Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466663a3a2f34382d3438203d3e20323133393433.roa
File: 326131313a323963303a336466663a3a2f34382d3438203d3e20323133393433.roa (raw, json)
Hash identifier: 8y5jg6nBePp3qC+j/RHY1w61Fva8bW37JNe7M++Ndsk=
Subject key identifier: 6F:0F:B7:D8:D9:03:5C:31:34:A9:1B:10:4C:85:FE:23:FE:4E:5D:FE
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 4E88C7A6012BC47D5928D089AE75C0A424B35BF1
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466663a3a2f34382d3438203d3e20323133393433.roa
Signing time: Mon 16 Mar 2026 21:22:46 +0000
ROA not before: Mon 16 Mar 2026 21:17:46 +0000
ROA not after: Mon 15 Mar 2027 21:22:46 +0000
asID: 213943
IP address blocks: 2a11:29c0:3dff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 16:32:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:88:c7:a6:01:2b:c4:7d:59:28:d0:89:ae:75:c0:a4:24:b3:5b:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: Mar 16 21:17:46 2026 GMT
Not After : Mar 15 21:22:46 2027 GMT
Subject: CN=6F0FB7D8D9035C3134A91B104C85FE23FE4E5DFE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:31:06:81:c5:b4:96:c1:b8:53:2f:ef:58:ef:
bf:14:13:39:9f:d0:88:33:ec:18:15:52:5f:81:dd:
f9:9e:8e:0c:74:44:52:9a:14:60:1a:23:1e:9c:5c:
a4:d5:b0:16:d2:fd:66:14:28:99:38:38:0a:e1:43:
82:36:5f:e5:48:a0:8a:3e:c6:15:6b:ac:f3:c6:14:
1c:ec:ec:fe:83:18:3b:7d:3d:61:43:da:4f:24:e8:
b6:17:79:dc:c2:ca:12:e8:1e:a8:e8:1c:37:f7:12:
da:ca:22:38:2d:15:25:dc:f6:24:b7:4a:bb:48:23:
50:e9:8c:e3:20:18:1d:2e:b2:fe:5e:88:8e:ae:8b:
54:2e:fd:94:bb:03:4e:53:7e:a4:2b:55:37:48:70:
f5:65:9d:c5:39:77:92:07:7e:95:29:49:e6:01:2e:
fc:f0:c4:c1:0c:43:02:d0:14:cf:95:37:62:7d:ce:
7d:0d:b5:90:65:fe:64:ee:19:58:34:91:ab:4a:7b:
6a:67:6b:a1:b7:cb:ff:41:d8:35:4c:00:eb:2f:fb:
6f:0b:21:49:ca:01:28:c8:20:fe:6e:5f:0e:03:c7:
07:b2:2e:02:4e:10:61:ad:d8:58:34:bb:8d:fb:15:
26:bb:0a:59:45:49:07:33:7f:1d:25:b8:f7:b7:85:
86:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:0F:B7:D8:D9:03:5C:31:34:A9:1B:10:4C:85:FE:23:FE:4E:5D:FE
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466663a3a2f34382d3438203d3e20323133393433.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:3dff::/48
Signature Algorithm: sha256WithRSAEncryption
98:fa:e2:24:e1:ae:32:d2:6e:d2:b1:8f:c6:10:ca:e1:90:9b:
19:4d:13:06:50:01:8b:82:45:4e:56:27:cd:a5:bb:7f:a4:f9:
a2:54:57:00:2f:d8:f9:61:a1:f8:df:46:2d:77:83:10:2d:8d:
48:52:2e:82:9c:2b:38:d7:93:8f:36:8d:bf:ac:7d:38:b4:48:
d5:db:ff:66:4a:75:af:8f:e5:d3:73:2b:97:7c:0d:ed:18:cd:
20:57:c5:7a:71:86:7c:8e:9a:bc:61:74:40:13:9a:56:3b:29:
ce:26:90:da:6f:e5:72:6d:ec:45:05:7e:5c:48:99:a5:c0:3a:
ad:c4:aa:e2:1c:2d:3f:13:54:4c:23:63:12:5c:b5:96:61:1e:
e4:8a:16:7f:1d:a6:5f:30:10:8b:5b:1a:1a:0e:f8:00:2d:ca:
54:c0:d5:80:a8:4c:c1:b6:15:c8:6c:e2:14:dd:21:84:80:9f:
1c:93:67:ad:21:c7:1b:d3:f5:23:c8:16:da:28:21:a4:2e:09:
f8:8c:6d:bd:16:39:f4:d7:25:22:61:8d:be:38:81:9f:40:16:
3f:94:14:18:dd:10:3b:68:72:e4:b5:a2:54:d2:33:ec:9b:da:
ce:d9:be:f4:d4:f8:8d:8a:9f:11:ba:12:03:19:ff:d1:8a:b8:
16:de:5f:c1
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUTojHpgErxH1ZKNCJrnXApCSzW/EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNjAzMTYyMTE3NDZaFw0yNzAzMTUyMTIyNDZaMDMxMTAvBgNV
BAMTKDZGMEZCN0Q4RDkwMzVDMzEzNEE5MUIxMDRDODVGRTIzRkU0RTVERkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8MQaBxbSWwbhTL+9Y778UEzmf
0Igz7BgVUl+B3fmejgx0RFKaFGAaIx6cXKTVsBbS/WYUKJk4OArhQ4I2X+VIoIo+
xhVrrPPGFBzs7P6DGDt9PWFD2k8k6LYXedzCyhLoHqjoHDf3EtrKIjgtFSXc9iS3
SrtII1DpjOMgGB0usv5eiI6ui1Qu/ZS7A05TfqQrVTdIcPVlncU5d5IHfpUpSeYB
LvzwxMEMQwLQFM+VN2J9zn0NtZBl/mTuGVg0katKe2pna6G3y/9B2DVMAOsv+28L
IUnKASjIIP5uXw4DxweyLgJOEGGt2Fg0u437FSa7CllFSQczfx0luPe3hYYPAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUbw+32NkDXDE0qRsQTIX+I/5OXf4wHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzMzY0NjY2NjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzMzM5MzQzMy5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoRKcA9/zANBgkqhkiG9w0BAQsFAAOCAQEAmPriJOGuMtJu0rGP
xhDK4ZCbGU0TBlABi4JFTlYnzaW7f6T5olRXAC/Y+WGh+N9GLXeDEC2NSFIugpwr
ONeTjzaNv6x9OLRI1dv/Zkp1r4/l03Mrl3wN7RjNIFfFenGGfI6avGF0QBOaVjsp
ziaQ2m/lcm3sRQV+XEiZpcA6rcSq4hwtPxNUTCNjEly1lmEe5IoWfx2mXzAQi1sa
Gg74AC3KVMDVgKhMwbYVyGziFN0hhICfHJNnrSHHG9P1I8gW2ighpC4J+IxtvRY5
9NclImGNvjiBn0AWP5QUGN0QO2hy5LWiVNIz7Jvaztm+9NT4jYqfEboSAxn/0Yq4
Ft5fwQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 21:40:49 2026 by rpki-client