxLWIwNTQtZDRhZjA5MTY1YWYxLzAvMzI2MTMwNjUzYTY2NjQzNDM1
M2EzMjYxMzAzMDNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDMyMzEzMzMyMzUzMy5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw
DgQCAAIwCAMGACoO/UUqMA0GCSqGSIb3DQEBCwUAA4IBAQAiyjyX40v4bp/l+twm
YMijlZ0yFAT//IPst6L51iYchehwaX2RItRow++8TLiq3zQs8UxM6zHnU79S1/+F
hnmN17EJS1485lqunzZjvDj44J5xvCHgDqpgn0Tlh/775vlLwHIJF1jhslAlOf8h
kWgA27S0X2ri80ML3wtPLGQ5RjSD7DHQWZ4rt3ruANQ2spvJ8F18Ke5fr7WWOQQh
IBw+yXusBigRldF+aMRpOU9mCKgTosL2/vhsyjV8810AJGg+lcM83/MgNHNo9iMd
8uF5+Gbl0iP/x03Vssyy5gflhKCeF+qgtzLa1PICyoXsMiB3kOjEJpQ8p5Yqeq8m
PMPI
-----END CERTIFICATE-----
Generated at Wed May 13 05:44:28 2026 by rpki-client