Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/33312e39392e3230342e302f32342d3234203d3e203334393839.roa
File: 33312e39392e3230342e302f32342d3234203d3e203334393839.roa (raw, json)
Hash identifier: JVWFxpQPMnUSUYXGgXSKiWACaODSdFmwWfY1F1nUBQA=
Subject key identifier: 85:0C:1C:8D:C6:EB:9D:F5:FC:BE:77:02:70:B5:E3:21:E5:10:D7:AE
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 691608BE1A72D4BE97F56A8129981616FCEAFC16
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/33312e39392e3230342e302f32342d3234203d3e203334393839.roa
Signing time: Wed 01 Apr 2026 20:22:55 +0000
ROA not before: Wed 01 Apr 2026 20:17:55 +0000
ROA not after: Wed 31 Mar 2027 20:22:55 +0000
asID: 34989
IP address blocks: 31.99.204.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.mft
rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 Apr 2026 15:19:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:16:08:be:1a:72:d4:be:97:f5:6a:81:29:98:16:16:fc:ea:fc:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: Apr 1 20:17:55 2026 GMT
Not After : Mar 31 20:22:55 2027 GMT
Subject: CN=850C1C8DC6EB9DF5FCBE770270B5E321E510D7AE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:dc:1e:4e:a4:f4:34:13:7c:67:6e:23:76:8d:
94:88:84:ae:37:af:23:1f:bf:fb:54:ba:30:c4:08:
1e:a5:b3:30:99:d2:da:40:d2:83:ee:1e:f5:95:8c:
b8:ac:45:40:40:cb:ea:59:2c:28:aa:0f:39:fe:c5:
81:a6:98:72:27:7d:07:8d:2d:c4:82:cf:60:0a:f4:
2f:90:3c:b8:8e:57:7e:ab:d0:ce:11:51:af:89:b6:
97:28:9b:34:b6:00:59:ef:39:16:4a:8f:58:39:fc:
76:d8:1f:eb:bc:ce:c7:e7:91:d8:e9:81:03:c3:d3:
e8:7b:ff:d1:d2:d0:9d:f0:01:eb:71:4e:d7:f4:2a:
c4:2b:fc:86:66:53:a6:67:9b:5a:00:5e:a5:a6:6e:
05:1f:05:35:8b:6b:4e:60:92:c5:7d:52:ff:d9:f2:
26:f6:82:44:e9:b4:ba:0c:19:24:9b:62:45:4b:f9:
f2:57:63:3c:5f:da:ed:59:ba:b3:de:36:89:71:98:
15:aa:54:81:87:bc:df:63:4c:87:af:da:32:1e:eb:
f0:e6:b6:58:e0:b7:90:2f:f4:e2:85:e0:07:c4:10:
52:29:92:38:1e:e9:24:15:16:54:2e:f6:c1:bf:6e:
cd:ed:cd:6c:ef:96:25:d0:06:43:94:a7:f2:78:17:
d6:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:0C:1C:8D:C6:EB:9D:F5:FC:BE:77:02:70:B5:E3:21:E5:10:D7:AE
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/33312e39392e3230342e302f32342d3234203d3e203334393839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.99.204.0/24
Signature Algorithm: sha256WithRSAEncryption
69:9f:1a:0e:ec:3a:3d:6c:f3:1a:16:38:a2:2f:33:0a:81:36:
91:da:7c:f9:0d:08:1d:8a:ca:43:52:cd:77:f0:32:5a:8f:d2:
8f:d9:09:14:33:48:d1:2b:96:76:d6:08:6c:27:74:8a:e3:3c:
41:95:1e:ae:c3:bc:04:55:d8:40:e9:3d:d7:e4:35:39:ea:6a:
65:f6:17:f0:c6:11:1f:bc:18:b3:a6:5f:d3:28:50:88:60:3b:
fa:f5:da:41:65:bd:73:54:ca:ee:0d:6d:b1:14:07:58:6e:fd:
f6:ce:d7:2d:e2:de:6c:9b:e5:44:5f:5b:82:77:01:58:4f:5e:
6c:23:cc:19:a8:2c:00:05:cc:29:8f:ba:23:ec:4c:a7:65:93:
4d:14:3e:cd:c5:e3:32:e0:a4:07:23:6a:a4:3d:a8:63:af:f7:
c0:e6:05:73:20:7c:57:88:e5:d5:fd:24:40:e9:ff:87:0c:78:
83:d8:55:17:cf:88:77:2b:3a:84:57:27:2e:f5:ba:92:ad:98:
c8:2f:17:dc:02:9e:d0:7b:b3:28:7f:f8:6e:a5:9d:34:bb:e7:
11:76:bb:7d:0f:2d:b4:bf:3e:be:0e:58:23:7b:03:32:bb:4f:
de:ef:dc:86:da:f8:d1:d1:42:3d:93:a6:8b:72:0d:5d:e9:0c:
5b:c9:ef:c9
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUaRYIvhpy1L6X9WqBKZgWFvzq/BYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNjA0MDEyMDE3NTVaFw0yNzAzMzEyMDIyNTVaMDMxMTAvBgNV
BAMTKDg1MEMxQzhEQzZFQjlERjVGQ0JFNzcwMjcwQjVFMzIxRTUxMEQ3QUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC63B5OpPQ0E3xnbiN2jZSIhK43
ryMfv/tUujDECB6lszCZ0tpA0oPuHvWVjLisRUBAy+pZLCiqDzn+xYGmmHInfQeN
LcSCz2AK9C+QPLiOV36r0M4RUa+JtpcomzS2AFnvORZKj1g5/HbYH+u8zsfnkdjp
gQPD0+h7/9HS0J3wAetxTtf0KsQr/IZmU6Znm1oAXqWmbgUfBTWLa05gksV9Uv/Z
8ib2gkTptLoMGSSbYkVL+fJXYzxf2u1ZurPeNolxmBWqVIGHvN9jTIev2jIe6/Dm
tljgt5Av9OKF4AfEEFIpkjge6SQVFlQu9sG/bs3tzWzvliXQBkOUp/J4F9aPAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUhQwcjcbrnfX8vncCcLXjIeUQ164wHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExM2RkYTYt
N2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4Y2ExLzEvMzMzMTJlMzkzOTJlMzIzMDM0
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzMzNDM5MzgzOS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAB9j
zDANBgkqhkiG9w0BAQsFAAOCAQEAaZ8aDuw6PWzzGhY4oi8zCoE2kdp8+Q0IHYrK
Q1LNd/AyWo/Sj9kJFDNI0SuWdtYIbCd0iuM8QZUersO8BFXYQOk91+Q1OepqZfYX
8MYRH7wYs6Zf0yhQiGA7+vXaQWW9c1TK7g1tsRQHWG799s7XLeLebJvlRF9bgncB
WE9ebCPMGagsAAXMKY+6I+xMp2WTTRQ+zcXjMuCkByNqpD2oY6/3wOYFcyB8V4jl
1f0kQOn/hwx4g9hVF8+Idys6hFcnLvW6kq2YyC8X3AKe0HuzKH/4bqWdNLvnEXa7
fQ8ttL8+vg5YI3sDMrtP3u/chtr40dFCPZOmi3INXekMW8nvyQ==
-----END CERTIFICATE-----
Generated at Thu Apr 9 08:24:08 2026 by rpki-client