Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a333630303a3a2f34302d3438203d3e203132313938.roa
File: 326130663a316363353a333630303a3a2f34302d3438203d3e203132313938.roa (raw, json)
Hash identifier: 1c4iXMGOvWeULYjOrujJTuU9zHzkvLFlD8vB1fPeXKY=
Subject key identifier: 42:5A:71:C9:D3:8A:23:D5:D5:D9:C4:FC:BE:5D:0B:62:BC:DE:6C:0C
Certificate issuer: /CN=411e2d411d687bcb4449c3df45beedc041007d94
Certificate serial: 40594E0C84A45208447929D094C2AD838742ED5B
Authority key identifier: 41:1E:2D:41:1D:68:7B:CB:44:49:C3:DF:45:BE:ED:C0:41:00:7D:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a333630303a3a2f34302d3438203d3e203132313938.roa
Signing time: Sun 10 May 2026 17:50:54 +0000
ROA not before: Sun 10 May 2026 17:45:54 +0000
ROA not after: Sun 09 May 2027 17:50:54 +0000
asID: 12198
IP address blocks: 2a0f:1cc5:3600::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.crl
rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.mft
rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 04:46:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:59:4e:0c:84:a4:52:08:44:79:29:d0:94:c2:ad:83:87:42:ed:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=411e2d411d687bcb4449c3df45beedc041007d94
Validity
Not Before: May 10 17:45:54 2026 GMT
Not After : May 9 17:50:54 2027 GMT
Subject: CN=425A71C9D38A23D5D5D9C4FCBE5D0B62BCDE6C0C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:ac:4a:58:79:99:35:2b:0d:f4:6d:54:80:1f:
48:9c:b7:ab:91:00:01:c4:f4:43:7a:ee:c0:80:8d:
57:15:83:ac:8f:6a:58:f5:5a:90:44:df:92:76:f7:
6d:81:dd:b3:bb:2b:18:d3:61:c0:60:bc:93:4d:1c:
ec:3d:ee:49:1a:32:5c:0d:d1:fe:c2:e2:2f:4e:36:
7a:fb:26:1d:67:28:4b:37:80:12:b1:35:b7:50:bf:
94:e1:98:40:91:c3:94:68:2c:e5:fb:da:4d:dc:a4:
0a:c5:35:a9:41:f7:40:14:29:f9:dc:b1:60:51:66:
70:2a:cb:3e:a9:9b:88:64:cb:a2:9a:48:04:e1:84:
3d:2f:78:e5:89:38:eb:ba:91:a3:2c:c6:fb:ec:8b:
9a:45:8d:87:8f:03:ad:27:8d:c3:c6:7c:00:1e:f0:
65:95:07:9a:9a:32:f5:48:b7:5f:9b:e8:c6:eb:1c:
36:0f:66:82:ae:8a:15:13:5b:b1:31:50:f8:c7:15:
7d:64:68:bd:09:61:ea:67:0c:6f:3b:d1:ec:f4:4c:
a4:57:3a:17:51:2b:db:2a:fc:20:75:63:d7:b2:e4:
10:4e:37:d6:25:4e:64:b2:98:ca:39:f4:5d:0c:16:
1e:fb:93:2a:ea:27:02:70:ed:c2:22:0f:dc:5e:1e:
5b:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:5A:71:C9:D3:8A:23:D5:D5:D9:C4:FC:BE:5D:0B:62:BC:DE:6C:0C
X509v3 Authority Key Identifier:
keyid:41:1E:2D:41:1D:68:7B:CB:44:49:C3:DF:45:BE:ED:C0:41:00:7D:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a333630303a3a2f34302d3438203d3e203132313938.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1cc5:3600::/40
Signature Algorithm: sha256WithRSAEncryption
5b:66:da:9c:95:ff:02:fb:9b:7a:2c:e6:a7:25:1c:9a:29:d8:
58:e5:6c:53:e4:3b:f7:93:c9:96:b6:ca:d7:04:a4:8c:48:43:
93:af:ed:42:e8:82:02:83:50:dc:03:61:d1:84:b0:49:40:87:
0d:5b:82:89:6d:c9:95:77:2e:d9:62:ef:b0:da:30:57:90:28:
df:39:c1:a0:16:1f:08:b9:0f:f3:42:d9:42:72:4c:34:a3:4b:
e7:da:7c:55:44:dd:1a:85:ca:d5:f0:4e:97:4c:d2:36:d2:0f:
90:fa:5a:8e:0f:5e:be:aa:82:d5:55:1f:52:80:9e:cd:08:9f:
6c:a5:ea:f1:99:e4:49:ed:88:4b:44:5c:50:71:01:23:c5:1c:
f6:46:f7:d5:b2:a5:6a:5c:1a:58:f6:23:ce:d6:cd:3c:6a:bb:
f1:0c:78:78:df:e0:46:4c:05:2c:e5:c0:5e:e6:d9:69:8f:79:
0b:f5:a7:4c:b9:10:8b:eb:db:44:88:16:44:0a:33:97:ac:46:
2f:46:12:b1:13:48:69:cc:94:a2:6f:19:14:e9:3d:80:c4:60:
a5:a2:62:4a:85:fe:68:4e:e0:e6:c8:a4:07:ee:a2:ce:6e:ff:
d4:d1:c4:9f:1c:3a:d7:79:2a:2f:ac:26:3d:37:32:93:b5:ee:
fc:0a:db:77
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIUQFlODISkUghEeSnQlMKtg4dC7VswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDExZTJkNDExZDY4N2JjYjQ0NDljM2RmNDViZWVkYzA0
MTAwN2Q5NDAeFw0yNjA1MTAxNzQ1NTRaFw0yNzA1MDkxNzUwNTRaMDMxMTAvBgNV
BAMTKDQyNUE3MUM5RDM4QTIzRDVENUQ5QzRGQ0JFNUQwQjYyQkNERTZDMEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBrEpYeZk1Kw30bVSAH0ict6uR
AAHE9EN67sCAjVcVg6yPalj1WpBE35J2922B3bO7KxjTYcBgvJNNHOw97kkaMlwN
0f7C4i9ONnr7Jh1nKEs3gBKxNbdQv5ThmECRw5RoLOX72k3cpArFNalB90AUKfnc
sWBRZnAqyz6pm4hky6KaSAThhD0veOWJOOu6kaMsxvvsi5pFjYePA60njcPGfAAe
8GWVB5qaMvVIt1+b6MbrHDYPZoKuihUTW7ExUPjHFX1kaL0JYepnDG870ez0TKRX
OhdRK9sq/CB1Y9ey5BBON9YlTmSymMo59F0MFh77kyrqJwJw7cIiD9xeHlvLAgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQUQlpxydOKI9XV2cT8vl0LYrzebAwwHwYDVR0j
BBgwFoAUQR4tQR1oe8tEScPfRb7twEEAfZQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGFmYjVmZTItM2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0
ZjBlLzAvNDExRTJENDExRDY4N0JDQjQ0NDlDM0RGNDVCRUVEQzA0MTAwN0Q5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1FSNHRRUjFvZTh0RVNjUGZSYjd0d0VF
QWZaUS5jZXIwgbUGCCsGAQUFBwELBIGoMIGlMIGiBggrBgEFBQcwC4aBlXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGFmYjVmZTIt
M2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0ZjBlLzAvMzI2MTMwNjYzYTMxNjM2MzM1
M2EzMzM2MzAzMDNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDMxMzIzMTM5Mzgucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4E
AgACMAgDBgAqDxzFNjANBgkqhkiG9w0BAQsFAAOCAQEAW2banJX/AvubeizmpyUc
minYWOVsU+Q795PJlrbK1wSkjEhDk6/tQuiCAoNQ3ANh0YSwSUCHDVuCiW3JlXcu
2WLvsNowV5Ao3znBoBYfCLkP80LZQnJMNKNL59p8VUTdGoXK1fBOl0zSNtIPkPpa
jg9evqqC1VUfUoCezQifbKXq8ZnkSe2IS0RcUHEBI8Uc9kb31bKlalwaWPYjztbN
PGq78Qx4eN/gRkwFLOXAXubZaY95C/WnTLkQi+vbRIgWRAozl6xGL0YSsRNIacyU
om8ZFOk9gMRgpaJiSoX+aE7g5sikB+6izm7/1NHEnxw613kqL6wmPTcyk7Xu/Arb
dw==
-----END CERTIFICATE-----
Generated at Tue May 12 21:52:54 2026 by rpki-client