Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a333130303a3a2f34302d3438203d3e20313939373530.roa
File: 326130663a316363353a333130303a3a2f34302d3438203d3e20313939373530.roa (raw, json)
Hash identifier: OhX0lq+LEdmEppq0abzx2L+abXvGBGr45JxoC0OeP4g=
Subject key identifier: 8D:24:CC:F1:4D:89:F5:CD:1B:CE:B4:72:0F:C6:D2:68:8F:86:9A:B7
Certificate issuer: /CN=411e2d411d687bcb4449c3df45beedc041007d94
Certificate serial: 1C9261CBFA195758F85AB480E4061E6DE484CD11
Authority key identifier: 41:1E:2D:41:1D:68:7B:CB:44:49:C3:DF:45:BE:ED:C0:41:00:7D:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a333130303a3a2f34302d3438203d3e20313939373530.roa
Signing time: Mon 11 May 2026 07:46:04 +0000
ROA not before: Mon 11 May 2026 07:41:04 +0000
ROA not after: Mon 10 May 2027 07:46:04 +0000
asID: 199750
IP address blocks: 2a0f:1cc5:3100::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.crl
rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.mft
rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 22:49:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:92:61:cb:fa:19:57:58:f8:5a:b4:80:e4:06:1e:6d:e4:84:cd:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=411e2d411d687bcb4449c3df45beedc041007d94
Validity
Not Before: May 11 07:41:04 2026 GMT
Not After : May 10 07:46:04 2027 GMT
Subject: CN=8D24CCF14D89F5CD1BCEB4720FC6D2688F869AB7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:1e:26:63:83:a7:cc:49:e2:0d:b9:da:e8:b2:
73:f7:d5:49:b9:76:39:53:95:ba:56:a3:87:19:82:
48:aa:19:2a:99:a2:a4:09:2a:80:56:b9:e3:d0:dc:
ef:82:64:32:b2:6c:37:51:7b:b9:5c:43:a9:a6:21:
76:0d:b7:87:f8:9f:c5:d6:79:ff:78:ad:2f:69:1b:
26:ea:48:65:68:d3:3d:26:5e:d4:29:a7:08:97:46:
b0:01:3a:cf:18:f5:de:1b:20:12:94:3e:b8:89:6b:
39:e5:13:fd:60:a8:90:c2:0c:75:87:2a:a6:a8:68:
65:bb:f3:78:46:ae:d7:ac:20:40:bb:ea:b8:95:41:
af:d7:86:ce:fb:14:38:6b:c7:8b:dc:09:9c:f3:84:
65:bc:d9:2a:11:8b:db:9f:a5:dd:e7:22:27:73:db:
ac:0c:15:e6:55:08:67:c5:88:04:93:d7:d2:64:0b:
d3:b8:73:1d:32:a3:76:a7:d0:76:93:98:94:8a:de:
5c:35:3d:2b:b5:bf:70:c7:16:b9:c4:81:5b:24:79:
86:f5:cd:05:9d:f0:9b:82:3f:d9:16:c8:1b:c3:a1:
50:9d:f6:a1:2c:0d:4e:7c:9e:3e:7a:09:7a:2c:ac:
1e:bc:9b:d1:fe:8e:34:a3:b2:5a:46:f1:3a:ee:43:
9b:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:24:CC:F1:4D:89:F5:CD:1B:CE:B4:72:0F:C6:D2:68:8F:86:9A:B7
X509v3 Authority Key Identifier:
keyid:41:1E:2D:41:1D:68:7B:CB:44:49:C3:DF:45:BE:ED:C0:41:00:7D:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a333130303a3a2f34302d3438203d3e20313939373530.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1cc5:3100::/40
Signature Algorithm: sha256WithRSAEncryption
11:e5:56:3d:95:5e:4d:7a:26:c9:6c:c3:ec:df:02:51:d6:ee:
57:b9:4c:c7:85:18:59:90:51:88:37:76:2b:55:72:1a:d7:0d:
aa:90:fd:58:31:6e:f3:21:bf:1a:7c:c7:36:4c:a0:23:d1:37:
64:0f:b0:04:47:20:8d:9c:06:4c:49:dd:d0:8d:96:79:a6:d0:
a0:be:2f:db:5b:8b:b8:6b:af:09:56:a3:55:29:54:b3:ce:f0:
bc:0e:0b:e1:5f:5a:2b:45:ec:e2:f6:f7:d8:0a:08:6d:ee:b8:
28:38:2e:de:ee:69:1d:0b:ab:33:ee:f6:4f:73:c9:41:e3:d9:
86:23:85:73:d8:e9:97:2d:fe:ed:86:30:2e:f3:dd:0d:e4:e2:
2b:b9:b2:54:76:cf:a0:b1:dd:68:a6:7a:ba:e8:27:c7:5c:4c:
9f:05:d3:9c:8b:90:54:b9:68:b1:9d:21:a0:42:15:af:93:b9:
a9:e2:50:f5:48:e1:5f:99:92:27:5c:75:97:ca:de:a2:49:c4:
82:71:b0:01:96:0b:49:7c:5e:ba:66:2f:98:38:13:87:90:85:
c9:46:0a:2c:9c:61:bb:c2:ab:b2:1b:f8:6c:17:d7:7a:60:d8:
32:57:f1:39:f5:7f:b4:c5:0d:fc:f3:24:15:c8:c7:95:e4:87:
29:8d:03:b5
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIUHJJhy/oZV1j4WrSA5AYebeSEzREwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDExZTJkNDExZDY4N2JjYjQ0NDljM2RmNDViZWVkYzA0
MTAwN2Q5NDAeFw0yNjA1MTEwNzQxMDRaFw0yNzA1MTAwNzQ2MDRaMDMxMTAvBgNV
BAMTKDhEMjRDQ0YxNEQ4OUY1Q0QxQkNFQjQ3MjBGQzZEMjY4OEY4NjlBQjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3HiZjg6fMSeINudrosnP31Um5
djlTlbpWo4cZgkiqGSqZoqQJKoBWuePQ3O+CZDKybDdRe7lcQ6mmIXYNt4f4n8XW
ef94rS9pGybqSGVo0z0mXtQppwiXRrABOs8Y9d4bIBKUPriJaznlE/1gqJDCDHWH
KqaoaGW783hGrtesIEC76riVQa/Xhs77FDhrx4vcCZzzhGW82SoRi9ufpd3nIidz
26wMFeZVCGfFiAST19JkC9O4cx0yo3an0HaTmJSK3lw1PSu1v3DHFrnEgVskeYb1
zQWd8JuCP9kWyBvDoVCd9qEsDU58nj56CXosrB68m9H+jjSjslpG8TruQ5s/AgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQUjSTM8U2J9c0bzrRyD8bSaI+GmrcwHwYDVR0j
BBgwFoAUQR4tQR1oe8tEScPfRb7twEEAfZQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGFmYjVmZTItM2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0
ZjBlLzAvNDExRTJENDExRDY4N0JDQjQ0NDlDM0RGNDVCRUVEQzA0MTAwN0Q5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1FSNHRRUjFvZTh0RVNjUGZSYjd0d0VF
QWZaUS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGFmYjVmZTIt
M2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0ZjBlLzAvMzI2MTMwNjYzYTMxNjM2MzM1
M2EzMzMxMzAzMDNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDMxMzkzOTM3MzUzMC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw
DgQCAAIwCAMGACoPHMUxMA0GCSqGSIb3DQEBCwUAA4IBAQAR5VY9lV5NeibJbMPs
3wJR1u5XuUzHhRhZkFGIN3YrVXIa1w2qkP1YMW7zIb8afMc2TKAj0TdkD7AERyCN
nAZMSd3QjZZ5ptCgvi/bW4u4a68JVqNVKVSzzvC8DgvhX1orRezi9vfYCght7rgo
OC7e7mkdC6sz7vZPc8lB49mGI4Vz2OmXLf7thjAu890N5OIrubJUds+gsd1opnq6
6CfHXEyfBdOci5BUuWixnSGgQhWvk7mp4lD1SOFfmZInXHWXyt6iScSCcbABlgtJ
fF66Zi+YOBOHkIXJRgosnGG7wquyG/hsF9d6YNgyV/E59X+0xQ388yQVyMeV5Icp
jQO1
-----END CERTIFICATE-----
Generated at Wed May 13 04:26:21 2026 by rpki-client