Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/3231322e37342e34312e302f32342d3234203d3e20323030373734.roa
File: 3231322e37342e34312e302f32342d3234203d3e20323030373734.roa (raw, json)
Hash identifier: eMR7Clx/CZ9FtTwpfgMHPw+PoHtrBU0jYUAB0ZsnSYQ=
Subject key identifier: BE:26:AA:EA:C5:AA:D8:45:82:E6:58:AA:74:EA:B5:87:D3:91:00:BB
Certificate issuer: /CN=4b3aca3a7c652a9faf8e4e119bd2f7bf54afde76
Certificate serial: 685263DF985F879DC9492CE9DFD42D759CCBCCEC
Authority key identifier: 4B:3A:CA:3A:7C:65:2A:9F:AF:8E:4E:11:9B:D2:F7:BF:54:AF:DE:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SzrKOnxlKp-vjk4Rm9L3v1Sv3nY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/3231322e37342e34312e302f32342d3234203d3e20323030373734.roa
Signing time: Tue 03 Mar 2026 08:43:51 +0000
ROA not before: Tue 03 Mar 2026 08:38:51 +0000
ROA not after: Tue 02 Mar 2027 08:43:51 +0000
asID: 200774
IP address blocks: 212.74.41.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/4B3ACA3A7C652A9FAF8E4E119BD2F7BF54AFDE76.crl
rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/4B3ACA3A7C652A9FAF8E4E119BD2F7BF54AFDE76.mft
rsync://rpki.ripe.net/repository/DEFAULT/SzrKOnxlKp-vjk4Rm9L3v1Sv3nY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 05 Mar 2026 05:30:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:52:63:df:98:5f:87:9d:c9:49:2c:e9:df:d4:2d:75:9c:cb:cc:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b3aca3a7c652a9faf8e4e119bd2f7bf54afde76
Validity
Not Before: Mar 3 08:38:51 2026 GMT
Not After : Mar 2 08:43:51 2027 GMT
Subject: CN=BE26AAEAC5AAD84582E658AA74EAB587D39100BB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:c5:f1:b4:45:18:fd:55:fe:ee:31:7c:0b:e4:
60:b6:ab:b6:f4:c3:40:fb:79:93:6a:5a:98:6f:c0:
7c:37:4b:33:94:4d:7c:06:ea:94:8a:b7:8f:93:88:
1f:bb:1b:03:83:31:83:53:88:f3:f3:92:d8:2b:69:
5f:8d:d3:77:28:71:bb:d6:15:8d:6d:80:64:d3:da:
96:65:aa:b1:7c:be:cf:59:6c:06:46:6a:82:af:db:
df:d1:d2:2d:1b:db:94:18:f1:b2:c5:5b:cf:bc:85:
20:fd:61:71:9d:72:24:08:5b:f5:16:1e:67:41:ac:
e8:d2:80:2e:77:b2:51:90:ec:4d:6d:f0:b7:59:c3:
e2:34:f2:a5:ee:75:68:8b:bb:39:b3:d2:9f:04:bd:
35:7c:85:95:01:13:93:c1:54:b5:80:ce:68:9d:d0:
b5:71:f8:5c:ed:12:09:b1:06:89:55:28:06:31:d2:
87:58:ed:66:9b:3a:10:af:13:f3:19:18:4e:5d:4f:
6a:d5:2a:65:12:89:ab:e6:c1:b2:42:2e:92:93:f1:
f2:0f:07:14:e6:63:57:ad:8c:15:04:c6:37:0b:75:
45:25:a6:e1:11:48:dc:b9:46:23:f8:d0:fa:1e:ff:
13:2a:01:a2:ba:57:20:76:d4:aa:92:e4:be:40:5b:
bd:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:26:AA:EA:C5:AA:D8:45:82:E6:58:AA:74:EA:B5:87:D3:91:00:BB
X509v3 Authority Key Identifier:
keyid:4B:3A:CA:3A:7C:65:2A:9F:AF:8E:4E:11:9B:D2:F7:BF:54:AF:DE:76
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/4B3ACA3A7C652A9FAF8E4E119BD2F7BF54AFDE76.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SzrKOnxlKp-vjk4Rm9L3v1Sv3nY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/3231322e37342e34312e302f32342d3234203d3e20323030373734.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.74.41.0/24
Signature Algorithm: sha256WithRSAEncryption
19:83:ac:1c:a2:79:28:00:58:74:7f:93:ef:f1:f6:06:fe:f4:
42:10:75:2c:f3:75:15:24:cd:50:37:a6:4a:12:1e:31:cb:67:
a1:0b:3d:ba:ca:41:a9:95:f1:82:0c:7e:34:07:23:55:40:00:
29:3b:02:2b:95:12:92:8d:31:c4:12:3d:bd:0a:e2:5a:c8:59:
5d:fb:2f:21:28:9e:dc:bd:c0:c2:4f:9c:6d:ad:70:81:ff:3d:
cf:cd:d6:9d:3a:51:32:10:d7:1a:4f:45:a9:58:8f:6a:0d:67:
83:c5:be:c4:5d:76:65:24:12:07:37:ba:22:c8:eb:b0:67:1c:
ea:e3:07:2a:b3:52:8a:0e:18:0e:32:62:7f:e2:79:a0:85:cb:
21:e5:c1:a7:03:0b:80:3a:43:92:5a:da:66:19:f7:18:80:d6:
36:e5:61:05:6b:b4:86:a6:50:61:d2:1c:18:e4:be:fd:c6:a5:
9d:6b:b7:3a:62:f3:05:e5:d9:9e:12:1d:04:ed:a2:93:1c:3d:
cf:63:58:b2:0b:f1:55:b4:d5:34:9d:a7:73:dd:86:67:34:a1:
8a:3e:92:73:22:30:d9:0c:b6:15:81:bf:5e:ae:75:05:13:06:
b4:a2:b9:98:84:d1:ad:41:81:da:da:3a:04:4d:a8:fa:47:4b:
e5:ef:20:1a
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUaFJj35hfh53JSSzp39QtdZzLzOwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGIzYWNhM2E3YzY1MmE5ZmFmOGU0ZTExOWJkMmY3YmY1
NGFmZGU3NjAeFw0yNjAzMDMwODM4NTFaFw0yNzAzMDIwODQzNTFaMDMxMTAvBgNV
BAMTKEJFMjZBQUVBQzVBQUQ4NDU4MkU2NThBQTc0RUFCNTg3RDM5MTAwQkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvxfG0RRj9Vf7uMXwL5GC2q7b0
w0D7eZNqWphvwHw3SzOUTXwG6pSKt4+TiB+7GwODMYNTiPPzktgraV+N03cocbvW
FY1tgGTT2pZlqrF8vs9ZbAZGaoKv29/R0i0b25QY8bLFW8+8hSD9YXGdciQIW/UW
HmdBrOjSgC53slGQ7E1t8LdZw+I08qXudWiLuzmz0p8EvTV8hZUBE5PBVLWAzmid
0LVx+FztEgmxBolVKAYx0odY7WabOhCvE/MZGE5dT2rVKmUSiavmwbJCLpKT8fIP
BxTmY1etjBUExjcLdUUlpuERSNy5RiP40Poe/xMqAaK6VyB21KqS5L5AW72rAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUviaq6sWq2EWC5liqdOq1h9ORALswHwYDVR0j
BBgwFoAUSzrKOnxlKp+vjk4Rm9L3v1Sv3nYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMGQ4NTRjNzctZmQ4Yi00MjVhLWJkNTUtODJlMWQ3ZmFh
NzgyLzAvNEIzQUNBM0E3QzY1MkE5RkFGOEU0RTExOUJEMkY3QkY1NEFGREU3Ni5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1N6cktPbnhsS3AtdmprNFJtOUwzdjFT
djNuWS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMGQ4NTRjNzct
ZmQ4Yi00MjVhLWJkNTUtODJlMWQ3ZmFhNzgyLzAvMzIzMTMyMmUzNzM0MmUzNDMx
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDMwMzczNzM0LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
1EopMA0GCSqGSIb3DQEBCwUAA4IBAQAZg6wconkoAFh0f5Pv8fYG/vRCEHUs83UV
JM1QN6ZKEh4xy2ehCz26ykGplfGCDH40ByNVQAApOwIrlRKSjTHEEj29CuJayFld
+y8hKJ7cvcDCT5xtrXCB/z3PzdadOlEyENcaT0WpWI9qDWeDxb7EXXZlJBIHN7oi
yOuwZxzq4wcqs1KKDhgOMmJ/4nmghcsh5cGnAwuAOkOSWtpmGfcYgNY25WEFa7SG
plBh0hwY5L79xqWda7c6YvMF5dmeEh0E7aKTHD3PY1iyC/FVtNU0nadz3YZnNKGK
PpJzIjDZDLYVgb9ernUFEwa0ormYhNGtQYHa2joETaj6R0vl7yAa
-----END CERTIFICATE-----
Generated at Wed Mar 4 17:24:56 2026 by rpki-client