Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/326130653a386630323a323261303a3a2f34342d3438203d3e20323034323535.roa
File: 326130653a386630323a323261303a3a2f34342d3438203d3e20323034323535.roa (raw, json)
Hash identifier: iNvowBUuggP6XgXp3w1hyF5jRwvS1MtFGh1bJv642Pg=
Subject key identifier: 40:4A:E9:29:47:AC:64:D6:8E:0D:F3:11:FE:E9:FE:83:AF:33:D5:63
Certificate issuer: /CN=fac4708d7e265db1044f9bb0ee8728587f48b484
Certificate serial: 64331AA83096038F876F925F594AB292272BBA9E
Authority key identifier: FA:C4:70:8D:7E:26:5D:B1:04:4F:9B:B0:EE:87:28:58:7F:48:B4:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-sRwjX4mXbEET5uw7ocoWH9ItIQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/326130653a386630323a323261303a3a2f34342d3438203d3e20323034323535.roa
Signing time: Wed 25 Mar 2026 21:29:41 +0000
ROA not before: Wed 25 Mar 2026 21:24:41 +0000
ROA not after: Wed 24 Mar 2027 21:29:41 +0000
asID: 204255
IP address blocks: 2a0e:8f02:22a0::/44 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/FAC4708D7E265DB1044F9BB0EE8728587F48B484.crl
rsync://rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/FAC4708D7E265DB1044F9BB0EE8728587F48B484.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-sRwjX4mXbEET5uw7ocoWH9ItIQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 16:32:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:33:1a:a8:30:96:03:8f:87:6f:92:5f:59:4a:b2:92:27:2b:ba:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fac4708d7e265db1044f9bb0ee8728587f48b484
Validity
Not Before: Mar 25 21:24:41 2026 GMT
Not After : Mar 24 21:29:41 2027 GMT
Subject: CN=404AE92947AC64D68E0DF311FEE9FE83AF33D563
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:78:58:03:c8:19:69:dc:4c:21:6d:21:1a:26:
b2:c4:ad:5a:fb:5f:dd:b7:22:ad:26:f7:41:db:aa:
0e:08:e9:09:d3:fb:d1:35:a6:1f:19:8f:9b:36:10:
b1:7a:69:97:31:e9:63:3c:b5:43:36:48:2d:65:6a:
9e:43:1f:89:c0:5c:1c:0f:a0:c1:7d:49:12:28:67:
82:87:e3:33:dc:34:09:5c:a8:23:37:dc:db:5b:d2:
34:9b:46:11:97:63:ef:b9:b9:d1:22:f0:64:c4:36:
3a:94:04:1e:6e:43:ea:0d:cb:21:8e:e5:88:dc:e5:
1a:e0:66:6a:9f:85:22:22:6a:a9:d2:07:f1:48:d6:
5c:ae:b8:82:9c:f6:96:44:57:b9:1b:79:6d:6e:e8:
be:12:c0:d8:fe:ee:cb:5b:5b:0b:1e:ca:bc:e9:86:
ff:e7:db:4d:42:16:8d:34:19:2e:d9:3e:44:55:76:
77:eb:46:30:17:21:93:ca:4a:d5:87:d2:3a:5c:22:
57:45:09:57:b7:bf:29:0b:e3:38:5f:fd:4b:ef:3c:
16:04:4d:db:eb:a8:73:04:fa:e4:c9:9e:1a:85:e7:
da:13:54:1e:60:16:46:4b:16:58:99:8f:11:e2:2d:
e9:76:32:bd:38:da:e4:b1:e3:05:a0:18:68:ca:98:
1a:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:4A:E9:29:47:AC:64:D6:8E:0D:F3:11:FE:E9:FE:83:AF:33:D5:63
X509v3 Authority Key Identifier:
keyid:FA:C4:70:8D:7E:26:5D:B1:04:4F:9B:B0:EE:87:28:58:7F:48:B4:84
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/FAC4708D7E265DB1044F9BB0EE8728587F48B484.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-sRwjX4mXbEET5uw7ocoWH9ItIQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/326130653a386630323a323261303a3a2f34342d3438203d3e20323034323535.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:22a0::/44
Signature Algorithm: sha256WithRSAEncryption
78:49:14:71:92:c3:4d:c4:ca:d1:6a:57:9e:78:2e:bf:bc:d3:
a6:1f:5f:ed:15:40:25:a5:d5:88:7f:c5:87:d1:77:12:bb:7d:
17:27:bc:2d:35:b4:9e:b6:44:a1:11:5b:31:3c:83:71:01:99:
5a:15:79:d6:41:c2:2f:32:33:60:51:5c:40:ac:dd:a5:f1:03:
ba:47:ba:47:3a:00:83:d8:a5:8b:06:63:54:65:5e:58:4f:1e:
2c:e4:76:a8:b2:6b:ea:fd:ed:26:98:93:3f:9b:dc:f3:33:e5:
ee:a4:c6:d4:71:3c:01:f6:03:c5:0d:8f:0c:8d:aa:a0:fb:02:
aa:1a:2f:28:d2:fb:60:ce:20:c7:c0:09:fc:3b:be:38:41:87:
07:be:0e:ac:18:df:9b:ba:fe:f6:95:04:ce:27:21:11:76:c5:
20:6c:99:cd:42:89:8b:4c:ac:0c:e8:c6:04:ab:62:04:5e:e8:
52:b2:8d:0f:d5:7f:88:75:1e:bd:bc:42:08:fd:3b:14:57:2f:
e1:4e:66:43:65:a4:2b:32:97:48:81:0f:fb:4f:4c:9b:c8:7e:
d4:59:d4:42:d2:58:29:36:8a:82:f9:bc:9c:91:b8:61:fd:43:
34:f6:f1:ca:03:e9:c6:18:d5:98:2f:a0:55:1d:dd:8a:b5:4d:
e1:94:d2:c1
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgIUZDMaqDCWA4+Hb5JfWUqykicrup4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZmFjNDcwOGQ3ZTI2NWRiMTA0NGY5YmIwZWU4NzI4NTg3
ZjQ4YjQ4NDAeFw0yNjAzMjUyMTI0NDFaFw0yNzAzMjQyMTI5NDFaMDMxMTAvBgNV
BAMTKDQwNEFFOTI5NDdBQzY0RDY4RTBERjMxMUZFRTlGRTgzQUYzM0Q1NjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxeFgDyBlp3EwhbSEaJrLErVr7
X923Iq0m90Hbqg4I6QnT+9E1ph8Zj5s2ELF6aZcx6WM8tUM2SC1lap5DH4nAXBwP
oMF9SRIoZ4KH4zPcNAlcqCM33Ntb0jSbRhGXY++5udEi8GTENjqUBB5uQ+oNyyGO
5Yjc5RrgZmqfhSIiaqnSB/FI1lyuuIKc9pZEV7kbeW1u6L4SwNj+7stbWwseyrzp
hv/n201CFo00GS7ZPkRVdnfrRjAXIZPKStWH0jpcIldFCVe3vykL4zhf/UvvPBYE
TdvrqHME+uTJnhqF59oTVB5gFkZLFliZjxHiLel2Mr042uSx4wWgGGjKmBp5AgMB
AAGjggJLMIICRzAdBgNVHQ4EFgQUQErpKUesZNaODfMR/un+g68z1WMwHwYDVR0j
BBgwFoAU+sRwjX4mXbEET5uw7ocoWH9ItIQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNWI1OGU2NDYtZTdhMi00NjVjLTg3YzUtNDNjMzU5YWQ5
MzY5LzAvRkFDNDcwOEQ3RTI2NURCMTA0NEY5QkIwRUU4NzI4NTg3RjQ4QjQ4NC5j
cmwwZQYIKwYBBQUHAQEEWTBXMFUGCCsGAQUFBzAChklyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzEtc1J3alg0bVhiRUVUNXV3N29jb1dI
OUl0SVEuY2VyMIG3BggrBgEFBQcBCwSBqjCBpzCBpAYIKwYBBQUHMAuGgZdyc3lu
YzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzViNThlNjQ2
LWU3YTItNDY1Yy04N2M1LTQzYzM1OWFkOTM2OS8wLzMyNjEzMDY1M2EzODY2MzAz
MjNhMzIzMjYxMzAzYTNhMmYzNDM0MmQzNDM4MjAzZDNlMjAzMjMwMzQzMjM1MzUu
cm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzAR
MA8EAgACMAkDBwQqDo8CIqAwDQYJKoZIhvcNAQELBQADggEBAHhJFHGSw03EytFq
V554Lr+806YfX+0VQCWl1Yh/xYfRdxK7fRcnvC01tJ62RKERWzE8g3EBmVoVedZB
wi8yM2BRXECs3aXxA7pHukc6AIPYpYsGY1RlXlhPHizkdqiya+r97SaYkz+b3PMz
5e6kxtRxPAH2A8UNjwyNqqD7AqoaLyjS+2DOIMfACfw7vjhBhwe+DqwY35u6/vaV
BM4nIRF2xSBsmc1CiYtMrAzoxgSrYgRe6FKyjQ/Vf4h1Hr28Qgj9OxRXL+FOZkNl
pCsyl0iBD/tPTJvIftRZ1ELSWCk2ioL5vJyRuGH9QzT28coD6cYY1ZgvoFUd3Yq1
TeGU0sE=
-----END CERTIFICATE-----
Generated at Thu Mar 26 20:53:17 2026 by rpki-client