Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a34353a3a2f34382d3438203d3e20323134393338.roa
File: 326131313a323963303a34353a3a2f34382d3438203d3e20323134393338.roa (raw, json)
Hash identifier: EVEzSo81uFsaCd+7Do+urMzVK3Zd78wP0hPP92F7me4=
Subject key identifier: 48:37:32:2C:67:95:AF:CE:41:39:07:DF:75:7A:A2:D9:B5:00:EF:6A
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 3F6F78A35B220EA4C548E98B37EC4005EC229DEB
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a34353a3a2f34382d3438203d3e20323134393338.roa
Signing time: Fri 13 Mar 2026 12:22:45 +0000
ROA not before: Fri 13 Mar 2026 12:17:45 +0000
ROA not after: Fri 12 Mar 2027 12:22:45 +0000
asID: 214938
IP address blocks: 2a11:29c0:45::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 22:53:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:6f:78:a3:5b:22:0e:a4:c5:48:e9:8b:37:ec:40:05:ec:22:9d:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: Mar 13 12:17:45 2026 GMT
Not After : Mar 12 12:22:45 2027 GMT
Subject: CN=4837322C6795AFCE413907DF757AA2D9B500EF6A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:dc:d0:ba:b2:f0:2f:a1:1e:84:55:fb:0e:6e:
36:52:a7:3f:68:a6:77:fa:d2:92:1b:74:3b:81:38:
2b:f0:47:d8:54:62:3b:e1:8a:b7:5f:3d:f6:18:ad:
4c:cc:c2:87:8b:83:37:81:22:fc:c7:e0:7e:47:6f:
4f:b9:cd:36:0b:c1:64:67:45:bd:c6:07:53:72:b0:
b2:93:c1:b2:1e:60:b0:e1:18:e2:27:4c:51:3f:63:
3b:45:f6:cd:c7:47:a0:58:65:67:be:ae:76:03:2b:
cb:d1:6f:47:55:ee:b9:0a:b1:e6:70:a6:b2:c6:51:
0d:a3:0f:13:74:72:71:a6:e5:57:84:44:02:ed:59:
44:ef:7f:71:1d:33:2f:f5:6a:a0:34:48:08:82:50:
af:6c:fb:ac:83:99:12:26:d4:38:96:81:08:ae:12:
a6:df:d0:0a:22:e6:cc:05:97:20:e4:c4:6b:c7:36:
34:3c:1e:ef:1c:df:54:a8:6a:16:d6:16:3c:02:01:
3c:69:7b:bb:40:35:46:5a:17:18:7a:9e:1c:3f:cc:
55:35:5a:81:83:93:54:76:df:0e:c8:82:80:6b:fb:
30:7e:27:c2:64:e3:d3:8d:31:a1:9a:d0:d3:f0:2c:
3f:03:c5:2a:8b:19:60:a3:d6:c1:68:83:ef:cb:db:
f9:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:37:32:2C:67:95:AF:CE:41:39:07:DF:75:7A:A2:D9:B5:00:EF:6A
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a34353a3a2f34382d3438203d3e20323134393338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:45::/48
Signature Algorithm: sha256WithRSAEncryption
75:ae:36:5f:31:b1:c0:60:73:95:d5:b9:ba:cc:b1:9d:41:eb:
b8:f4:3e:b5:25:5a:45:5a:b5:b0:92:6e:1d:61:82:50:1a:54:
f3:07:13:5f:ee:99:15:1a:88:ac:47:5b:8d:7c:6e:50:ab:f7:
22:25:c3:73:77:93:8a:87:d4:fb:8b:d0:92:08:7b:93:aa:96:
81:5c:57:b8:0c:7a:7b:47:a7:b8:d0:39:6d:db:aa:2f:f9:e2:
e8:5a:96:9c:83:aa:34:88:4f:30:f3:7a:60:a4:f8:e8:41:c0:
54:19:41:c3:47:6d:cc:ec:5d:67:26:8b:15:f3:f7:c6:19:ae:
35:a8:8f:64:a8:0b:46:72:21:d3:ca:bb:b2:aa:d6:30:2f:6c:
df:9b:3e:9d:a8:17:b2:75:1f:28:56:65:92:7c:18:ee:d4:32:
b5:86:ec:87:df:45:5b:ba:ff:8d:bf:5a:95:ca:c9:90:0c:45:
7d:4a:4c:eb:a2:a9:3f:b3:fa:a4:eb:55:cb:67:29:fa:5e:6e:
57:52:e2:bd:48:37:d6:96:e6:8a:e3:9d:34:ad:29:9a:5b:01:
63:9d:39:c5:56:b1:c8:68:73:da:de:dc:4f:52:9a:6a:24:44:
50:e0:5c:b7:4d:e2:d2:bc:73:6e:2b:2c:64:90:03:47:4a:c7:
85:c3:80:fb
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUP294o1siDqTFSOmLN+xABewineswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNjAzMTMxMjE3NDVaFw0yNzAzMTIxMjIyNDVaMDMxMTAvBgNV
BAMTKDQ4MzczMjJDNjc5NUFGQ0U0MTM5MDdERjc1N0FBMkQ5QjUwMEVGNkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDB3NC6svAvoR6EVfsObjZSpz9o
pnf60pIbdDuBOCvwR9hUYjvhirdfPfYYrUzMwoeLgzeBIvzH4H5Hb0+5zTYLwWRn
Rb3GB1NysLKTwbIeYLDhGOInTFE/YztF9s3HR6BYZWe+rnYDK8vRb0dV7rkKseZw
prLGUQ2jDxN0cnGm5VeERALtWUTvf3EdMy/1aqA0SAiCUK9s+6yDmRIm1DiWgQiu
Eqbf0Aoi5swFlyDkxGvHNjQ8Hu8c31SoahbWFjwCATxpe7tANUZaFxh6nhw/zFU1
WoGDk1R23w7IgoBr+zB+J8Jk49ONMaGa0NPwLD8DxSqLGWCj1sFog+/L2/kjAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUSDcyLGeVr85BOQffdXqi2bUA72owHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzNDM1M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzMTM0MzkzMzM4LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAKhEpwABFMA0GCSqGSIb3DQEBCwUAA4IBAQB1rjZfMbHAYHOV1bm6zLGd
Qeu49D61JVpFWrWwkm4dYYJQGlTzBxNf7pkVGoisR1uNfG5Qq/ciJcNzd5OKh9T7
i9CSCHuTqpaBXFe4DHp7R6e40Dlt26ov+eLoWpacg6o0iE8w83pgpPjoQcBUGUHD
R23M7F1nJosV8/fGGa41qI9kqAtGciHTyruyqtYwL2zfmz6dqBeydR8oVmWSfBju
1DK1huyH30Vbuv+Nv1qVysmQDEV9Skzroqk/s/qk61XLZyn6Xm5XUuK9SDfWluaK
4500rSmaWwFjnTnFVrHIaHPa3txPUppqJERQ4Fy3TeLSvHNuKyxkkANHSseFw4D7
-----END CERTIFICATE-----
Generated at Thu Mar 26 17:11:13 2026 by rpki-client