Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/326131313a353730313a31303a3a2f34342d3434203d3e20323030313938.roa
File: 326131313a353730313a31303a3a2f34342d3434203d3e20323030313938.roa (raw, json)
Hash identifier: f5jZj4JC0foqvsXEp/t8cL+4DDB8KHSRlH5lZoBmeIE=
Subject key identifier: 1F:B1:DE:F2:77:71:4F:AC:B6:11:EE:86:0E:0C:A4:D8:CD:55:EE:B8
Certificate issuer: /CN=98a87cad5b710890a9528f166f4202393824e6b8
Certificate serial: 7878AF271D9B8E361525C6A214C98C9A6A31C264
Authority key identifier: 98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/326131313a353730313a31303a3a2f34342d3434203d3e20323030313938.roa
Signing time: Tue 28 Apr 2026 16:07:18 +0000
ROA not before: Tue 28 Apr 2026 16:02:18 +0000
ROA not after: Tue 27 Apr 2027 16:07:18 +0000
asID: 200198
IP address blocks: 2a11:5701:10::/44 maxlen: 44
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl
rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.mft
rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 04:09:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:78:af:27:1d:9b:8e:36:15:25:c6:a2:14:c9:8c:9a:6a:31:c2:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98a87cad5b710890a9528f166f4202393824e6b8
Validity
Not Before: Apr 28 16:02:18 2026 GMT
Not After : Apr 27 16:07:18 2027 GMT
Subject: CN=1FB1DEF277714FACB611EE860E0CA4D8CD55EEB8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:df:25:4d:2f:a8:15:14:9b:b5:7b:8b:f1:1c:
4b:2c:d8:aa:94:b7:59:cb:2d:9e:c0:5a:2b:d9:0d:
e0:24:4a:ea:9c:a6:10:b1:a2:70:b6:0f:1a:1a:78:
24:0d:7d:e3:b9:7f:86:df:d2:8e:e2:9b:17:d5:63:
51:25:2e:cb:94:e2:57:f6:7b:df:57:d2:e1:69:7d:
bb:a2:f1:eb:2d:8c:16:54:d3:9a:29:4c:5b:e8:4b:
fa:43:f8:4b:c1:09:c6:15:e1:ea:8e:43:18:54:17:
eb:0a:23:d9:37:c7:a3:f1:6b:48:2a:5d:ba:e6:6d:
5a:78:ec:ea:92:f3:29:fe:b0:0c:2d:f2:6c:d2:59:
75:f6:0c:9e:af:78:85:f4:00:cf:f1:f7:dd:12:f9:
6f:ad:c9:8d:70:e7:4a:16:d7:33:ba:2c:02:f2:7b:
21:21:a2:ac:31:fe:40:20:3f:82:0c:a5:bc:af:09:
9f:27:9f:19:f3:5d:04:fd:54:e8:c6:05:83:7e:db:
e1:59:b4:b9:77:03:dd:b0:29:fc:98:d0:46:29:35:
61:14:eb:ca:da:b7:96:c9:3b:8d:dd:43:31:51:17:
eb:39:14:23:c7:03:80:f7:2c:cd:84:97:89:4f:9a:
c6:d8:21:fb:df:e3:6f:72:e9:d4:2e:db:79:5f:1a:
5f:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:B1:DE:F2:77:71:4F:AC:B6:11:EE:86:0E:0C:A4:D8:CD:55:EE:B8
X509v3 Authority Key Identifier:
keyid:98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/326131313a353730313a31303a3a2f34342d3434203d3e20323030313938.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:5701:10::/44
Signature Algorithm: sha256WithRSAEncryption
9e:c4:a9:54:29:26:75:87:16:fe:22:51:20:7e:b0:9a:29:80:
4d:a1:fd:72:04:16:36:b0:8a:1d:c1:69:4c:67:5a:0f:04:df:
9e:49:69:12:95:58:58:e2:57:4b:8b:a0:4c:d1:9f:9a:6b:a3:
f5:4f:7e:0c:08:cb:82:92:9e:b3:c9:a3:a3:63:3b:75:dc:66:
ab:82:fc:dc:50:6b:2b:ca:74:27:78:7c:c2:87:64:72:8a:c8:
1e:9e:40:e7:c4:55:e2:14:6e:f7:68:e0:aa:e4:a0:8d:94:57:
a1:8b:be:30:85:55:bf:c6:bd:6f:5c:cb:2d:38:e5:2e:9d:9b:
a2:0e:89:ea:01:62:17:7f:77:d4:22:95:ab:bc:af:97:59:d2:
c2:ea:fd:3c:87:92:6a:0e:fa:d6:f4:14:47:2c:86:00:98:78:
da:69:5d:25:e5:71:67:28:b9:7e:e1:a4:71:c3:62:82:b1:19:
80:33:fd:6f:f0:3d:c5:d6:42:53:09:40:69:31:91:86:bf:ea:
6c:25:a1:af:df:9d:bd:e7:43:11:27:71:40:e8:99:30:0e:40:
f6:37:5b:0d:99:a1:60:25:7f:ed:e3:bb:a8:4d:e2:de:44:ce:
d7:2e:86:6b:36:55:98:ab:55:94:eb:0b:7a:74:cf:80:cd:44:
70:d4:4d:66
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUeHivJx2bjjYVJcaiFMmMmmoxwmQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOThhODdjYWQ1YjcxMDg5MGE5NTI4ZjE2NmY0MjAyMzkz
ODI0ZTZiODAeFw0yNjA0MjgxNjAyMThaFw0yNzA0MjcxNjA3MThaMDMxMTAvBgNV
BAMTKDFGQjFERUYyNzc3MTRGQUNCNjExRUU4NjBFMENBNEQ4Q0Q1NUVFQjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCx3yVNL6gVFJu1e4vxHEss2KqU
t1nLLZ7AWivZDeAkSuqcphCxonC2DxoaeCQNfeO5f4bf0o7imxfVY1ElLsuU4lf2
e99X0uFpfbui8estjBZU05opTFvoS/pD+EvBCcYV4eqOQxhUF+sKI9k3x6Pxa0gq
XbrmbVp47OqS8yn+sAwt8mzSWXX2DJ6veIX0AM/x990S+W+tyY1w50oW1zO6LALy
eyEhoqwx/kAgP4IMpbyvCZ8nnxnzXQT9VOjGBYN+2+FZtLl3A92wKfyY0EYpNWEU
68rat5bJO43dQzFRF+s5FCPHA4D3LM2El4lPmsbYIfvf429y6dQu23lfGl8XAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUH7He8ndxT6y2Ee6GDgyk2M1V7rgwHwYDVR0j
BBgwFoAUmKh8rVtxCJCpUo8Wb0ICOTgk5rgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZGNlMTk2ZmUtNGIxYS00NmVhLTljOTUtNGFmMTI5NjRh
NDlkLzAvOThBODdDQUQ1QjcxMDg5MEE5NTI4RjE2NkY0MjAyMzkzODI0RTZCOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL21LaDhyVnR4Q0pDcFVvOFdiMElDT1Rn
azVyZy5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZGNlMTk2ZmUt
NGIxYS00NmVhLTljOTUtNGFmMTI5NjRhNDlkLzAvMzI2MTMxMzEzYTM1MzczMDMx
M2EzMTMwM2EzYTJmMzQzNDJkMzQzNDIwM2QzZTIwMzIzMDMwMzEzOTM4LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcEKhFXAQAQMA0GCSqGSIb3DQEBCwUAA4IBAQCexKlUKSZ1hxb+IlEgfrCa
KYBNof1yBBY2sIodwWlMZ1oPBN+eSWkSlVhY4ldLi6BM0Z+aa6P1T34MCMuCkp6z
yaOjYzt13GargvzcUGsrynQneHzCh2RyisgenkDnxFXiFG73aOCq5KCNlFehi74w
hVW/xr1vXMstOOUunZuiDonqAWIXf3fUIpWrvK+XWdLC6v08h5JqDvrW9BRHLIYA
mHjaaV0l5XFnKLl+4aRxw2KCsRmAM/1v8D3F1kJTCUBpMZGGv+psJaGv352950MR
J3FA6JkwDkD2N1sNmaFgJX/t47uoTeLeRM7XLoZrNlWYq1WU6wt6dM+AzURw1E1m
-----END CERTIFICATE-----
Generated at Tue May 12 21:30:40 2026 by rpki-client