Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS32024.roa
File: AS32024.roa (raw, json)
Hash identifier: +Z/6QPFJmGXQZaBX3O+/XCfRC2QZxZsdHW/uvWgMKmo=
Subject key identifier: 14:F5:D0:64:F1:5D:77:0C:6B:24:3C:11:51:9F:85:02:7A:70:3B:5D
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 7113B3B42C9C73587D590694312A6E76034D7210
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS32024.roa
Signing time: Mon 02 Mar 2026 11:46:40 +0000
ROA not before: Mon 02 Mar 2026 11:41:40 +0000
ROA not after: Mon 01 Mar 2027 11:46:40 +0000
asID: 32024
IP address blocks: 2a13:9500:37::/48 maxlen: 48
2a13:9500:38::/48 maxlen: 48
2a13:9500:39::/48 maxlen: 48
2a13:9500:3a::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 05 Mar 2026 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:13:b3:b4:2c:9c:73:58:7d:59:06:94:31:2a:6e:76:03:4d:72:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Mar 2 11:41:40 2026 GMT
Not After : Mar 1 11:46:40 2027 GMT
Subject: CN=14F5D064F15D770C6B243C11519F85027A703B5D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:90:a6:b2:52:93:6e:13:10:59:25:9e:e9:43:
37:67:af:e1:e4:d2:fb:76:7f:9f:8d:90:d4:94:d4:
94:65:09:f3:30:ef:54:d1:6c:ea:2b:b3:a3:dd:86:
50:93:41:09:cd:5d:19:43:ac:d3:09:92:1b:7d:26:
17:12:5c:99:bd:34:32:72:bb:c6:e6:0f:47:4d:51:
22:00:1d:c6:5a:4a:5f:50:1d:56:e7:9e:35:1b:cd:
9f:6d:18:e9:9d:28:91:20:95:70:20:e9:d3:cc:a4:
15:38:a3:21:ca:f3:85:39:9a:15:3a:c6:77:1d:df:
c5:e0:13:4d:0e:5f:c4:33:e9:bb:ab:46:49:95:7d:
c7:75:c8:18:8a:4b:d0:77:b3:79:1d:31:d9:cf:e5:
dc:0a:12:68:fa:a8:fb:ef:95:ed:3e:2b:5d:81:5e:
03:ad:f3:d2:c2:5e:1a:20:16:f2:ee:07:cf:33:d4:
d4:ed:2a:69:12:88:3e:61:b1:19:27:8c:92:ff:cf:
ca:2d:f5:5a:bd:21:38:8f:60:9a:78:3d:a0:d3:42:
6d:11:b7:c8:54:12:4e:5c:8e:08:43:22:f3:c2:46:
91:6b:35:03:76:a5:bb:1e:44:2e:91:08:75:ad:37:
0b:27:1e:51:1e:a4:f1:f0:3b:d3:f7:5f:7a:82:a8:
f3:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:F5:D0:64:F1:5D:77:0C:6B:24:3C:11:51:9F:85:02:7A:70:3B:5D
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS32024.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:37::-2a13:9500:3a:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
07:dc:24:1e:2d:e9:e7:f5:9e:df:1d:29:e3:d3:85:cd:f6:af:
5c:c1:b5:2f:c8:62:6f:ba:a3:ec:79:1f:0d:93:d6:84:f5:ba:
84:8c:60:61:49:4d:cf:18:ea:4a:c4:c5:ac:ce:d8:f3:38:81:
a1:7c:8f:eb:48:46:d4:9e:85:47:b9:c1:c7:14:e2:59:ef:e3:
a3:c3:5a:76:77:5b:8d:77:4d:d1:f1:a8:cc:9d:ff:52:5a:29:
9f:3a:77:56:fa:bb:d7:08:20:64:0e:bd:95:bb:fa:69:1c:99:
f7:85:06:a5:29:54:53:64:ec:6a:6d:1b:71:a7:16:fb:44:f0:
87:e9:71:7e:9d:46:da:eb:4c:f4:4d:7f:96:30:58:32:0d:57:
e3:a4:f3:16:07:6d:9b:bc:ac:c4:b6:99:45:41:db:03:0e:f8:
6c:17:b4:ef:d3:c0:e5:9f:7d:78:59:6e:aa:29:7c:5a:28:f3:
76:b3:fd:53:80:b8:93:5b:b0:84:ff:24:94:02:07:a0:3c:71:
2f:7d:cb:3c:89:61:02:0f:96:ba:6b:ca:11:eb:63:c3:d8:88:
4e:7c:f8:5c:3b:c2:2c:3c:b8:3c:c1:76:2d:6a:fb:6a:bd:85:
11:28:64:6d:40:cd:cd:cc:f0:cc:ce:83:d0:c1:c0:0d:02:07:
6b:bc:65:ea
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIUcROztCycc1h9WQaUMSpudgNNchAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjAzMDIxMTQxNDBaFw0yNzAzMDExMTQ2NDBaMDMxMTAvBgNV
BAMTKDE0RjVEMDY0RjE1RDc3MEM2QjI0M0MxMTUxOUY4NTAyN0E3MDNCNUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrkKayUpNuExBZJZ7pQzdnr+Hk
0vt2f5+NkNSU1JRlCfMw71TRbOors6PdhlCTQQnNXRlDrNMJkht9JhcSXJm9NDJy
u8bmD0dNUSIAHcZaSl9QHVbnnjUbzZ9tGOmdKJEglXAg6dPMpBU4oyHK84U5mhU6
xncd38XgE00OX8Qz6burRkmVfcd1yBiKS9B3s3kdMdnP5dwKEmj6qPvvle0+K12B
XgOt89LCXhogFvLuB88z1NTtKmkSiD5hsRknjJL/z8ot9Vq9ITiPYJp4PaDTQm0R
t8hUEk5cjghDIvPCRpFrNQN2pbseRC6RCHWtNwsnHlEepPHwO9P3X3qCqPOLAgMB
AAGjggIXMIICEzAdBgNVHQ4EFgQUFPXQZPFddwxrJDwRUZ+FAnpwO10wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMzIwMjQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLQYIKwYBBQUHAQcBAf8EHjAcMBoEAgACMBQwEgMHACoT
lQAANwMHACoTlQAAOjANBgkqhkiG9w0BAQsFAAOCAQEAB9wkHi3p5/We3x0p49OF
zfavXMG1L8hib7qj7HkfDZPWhPW6hIxgYUlNzxjqSsTFrM7Y8ziBoXyP60hG1J6F
R7nBxxTiWe/jo8NadndbjXdN0fGozJ3/Ulopnzp3Vvq71wggZA69lbv6aRyZ94UG
pSlUU2Tsam0bcacW+0Twh+lxfp1G2utM9E1/ljBYMg1X46TzFgdtm7ysxLaZRUHb
Aw74bBe079PA5Z99eFluqil8WijzdrP9U4C4k1uwhP8klAIHoDxxL33LPIlhAg+W
umvKEetjw9iITnz4XDvCLDy4PMF2LWr7ar2FEShkbUDNzczwzM6D0MHADQIHa7xl
6g==
-----END CERTIFICATE-----
Generated at Wed Mar 4 16:04:24 2026 by rpki-client