Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/326130623a346530343a34323a3a2f34382d3438203d3e203236393534.roa
File: 326130623a346530343a34323a3a2f34382d3438203d3e203236393534.roa (raw, json)
Hash identifier: J0sU27KhsWLAQskvnilOEJPNfUn6f6vWuMhZwx5IsPQ=
Subject key identifier: EE:3F:83:DB:72:9F:AB:AC:18:92:03:37:8A:F6:96:06:55:34:98:53
Certificate issuer: /CN=42e508fba8960f48071b119accbf57bdbf3a8057
Certificate serial: 18B581FC505A75BA046185514641F0B02453C7FC
Authority key identifier: 42:E5:08:FB:A8:96:0F:48:07:1B:11:9A:CC:BF:57:BD:BF:3A:80:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QuUI-6iWD0gHGxGazL9Xvb86gFc.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/326130623a346530343a34323a3a2f34382d3438203d3e203236393534.roa
Signing time: Sat 07 Mar 2026 21:25:58 +0000
ROA not before: Sat 07 Mar 2026 21:20:58 +0000
ROA not after: Sat 06 Mar 2027 21:25:58 +0000
asID: 26954
IP address blocks: 2a0b:4e04:42::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/42E508FBA8960F48071B119ACCBF57BDBF3A8057.crl
rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/42E508FBA8960F48071B119ACCBF57BDBF3A8057.mft
rsync://rpki.ripe.net/repository/DEFAULT/QuUI-6iWD0gHGxGazL9Xvb86gFc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:b5:81:fc:50:5a:75:ba:04:61:85:51:46:41:f0:b0:24:53:c7:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42e508fba8960f48071b119accbf57bdbf3a8057
Validity
Not Before: Mar 7 21:20:58 2026 GMT
Not After : Mar 6 21:25:58 2027 GMT
Subject: CN=EE3F83DB729FABAC189203378AF6960655349853
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:44:d2:3e:d6:a8:43:d3:f6:e7:09:96:a5:1f:
50:e6:6b:ce:c8:e2:e4:77:59:29:62:eb:c6:09:cc:
0a:1e:30:3e:7b:81:13:75:3b:69:6d:76:37:27:a3:
42:47:00:a0:0b:9d:f5:4a:30:55:bb:83:7b:f6:e1:
38:84:43:bd:c6:97:27:c7:e8:57:2d:cb:d0:c8:36:
26:f6:f2:fe:f6:c6:0e:c8:ab:09:8f:67:bb:99:2c:
c2:8e:c2:46:65:93:81:89:e0:51:ef:33:87:20:12:
49:f9:2f:fc:4a:a3:91:ae:96:8d:04:d2:1a:58:0c:
40:7d:c9:4a:5a:58:05:0c:c4:b7:79:82:af:5b:4a:
6e:f2:f4:a0:4c:22:3f:0f:71:91:30:0e:34:2b:6e:
55:db:ac:35:74:df:6d:e9:16:50:da:94:80:e0:ac:
af:09:c3:3d:55:5e:00:2e:66:d8:f3:6b:71:c6:ab:
18:74:91:52:b0:0d:6e:8d:84:bc:21:cd:96:9e:9c:
1b:cd:07:92:ee:1c:2b:df:1c:bf:8b:d3:fd:f0:22:
c9:a1:33:02:e4:f3:89:17:90:89:01:47:a9:25:bd:
fe:a4:a0:bc:36:63:09:60:04:f2:8c:fb:d9:3c:a3:
95:91:1f:cd:bd:71:e7:66:5e:f2:36:0f:b3:59:67:
bd:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:3F:83:DB:72:9F:AB:AC:18:92:03:37:8A:F6:96:06:55:34:98:53
X509v3 Authority Key Identifier:
keyid:42:E5:08:FB:A8:96:0F:48:07:1B:11:9A:CC:BF:57:BD:BF:3A:80:57
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/42E508FBA8960F48071B119ACCBF57BDBF3A8057.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QuUI-6iWD0gHGxGazL9Xvb86gFc.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/326130623a346530343a34323a3a2f34382d3438203d3e203236393534.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:4e04:42::/48
Signature Algorithm: sha256WithRSAEncryption
31:cd:3c:3d:37:35:15:33:f6:74:3d:30:6c:4d:9b:26:2a:9a:
cf:5c:27:c3:86:1d:09:85:71:4c:97:0b:70:93:a3:9d:32:f0:
5b:c9:2f:c7:5d:cc:d5:29:e1:73:0a:7f:b1:02:9e:6f:9c:8c:
e8:f3:a2:68:2f:70:72:03:39:2f:96:9e:09:e5:23:82:eb:57:
69:e4:b7:f5:e0:0b:c0:89:d8:75:c3:db:40:33:d3:b9:be:49:
3e:d2:52:e6:1c:f2:89:c5:96:c1:72:18:7c:d5:2b:c6:3d:1a:
5c:e8:e5:bf:aa:30:d5:58:a1:10:f3:79:a3:00:f8:5c:9b:72:
d8:7e:f7:2a:d7:d6:cb:aa:ff:8b:e8:a8:74:27:25:c8:6d:0b:
92:2d:bd:4d:90:f4:5b:52:ed:b5:71:18:12:eb:44:f9:28:cf:
cc:9c:86:4d:ea:69:d6:c7:d4:d6:8c:c2:86:68:a6:08:63:49:
9d:2f:74:75:e9:89:67:b7:1f:5a:67:2e:b3:39:f0:72:3c:0f:
d3:5b:ff:47:76:49:43:31:0d:9f:c7:73:bb:05:08:2e:a3:39:
7b:27:f6:02:27:e9:ba:21:05:a7:2f:3d:7d:0d:f7:8f:53:f6:
c4:b6:24:9f:fe:f6:4d:ae:55:4d:6e:6f:cb:64:e4:50:20:16:
31:9d:69:4c
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUGLWB/FBadboEYYVRRkHwsCRTx/wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDJlNTA4ZmJhODk2MGY0ODA3MWIxMTlhY2NiZjU3YmRi
ZjNhODA1NzAeFw0yNjAzMDcyMTIwNThaFw0yNzAzMDYyMTI1NThaMDMxMTAvBgNV
BAMTKEVFM0Y4M0RCNzI5RkFCQUMxODkyMDMzNzhBRjY5NjA2NTUzNDk4NTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5RNI+1qhD0/bnCZalH1Dma87I
4uR3WSli68YJzAoeMD57gRN1O2ltdjcno0JHAKALnfVKMFW7g3v24TiEQ73GlyfH
6Fcty9DINib28v72xg7IqwmPZ7uZLMKOwkZlk4GJ4FHvM4cgEkn5L/xKo5Gulo0E
0hpYDEB9yUpaWAUMxLd5gq9bSm7y9KBMIj8PcZEwDjQrblXbrDV0323pFlDalIDg
rK8Jwz1VXgAuZtjza3HGqxh0kVKwDW6NhLwhzZaenBvNB5LuHCvfHL+L0/3wIsmh
MwLk84kXkIkBR6klvf6koLw2YwlgBPKM+9k8o5WRH829cedmXvI2D7NZZ72ZAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQU7j+D23Kfq6wYkgM3ivaWBlU0mFMwHwYDVR0j
BBgwFoAUQuUI+6iWD0gHGxGazL9Xvb86gFcwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzNiOGVjMDEtOGJhNS00NzlmLWEyMjktMGFiNzBlNDgx
NWJiLzAvNDJFNTA4RkJBODk2MEY0ODA3MUIxMTlBQ0NCRjU3QkRCRjNBODA1Ny5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1F1VUktNmlXRDBnSEd4R2F6TDlYdmI4
NmdGYy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNzNiOGVjMDEt
OGJhNS00NzlmLWEyMjktMGFiNzBlNDgxNWJiLzAvMzI2MTMwNjIzYTM0NjUzMDM0
M2EzNDMyM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzNjM5MzUzNC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHACoLTgQAQjANBgkqhkiG9w0BAQsFAAOCAQEAMc08PTc1FTP2dD0wbE2bJiqa
z1wnw4YdCYVxTJcLcJOjnTLwW8kvx13M1Snhcwp/sQKeb5yM6POiaC9wcgM5L5ae
CeUjgutXaeS39eALwInYdcPbQDPTub5JPtJS5hzyicWWwXIYfNUrxj0aXOjlv6ow
1VihEPN5owD4XJty2H73KtfWy6r/i+iodCclyG0Lki29TZD0W1LttXEYEutE+SjP
zJyGTepp1sfU1ozChmimCGNJnS90demJZ7cfWmcusznwcjwP01v/R3ZJQzENn8dz
uwUILqM5eyf2AifpuiEFpy89fQ33j1P2xLYkn/72Ta5VTW5vy2TkUCAWMZ1pTA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 00:50:16 2026 by rpki-client