Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a3230303a3a2f34302d3438203d3e20323033313638.roa
File: 326130663a316363353a3230303a3a2f34302d3438203d3e20323033313638.roa (raw, json)
Hash identifier: UwWJ4yE2EjTc5x64fHQ/I+GpVPIkiv2b+8JEYIG398g=
Subject key identifier: 75:4B:0A:49:A6:E4:A5:51:61:46:AB:1E:BC:2D:36:68:1D:1B:73:59
Certificate issuer: /CN=411e2d411d687bcb4449c3df45beedc041007d94
Certificate serial: 51E0BBCECA57DAADA3793462BA1AB809063FAED8
Authority key identifier: 41:1E:2D:41:1D:68:7B:CB:44:49:C3:DF:45:BE:ED:C0:41:00:7D:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a3230303a3a2f34302d3438203d3e20323033313638.roa
Signing time: Mon 09 Mar 2026 03:04:07 +0000
ROA not before: Mon 09 Mar 2026 02:59:07 +0000
ROA not after: Mon 08 Mar 2027 03:04:07 +0000
asID: 203168
IP address blocks: 2a0f:1cc5:200::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.crl
rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.mft
rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 10:25:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:e0:bb:ce:ca:57:da:ad:a3:79:34:62:ba:1a:b8:09:06:3f:ae:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=411e2d411d687bcb4449c3df45beedc041007d94
Validity
Not Before: Mar 9 02:59:07 2026 GMT
Not After : Mar 8 03:04:07 2027 GMT
Subject: CN=754B0A49A6E4A5516146AB1EBC2D36681D1B7359
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:c9:cf:72:48:61:3b:06:6e:94:02:cb:b8:72:
32:b1:91:a0:be:27:60:23:7d:45:e4:71:88:3a:a5:
20:01:14:f2:76:26:11:7e:9a:f6:fc:1d:66:e2:77:
90:2f:2b:cd:43:86:fb:fb:9b:01:23:c2:3f:16:28:
85:21:60:96:2d:98:35:80:68:00:21:e1:76:80:74:
79:09:0b:3f:37:3b:74:33:34:71:c3:f1:b2:07:9c:
bc:25:ed:09:af:95:67:02:b8:f5:fa:89:e4:39:bc:
58:8e:fe:db:e0:c1:0e:78:3b:31:4c:84:f8:e8:84:
2b:0e:71:9c:98:ec:5a:48:13:ec:62:6f:ad:8c:ed:
36:78:bc:b6:bd:01:4a:1b:7a:25:6e:d7:cb:d6:1b:
e9:a5:6c:ca:53:fa:c8:bf:e5:27:15:40:0b:50:bc:
f9:8d:4f:c8:29:8e:f5:f2:a6:da:e1:d4:0f:c9:50:
03:05:1e:25:ec:c0:b4:fc:24:e3:4f:0f:43:ea:85:
e4:ff:4b:23:68:e3:da:8b:2f:a9:0b:ed:94:54:39:
fb:eb:d1:4c:83:9d:c2:3c:d1:11:4f:3b:3f:55:11:
ea:3c:8b:a6:d5:10:f2:4f:43:3d:7c:c0:cd:ad:a1:
23:93:7c:4d:f7:7c:4a:78:d3:4c:1a:05:ff:cc:7d:
df:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:4B:0A:49:A6:E4:A5:51:61:46:AB:1E:BC:2D:36:68:1D:1B:73:59
X509v3 Authority Key Identifier:
keyid:41:1E:2D:41:1D:68:7B:CB:44:49:C3:DF:45:BE:ED:C0:41:00:7D:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a3230303a3a2f34302d3438203d3e20323033313638.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1cc5:200::/40
Signature Algorithm: sha256WithRSAEncryption
51:63:09:72:d4:eb:5e:f9:48:77:1d:b3:7c:31:45:49:df:c0:
6f:5d:6d:aa:ce:6b:f1:4f:03:4d:89:ef:24:8b:14:44:34:2e:
d3:ce:54:e2:76:fe:3a:a4:59:43:cd:71:26:cb:52:e7:c1:58:
17:bd:a6:63:60:e3:e0:64:d0:bd:60:da:2c:a1:b6:a9:54:2a:
ca:71:fd:8f:39:9c:17:2a:f5:ef:88:71:3f:81:80:7a:ac:f9:
58:ea:53:1e:a3:de:5b:1b:31:a5:79:7b:ca:d2:c2:84:90:09:
65:ee:a5:c9:3b:b5:2d:66:5f:57:48:43:ee:05:4c:1d:a7:d2:
df:ec:3e:01:98:30:77:87:63:3e:cd:65:91:d4:df:98:3f:10:
ed:c2:67:34:77:c4:82:aa:f1:52:a6:f8:c0:03:1a:a9:02:54:
24:17:d8:8e:fe:59:20:ff:11:e8:d4:ad:dc:75:d6:f7:86:e4:
99:23:20:ac:50:e6:dd:f0:30:f3:95:57:68:41:58:90:85:6c:
77:a6:31:26:af:23:63:f7:bc:05:52:d1:d3:4e:7a:16:e9:3d:
e1:13:d8:cb:1b:62:32:d5:ae:c0:24:6b:d7:9a:64:db:e7:49:
f1:6c:b0:d3:45:73:c4:b6:33:46:69:25:8b:17:b2:9b:d7:61:
f0:a2:20:89
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIUUeC7zspX2q2jeTRiuhq4CQY/rtgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDExZTJkNDExZDY4N2JjYjQ0NDljM2RmNDViZWVkYzA0
MTAwN2Q5NDAeFw0yNjAzMDkwMjU5MDdaFw0yNzAzMDgwMzA0MDdaMDMxMTAvBgNV
BAMTKDc1NEIwQTQ5QTZFNEE1NTE2MTQ2QUIxRUJDMkQzNjY4MUQxQjczNTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCLyc9ySGE7Bm6UAsu4cjKxkaC+
J2AjfUXkcYg6pSABFPJ2JhF+mvb8HWbid5AvK81Dhvv7mwEjwj8WKIUhYJYtmDWA
aAAh4XaAdHkJCz83O3QzNHHD8bIHnLwl7QmvlWcCuPX6ieQ5vFiO/tvgwQ54OzFM
hPjohCsOcZyY7FpIE+xib62M7TZ4vLa9AUobeiVu18vWG+mlbMpT+si/5ScVQAtQ
vPmNT8gpjvXyptrh1A/JUAMFHiXswLT8JONPD0PqheT/SyNo49qLL6kL7ZRUOfvr
0UyDncI80RFPOz9VEeo8i6bVEPJPQz18wM2toSOTfE33fEp400waBf/Mfd/nAgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQUdUsKSabkpVFhRqsevC02aB0bc1kwHwYDVR0j
BBgwFoAUQR4tQR1oe8tEScPfRb7twEEAfZQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGFmYjVmZTItM2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0
ZjBlLzAvNDExRTJENDExRDY4N0JDQjQ0NDlDM0RGNDVCRUVEQzA0MTAwN0Q5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1FSNHRRUjFvZTh0RVNjUGZSYjd0d0VF
QWZaUS5jZXIwgbUGCCsGAQUFBwELBIGoMIGlMIGiBggrBgEFBQcwC4aBlXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGFmYjVmZTIt
M2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0ZjBlLzAvMzI2MTMwNjYzYTMxNjM2MzM1
M2EzMjMwMzAzYTNhMmYzNDMwMmQzNDM4MjAzZDNlMjAzMjMwMzMzMTM2Mzgucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4E
AgACMAgDBgAqDxzFAjANBgkqhkiG9w0BAQsFAAOCAQEAUWMJctTrXvlIdx2zfDFF
Sd/Ab11tqs5r8U8DTYnvJIsURDQu085U4nb+OqRZQ81xJstS58FYF72mY2Dj4GTQ
vWDaLKG2qVQqynH9jzmcFyr174hxP4GAeqz5WOpTHqPeWxsxpXl7ytLChJAJZe6l
yTu1LWZfV0hD7gVMHafS3+w+AZgwd4djPs1lkdTfmD8Q7cJnNHfEgqrxUqb4wAMa
qQJUJBfYjv5ZIP8R6NSt3HXW94bkmSMgrFDm3fAw85VXaEFYkIVsd6YxJq8jY/e8
BVLR0056Fuk94RPYyxtiMtWuwCRr15pk2+dJ8Wyw00VzxLYzRmklixeym9dh8KIg
iQ==
-----END CERTIFICATE-----
Generated at Wed Mar 25 23:01:05 2026 by rpki-client