
Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS3223.roa
File: AS3223.roa (raw, json)
Hash identifier: z59mkUF9d7sSYMBOD2Kt57DEtdY72ZwAnGGjpV2f7pg=
Subject key identifier: 6D:30:02:44:9A:B4:97:27:DE:C1:7B:A5:6F:D3:86:4E:75:6B:D4:FC
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 31AA35A25165AC8051B22A61CDD95B12ED7E5A97
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS3223.roa
Signing time: Tue 07 Jul 2026 11:48:58 +0000
ROA not before: Tue 07 Jul 2026 11:43:58 +0000
ROA not after: Tue 06 Jul 2027 11:48:58 +0000
asID: 3223
IP address blocks: 191.101.242.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Jul 2026 07:32:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:aa:35:a2:51:65:ac:80:51:b2:2a:61:cd:d9:5b:12:ed:7e:5a:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jul 7 11:43:58 2026 GMT
Not After : Jul 6 11:48:58 2027 GMT
Subject: CN=6D3002449AB49727DEC17BA56FD3864E756BD4FC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:05:cb:2b:36:f8:5e:4a:7f:68:9f:72:ea:8d:
2d:33:cf:c6:09:b2:40:5d:f3:9c:a3:ed:94:84:30:
f3:dd:10:99:d9:f2:35:2a:fb:23:41:15:3b:ae:dc:
75:03:b8:aa:ea:b1:ff:83:c6:e1:30:46:5f:8c:55:
cb:31:a2:fb:44:28:2a:65:13:9a:6c:03:ae:d9:69:
f4:9d:59:a5:b4:2a:a3:44:b1:67:04:c2:81:1e:f5:
81:fb:b7:11:98:57:33:57:ef:55:64:8c:a6:06:ea:
2a:15:92:09:0a:8b:51:07:33:9b:f2:91:0c:82:61:
6d:1b:5f:6b:30:29:fe:cf:b2:38:dd:e8:e9:35:d6:
a3:d4:53:3f:7d:32:70:8a:7c:7b:7e:6a:8d:76:6e:
9e:f6:71:6b:4c:8a:b2:4f:36:35:ba:d8:c1:c5:fd:
39:17:d3:b2:ff:cd:34:63:3c:66:2f:2a:e4:ea:0a:
d1:b8:fd:d4:fd:52:a1:ac:00:e6:07:20:d8:7f:c2:
c5:9f:28:93:c1:1d:2e:25:93:8d:8a:72:36:87:95:
18:91:19:a5:f0:b2:9a:c8:e1:79:bd:89:a7:6a:c4:
5a:94:f4:4d:a1:24:9c:ac:d3:e9:03:81:c3:3d:b8:
01:fb:f4:37:93:70:ed:f8:c7:29:1a:c4:be:4a:f1:
4a:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:30:02:44:9A:B4:97:27:DE:C1:7B:A5:6F:D3:86:4E:75:6B:D4:FC
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS3223.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
191.101.242.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:6e:d1:9f:7d:67:47:c5:2b:a9:83:e9:77:cd:56:45:21:0d:
54:ac:a3:ae:b8:1c:e8:09:28:53:b6:15:22:2b:91:9b:3e:1e:
68:1b:1c:7b:e0:c0:d8:cb:5b:db:80:d1:0d:e6:11:0f:e0:62:
3a:e8:90:60:83:d2:58:b0:e3:c9:f3:51:b2:45:c4:be:3c:a8:
d0:88:6f:1c:39:19:7b:88:4d:ed:82:e2:3a:71:72:7b:8d:d3:
8a:61:d2:fc:cd:b9:f0:c7:66:d6:4b:49:da:3a:c5:dd:c4:c1:
80:8f:a0:a9:a0:00:ca:c6:72:66:6d:9d:0c:af:e2:ae:c3:45:
1a:1d:41:4a:e5:3e:2a:2f:3d:f4:92:58:fc:18:88:ff:b1:5b:
84:d0:3c:a4:eb:1b:a7:ee:fb:5d:72:09:51:7e:93:18:20:56:
5e:54:49:65:5d:b4:6e:7f:70:54:2a:4d:c5:01:a5:d8:f7:82:
de:52:b2:65:d8:5c:05:00:04:b1:b7:1f:68:fb:6f:ec:55:6e:
4b:c7:87:6e:89:e1:73:68:91:6c:6c:ec:cb:97:e9:d7:88:4a:
74:c4:e5:d9:33:30:9c:8f:d3:19:b8:6c:59:d6:ae:13:16:8d:
98:0a:f7:82:22:20:56:3f:ac:50:be:3c:20:df:5d:c0:c6:a3:
df:ae:90:18
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIUMao1olFlrIBRsiphzdlbEu1+WpcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNjA3MDcxMTQzNThaFw0yNzA3MDYxMTQ4NThaMDMxMTAvBgNV
BAMTKDZEMzAwMjQ0OUFCNDk3MjdERUMxN0JBNTZGRDM4NjRFNzU2QkQ0RkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmBcsrNvheSn9on3LqjS0zz8YJ
skBd85yj7ZSEMPPdEJnZ8jUq+yNBFTuu3HUDuKrqsf+DxuEwRl+MVcsxovtEKCpl
E5psA67ZafSdWaW0KqNEsWcEwoEe9YH7txGYVzNX71VkjKYG6ioVkgkKi1EHM5vy
kQyCYW0bX2swKf7Psjjd6Ok11qPUUz99MnCKfHt+ao12bp72cWtMirJPNjW62MHF
/TkX07L/zTRjPGYvKuTqCtG4/dT9UqGsAOYHINh/wsWfKJPBHS4lk42KcjaHlRiR
GaXwsprI4Xm9iadqxFqU9E2hJJys0+kDgcM9uAH79DeTcO34xykaxL5K8UpRAgMB
AAGjggIIMIICBDAdBgNVHQ4EFgQUbTACRJq0lyfewXulb9OGTnVr1PwwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMzIyMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAL9l8jAN
BgkqhkiG9w0BAQsFAAOCAQEAL27Rn31nR8UrqYPpd81WRSENVKyjrrgc6AkoU7YV
IiuRmz4eaBsce+DA2Mtb24DRDeYRD+BiOuiQYIPSWLDjyfNRskXEvjyo0IhvHDkZ
e4hN7YLiOnFye43TimHS/M258Mdm1ktJ2jrF3cTBgI+gqaAAysZyZm2dDK/irsNF
Gh1BSuU+Ki899JJY/BiI/7FbhNA8pOsbp+77XXIJUX6TGCBWXlRJZV20bn9wVCpN
xQGl2PeC3lKyZdhcBQAEsbcfaPtv7FVuS8eHbonhc2iRbGzsy5fp14hKdMTl2TMw
nI/TGbhsWdauExaNmAr3giIgVj+sUL48IN9dwMaj366QGA==
-----END CERTIFICATE-----
Generated at Sun Jul 19 16:38:41 2026 by rpki-client