Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a34623a3a2f34382d3438203d3e20323133393832.roa
File: 326131313a323963303a34623a3a2f34382d3438203d3e20323133393832.roa (raw, json)
Hash identifier: Ln+DnKs28cYIW1fB6dirl4UWozM420QD8iDT0IJkc+E=
Subject key identifier: DF:FA:F9:2E:6B:28:38:6B:11:63:07:F6:E4:A9:C8:13:43:28:E9:5F
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 0E7FD95666E06357F86207CA7DDF97CA7D72D814
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a34623a3a2f34382d3438203d3e20323133393832.roa
Signing time: Mon 16 Mar 2026 21:22:46 +0000
ROA not before: Mon 16 Mar 2026 21:17:46 +0000
ROA not after: Mon 15 Mar 2027 21:22:46 +0000
asID: 213982
IP address blocks: 2a11:29c0:4b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 22:53:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:7f:d9:56:66:e0:63:57:f8:62:07:ca:7d:df:97:ca:7d:72:d8:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: Mar 16 21:17:46 2026 GMT
Not After : Mar 15 21:22:46 2027 GMT
Subject: CN=DFFAF92E6B28386B116307F6E4A9C8134328E95F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:1a:fa:5f:59:81:66:65:e2:ea:06:68:a6:eb:
e3:1f:b8:3d:61:7c:bc:1f:16:1e:f2:e6:88:6c:ca:
c5:1c:ba:25:d0:a5:7a:d2:5f:2c:71:d3:64:17:89:
f3:5c:04:ce:7c:9d:b5:a6:b7:3b:0b:c8:7b:cb:63:
05:7d:cd:95:70:f0:fa:12:f7:ba:c0:78:9d:05:63:
b0:ae:50:82:9f:07:e8:22:f1:db:9b:77:57:cb:a8:
c0:f5:79:78:83:fa:b1:e5:99:d0:75:a7:c9:b9:02:
37:1b:0e:56:a6:c9:1d:c1:88:73:bb:01:2b:03:d2:
28:1e:08:cd:3e:6b:e7:5b:48:ed:6c:ca:a1:42:15:
bb:e1:9a:35:82:26:65:ba:76:28:9b:31:c7:90:b9:
03:a1:f7:12:62:95:59:df:a8:5e:5f:94:80:05:87:
4a:ad:05:9a:ef:0d:14:5e:50:3b:48:42:1c:fd:50:
15:67:90:71:9a:68:d7:d9:de:f0:03:72:ca:d1:86:
8d:3c:91:fe:cd:5e:bc:58:92:4f:46:20:db:25:07:
7f:9f:8e:96:ae:80:4e:49:2f:ca:29:4f:ca:e5:34:
be:e0:81:61:ed:1e:74:31:ef:62:a0:df:a4:13:2f:
e9:34:d4:0a:dd:33:dd:1d:1a:1f:f9:cb:02:89:4f:
d0:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:FA:F9:2E:6B:28:38:6B:11:63:07:F6:E4:A9:C8:13:43:28:E9:5F
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a34623a3a2f34382d3438203d3e20323133393832.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:4b::/48
Signature Algorithm: sha256WithRSAEncryption
03:14:46:5b:e6:46:23:54:51:50:d0:a2:7b:dd:80:a2:83:2b:
ec:ca:30:30:1b:87:20:15:dd:49:24:42:b2:28:41:45:b3:b4:
19:93:5f:df:ca:ed:06:e9:d3:43:cf:1f:1f:74:6f:d4:ea:80:
65:fc:36:63:24:d2:8b:86:2e:1a:2f:8c:01:44:fb:a6:66:f3:
a1:d6:a6:9d:3e:2e:e3:fb:bd:6a:1d:12:98:1c:0e:a9:e3:10:
d5:35:d9:17:65:1d:8b:b1:75:b3:22:43:4c:92:53:93:7f:58:
61:e1:c5:f2:ca:f9:c5:39:90:19:45:59:ac:e5:18:9d:05:10:
8b:24:19:8e:a2:56:78:6b:3c:99:c8:7f:bd:72:4a:23:75:92:
cc:cd:42:29:81:92:05:9c:65:56:bc:50:01:fc:b7:ae:d3:bf:
39:a4:1f:61:73:02:be:4b:72:46:1f:90:51:a0:f0:b6:8e:0e:
09:19:78:38:10:41:d6:85:44:4d:0b:e0:bf:e5:99:5c:81:8a:
c2:19:c4:fd:72:9f:03:33:ef:9d:b8:27:a4:1d:4f:0b:e0:de:
d2:12:ba:b5:e2:29:38:1b:67:ff:53:a6:8e:b4:f3:9b:39:8f:
d8:cc:f2:30:b3:be:ce:1d:64:10:08:d5:87:05:17:f3:a0:40:
ba:31:c3:b1
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUDn/ZVmbgY1f4YgfKfd+Xyn1y2BQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNjAzMTYyMTE3NDZaFw0yNzAzMTUyMTIyNDZaMDMxMTAvBgNV
BAMTKERGRkFGOTJFNkIyODM4NkIxMTYzMDdGNkU0QTlDODEzNDMyOEU5NUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTGvpfWYFmZeLqBmim6+MfuD1h
fLwfFh7y5ohsysUcuiXQpXrSXyxx02QXifNcBM58nbWmtzsLyHvLYwV9zZVw8PoS
97rAeJ0FY7CuUIKfB+gi8dubd1fLqMD1eXiD+rHlmdB1p8m5AjcbDlamyR3BiHO7
ASsD0igeCM0+a+dbSO1syqFCFbvhmjWCJmW6diibMceQuQOh9xJilVnfqF5flIAF
h0qtBZrvDRReUDtIQhz9UBVnkHGaaNfZ3vADcsrRho08kf7NXrxYkk9GINslB3+f
jpaugE5JL8opT8rlNL7ggWHtHnQx72Kg36QTL+k01ArdM90dGh/5ywKJT9CpAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQU3/r5LmsoOGsRYwf25KnIE0Mo6V8wHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzNDYyM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzMTMzMzkzODMyLnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAKhEpwABLMA0GCSqGSIb3DQEBCwUAA4IBAQADFEZb5kYjVFFQ0KJ73YCi
gyvsyjAwG4cgFd1JJEKyKEFFs7QZk1/fyu0G6dNDzx8fdG/U6oBl/DZjJNKLhi4a
L4wBRPumZvOh1qadPi7j+71qHRKYHA6p4xDVNdkXZR2LsXWzIkNMklOTf1hh4cXy
yvnFOZAZRVms5RidBRCLJBmOolZ4azyZyH+9ckojdZLMzUIpgZIFnGVWvFAB/Leu
0785pB9hcwK+S3JGH5BRoPC2jg4JGXg4EEHWhURNC+C/5ZlcgYrCGcT9cp8DM++d
uCekHU8L4N7SErq14ik4G2f/U6aOtPObOY/YzPIws77OHWQQCNWHBRfzoEC6McOx
-----END CERTIFICATE-----
Generated at Thu Mar 26 17:09:15 2026 by rpki-client