Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a3437383a3a2f34382d3438203d3e20323134363537.roa
File: 326131313a323963303a3437383a3a2f34382d3438203d3e20323134363537.roa (raw, json)
Hash identifier: SdkDNl6qurLH8oDsrJzty4oAOJ9cjZZdJY3uJUuFFmc=
Subject key identifier: 50:4C:87:9D:DE:D8:1D:A1:4C:0D:8B:AE:57:56:1C:2D:20:3F:9E:00
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 403DDC211263DD2FC1583EF86D6925DFF81055E1
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a3437383a3a2f34382d3438203d3e20323134363537.roa
Signing time: Mon 16 Mar 2026 21:22:46 +0000
ROA not before: Mon 16 Mar 2026 21:17:46 +0000
ROA not after: Mon 15 Mar 2027 21:22:46 +0000
asID: 214657
IP address blocks: 2a11:29c0:478::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 16:32:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:3d:dc:21:12:63:dd:2f:c1:58:3e:f8:6d:69:25:df:f8:10:55:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: Mar 16 21:17:46 2026 GMT
Not After : Mar 15 21:22:46 2027 GMT
Subject: CN=504C879DDED81DA14C0D8BAE57561C2D203F9E00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:2a:0d:34:94:3b:c3:d8:c7:86:61:ce:f4:d9:
90:1b:fa:d2:31:2a:dd:89:f6:5f:9a:ec:1a:6c:62:
6d:48:f6:ed:c8:ab:ba:0f:10:fd:41:0c:a2:16:90:
4d:ad:4e:b8:32:79:eb:3c:c3:fd:09:10:66:07:eb:
8c:02:a0:c0:92:d5:d3:7b:79:c1:7b:4f:9e:b6:1d:
46:c3:99:cd:da:4c:4c:27:30:60:44:f4:d4:49:a5:
29:52:5b:cc:3c:2d:2a:f8:2c:65:50:c9:92:1b:0c:
9c:9d:cb:9e:3c:7c:2b:1a:48:50:83:cc:eb:08:07:
db:f7:57:ce:ae:d2:7c:24:55:ae:5e:c4:e5:ba:f3:
61:93:c9:41:08:d2:85:76:2f:f4:c9:b9:88:82:d2:
35:c6:58:70:d2:1e:1d:ff:03:0b:cd:39:30:5c:86:
d3:36:48:12:e1:25:40:56:ff:3a:1d:25:8f:6b:33:
df:b4:cb:2e:08:bc:92:ef:75:de:f0:08:9a:24:5e:
24:c4:13:81:18:81:21:5b:37:14:ee:f6:27:a0:9a:
30:2b:26:4f:71:e2:e5:82:bc:79:13:d7:e8:60:68:
bb:da:4f:d5:12:3e:60:4a:09:8a:22:07:78:3c:42:
21:28:ec:57:73:9f:dc:ba:65:ad:ff:be:41:1a:b6:
5d:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:4C:87:9D:DE:D8:1D:A1:4C:0D:8B:AE:57:56:1C:2D:20:3F:9E:00
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a3437383a3a2f34382d3438203d3e20323134363537.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:478::/48
Signature Algorithm: sha256WithRSAEncryption
00:df:b7:f6:fe:a7:7e:af:18:cc:bf:73:12:4b:cf:0c:b3:d7:
e4:5b:31:30:29:93:59:4f:de:37:11:2f:8c:e5:24:2b:b4:86:
60:8f:e3:2b:90:2b:c4:b5:07:04:32:26:74:9c:79:e8:a3:cf:
75:cc:7b:38:17:3a:0d:bc:34:9a:59:c1:9a:2c:9e:51:87:c4:
46:e7:36:f4:36:10:e3:a0:ce:bc:7f:ab:e1:42:56:60:62:84:
87:da:f5:a4:c7:30:99:ea:b0:5d:57:ae:10:61:b6:63:9c:4c:
3a:ac:33:6d:24:26:a5:1e:ea:c9:3c:16:3f:68:5d:f3:1a:b1:
91:9e:0f:aa:ce:74:de:1d:67:e0:19:48:52:f0:01:34:3c:e4:
bd:a7:ce:38:a1:a6:8c:0a:36:73:29:a8:ce:d8:36:c2:30:92:
f6:b2:d3:17:9a:6d:42:92:28:09:fb:9d:fb:75:01:45:22:5a:
52:7a:95:64:94:a2:9e:f5:69:83:cf:86:81:84:8f:90:4a:2a:
f2:36:fe:e3:57:a7:d5:d5:2f:0f:0d:c2:51:ad:eb:ff:03:b0:
d8:29:c6:69:1c:e3:76:e9:01:75:0c:14:a5:72:02:3f:73:ac:
51:68:a3:31:fa:1e:9b:d3:dd:ed:c8:54:37:15:c4:c0:f1:e7:
a7:82:e7:15
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgIUQD3cIRJj3S/BWD74bWkl3/gQVeEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNjAzMTYyMTE3NDZaFw0yNzAzMTUyMTIyNDZaMDMxMTAvBgNV
BAMTKDUwNEM4NzlEREVEODFEQTE0QzBEOEJBRTU3NTYxQzJEMjAzRjlFMDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjKg00lDvD2MeGYc702ZAb+tIx
Kt2J9l+a7BpsYm1I9u3Iq7oPEP1BDKIWkE2tTrgyees8w/0JEGYH64wCoMCS1dN7
ecF7T562HUbDmc3aTEwnMGBE9NRJpSlSW8w8LSr4LGVQyZIbDJydy548fCsaSFCD
zOsIB9v3V86u0nwkVa5exOW682GTyUEI0oV2L/TJuYiC0jXGWHDSHh3/AwvNOTBc
htM2SBLhJUBW/zodJY9rM9+0yy4IvJLvdd7wCJokXiTEE4EYgSFbNxTu9iegmjAr
Jk9x4uWCvHkT1+hgaLvaT9USPmBKCYoiB3g8QiEo7Fdzn9y6Za3/vkEatl07AgMB
AAGjggJIMIICRDAdBgNVHQ4EFgQUUEyHnd7YHaFMDYuuV1YcLSA/ngAwHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbUGCCsGAQUFBwELBIGoMIGlMIGiBggrBgEFBQcwC4aBlXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzNDM3MzgzYTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMjMxMzQzNjM1Mzcucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8E
AgACMAkDBwAqESnABHgwDQYJKoZIhvcNAQELBQADggEBAADft/b+p36vGMy/cxJL
zwyz1+RbMTApk1lP3jcRL4zlJCu0hmCP4yuQK8S1BwQyJnSceeijz3XMezgXOg28
NJpZwZosnlGHxEbnNvQ2EOOgzrx/q+FCVmBihIfa9aTHMJnqsF1XrhBhtmOcTDqs
M20kJqUe6sk8Fj9oXfMasZGeD6rOdN4dZ+AZSFLwATQ85L2nzjihpowKNnMpqM7Y
NsIwkvay0xeabUKSKAn7nft1AUUiWlJ6lWSUop71aYPPhoGEj5BKKvI2/uNXp9XV
Lw8NwlGt6/8DsNgpxmkc43bpAXUMFKVyAj9zrFFoozH6HpvT3e3IVDcVxMDx56eC
5xU=
-----END CERTIFICATE-----
Generated at Thu Mar 26 20:41:42 2026 by rpki-client