Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a3a2f34342d3438203d3e203530333931.roa
File: 326131313a323963303a3a2f34342d3438203d3e203530333931.roa (raw, json)
Hash identifier: jXwN9keDsosn2f635yNjF4zbA82FYGNXz6V29qHUDCE=
Subject key identifier: B3:B9:0D:29:E6:C3:A1:A1:02:CC:8E:4B:69:16:69:C0:4C:06:98:26
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 5C6566ACE50F36BDF96BA0D75D0011CF26981BBC
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a3a2f34342d3438203d3e203530333931.roa
Signing time: Fri 13 Mar 2026 18:22:36 +0000
ROA not before: Fri 13 Mar 2026 18:17:36 +0000
ROA not after: Fri 12 Mar 2027 18:22:36 +0000
asID: 50391
IP address blocks: 2a11:29c0::/44 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 04:57:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:65:66:ac:e5:0f:36:bd:f9:6b:a0:d7:5d:00:11:cf:26:98:1b:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: Mar 13 18:17:36 2026 GMT
Not After : Mar 12 18:22:36 2027 GMT
Subject: CN=B3B90D29E6C3A1A102CC8E4B691669C04C069826
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:5e:dd:41:e2:84:0f:27:a5:6b:b3:22:16:e1:
b7:c5:25:9a:2d:3a:31:09:37:54:43:0d:78:37:9c:
6a:82:6b:a5:f4:33:01:38:72:cb:18:47:32:b0:d1:
48:dd:12:52:30:53:46:bc:d7:50:a7:05:aa:67:57:
e7:40:0f:76:20:3c:17:af:8c:35:e5:e5:6d:27:5b:
e1:8c:61:d6:33:66:be:2f:c9:07:1e:50:8d:9b:ff:
81:10:97:e4:23:1b:25:fe:19:7e:f0:b9:23:34:80:
26:11:a8:47:86:28:e8:72:77:81:4f:a6:34:88:94:
5f:78:25:01:2d:ed:46:0d:54:15:45:03:7b:b3:4a:
68:89:14:3e:d6:3b:ff:9e:f1:5f:08:be:aa:e6:06:
7c:d6:a3:a6:0c:50:bd:28:bf:ed:33:90:e8:a1:ac:
ef:3e:60:92:91:3a:6b:02:78:98:c4:ed:99:55:4c:
57:5b:5d:31:88:cc:38:63:cb:a4:39:ba:3a:4d:a9:
d6:e0:ba:42:fb:30:ba:02:bf:80:a3:dc:de:55:b6:
0d:a9:47:5b:0b:d7:c4:23:48:f2:22:32:7f:f9:ee:
31:97:46:22:8d:90:ce:bf:d8:a9:a8:c5:05:8e:ee:
2d:d8:38:a6:9e:27:45:f9:31:5f:84:12:1f:c5:87:
cb:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:B9:0D:29:E6:C3:A1:A1:02:CC:8E:4B:69:16:69:C0:4C:06:98:26
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a3a2f34342d3438203d3e203530333931.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0::/44
Signature Algorithm: sha256WithRSAEncryption
05:fd:0e:89:56:9f:a9:f3:2d:29:c4:ca:29:81:67:95:1b:e7:
c8:f5:9b:02:b0:5f:85:6b:5e:37:7a:d6:35:0c:d3:47:d4:f3:
09:1a:7c:ac:49:cf:fc:db:4e:5f:5e:6b:7f:eb:0f:f1:6d:b3:
84:45:3a:4f:de:3c:e6:5e:d6:d3:02:d8:67:7a:a2:62:5d:33:
06:e7:1b:b7:cf:b3:ca:36:e2:2f:b7:74:65:38:88:59:48:7f:
97:d6:a5:bc:e2:53:d0:eb:77:f3:f2:cb:b7:e0:61:c8:dc:79:
4a:f2:02:f3:2d:48:59:d6:45:f3:67:08:b8:cb:dc:f0:9e:b0:
4d:17:a8:17:48:74:93:a3:b6:14:b6:6a:f6:3e:28:95:bd:fb:
f1:44:25:b1:0b:de:d4:4a:fb:e4:ca:6d:ee:39:b2:20:f9:8d:
4c:70:8b:34:94:dd:25:76:2b:ab:c4:20:77:9e:d8:3f:96:f8:
38:5a:b5:a0:6a:37:f6:fe:3c:d9:1d:30:a3:32:70:5a:fc:51:
43:3b:9e:db:18:91:82:e5:76:53:b6:0c:42:41:df:aa:ff:15:
f0:69:08:2d:9f:9e:dd:44:48:3f:10:29:ce:73:5d:1d:9f:4d:
75:e7:d7:22:ae:07:37:ca:b3:fe:eb:8c:8c:1f:4c:7e:47:96:
7c:c5:dd:16
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIUXGVmrOUPNr35a6DXXQARzyaYG7wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNjAzMTMxODE3MzZaFw0yNzAzMTIxODIyMzZaMDMxMTAvBgNV
BAMTKEIzQjkwRDI5RTZDM0ExQTEwMkNDOEU0QjY5MTY2OUMwNEMwNjk4MjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCSXt1B4oQPJ6VrsyIW4bfFJZot
OjEJN1RDDXg3nGqCa6X0MwE4cssYRzKw0UjdElIwU0a811CnBapnV+dAD3YgPBev
jDXl5W0nW+GMYdYzZr4vyQceUI2b/4EQl+QjGyX+GX7wuSM0gCYRqEeGKOhyd4FP
pjSIlF94JQEt7UYNVBVFA3uzSmiJFD7WO/+e8V8IvqrmBnzWo6YMUL0ov+0zkOih
rO8+YJKROmsCeJjE7ZlVTFdbXTGIzDhjy6Q5ujpNqdbgukL7MLoCv4Cj3N5Vtg2p
R1sL18QjSPIiMn/57jGXRiKNkM6/2KmoxQWO7i3YOKaeJ0X5MV+EEh/Fh8szAgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQUs7kNKebDoaECzI5LaRZpwEwGmCYwHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzYTJmMzQzNDJkMzQzODIwM2QzZTIwMzUzMDMzMzkzMS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoR
KcAAADANBgkqhkiG9w0BAQsFAAOCAQEABf0OiVafqfMtKcTKKYFnlRvnyPWbArBf
hWteN3rWNQzTR9TzCRp8rEnP/NtOX15rf+sP8W2zhEU6T9485l7W0wLYZ3qiYl0z
Bucbt8+zyjbiL7d0ZTiIWUh/l9alvOJT0Ot38/LLt+BhyNx5SvIC8y1IWdZF82cI
uMvc8J6wTReoF0h0k6O2FLZq9j4olb378UQlsQve1Er75Mpt7jmyIPmNTHCLNJTd
JXYrq8Qgd57YP5b4OFq1oGo39v482R0wozJwWvxRQzue2xiRguV2U7YMQkHfqv8V
8GkILZ+e3URIPxApznNdHZ9NdefXIq4HN8qz/uuMjB9MfkeWfMXdFg==
-----END CERTIFICATE-----
Generated at Wed Mar 25 21:27:10 2026 by rpki-client