Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/326131313a663263303a333a3a2f34382d3438203d3e20323032333539.roa
File: 326131313a663263303a333a3a2f34382d3438203d3e20323032333539.roa (raw, json)
Hash identifier: ZEWONBo5um/Qb4fTgm1zSiFTVLLx0I1WkUTrX2+Bg/A=
Subject key identifier: C3:9C:8C:84:80:9B:AD:ED:81:C2:57:DC:1F:DA:07:B8:EF:6C:F7:0A
Certificate issuer: /CN=0839a93dab544c296ffa143456844a8b2818b1d0
Certificate serial: 5945A0966B3808D505EB97F098FA30057EAEE9B4
Authority key identifier: 08:39:A9:3D:AB:54:4C:29:6F:FA:14:34:56:84:4A:8B:28:18:B1:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CDmpPatUTClv-hQ0VoRKiygYsdA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/326131313a663263303a333a3a2f34382d3438203d3e20323032333539.roa
Signing time: Sun 03 May 2026 13:04:59 +0000
ROA not before: Sun 03 May 2026 12:59:59 +0000
ROA not after: Sun 02 May 2027 13:04:59 +0000
asID: 202359
IP address blocks: 2a11:f2c0:3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/0839A93DAB544C296FFA143456844A8B2818B1D0.crl
rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/0839A93DAB544C296FFA143456844A8B2818B1D0.mft
rsync://rpki.ripe.net/repository/DEFAULT/CDmpPatUTClv-hQ0VoRKiygYsdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 00:34:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:45:a0:96:6b:38:08:d5:05:eb:97:f0:98:fa:30:05:7e:ae:e9:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0839a93dab544c296ffa143456844a8b2818b1d0
Validity
Not Before: May 3 12:59:59 2026 GMT
Not After : May 2 13:04:59 2027 GMT
Subject: CN=C39C8C84809BADED81C257DC1FDA07B8EF6CF70A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:2c:35:98:34:ed:aa:7f:9a:90:0a:33:2c:a3:
6c:f2:9e:1c:5e:31:f6:09:77:14:e1:ee:e3:f4:34:
4e:af:53:d8:8a:a6:ef:f5:8d:65:2b:e7:eb:99:93:
43:b5:78:3e:3f:59:98:01:ac:ab:03:0c:76:f6:da:
91:57:ed:70:1f:5b:87:2c:fe:98:07:2d:b0:d9:d7:
ec:98:f5:a1:7c:63:e7:00:e8:7c:29:72:14:12:e5:
66:30:39:4c:2c:57:22:c3:98:96:25:50:3b:a4:52:
f3:9c:80:38:9d:ee:96:eb:12:9d:ee:f8:66:2e:08:
38:34:9e:fa:b6:82:8a:21:81:32:ab:26:63:1d:97:
c5:b6:6b:e7:ab:05:de:e2:04:0b:dc:f0:4e:10:01:
43:a9:30:11:d3:81:d0:c2:9e:1d:b3:e0:70:e5:2b:
e2:68:cf:48:81:64:f6:73:a5:a7:45:00:6f:3b:72:
2c:a6:c8:53:97:5e:e2:7c:f6:20:c3:7a:3d:77:d3:
54:40:01:44:f1:2b:35:11:80:ac:ec:a2:91:f3:17:
24:cd:12:ce:94:6d:9c:62:56:ac:12:93:1b:f2:54:
25:56:3a:14:e6:00:cc:31:fb:4d:3e:81:9c:43:ee:
6c:f9:2b:cb:c6:3f:ad:97:39:7b:fd:6a:73:0e:6d:
c5:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:9C:8C:84:80:9B:AD:ED:81:C2:57:DC:1F:DA:07:B8:EF:6C:F7:0A
X509v3 Authority Key Identifier:
keyid:08:39:A9:3D:AB:54:4C:29:6F:FA:14:34:56:84:4A:8B:28:18:B1:D0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/0839A93DAB544C296FFA143456844A8B2818B1D0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CDmpPatUTClv-hQ0VoRKiygYsdA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/326131313a663263303a333a3a2f34382d3438203d3e20323032333539.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:f2c0:3::/48
Signature Algorithm: sha256WithRSAEncryption
9a:1c:a3:ae:c5:cb:27:04:b0:1e:64:0f:90:0b:fd:76:95:0e:
38:c0:3d:5d:28:a9:db:0f:0c:bc:35:a4:0a:17:60:b3:6e:6f:
0c:b2:d6:20:22:98:2c:47:bc:71:f1:06:31:14:4c:87:70:65:
cf:6f:01:04:9c:d4:40:ac:a1:d3:63:ae:5b:53:5a:66:03:0d:
b4:60:f2:80:f1:76:83:8e:ae:06:c1:8f:74:41:c7:e0:b2:ae:
8a:fa:6c:7f:fa:d0:99:cd:d6:8a:13:22:46:52:9e:2a:45:12:
60:f4:05:0c:50:32:ee:9e:bf:f6:a7:f5:ae:3f:18:21:8d:04:
a0:a0:34:b2:ad:ea:26:8f:1e:34:af:5b:43:2f:66:1d:2a:4d:
c7:32:a5:b2:a9:5c:35:cc:68:86:21:be:13:0d:85:51:6a:17:
48:9a:1f:1f:fb:92:5c:8c:fb:8d:c2:14:36:0e:5b:ec:e6:e4:
f0:e2:3b:7e:28:ea:39:f6:c8:00:72:38:9b:01:6e:94:7d:c5:
a4:5b:73:a4:60:a9:54:50:01:54:37:63:87:f3:2f:0a:82:7b:
a1:93:85:7e:90:cf:15:e3:d2:e1:8e:fb:d8:68:2e:dc:b2:df:
85:3a:70:25:f8:77:c7:b5:7b:7b:23:2e:97:a6:d9:a9:b1:01:
3a:bf:46:d3
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUWUWglms4CNUF65fwmPowBX6u6bQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDgzOWE5M2RhYjU0NGMyOTZmZmExNDM0NTY4NDRhOGIy
ODE4YjFkMDAeFw0yNjA1MDMxMjU5NTlaFw0yNzA1MDIxMzA0NTlaMDMxMTAvBgNV
BAMTKEMzOUM4Qzg0ODA5QkFERUQ4MUMyNTdEQzFGREEwN0I4RUY2Q0Y3MEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpLDWYNO2qf5qQCjMso2zynhxe
MfYJdxTh7uP0NE6vU9iKpu/1jWUr5+uZk0O1eD4/WZgBrKsDDHb22pFX7XAfW4cs
/pgHLbDZ1+yY9aF8Y+cA6HwpchQS5WYwOUwsVyLDmJYlUDukUvOcgDid7pbrEp3u
+GYuCDg0nvq2goohgTKrJmMdl8W2a+erBd7iBAvc8E4QAUOpMBHTgdDCnh2z4HDl
K+Joz0iBZPZzpadFAG87ciymyFOXXuJ89iDDej1301RAAUTxKzURgKzsopHzFyTN
Es6UbZxiVqwSkxvyVCVWOhTmAMwx+00+gZxD7mz5K8vGP62XOXv9anMObcUbAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUw5yMhICbre2BwlfcH9oHuO9s9wowHwYDVR0j
BBgwFoAUCDmpPatUTClv+hQ0VoRKiygYsdAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZGRlODM3ZmItNjM5MC00MWI1LTgyYTAtZjBkMDJjMDNh
MmM2LzcvMDgzOUE5M0RBQjU0NEMyOTZGRkExNDM0NTY4NDRBOEIyODE4QjFEMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NEbXBQYXRVVENsdi1oUTBWb1JLaXln
WXNkQS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZGRlODM3ZmIt
NjM5MC00MWI1LTgyYTAtZjBkMDJjMDNhMmM2LzcvMzI2MTMxMzEzYTY2MzI2MzMw
M2EzMzNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAzMjMzMzUzOS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHACoR8sAAAzANBgkqhkiG9w0BAQsFAAOCAQEAmhyjrsXLJwSwHmQPkAv9dpUO
OMA9XSip2w8MvDWkChdgs25vDLLWICKYLEe8cfEGMRRMh3Blz28BBJzUQKyh02Ou
W1NaZgMNtGDygPF2g46uBsGPdEHH4LKuivpsf/rQmc3WihMiRlKeKkUSYPQFDFAy
7p6/9qf1rj8YIY0EoKA0sq3qJo8eNK9bQy9mHSpNxzKlsqlcNcxohiG+Ew2FUWoX
SJofH/uSXIz7jcIUNg5b7Obk8OI7fijqOfbIAHI4mwFulH3FpFtzpGCpVFABVDdj
h/MvCoJ7oZOFfpDPFePS4Y772Ggu3LLfhTpwJfh3x7V7eyMul6bZqbEBOr9G0w==
-----END CERTIFICATE-----
Generated at Wed May 13 14:26:33 2026 by rpki-client