Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/3231322e37342e36322e302f32342d3234203d3e20343032323537.roa
File: 3231322e37342e36322e302f32342d3234203d3e20343032323537.roa (raw, json)
Hash identifier: NexoexOTQgshh5hkZp1Za7CrjW66GW6ydXbK8b0xbM0=
Subject key identifier: 84:32:66:C5:1A:11:D3:FD:CA:E9:C9:86:06:28:61:B8:4A:3C:33:F5
Certificate issuer: /CN=4b3aca3a7c652a9faf8e4e119bd2f7bf54afde76
Certificate serial: 2169845A888EA558E02DF7C6479514B3DB051CB5
Authority key identifier: 4B:3A:CA:3A:7C:65:2A:9F:AF:8E:4E:11:9B:D2:F7:BF:54:AF:DE:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SzrKOnxlKp-vjk4Rm9L3v1Sv3nY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/3231322e37342e36322e302f32342d3234203d3e20343032323537.roa
Signing time: Thu 02 Apr 2026 10:41:32 +0000
ROA not before: Thu 02 Apr 2026 10:36:32 +0000
ROA not after: Thu 01 Apr 2027 10:41:32 +0000
asID: 402257
IP address blocks: 212.74.62.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/4B3ACA3A7C652A9FAF8E4E119BD2F7BF54AFDE76.crl
rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/4B3ACA3A7C652A9FAF8E4E119BD2F7BF54AFDE76.mft
rsync://rpki.ripe.net/repository/DEFAULT/SzrKOnxlKp-vjk4Rm9L3v1Sv3nY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 Apr 2026 00:18:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:69:84:5a:88:8e:a5:58:e0:2d:f7:c6:47:95:14:b3:db:05:1c:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b3aca3a7c652a9faf8e4e119bd2f7bf54afde76
Validity
Not Before: Apr 2 10:36:32 2026 GMT
Not After : Apr 1 10:41:32 2027 GMT
Subject: CN=843266C51A11D3FDCAE9C986062861B84A3C33F5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:28:1e:e3:f8:c3:19:d8:c5:87:89:89:99:0f:
6b:45:06:c3:35:0b:c0:9d:e2:99:fa:66:f2:fa:40:
0e:e8:04:6e:3f:1b:6d:5b:82:3c:28:68:0a:90:56:
81:5a:02:1a:02:0b:ed:65:5c:a5:72:53:9d:15:b2:
ce:5f:b7:6a:67:a3:fc:3d:a5:11:ac:05:c3:32:79:
4f:65:b8:53:ab:bf:f3:4c:c3:0d:83:9b:72:6c:ef:
39:77:18:5c:3f:34:50:a9:f8:ec:45:69:67:31:5e:
54:bb:40:cd:fc:13:8e:4a:a6:91:e2:59:be:d3:0e:
66:8d:57:a2:73:a1:cf:af:b8:f2:6f:4b:bd:2b:3c:
74:f5:68:f2:59:7a:7e:14:a3:d9:92:01:44:e0:be:
d9:46:96:cb:df:fe:3a:23:58:b8:36:49:82:e6:63:
13:6a:39:2d:8c:57:e5:81:ae:df:2f:7a:e4:16:7e:
81:94:a0:86:d6:b0:f3:9f:8b:a6:d8:fa:4d:12:63:
37:cd:b8:bb:09:da:58:b7:fa:a8:d2:35:19:94:41:
d6:8f:83:5c:cd:a5:1e:41:1f:8f:30:46:cd:5a:37:
7f:42:b8:49:22:14:f5:df:49:66:0f:92:08:c1:75:
d6:5d:ff:da:6d:eb:09:7a:fa:62:4e:0d:7d:1d:0b:
3c:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:32:66:C5:1A:11:D3:FD:CA:E9:C9:86:06:28:61:B8:4A:3C:33:F5
X509v3 Authority Key Identifier:
keyid:4B:3A:CA:3A:7C:65:2A:9F:AF:8E:4E:11:9B:D2:F7:BF:54:AF:DE:76
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/4B3ACA3A7C652A9FAF8E4E119BD2F7BF54AFDE76.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SzrKOnxlKp-vjk4Rm9L3v1Sv3nY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/3231322e37342e36322e302f32342d3234203d3e20343032323537.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.74.62.0/24
Signature Algorithm: sha256WithRSAEncryption
89:aa:b7:46:33:4c:39:48:03:f8:4e:7d:d3:52:df:cc:53:39:
12:ef:7f:36:23:f2:e1:cb:9b:99:15:d0:bd:94:5b:bd:42:ce:
d5:e5:19:61:8a:e1:f1:d4:d3:48:d3:f3:f0:e0:63:c1:9e:a2:
e6:0e:db:e8:e7:ff:e9:03:99:d4:9b:81:ef:c9:e4:c5:4a:71:
61:67:4b:36:9e:8b:3a:72:1d:f2:98:3e:4d:ee:c2:12:31:7f:
dd:d3:b2:c5:ac:35:98:e0:72:99:7c:63:72:ca:90:f0:ba:3d:
24:b2:09:9d:95:7a:cf:d7:c3:d9:f0:5f:e0:03:7d:bb:67:c7:
66:06:43:69:44:fc:4c:8a:a4:12:ac:ec:bb:b1:93:d5:59:a1:
12:41:25:36:82:54:60:25:3b:84:dc:7a:01:ba:3a:2c:dc:53:
a2:95:28:3c:f5:cc:3d:c8:f4:89:41:de:97:a7:7a:6d:36:cd:
f1:94:03:7d:23:d0:2c:e7:a0:90:fb:16:e3:b2:99:1a:26:df:
b5:75:b0:22:10:e8:65:7c:2a:6b:71:93:41:e6:6b:61:87:fc:
2f:3f:b6:76:b0:38:ae:dc:b7:6d:07:a6:73:69:5e:95:d2:ac:
a5:46:af:7f:0b:b3:10:02:fa:a4:df:e7:a4:c3:fb:cc:ab:88:
e3:f6:aa:e9
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUIWmEWoiOpVjgLffGR5UUs9sFHLUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGIzYWNhM2E3YzY1MmE5ZmFmOGU0ZTExOWJkMmY3YmY1
NGFmZGU3NjAeFw0yNjA0MDIxMDM2MzJaFw0yNzA0MDExMDQxMzJaMDMxMTAvBgNV
BAMTKDg0MzI2NkM1MUExMUQzRkRDQUU5Qzk4NjA2Mjg2MUI4NEEzQzMzRjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwKB7j+MMZ2MWHiYmZD2tFBsM1
C8Cd4pn6ZvL6QA7oBG4/G21bgjwoaAqQVoFaAhoCC+1lXKVyU50Vss5ft2pno/w9
pRGsBcMyeU9luFOrv/NMww2Dm3Js7zl3GFw/NFCp+OxFaWcxXlS7QM38E45KppHi
Wb7TDmaNV6Jzoc+vuPJvS70rPHT1aPJZen4Uo9mSAUTgvtlGlsvf/jojWLg2SYLm
YxNqOS2MV+WBrt8veuQWfoGUoIbWsPOfi6bY+k0SYzfNuLsJ2li3+qjSNRmUQdaP
g1zNpR5BH48wRs1aN39CuEkiFPXfSWYPkgjBddZd/9pt6wl6+mJODX0dCzwvAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUhDJmxRoR0/3K6cmGBihhuEo8M/UwHwYDVR0j
BBgwFoAUSzrKOnxlKp+vjk4Rm9L3v1Sv3nYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMGQ4NTRjNzctZmQ4Yi00MjVhLWJkNTUtODJlMWQ3ZmFh
NzgyLzAvNEIzQUNBM0E3QzY1MkE5RkFGOEU0RTExOUJEMkY3QkY1NEFGREU3Ni5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1N6cktPbnhsS3AtdmprNFJtOUwzdjFT
djNuWS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMGQ4NTRjNzct
ZmQ4Yi00MjVhLWJkNTUtODJlMWQ3ZmFhNzgyLzAvMzIzMTMyMmUzNzM0MmUzNjMy
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzQzMDMyMzIzNTM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
1Eo+MA0GCSqGSIb3DQEBCwUAA4IBAQCJqrdGM0w5SAP4Tn3TUt/MUzkS7382I/Lh
y5uZFdC9lFu9Qs7V5RlhiuHx1NNI0/Pw4GPBnqLmDtvo5//pA5nUm4HvyeTFSnFh
Z0s2nos6ch3ymD5N7sISMX/d07LFrDWY4HKZfGNyypDwuj0ksgmdlXrP18PZ8F/g
A327Z8dmBkNpRPxMiqQSrOy7sZPVWaESQSU2glRgJTuE3HoBujos3FOilSg89cw9
yPSJQd6Xp3ptNs3xlAN9I9As56CQ+xbjspkaJt+1dbAiEOhlfCprcZNB5mthh/wv
P7Z2sDiu3LdtB6ZzaV6V0qylRq9/C7MQAvqk3+ekw/vMq4jj9qrp
-----END CERTIFICATE-----
Generated at Sat Apr 4 16:56:27 2026 by rpki-client