Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/326131313a353730373a3a2f33322d3332203d3e203438303730.roa
File: 326131313a353730373a3a2f33322d3332203d3e203438303730.roa (raw, json)
Hash identifier: qO3aRcnr9Gi4CFBaVLgLXOBcRxl6o1fmjalyJkadHQ8=
Subject key identifier: 17:2F:9E:B1:04:41:4C:3C:85:7D:3C:D6:2B:EB:18:45:2E:BD:AE:D9
Certificate issuer: /CN=98a87cad5b710890a9528f166f4202393824e6b8
Certificate serial: 070841BFB39338D65507BBE5DC8DDA0D31B21936
Authority key identifier: 98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/326131313a353730373a3a2f33322d3332203d3e203438303730.roa
Signing time: Tue 28 Apr 2026 16:07:19 +0000
ROA not before: Tue 28 Apr 2026 16:02:19 +0000
ROA not after: Tue 27 Apr 2027 16:07:19 +0000
asID: 48070
IP address blocks: 2a11:5707::/32 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl
rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.mft
rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 04:09:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:08:41:bf:b3:93:38:d6:55:07:bb:e5:dc:8d:da:0d:31:b2:19:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98a87cad5b710890a9528f166f4202393824e6b8
Validity
Not Before: Apr 28 16:02:19 2026 GMT
Not After : Apr 27 16:07:19 2027 GMT
Subject: CN=172F9EB104414C3C857D3CD62BEB18452EBDAED9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:85:ac:52:23:c3:41:06:a9:aa:c1:0b:b9:99:
2a:46:84:44:33:c2:35:e2:e6:31:d5:5e:24:86:ac:
67:0c:fd:3a:98:dd:c3:03:1b:7e:47:ea:50:f9:e8:
fc:de:9d:75:2b:d0:14:9c:91:b5:3a:38:bc:10:9a:
bc:06:71:e1:04:8b:2a:d5:92:b1:a5:c4:14:da:97:
f1:bb:a8:23:d7:97:3d:f6:fe:41:3f:41:09:36:3f:
3b:fc:36:c5:de:4d:b5:30:a5:c2:a9:e9:9a:73:0b:
99:44:d8:2e:20:72:bb:4e:4b:10:62:32:58:4d:0b:
c8:fc:2c:70:e0:17:a9:ba:a0:c7:e3:fe:29:11:d0:
ed:ab:e9:8a:4c:61:47:0c:eb:90:ee:18:33:77:08:
8b:35:c7:d6:a6:cd:05:62:09:96:e2:12:97:bc:42:
14:16:fa:7d:fb:5f:65:af:2e:36:e0:ad:8f:6d:e2:
85:3f:6d:3f:eb:fb:50:18:68:6f:7f:c2:70:38:68:
12:e1:b2:65:b5:67:72:e8:5b:23:da:81:bc:33:8f:
5e:25:1a:b9:e6:b5:29:58:66:61:76:6c:20:2f:5f:
aa:f6:af:b4:88:42:0d:b6:5b:22:68:81:a9:25:a2:
58:9b:61:9e:b2:91:43:9a:c8:21:9d:6f:03:f6:3d:
9b:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:2F:9E:B1:04:41:4C:3C:85:7D:3C:D6:2B:EB:18:45:2E:BD:AE:D9
X509v3 Authority Key Identifier:
keyid:98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/326131313a353730373a3a2f33322d3332203d3e203438303730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:5707::/32
Signature Algorithm: sha256WithRSAEncryption
1e:d0:95:c4:d6:44:09:0a:d7:58:06:b4:91:ea:e4:13:35:64:
b2:2e:cb:96:c5:42:53:90:2e:81:c9:b2:4b:f1:47:a3:a7:22:
68:c8:f7:59:aa:a6:8b:db:8e:69:aa:07:5b:96:04:41:ef:2e:
c0:0f:7a:d8:65:37:84:ac:91:64:bc:35:30:73:2a:18:0f:03:
4a:46:c7:9c:ac:64:6c:9f:dc:10:00:e3:91:63:26:e2:7c:27:
b9:8e:60:9c:c5:7e:3f:a1:79:24:2e:87:c7:48:c3:73:92:3a:
f5:f1:39:01:59:66:06:8c:19:b8:3b:c5:3c:7f:74:8b:89:79:
53:7f:3e:2a:f1:b5:26:65:b5:84:06:b2:54:84:be:1f:6d:1c:
4d:36:e0:4d:2b:38:54:14:da:58:4e:44:24:86:79:56:fc:e5:
77:3c:55:73:d1:fa:7c:0a:c7:ed:ea:05:25:5e:c0:63:82:3d:
8c:b2:05:34:3c:92:1d:f0:cd:a3:39:c2:af:ee:9d:2d:7d:1f:
c5:1d:99:d4:ef:a6:19:01:c8:d8:9d:1d:ff:d5:50:3a:24:37:
93:27:b3:42:99:aa:38:68:16:8d:3f:28:ac:80:c6:8e:89:7e:
c5:72:99:ff:d5:05:2d:91:3b:69:4c:6a:36:64:98:f3:5d:16:
3b:bd:4b:b0
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIUBwhBv7OTONZVB7vl3I3aDTGyGTYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOThhODdjYWQ1YjcxMDg5MGE5NTI4ZjE2NmY0MjAyMzkz
ODI0ZTZiODAeFw0yNjA0MjgxNjAyMTlaFw0yNzA0MjcxNjA3MTlaMDMxMTAvBgNV
BAMTKDE3MkY5RUIxMDQ0MTRDM0M4NTdEM0NENjJCRUIxODQ1MkVCREFFRDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDChaxSI8NBBqmqwQu5mSpGhEQz
wjXi5jHVXiSGrGcM/TqY3cMDG35H6lD56PzenXUr0BSckbU6OLwQmrwGceEEiyrV
krGlxBTal/G7qCPXlz32/kE/QQk2Pzv8NsXeTbUwpcKp6ZpzC5lE2C4gcrtOSxBi
MlhNC8j8LHDgF6m6oMfj/ikR0O2r6YpMYUcM65DuGDN3CIs1x9amzQViCZbiEpe8
QhQW+n37X2WvLjbgrY9t4oU/bT/r+1AYaG9/wnA4aBLhsmW1Z3LoWyPagbwzj14l
GrnmtSlYZmF2bCAvX6r2r7SIQg22WyJogaklolibYZ6ykUOayCGdbwP2PZuhAgMB
AAGjggI8MIICODAdBgNVHQ4EFgQUFy+esQRBTDyFfTzWK+sYRS69rtkwHwYDVR0j
BBgwFoAUmKh8rVtxCJCpUo8Wb0ICOTgk5rgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZGNlMTk2ZmUtNGIxYS00NmVhLTljOTUtNGFmMTI5NjRh
NDlkLzAvOThBODdDQUQ1QjcxMDg5MEE5NTI4RjE2NkY0MjAyMzkzODI0RTZCOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL21LaDhyVnR4Q0pDcFVvOFdiMElDT1Rn
azVyZy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZGNlMTk2ZmUt
NGIxYS00NmVhLTljOTUtNGFmMTI5NjRhNDlkLzAvMzI2MTMxMzEzYTM1MzczMDM3
M2EzYTJmMzMzMjJkMzMzMjIwM2QzZTIwMzQzODMwMzczMC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoR
VwcwDQYJKoZIhvcNAQELBQADggEBAB7QlcTWRAkK11gGtJHq5BM1ZLIuy5bFQlOQ
LoHJskvxR6OnImjI91mqpovbjmmqB1uWBEHvLsAPethlN4SskWS8NTBzKhgPA0pG
x5ysZGyf3BAA45FjJuJ8J7mOYJzFfj+heSQuh8dIw3OSOvXxOQFZZgaMGbg7xTx/
dIuJeVN/PirxtSZltYQGslSEvh9tHE024E0rOFQU2lhORCSGeVb85Xc8VXPR+nwK
x+3qBSVewGOCPYyyBTQ8kh3wzaM5wq/unS19H8UdmdTvphkByNidHf/VUDokN5Mn
s0KZqjhoFo0/KKyAxo6JfsVymf/VBS2RO2lMajZkmPNdFju9S7A=
-----END CERTIFICATE-----
Generated at Tue May 12 21:30:19 2026 by rpki-client