Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336532303a3a2f34342d3438203d3e20323134343830.roa
File: 326131313a323963303a336532303a3a2f34342d3438203d3e20323134343830.roa (raw, json)
Hash identifier: BP4De6NsAznb3JrzmwmDnZ9+otQSSywbAB+meZDXIls=
Subject key identifier: DE:30:61:1D:91:E6:92:BA:E0:1B:47:B4:B5:DA:BC:B0:A0:F4:73:39
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 21B1CA5F83B36396133245A4FFBC8ADA05055FF0
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336532303a3a2f34342d3438203d3e20323134343830.roa
Signing time: Tue 17 Mar 2026 13:22:47 +0000
ROA not before: Tue 17 Mar 2026 13:17:47 +0000
ROA not after: Tue 16 Mar 2027 13:22:47 +0000
asID: 214480
IP address blocks: 2a11:29c0:3e20::/44 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 22:53:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:b1:ca:5f:83:b3:63:96:13:32:45:a4:ff:bc:8a:da:05:05:5f:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: Mar 17 13:17:47 2026 GMT
Not After : Mar 16 13:22:47 2027 GMT
Subject: CN=DE30611D91E692BAE01B47B4B5DABCB0A0F47339
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:f7:ec:c6:8f:88:46:e9:7f:0c:39:c7:da:d8:
77:3f:6f:d2:78:32:75:52:9d:81:99:d3:24:10:4c:
48:59:70:ed:6d:76:82:b1:7b:3d:68:22:7a:44:f1:
d6:f4:b2:9f:cd:4a:95:ee:fa:02:52:8b:e5:76:d6:
5a:59:69:82:9f:ce:5c:18:e7:a4:6f:ac:bf:50:70:
ab:e8:78:21:80:00:c0:03:1d:04:95:ad:51:b4:f5:
50:f7:2a:b2:b5:d1:51:57:2d:a5:33:71:39:69:c1:
08:91:c7:06:6b:95:75:57:58:f6:98:25:87:fd:17:
91:59:04:92:d6:f1:26:e4:50:cc:3b:e3:f7:85:d5:
59:9b:de:44:31:2c:80:11:51:85:d0:9e:f0:b2:4b:
65:dc:15:9e:16:a1:9e:fe:e9:67:86:12:3e:8e:db:
d5:bf:b2:be:96:66:8d:51:b9:a1:d5:7e:39:41:73:
49:94:a0:44:24:b3:1b:ce:a2:09:ed:21:d1:b8:bb:
e5:ed:a1:5c:b1:67:71:ee:54:89:65:bb:a8:12:c0:
6a:9c:ae:7a:14:37:c8:3f:07:1a:81:36:29:f9:4a:
36:cf:d3:e7:93:74:68:12:f9:4a:a3:a9:cb:39:49:
0f:26:ef:97:58:21:0b:f5:27:c1:56:60:cd:16:b0:
3e:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:30:61:1D:91:E6:92:BA:E0:1B:47:B4:B5:DA:BC:B0:A0:F4:73:39
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336532303a3a2f34342d3438203d3e20323134343830.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:3e20::/44
Signature Algorithm: sha256WithRSAEncryption
3e:aa:97:fa:43:89:f9:31:4d:72:c5:fa:7f:fb:57:19:6f:be:
37:cd:25:ec:e3:af:08:a2:cb:aa:38:b3:59:2d:ed:da:a0:85:
e7:33:7b:cf:a9:df:4a:3a:90:90:81:1b:bb:00:57:56:73:74:
2e:a7:bb:04:93:42:3e:24:6e:ef:c8:4e:5d:93:e4:3b:c4:2e:
f2:2b:52:d7:f7:ec:08:36:7c:94:f5:b0:2d:aa:cc:f5:97:71:
58:d8:9b:26:ac:9c:49:b6:94:b5:54:6b:11:d8:d0:4e:c5:f2:
63:f0:86:7b:ec:9a:77:65:ef:7b:16:c0:fe:b4:59:c2:46:77:
5b:2e:35:76:87:aa:d7:fe:48:27:38:cc:c9:76:77:e4:c3:1f:
29:c6:36:5d:a8:be:1a:58:d6:ce:ea:1d:23:9c:cf:9f:29:99:
e9:f0:73:b4:3d:69:5c:48:1f:36:cd:5a:f3:a2:8a:50:6e:b3:
0e:42:c4:49:90:31:38:53:ef:99:64:a9:c4:4f:97:30:eb:63:
db:4e:4b:71:06:37:34:f9:a2:23:76:29:e9:81:ba:cc:67:3d:
14:ef:f7:80:8b:78:57:d2:cc:7a:c2:ee:7d:8e:30:ad:6e:b1:
0a:b1:df:99:46:00:7a:94:44:22:fb:36:d9:9c:85:ae:e4:86:
28:7f:02:14
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUIbHKX4OzY5YTMkWk/7yK2gUFX/AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNjAzMTcxMzE3NDdaFw0yNzAzMTYxMzIyNDdaMDMxMTAvBgNV
BAMTKERFMzA2MTFEOTFFNjkyQkFFMDFCNDdCNEI1REFCQ0IwQTBGNDczMzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC29+zGj4hG6X8MOcfa2Hc/b9J4
MnVSnYGZ0yQQTEhZcO1tdoKxez1oInpE8db0sp/NSpXu+gJSi+V21lpZaYKfzlwY
56RvrL9QcKvoeCGAAMADHQSVrVG09VD3KrK10VFXLaUzcTlpwQiRxwZrlXVXWPaY
JYf9F5FZBJLW8SbkUMw74/eF1Vmb3kQxLIARUYXQnvCyS2XcFZ4WoZ7+6WeGEj6O
29W/sr6WZo1RuaHVfjlBc0mUoEQksxvOogntIdG4u+XtoVyxZ3HuVIllu6gSwGqc
rnoUN8g/BxqBNin5SjbP0+eTdGgS+Uqjqcs5SQ8m75dYIQv1J8FWYM0WsD7pAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQU3jBhHZHmkrrgG0e0tdq8sKD0czkwHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzMzY1MzIzMDNhM2EyZjM0MzQyZDM0MzgyMDNkM2UyMDMyMzEzNDM0MzgzMC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHBCoRKcA+IDANBgkqhkiG9w0BAQsFAAOCAQEAPqqX+kOJ+TFNcsX6
f/tXGW++N80l7OOvCKLLqjizWS3t2qCF5zN7z6nfSjqQkIEbuwBXVnN0Lqe7BJNC
PiRu78hOXZPkO8Qu8itS1/fsCDZ8lPWwLarM9ZdxWNibJqycSbaUtVRrEdjQTsXy
Y/CGe+yad2XvexbA/rRZwkZ3Wy41doeq1/5IJzjMyXZ35MMfKcY2Xai+GljWzuod
I5zPnymZ6fBztD1pXEgfNs1a86KKUG6zDkLESZAxOFPvmWSpxE+XMOtj205LcQY3
NPmiI3Yp6YG6zGc9FO/3gIt4V9LMesLufY4wrW6xCrHfmUYAepREIvs22ZyFruSG
KH8CFA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 17:37:34 2026 by rpki-client