Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a333330303a3a2f34302d3438203d3e20323034323131.roa
File: 326130663a316363353a333330303a3a2f34302d3438203d3e20323034323131.roa (raw, json)
Hash identifier: 2wyf/Vpg5t5Dojmew2gkIu1/4RfYNWFeG00HPEHf/JM=
Subject key identifier: E8:86:D8:8B:5F:87:19:10:4A:66:5D:C1:8F:BD:AB:18:1C:8E:F8:AE
Certificate issuer: /CN=411e2d411d687bcb4449c3df45beedc041007d94
Certificate serial: 3634929DB9BDC3168F80E4E1B594F794A6224F78
Authority key identifier: 41:1E:2D:41:1D:68:7B:CB:44:49:C3:DF:45:BE:ED:C0:41:00:7D:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a333330303a3a2f34302d3438203d3e20323034323131.roa
Signing time: Wed 22 Apr 2026 15:01:16 +0000
ROA not before: Wed 22 Apr 2026 14:56:16 +0000
ROA not after: Wed 21 Apr 2027 15:01:16 +0000
asID: 204211
IP address blocks: 2a0f:1cc5:3300::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.crl
rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.mft
rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 04:46:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:34:92:9d:b9:bd:c3:16:8f:80:e4:e1:b5:94:f7:94:a6:22:4f:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=411e2d411d687bcb4449c3df45beedc041007d94
Validity
Not Before: Apr 22 14:56:16 2026 GMT
Not After : Apr 21 15:01:16 2027 GMT
Subject: CN=E886D88B5F8719104A665DC18FBDAB181C8EF8AE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:63:f5:f4:3d:2e:30:c3:7c:24:89:c8:a2:1d:
ac:53:9c:c7:23:0a:29:94:eb:f0:46:b5:79:eb:1e:
ec:83:43:7b:9f:47:b3:ab:bd:93:da:bc:c1:51:6b:
b6:c2:4c:9b:80:ff:df:a4:a4:eb:4c:f1:42:55:9e:
48:7c:fb:b8:ca:b8:58:2d:19:be:55:1c:ef:10:8f:
8e:77:13:09:c0:51:c7:24:ad:c1:4d:4a:8a:45:2d:
70:30:58:dd:a1:3f:d6:cb:ba:f8:7d:ee:83:40:52:
eb:5d:ce:d6:7d:3f:f7:23:38:a8:e0:d5:41:05:6e:
1d:7b:1c:bf:d3:b5:bc:4a:a9:7c:ea:b8:43:50:41:
65:53:a6:dd:8e:6a:12:4b:f5:9e:09:c3:41:21:42:
d7:b2:fb:4f:7d:66:12:1e:b0:4b:6f:c2:31:ac:44:
96:db:bd:1b:a3:84:c4:97:9f:0a:b3:bc:ef:e7:aa:
c0:65:13:a5:6a:36:62:7b:72:eb:09:50:8b:15:a5:
90:12:33:71:96:ae:a2:a8:a0:1c:82:19:1f:e2:82:
2d:b3:04:b8:24:e2:36:af:dd:a0:bc:e6:cb:bf:f5:
21:8f:24:45:db:2b:8d:b0:71:1c:3a:85:c0:e0:d6:
b7:78:a4:39:2a:99:a4:11:8a:92:73:09:ba:b2:c2:
cb:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:86:D8:8B:5F:87:19:10:4A:66:5D:C1:8F:BD:AB:18:1C:8E:F8:AE
X509v3 Authority Key Identifier:
keyid:41:1E:2D:41:1D:68:7B:CB:44:49:C3:DF:45:BE:ED:C0:41:00:7D:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a333330303a3a2f34302d3438203d3e20323034323131.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1cc5:3300::/40
Signature Algorithm: sha256WithRSAEncryption
0a:58:80:1a:00:c0:0b:d8:20:4b:97:de:06:7a:07:80:18:b2:
7b:5d:2b:60:eb:92:7d:e6:59:43:5c:84:c5:35:7d:c5:df:91:
ff:7b:92:5a:3a:e7:6b:93:f3:26:e1:29:77:78:e9:55:85:1c:
ae:df:b5:cd:09:02:1b:a6:7f:89:59:5d:47:ac:c9:51:fb:2f:
22:66:15:f8:5a:8c:0b:f2:81:7f:cd:29:6c:0c:be:e0:77:0a:
9d:7e:36:9f:7a:64:7d:3c:8f:60:70:4c:43:61:c4:a9:a6:cb:
80:bd:32:6f:aa:34:82:92:a0:f1:6d:38:7f:c2:11:e4:19:7d:
1a:76:16:66:a6:bc:ba:f9:3b:06:be:cf:f1:16:51:26:25:bd:
fd:8f:f5:94:b4:09:1b:b2:3c:04:6f:f9:34:3f:81:e0:45:74:
70:db:fc:dc:ed:5e:59:a5:70:54:d9:ad:19:53:69:16:07:2e:
2e:8c:6d:9a:ab:42:55:32:1f:d6:9e:fd:dc:05:af:9b:d1:00:
58:3b:c6:5f:be:e7:ba:a0:09:2a:13:98:a4:70:38:f9:39:d8:
4a:5c:e6:f7:df:1b:0a:4a:cb:28:ac:f1:2b:12:27:92:ff:df:
bf:6f:5e:d1:51:75:e0:7e:32:2d:71:e4:79:51:a5:8f:7c:84:
7c:2f:16:d6
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIUNjSSnbm9wxaPgOThtZT3lKYiT3gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDExZTJkNDExZDY4N2JjYjQ0NDljM2RmNDViZWVkYzA0
MTAwN2Q5NDAeFw0yNjA0MjIxNDU2MTZaFw0yNzA0MjExNTAxMTZaMDMxMTAvBgNV
BAMTKEU4ODZEODhCNUY4NzE5MTA0QTY2NURDMThGQkRBQjE4MUM4RUY4QUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLY/X0PS4ww3wkiciiHaxTnMcj
CimU6/BGtXnrHuyDQ3ufR7OrvZPavMFRa7bCTJuA/9+kpOtM8UJVnkh8+7jKuFgt
Gb5VHO8Qj453EwnAUcckrcFNSopFLXAwWN2hP9bLuvh97oNAUutdztZ9P/cjOKjg
1UEFbh17HL/TtbxKqXzquENQQWVTpt2OahJL9Z4Jw0EhQtey+099ZhIesEtvwjGs
RJbbvRujhMSXnwqzvO/nqsBlE6VqNmJ7cusJUIsVpZASM3GWrqKooByCGR/igi2z
BLgk4jav3aC85su/9SGPJEXbK42wcRw6hcDg1rd4pDkqmaQRipJzCbqywsubAgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQU6IbYi1+HGRBKZl3Bj72rGByO+K4wHwYDVR0j
BBgwFoAUQR4tQR1oe8tEScPfRb7twEEAfZQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGFmYjVmZTItM2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0
ZjBlLzAvNDExRTJENDExRDY4N0JDQjQ0NDlDM0RGNDVCRUVEQzA0MTAwN0Q5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1FSNHRRUjFvZTh0RVNjUGZSYjd0d0VF
QWZaUS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGFmYjVmZTIt
M2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0ZjBlLzAvMzI2MTMwNjYzYTMxNjM2MzM1
M2EzMzMzMzAzMDNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDMyMzAzNDMyMzEzMS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw
DgQCAAIwCAMGACoPHMUzMA0GCSqGSIb3DQEBCwUAA4IBAQAKWIAaAMAL2CBLl94G
egeAGLJ7XStg65J95llDXITFNX3F35H/e5JaOudrk/Mm4Sl3eOlVhRyu37XNCQIb
pn+JWV1HrMlR+y8iZhX4WowL8oF/zSlsDL7gdwqdfjafemR9PI9gcExDYcSppsuA
vTJvqjSCkqDxbTh/whHkGX0adhZmpry6+TsGvs/xFlEmJb39j/WUtAkbsjwEb/k0
P4HgRXRw2/zc7V5ZpXBU2a0ZU2kWBy4ujG2aq0JVMh/Wnv3cBa+b0QBYO8Zfvue6
oAkqE5ikcDj5OdhKXOb33xsKSssorPErEieS/9+/b17RUXXgfjItceR5UaWPfIR8
LxbW
-----END CERTIFICATE-----
Generated at Tue May 12 21:52:58 2026 by rpki-client