Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/326130303a363334303a343030303a3a2f34382d3438203d3e203538323939.roa
File: 326130303a363334303a343030303a3a2f34382d3438203d3e203538323939.roa (raw, json)
Hash identifier: abn55S6TnM+6yf9NfpQ5HTRbcYLCWCKs/km3otawSCI=
Subject key identifier: D8:EF:2F:75:73:AA:4B:3B:F0:92:9E:67:8C:69:97:62:2F:7B:2E:DA
Certificate issuer: /CN=fac4708d7e265db1044f9bb0ee8728587f48b484
Certificate serial: 44B5F54A437CD41958271A451D5271DEE6764845
Authority key identifier: FA:C4:70:8D:7E:26:5D:B1:04:4F:9B:B0:EE:87:28:58:7F:48:B4:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-sRwjX4mXbEET5uw7ocoWH9ItIQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/326130303a363334303a343030303a3a2f34382d3438203d3e203538323939.roa
Signing time: Wed 06 May 2026 22:13:45 +0000
ROA not before: Wed 06 May 2026 22:08:45 +0000
ROA not after: Wed 05 May 2027 22:13:45 +0000
asID: 58299
IP address blocks: 2a00:6340:4000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/FAC4708D7E265DB1044F9BB0EE8728587F48B484.crl
rsync://rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/FAC4708D7E265DB1044F9BB0EE8728587F48B484.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-sRwjX4mXbEET5uw7ocoWH9ItIQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 11:25:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:b5:f5:4a:43:7c:d4:19:58:27:1a:45:1d:52:71:de:e6:76:48:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fac4708d7e265db1044f9bb0ee8728587f48b484
Validity
Not Before: May 6 22:08:45 2026 GMT
Not After : May 5 22:13:45 2027 GMT
Subject: CN=D8EF2F7573AA4B3BF0929E678C6997622F7B2EDA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:7c:e8:68:a9:f5:32:2e:37:23:0c:1d:12:79:
4f:2d:cf:b7:77:dd:b5:dd:79:c7:b0:6b:67:f4:f0:
31:c7:79:58:fd:9f:e6:2c:31:b8:13:b4:91:c4:69:
0c:60:24:8e:1d:87:37:51:eb:be:36:60:af:de:59:
fe:7c:85:98:0d:d1:6e:83:1e:03:35:11:41:52:e5:
74:c9:67:44:aa:ee:13:c0:d7:3e:8b:cd:d1:24:80:
98:07:86:99:c7:b1:ec:41:7e:1e:a1:50:25:6e:fb:
cc:f8:51:a0:45:9b:1d:80:b7:ae:f3:86:44:33:01:
25:e8:61:a3:96:22:d9:6b:9f:45:cb:a3:98:ad:58:
6a:8e:04:fb:86:c0:b9:24:f7:fd:f5:85:1a:be:4b:
36:d2:a7:80:dd:ff:0c:c5:40:45:97:3d:de:1b:66:
23:9a:dd:c1:93:2d:b2:5d:ca:f2:4f:35:11:2d:77:
f7:d6:3f:63:1d:87:25:fe:a4:25:b8:c1:0a:ad:92:
fb:40:42:24:01:ea:d5:18:34:ba:31:75:31:de:d3:
dc:d3:9f:16:c3:6f:16:40:4b:e8:3f:54:43:7d:f0:
76:20:7c:02:83:2d:a2:e3:e8:8c:5c:ac:dc:8e:b6:
9c:90:93:2a:c6:54:0d:81:ed:c2:1b:34:64:3d:8b:
e8:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:EF:2F:75:73:AA:4B:3B:F0:92:9E:67:8C:69:97:62:2F:7B:2E:DA
X509v3 Authority Key Identifier:
keyid:FA:C4:70:8D:7E:26:5D:B1:04:4F:9B:B0:EE:87:28:58:7F:48:B4:84
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/FAC4708D7E265DB1044F9BB0EE8728587F48B484.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-sRwjX4mXbEET5uw7ocoWH9ItIQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/326130303a363334303a343030303a3a2f34382d3438203d3e203538323939.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:6340:4000::/48
Signature Algorithm: sha256WithRSAEncryption
29:ef:7d:c7:20:6f:96:4c:65:98:18:9b:0f:5c:4b:9a:55:49:
f2:12:ec:9d:3b:1c:3e:b5:89:3b:2c:26:1e:6c:bb:f6:72:d0:
74:12:b0:22:fb:79:39:c3:6d:3c:9d:e8:c1:c1:ee:e0:a2:76:
25:50:f9:4f:cd:15:73:f5:6b:94:67:25:9e:af:2c:7b:5a:a6:
7f:5f:10:5e:8b:ed:9e:90:f1:57:ef:1f:9c:6a:80:e4:f9:6f:
91:71:bd:a4:9b:c8:97:3b:4d:ae:86:65:fc:49:dc:0f:cd:3b:
d8:29:3a:69:2a:35:d6:c7:2f:72:12:80:91:6b:3d:05:cb:fa:
fd:6e:e0:56:78:fc:9a:4d:0c:c2:ec:99:9f:2f:ec:9d:6f:d0:
92:4c:71:27:41:3c:3c:f5:d6:4e:f6:f3:b9:c0:df:af:c9:c5:
bf:1f:36:77:bf:8d:f6:d8:66:e6:7c:7c:cd:21:7b:d0:15:bb:
d6:06:f2:24:9b:a9:88:c0:d4:b5:d9:2a:14:39:24:28:69:44:
a9:a6:a4:d0:30:31:e1:87:54:95:d2:93:67:ee:52:9f:38:ed:
8b:1b:05:6c:b6:77:2f:27:d5:fc:6c:e6:b6:28:a0:65:90:e8:
8f:53:7b:48:d1:4c:31:d9:d9:c3:2f:eb:94:50:fb:ca:f4:81:
ea:d6:02:96
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIURLX1SkN81BlYJxpFHVJx3uZ2SEUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZmFjNDcwOGQ3ZTI2NWRiMTA0NGY5YmIwZWU4NzI4NTg3
ZjQ4YjQ4NDAeFw0yNjA1MDYyMjA4NDVaFw0yNzA1MDUyMjEzNDVaMDMxMTAvBgNV
BAMTKEQ4RUYyRjc1NzNBQTRCM0JGMDkyOUU2NzhDNjk5NzYyMkY3QjJFREEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8fOhoqfUyLjcjDB0SeU8tz7d3
3bXdecewa2f08DHHeVj9n+YsMbgTtJHEaQxgJI4dhzdR6742YK/eWf58hZgN0W6D
HgM1EUFS5XTJZ0Sq7hPA1z6LzdEkgJgHhpnHsexBfh6hUCVu+8z4UaBFmx2At67z
hkQzASXoYaOWItlrn0XLo5itWGqOBPuGwLkk9/31hRq+SzbSp4Dd/wzFQEWXPd4b
ZiOa3cGTLbJdyvJPNREtd/fWP2MdhyX+pCW4wQqtkvtAQiQB6tUYNLoxdTHe09zT
nxbDbxZAS+g/VEN98HYgfAKDLaLj6IxcrNyOtpyQkyrGVA2B7cIbNGQ9i+hdAgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQU2O8vdXOqSzvwkp5njGmXYi97LtowHwYDVR0j
BBgwFoAU+sRwjX4mXbEET5uw7ocoWH9ItIQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNWI1OGU2NDYtZTdhMi00NjVjLTg3YzUtNDNjMzU5YWQ5
MzY5LzAvRkFDNDcwOEQ3RTI2NURCMTA0NEY5QkIwRUU4NzI4NTg3RjQ4QjQ4NC5j
cmwwZQYIKwYBBQUHAQEEWTBXMFUGCCsGAQUFBzAChklyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzEtc1J3alg0bVhiRUVUNXV3N29jb1dI
OUl0SVEuY2VyMIG1BggrBgEFBQcBCwSBqDCBpTCBogYIKwYBBQUHMAuGgZVyc3lu
YzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzViNThlNjQ2
LWU3YTItNDY1Yy04N2M1LTQzYzM1OWFkOTM2OS8wLzMyNjEzMDMwM2EzNjMzMzQz
MDNhMzQzMDMwMzAzYTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzNTM4MzIzOTM5LnJv
YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAKgBjQEAAMA0GCSqGSIb3DQEBCwUAA4IBAQAp733HIG+WTGWYGJsP
XEuaVUnyEuydOxw+tYk7LCYebLv2ctB0ErAi+3k5w208nejBwe7gonYlUPlPzRVz
9WuUZyWeryx7WqZ/XxBei+2ekPFX7x+caoDk+W+Rcb2km8iXO02uhmX8SdwPzTvY
KTppKjXWxy9yEoCRaz0Fy/r9buBWePyaTQzC7JmfL+ydb9CSTHEnQTw89dZO9vO5
wN+vycW/HzZ3v4322GbmfHzNIXvQFbvWBvIkm6mIwNS12SoUOSQoaUSppqTQMDHh
h1SV0pNn7lKfOO2LGwVstncvJ9X8bOa2KKBlkOiPU3tI0Uwx2dnDL+uUUPvK9IHq
1gKW
-----END CERTIFICATE-----
Generated at Tue May 12 21:33:51 2026 by rpki-client