Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/326130653a666434353a326366303a3a2f34382d3438203d3e20323032383535.roa
File: 326130653a666434353a326366303a3a2f34382d3438203d3e20323032383535.roa (raw, json)
Hash identifier: b4dSzH5oz/8kg+iOLc3kROxlkMvwGXgL0aSDALtRaeY=
Subject key identifier: 8B:58:6A:1B:2D:AC:52:43:1E:4A:DE:A3:3E:03:B4:76:DD:72:BB:18
Certificate issuer: /CN=7f216f49a3b9a84a0e85e80a2c42874f09ea3985
Certificate serial: 0C9304013E15BB02F5407C4E06893D481EA46CE5
Authority key identifier: 7F:21:6F:49:A3:B9:A8:4A:0E:85:E8:0A:2C:42:87:4F:09:EA:39:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fyFvSaO5qEoOhegKLEKHTwnqOYU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/326130653a666434353a326366303a3a2f34382d3438203d3e20323032383535.roa
Signing time: Sat 09 May 2026 08:41:54 +0000
ROA not before: Sat 09 May 2026 08:36:54 +0000
ROA not after: Sat 08 May 2027 08:41:54 +0000
asID: 202855
IP address blocks: 2a0e:fd45:2cf0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.crl
rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.mft
rsync://rpki.ripe.net/repository/DEFAULT/fyFvSaO5qEoOhegKLEKHTwnqOYU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:93:04:01:3e:15:bb:02:f5:40:7c:4e:06:89:3d:48:1e:a4:6c:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7f216f49a3b9a84a0e85e80a2c42874f09ea3985
Validity
Not Before: May 9 08:36:54 2026 GMT
Not After : May 8 08:41:54 2027 GMT
Subject: CN=8B586A1B2DAC52431E4ADEA33E03B476DD72BB18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:5f:1f:12:00:e6:97:c6:d2:95:f7:2d:b2:f0:
4e:31:f0:75:db:87:57:f6:63:35:5d:67:da:97:4b:
4b:8e:e7:5f:2d:15:88:77:e3:10:e7:fc:01:0c:a9:
18:4c:a7:2b:83:1a:59:e6:71:6f:4a:a2:4a:b9:29:
62:16:df:67:ef:06:54:d3:a3:df:6f:a3:fe:d9:cb:
fc:2c:7b:c7:88:5a:a3:6e:a4:1d:cc:e1:23:d5:84:
db:b3:5d:c4:35:47:69:10:f8:df:57:38:9e:35:c1:
b4:4c:e8:eb:79:0a:27:94:0f:35:94:99:52:e8:96:
d3:8a:cd:9a:0f:43:85:82:91:46:33:98:98:ca:c0:
b9:7c:0a:37:2b:34:59:d7:cb:2d:70:f3:03:fc:6d:
74:68:3b:01:1f:2a:ef:c8:68:e9:07:e4:f2:90:ef:
4f:d7:50:34:8c:47:d5:63:5e:f8:84:bd:17:d7:c2:
7d:ac:cf:d8:e8:2f:bf:87:73:58:a1:fc:78:79:25:
79:f0:79:8a:ab:b7:74:88:23:16:e6:c8:db:13:ed:
43:ef:3f:16:df:21:3c:37:44:cf:42:c0:0c:0d:3e:
cf:65:2f:07:e5:8c:1d:23:4b:95:5c:ec:81:12:91:
d8:21:7d:d7:4d:c1:18:43:0c:cf:26:c2:9c:38:7e:
34:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:58:6A:1B:2D:AC:52:43:1E:4A:DE:A3:3E:03:B4:76:DD:72:BB:18
X509v3 Authority Key Identifier:
keyid:7F:21:6F:49:A3:B9:A8:4A:0E:85:E8:0A:2C:42:87:4F:09:EA:39:85
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fyFvSaO5qEoOhegKLEKHTwnqOYU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/326130653a666434353a326366303a3a2f34382d3438203d3e20323032383535.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:fd45:2cf0::/48
Signature Algorithm: sha256WithRSAEncryption
70:69:43:c0:c9:ab:c0:94:3b:ef:7c:de:b6:69:6e:22:3f:10:
04:69:31:dc:8c:54:d4:5e:af:06:1d:67:d0:a4:77:d6:42:f9:
78:5a:27:58:f4:0e:4b:cb:4f:4f:e3:62:de:9f:4d:0b:a1:b5:
78:0a:b1:12:36:6f:13:f6:2b:84:83:2e:b8:13:02:e1:e4:85:
52:22:4c:c4:19:d2:1a:66:3f:76:f4:18:7b:f6:7e:fd:ec:97:
35:0f:65:79:b8:7e:91:aa:e3:1e:3d:a9:ec:f9:2b:41:05:08:
06:a2:71:73:30:11:e7:54:ee:ef:8f:ef:b2:09:1c:59:31:4f:
02:41:22:6e:de:10:17:3f:17:21:2b:b8:72:78:da:e2:e7:7f:
24:df:30:31:c0:c8:f8:9b:82:6a:4b:f3:cf:2c:90:66:b3:a9:
f0:b2:82:e4:38:bc:51:86:07:48:da:31:3e:e1:2d:b2:72:86:
c6:5d:e2:a7:db:90:fa:6a:7e:94:c4:e9:4e:e1:78:f7:a7:c6:
70:42:69:37:b4:0f:dc:11:27:bb:78:9c:81:f8:75:95:f5:76:
d9:62:b3:d5:6f:d1:12:93:0b:88:f3:24:6a:84:f0:a8:9b:d4:
2f:73:cd:18:0d:7d:ac:74:95:8a:8c:14:79:62:08:c6:09:87:
ea:d2:99:c9
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUDJMEAT4VuwL1QHxOBok9SB6kbOUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2YyMTZmNDlhM2I5YTg0YTBlODVlODBhMmM0Mjg3NGYw
OWVhMzk4NTAeFw0yNjA1MDkwODM2NTRaFw0yNzA1MDgwODQxNTRaMDMxMTAvBgNV
BAMTKDhCNTg2QTFCMkRBQzUyNDMxRTRBREVBMzNFMDNCNDc2REQ3MkJCMTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrXx8SAOaXxtKV9y2y8E4x8HXb
h1f2YzVdZ9qXS0uO518tFYh34xDn/AEMqRhMpyuDGlnmcW9Kokq5KWIW32fvBlTT
o99vo/7Zy/wse8eIWqNupB3M4SPVhNuzXcQ1R2kQ+N9XOJ41wbRM6Ot5CieUDzWU
mVLoltOKzZoPQ4WCkUYzmJjKwLl8CjcrNFnXyy1w8wP8bXRoOwEfKu/IaOkH5PKQ
70/XUDSMR9VjXviEvRfXwn2sz9joL7+Hc1ih/Hh5JXnweYqrt3SIIxbmyNsT7UPv
PxbfITw3RM9CwAwNPs9lLwfljB0jS5Vc7IESkdghfddNwRhDDM8mwpw4fjTtAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUi1hqGy2sUkMeSt6jPgO0dt1yuxgwHwYDVR0j
BBgwFoAUfyFvSaO5qEoOhegKLEKHTwnqOYUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmRmYjMwY2EtZTFjMi00OTIxLWIwNTQtZDRhZjA5MTY1
YWYxLzAvN0YyMTZGNDlBM0I5QTg0QTBFODVFODBBMkM0Mjg3NEYwOUVBMzk4NS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Z5RnZTYU81cUVvT2hlZ0tMRUtIVHdu
cU9ZVS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmRmYjMwY2Et
ZTFjMi00OTIxLWIwNTQtZDRhZjA5MTY1YWYxLzAvMzI2MTMwNjUzYTY2NjQzNDM1
M2EzMjYzNjYzMDNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAzMjM4MzUzNS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoO/UUs8DANBgkqhkiG9w0BAQsFAAOCAQEAcGlDwMmrwJQ773ze
tmluIj8QBGkx3IxU1F6vBh1n0KR31kL5eFonWPQOS8tPT+Ni3p9NC6G1eAqxEjZv
E/YrhIMuuBMC4eSFUiJMxBnSGmY/dvQYe/Z+/eyXNQ9lebh+karjHj2p7PkrQQUI
BqJxczAR51Tu74/vsgkcWTFPAkEibt4QFz8XISu4cnja4ud/JN8wMcDI+JuCakvz
zyyQZrOp8LKC5Di8UYYHSNoxPuEtsnKGxl3ip9uQ+mp+lMTpTuF496fGcEJpN7QP
3BEnu3icgfh1lfV22WKz1W/REpMLiPMkaoTwqJvUL3PNGA19rHSViowUeWIIxgmH
6tKZyQ==
-----END CERTIFICATE-----
Generated at Wed May 13 05:08:06 2026 by rpki-client