Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a333430303a3a2f34302d3438203d3e20323037353239.roa
File: 326130663a316363353a333430303a3a2f34302d3438203d3e20323037353239.roa (raw, json)
Hash identifier: tglzA+oggtiVzk6iP3HK2OhlpcoWRGjd8uD7SevnVQ4=
Subject key identifier: AA:39:6F:EB:E1:71:EC:A9:CE:FA:AA:2B:8E:21:54:9B:8C:BA:1C:20
Certificate issuer: /CN=411e2d411d687bcb4449c3df45beedc041007d94
Certificate serial: 440EC66014FBCD7BF2BF6D38906784532298C344
Authority key identifier: 41:1E:2D:41:1D:68:7B:CB:44:49:C3:DF:45:BE:ED:C0:41:00:7D:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a333430303a3a2f34302d3438203d3e20323037353239.roa
Signing time: Wed 22 Apr 2026 15:07:13 +0000
ROA not before: Wed 22 Apr 2026 15:02:13 +0000
ROA not after: Wed 21 Apr 2027 15:07:13 +0000
asID: 207529
IP address blocks: 2a0f:1cc5:3400::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.crl
rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.mft
rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 22:49:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:0e:c6:60:14:fb:cd:7b:f2:bf:6d:38:90:67:84:53:22:98:c3:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=411e2d411d687bcb4449c3df45beedc041007d94
Validity
Not Before: Apr 22 15:02:13 2026 GMT
Not After : Apr 21 15:07:13 2027 GMT
Subject: CN=AA396FEBE171ECA9CEFAAA2B8E21549B8CBA1C20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:27:09:3c:56:26:03:56:d8:25:6a:6e:b4:67:
81:9d:8d:3b:f9:b6:a1:6d:d7:fb:39:ff:fe:7a:7e:
fc:17:c8:f1:d9:a5:97:a6:81:f5:0b:91:9e:a9:36:
69:81:c6:cd:dc:c7:56:72:dc:1a:b3:74:78:d8:a5:
f0:92:e0:bd:46:f2:89:51:19:f0:b2:82:c1:b2:70:
85:5a:f6:19:e1:3d:26:54:52:f9:17:49:50:77:21:
7c:ef:8f:fc:75:6d:b9:ba:5c:c9:e1:28:b3:19:5c:
dc:1a:83:18:ef:99:db:c0:3a:2a:9f:08:3a:13:ef:
25:b5:01:ec:9f:3d:53:2d:50:af:d0:04:2e:ce:40:
34:ca:9a:c6:82:1b:2d:55:62:58:6f:7c:d8:2f:d1:
ab:a5:ef:6e:ce:8e:35:83:81:d1:a1:18:b5:24:21:
7e:7f:dd:f0:35:e5:bb:e5:3e:e4:c3:dc:86:91:bb:
80:96:9f:c1:39:5c:48:5f:f0:95:7e:4b:50:9c:af:
c5:cc:90:24:34:12:a7:5f:dc:aa:9d:b2:1e:e6:e0:
14:4c:9a:ca:31:bd:10:73:19:33:86:86:cb:97:e1:
20:68:5f:ce:c4:b4:54:08:9f:1e:0e:fa:b7:56:1a:
1f:61:ec:99:62:be:2a:fa:7e:9a:13:b5:48:76:fd:
0f:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:39:6F:EB:E1:71:EC:A9:CE:FA:AA:2B:8E:21:54:9B:8C:BA:1C:20
X509v3 Authority Key Identifier:
keyid:41:1E:2D:41:1D:68:7B:CB:44:49:C3:DF:45:BE:ED:C0:41:00:7D:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a333430303a3a2f34302d3438203d3e20323037353239.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1cc5:3400::/40
Signature Algorithm: sha256WithRSAEncryption
6f:5d:a7:c9:ab:3f:bb:7d:73:09:96:1c:68:94:55:55:d4:21:
aa:61:36:e8:0d:fd:90:3b:c3:04:8e:de:5c:43:45:4c:55:7f:
9b:77:54:88:5e:11:bf:e3:56:b1:09:5a:8f:85:e4:a7:bf:73:
00:fc:2a:f8:4a:6f:d8:7a:81:87:30:25:82:91:a7:af:db:36:
97:80:7d:91:24:30:31:ec:c1:26:42:46:c2:6b:5a:a7:4e:39:
67:16:ba:76:aa:90:fa:22:eb:1e:66:07:d9:8b:2d:59:1b:1b:
f7:fa:bd:c5:f0:b4:54:22:4a:d7:07:45:bb:14:c0:4d:53:69:
6f:8c:ba:36:73:34:78:02:69:95:cb:5b:ee:3c:87:07:19:95:
4f:ed:0a:2b:b3:5f:8a:26:0b:5a:4b:99:32:df:38:d3:35:e4:
a4:d1:dd:67:77:8b:07:b3:8f:e1:42:bf:be:60:5d:84:59:04:
eb:f7:bd:69:04:f0:76:bc:e3:35:4e:fa:06:af:15:ee:48:fb:
ff:8f:83:cf:4a:c5:53:cb:41:ff:be:63:1d:f9:65:9d:4d:52:
0d:7e:ee:30:71:e4:5a:30:8c:5d:60:b4:34:62:f7:ff:d3:8a:
77:9b:60:94:4e:38:91:f3:c8:78:de:c1:77:42:d1:7b:10:e8:
75:dd:fc:be
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIURA7GYBT7zXvyv204kGeEUyKYw0QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDExZTJkNDExZDY4N2JjYjQ0NDljM2RmNDViZWVkYzA0
MTAwN2Q5NDAeFw0yNjA0MjIxNTAyMTNaFw0yNzA0MjExNTA3MTNaMDMxMTAvBgNV
BAMTKEFBMzk2RkVCRTE3MUVDQTlDRUZBQUEyQjhFMjE1NDlCOENCQTFDMjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgJwk8ViYDVtglam60Z4GdjTv5
tqFt1/s5//56fvwXyPHZpZemgfULkZ6pNmmBxs3cx1Zy3BqzdHjYpfCS4L1G8olR
GfCygsGycIVa9hnhPSZUUvkXSVB3IXzvj/x1bbm6XMnhKLMZXNwagxjvmdvAOiqf
CDoT7yW1AeyfPVMtUK/QBC7OQDTKmsaCGy1VYlhvfNgv0aul727OjjWDgdGhGLUk
IX5/3fA15bvlPuTD3IaRu4CWn8E5XEhf8JV+S1Ccr8XMkCQ0Eqdf3Kqdsh7m4BRM
msoxvRBzGTOGhsuX4SBoX87EtFQInx4O+rdWGh9h7Jlivir6fpoTtUh2/Q8RAgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQUqjlv6+Fx7KnO+qorjiFUm4y6HCAwHwYDVR0j
BBgwFoAUQR4tQR1oe8tEScPfRb7twEEAfZQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGFmYjVmZTItM2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0
ZjBlLzAvNDExRTJENDExRDY4N0JDQjQ0NDlDM0RGNDVCRUVEQzA0MTAwN0Q5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1FSNHRRUjFvZTh0RVNjUGZSYjd0d0VF
QWZaUS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGFmYjVmZTIt
M2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0ZjBlLzAvMzI2MTMwNjYzYTMxNjM2MzM1
M2EzMzM0MzAzMDNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDMyMzAzNzM1MzIzOS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw
DgQCAAIwCAMGACoPHMU0MA0GCSqGSIb3DQEBCwUAA4IBAQBvXafJqz+7fXMJlhxo
lFVV1CGqYTboDf2QO8MEjt5cQ0VMVX+bd1SIXhG/41axCVqPheSnv3MA/Cr4Sm/Y
eoGHMCWCkaev2zaXgH2RJDAx7MEmQkbCa1qnTjlnFrp2qpD6IuseZgfZiy1ZGxv3
+r3F8LRUIkrXB0W7FMBNU2lvjLo2czR4AmmVy1vuPIcHGZVP7Qors1+KJgtaS5ky
3zjTNeSk0d1nd4sHs4/hQr++YF2EWQTr971pBPB2vOM1TvoGrxXuSPv/j4PPSsVT
y0H/vmMd+WWdTVINfu4wceRaMIxdYLQ0Yvf/04p3m2CUTjiR88h43sF3QtF7EOh1
3fy+
-----END CERTIFICATE-----
Generated at Wed May 13 04:08:45 2026 by rpki-client