Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/3231322e38372e3230332e302f32342d3234203d3e20323134343332.roa
File: 3231322e38372e3230332e302f32342d3234203d3e20323134343332.roa (raw, json)
Hash identifier: LpMGAnZ3DWQc8V5IYf+dPGWFVFgbuecVSeHInwr1PM0=
Subject key identifier: B3:4C:C3:4B:9E:A3:95:7A:E6:5A:AC:22:61:B8:89:C0:C8:F4:3C:F7
Certificate issuer: /CN=7fea37fdfe29b34173e97f1b637a44ec41acebb8
Certificate serial: 7780C61220CC943D037F5B0C558E10F38FBB884D
Authority key identifier: 7F:EA:37:FD:FE:29:B3:41:73:E9:7F:1B:63:7A:44:EC:41:AC:EB:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f-o3_f4ps0Fz6X8bY3pE7EGs67g.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/3231322e38372e3230332e302f32342d3234203d3e20323134343332.roa
Signing time: Sun 24 May 2026 16:23:36 +0000
ROA not before: Sun 24 May 2026 16:18:36 +0000
ROA not after: Sun 23 May 2027 16:23:36 +0000
asID: 214432
IP address blocks: 212.87.203.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/7FEA37FDFE29B34173E97F1B637A44EC41ACEBB8.crl
rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/7FEA37FDFE29B34173E97F1B637A44EC41ACEBB8.mft
rsync://rpki.ripe.net/repository/DEFAULT/f-o3_f4ps0Fz6X8bY3pE7EGs67g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 03:40:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:80:c6:12:20:cc:94:3d:03:7f:5b:0c:55:8e:10:f3:8f:bb:88:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7fea37fdfe29b34173e97f1b637a44ec41acebb8
Validity
Not Before: May 24 16:18:36 2026 GMT
Not After : May 23 16:23:36 2027 GMT
Subject: CN=B34CC34B9EA3957AE65AAC2261B889C0C8F43CF7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:65:64:d8:7f:35:f2:5d:08:18:f6:17:a8:a5:
44:af:9d:9e:85:30:d5:ab:42:da:1b:fe:49:3e:b3:
b5:ab:f6:e6:8b:f7:98:a7:db:11:08:45:7a:86:85:
7c:4e:b2:90:14:a3:22:e5:40:aa:c8:27:85:d2:21:
79:82:71:bd:80:24:3d:15:05:4e:4c:d8:a7:ee:89:
12:d7:db:78:cc:2f:88:f9:96:0f:1a:21:3f:d6:e3:
7b:9e:1a:3e:d1:f9:77:41:5c:74:f3:09:a6:2b:8c:
c1:50:e5:4a:07:d5:42:5c:01:ea:85:74:47:3b:17:
64:82:27:d0:27:36:98:7c:ca:ae:98:87:f7:95:00:
4c:99:34:e5:97:96:b9:c9:a0:36:b4:e1:2a:18:35:
66:89:92:94:05:c7:94:c8:82:70:dc:28:b4:f5:6f:
5d:65:b9:d1:82:31:9b:b0:cf:0d:79:b4:6d:80:d2:
01:98:6d:1c:a8:ff:ec:51:68:df:94:3d:52:4f:79:
4f:91:d4:de:41:d5:61:3c:7c:a9:be:9a:a1:ba:e8:
56:7e:b6:55:e7:e8:07:ca:8c:8e:a4:0d:6e:80:76:
46:e2:4d:42:8b:8c:8e:32:93:d7:56:16:e0:db:fd:
a2:05:25:01:b3:56:80:51:b7:d0:2e:6e:95:f7:0c:
58:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:4C:C3:4B:9E:A3:95:7A:E6:5A:AC:22:61:B8:89:C0:C8:F4:3C:F7
X509v3 Authority Key Identifier:
keyid:7F:EA:37:FD:FE:29:B3:41:73:E9:7F:1B:63:7A:44:EC:41:AC:EB:B8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/7FEA37FDFE29B34173E97F1B637A44EC41ACEBB8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f-o3_f4ps0Fz6X8bY3pE7EGs67g.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/3231322e38372e3230332e302f32342d3234203d3e20323134343332.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.87.203.0/24
Signature Algorithm: sha256WithRSAEncryption
01:35:e3:e2:4d:dd:8a:7b:25:53:f1:f3:9a:1c:05:4f:ab:9a:
cf:43:9d:a9:7d:72:ab:17:67:41:9b:b1:18:71:3c:40:fa:2d:
bb:94:dc:93:cd:b7:bc:a1:5b:6d:d5:9c:53:0c:52:89:13:f1:
32:10:94:f5:7c:17:37:55:df:41:80:88:92:17:74:74:31:a9:
04:20:b6:3b:33:79:f7:89:ef:d3:3a:e9:14:a3:48:95:d7:fa:
a7:6b:e4:fc:ea:b4:09:57:99:48:25:d2:b6:32:9d:58:a7:f0:
ae:a1:6f:db:03:d7:49:34:32:22:1e:48:66:e9:0d:48:e8:0f:
94:e0:45:c8:2e:b2:27:32:c1:08:92:07:b5:fb:79:17:3e:7d:
60:99:2f:4e:29:c4:50:62:63:b7:8d:aa:f4:a1:2c:12:2d:2d:
67:d5:7c:06:1c:04:24:83:d8:1e:f9:4b:0f:f8:38:24:22:8e:
75:a6:ae:4d:d5:1f:b5:db:aa:74:14:a1:a9:71:7b:4b:b5:6d:
16:3e:5b:26:13:40:e0:d2:45:db:a1:47:d6:db:59:82:d9:85:
b9:28:df:8b:df:9c:d8:da:16:3a:5a:9c:39:7a:c8:c5:fe:9d:
12:54:9b:fb:45:8b:cb:14:3e:02:22:2a:76:b7:a9:cb:e2:2e:
78:cb:fb:bc
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUd4DGEiDMlD0Df1sMVY4Q84+7iE0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2ZlYTM3ZmRmZTI5YjM0MTczZTk3ZjFiNjM3YTQ0ZWM0
MWFjZWJiODAeFw0yNjA1MjQxNjE4MzZaFw0yNzA1MjMxNjIzMzZaMDMxMTAvBgNV
BAMTKEIzNENDMzRCOUVBMzk1N0FFNjVBQUMyMjYxQjg4OUMwQzhGNDNDRjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSZWTYfzXyXQgY9heopUSvnZ6F
MNWrQtob/kk+s7Wr9uaL95in2xEIRXqGhXxOspAUoyLlQKrIJ4XSIXmCcb2AJD0V
BU5M2KfuiRLX23jML4j5lg8aIT/W43ueGj7R+XdBXHTzCaYrjMFQ5UoH1UJcAeqF
dEc7F2SCJ9AnNph8yq6Yh/eVAEyZNOWXlrnJoDa04SoYNWaJkpQFx5TIgnDcKLT1
b11ludGCMZuwzw15tG2A0gGYbRyo/+xRaN+UPVJPeU+R1N5B1WE8fKm+mqG66FZ+
tlXn6AfKjI6kDW6AdkbiTUKLjI4yk9dWFuDb/aIFJQGzVoBRt9AubpX3DFjZAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUs0zDS56jlXrmWqwiYbiJwMj0PPcwHwYDVR0j
BBgwFoAUf+o3/f4ps0Fz6X8bY3pE7EGs67gwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDNkZDQ4ZWItZDEzNi00ZjBlLWFmOGEtNTdhNmJkZDkz
YTlkLzAvN0ZFQTM3RkRGRTI5QjM0MTczRTk3RjFCNjM3QTQ0RUM0MUFDRUJCOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2YtbzNfZjRwczBGejZYOGJZM3BFN0VH
czY3Zy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDNkZDQ4ZWIt
ZDEzNi00ZjBlLWFmOGEtNTdhNmJkZDkzYTlkLzAvMzIzMTMyMmUzODM3MmUzMjMw
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzQzNDMzMzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADUV8swDQYJKoZIhvcNAQELBQADggEBAAE14+JN3Yp7JVPx85ocBU+rms9Dnal9
cqsXZ0GbsRhxPED6LbuU3JPNt7yhW23VnFMMUokT8TIQlPV8FzdV30GAiJIXdHQx
qQQgtjszefeJ79M66RSjSJXX+qdr5PzqtAlXmUgl0rYynVin8K6hb9sD10k0MiIe
SGbpDUjoD5TgRcgusicywQiSB7X7eRc+fWCZL04pxFBiY7eNqvShLBItLWfVfAYc
BCSD2B75Sw/4OCQijnWmrk3VH7XbqnQUoalxe0u1bRY+WyYTQODSRduhR9bbWYLZ
hbko34vfnNjaFjpanDl6yMX+nRJUm/tFi8sUPgIiKna3qcviLnjL+7w=
-----END CERTIFICATE-----
Generated at Thu Jun 11 16:26:12 2026 by rpki-client