Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/33312e39392e3230372e302f32342d3234203d3e2039333034.roa
File: 33312e39392e3230372e302f32342d3234203d3e2039333034.roa (raw, json)
Hash identifier: RG694VF+Ywi1+rDjW0DImFmJfL21VRcESGSJ9oUeN2M=
Subject key identifier: 2A:F7:01:3B:37:D5:3F:BC:60:A4:84:12:BD:C5:7E:D0:49:BB:AD:2D
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 034CB1410858578231076DC637B4CD5BDD28A1F6
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/33312e39392e3230372e302f32342d3234203d3e2039333034.roa
Signing time: Tue 19 May 2026 10:02:04 +0000
ROA not before: Tue 19 May 2026 09:57:04 +0000
ROA not after: Tue 18 May 2027 10:02:04 +0000
asID: 9304
IP address blocks: 31.99.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.mft
rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jun 2026 11:28:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:4c:b1:41:08:58:57:82:31:07:6d:c6:37:b4:cd:5b:dd:28:a1:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: May 19 09:57:04 2026 GMT
Not After : May 18 10:02:04 2027 GMT
Subject: CN=2AF7013B37D53FBC60A48412BDC57ED049BBAD2D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:b5:2a:53:6e:ed:40:ed:b0:60:17:a8:b0:aa:
d2:e6:af:45:bb:52:db:16:db:41:a4:70:00:22:b3:
48:e2:b5:4a:3e:34:0e:70:94:69:de:9b:d1:24:41:
d0:07:16:bf:af:09:1d:09:29:96:63:ba:6b:a5:0d:
df:b6:96:a1:ec:91:48:97:cf:b3:c2:2e:9f:21:4e:
f7:2a:39:3b:53:fd:68:bb:cf:a3:c2:81:46:26:68:
34:15:ff:8c:e2:22:06:69:4a:d5:90:1c:fc:df:0e:
82:ca:02:53:cf:dd:91:88:de:5d:a8:dc:5a:3f:8a:
7f:6d:bb:7a:4c:d5:e8:18:33:9f:c7:31:1c:26:07:
d8:ef:e9:ad:58:4e:5c:0c:e7:04:c6:59:13:a5:0b:
8c:e2:ae:f7:dd:f1:ae:b1:bc:07:d2:42:1c:22:05:
1d:b9:d1:de:59:22:8a:ad:1e:89:cc:0f:6a:64:0d:
6d:f7:33:bf:d0:20:55:26:cd:5f:52:29:dd:da:b8:
3d:ac:4f:66:29:50:1c:6e:38:9f:af:b9:6e:30:1d:
26:20:b1:ec:15:fb:84:31:a3:f8:88:62:a1:67:16:
d1:09:12:a5:4e:dd:ab:9d:bf:1a:a4:b4:9b:e1:eb:
90:c0:1a:88:12:fc:56:4e:42:6b:81:19:19:99:c7:
b4:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:F7:01:3B:37:D5:3F:BC:60:A4:84:12:BD:C5:7E:D0:49:BB:AD:2D
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/33312e39392e3230372e302f32342d3234203d3e2039333034.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.99.207.0/24
Signature Algorithm: sha256WithRSAEncryption
61:bb:6c:b5:ef:73:6f:0a:f5:a7:e0:cb:fc:26:71:bf:e7:1c:
d1:7a:75:7e:7c:7b:d7:c5:80:41:59:98:ba:1c:6b:7f:ad:70:
49:91:98:07:b1:5d:f5:ef:07:7b:f8:3f:32:8b:5d:35:2f:35:
1b:ad:4d:82:a7:39:e0:c9:7c:1c:dc:ed:9a:6e:1a:6c:41:44:
25:44:db:9d:8b:07:e1:bf:82:33:9c:81:42:33:ca:af:26:a4:
70:18:28:43:eb:02:bd:2b:bb:76:c5:fe:0f:af:7c:ab:bf:ff:
a0:46:aa:ca:16:7f:a4:15:ff:6d:f9:90:6a:05:1c:8f:7f:de:
fc:a0:2c:ce:61:1d:1a:04:46:a2:1c:e7:09:ce:ea:82:8a:7d:
39:8d:60:b8:a7:62:9b:8f:13:1c:aa:01:5a:4e:80:27:9e:74:
f6:1b:f8:0d:6e:86:17:39:60:92:28:4d:67:89:f8:5e:a5:de:
07:95:63:79:eb:53:ee:74:5c:2c:4d:4f:b5:3c:4c:16:ba:8e:
1e:6b:3f:a0:f3:f0:c3:10:c6:35:09:1e:23:81:5b:81:e4:d3:
86:56:a1:c4:cf:e2:0a:39:a8:7f:5d:46:67:f4:e0:0c:b6:ec:
b1:fe:16:4d:ca:d2:c8:e1:3d:ee:0b:09:37:36:7f:8b:5c:4c:
5c:82:07:45
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUA0yxQQhYV4IxB23GN7TNW90oofYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNjA1MTkwOTU3MDRaFw0yNzA1MTgxMDAyMDRaMDMxMTAvBgNV
BAMTKDJBRjcwMTNCMzdENTNGQkM2MEE0ODQxMkJEQzU3RUQwNDlCQkFEMkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCotSpTbu1A7bBgF6iwqtLmr0W7
UtsW20GkcAAis0jitUo+NA5wlGnem9EkQdAHFr+vCR0JKZZjumulDd+2lqHskUiX
z7PCLp8hTvcqOTtT/Wi7z6PCgUYmaDQV/4ziIgZpStWQHPzfDoLKAlPP3ZGI3l2o
3Fo/in9tu3pM1egYM5/HMRwmB9jv6a1YTlwM5wTGWROlC4zirvfd8a6xvAfSQhwi
BR250d5ZIoqtHonMD2pkDW33M7/QIFUmzV9SKd3auD2sT2YpUBxuOJ+vuW4wHSYg
sewV+4Qxo/iIYqFnFtEJEqVO3audvxqktJvh65DAGogS/FZOQmuBGRmZx7RbAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUKvcBOzfVP7xgpIQSvcV+0Em7rS0wHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExM2RkYTYt
N2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4Y2ExLzEvMzMzMTJlMzkzOTJlMzIzMDM3
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzkzMzMwMzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAfY88w
DQYJKoZIhvcNAQELBQADggEBAGG7bLXvc28K9afgy/wmcb/nHNF6dX58e9fFgEFZ
mLoca3+tcEmRmAexXfXvB3v4PzKLXTUvNRutTYKnOeDJfBzc7ZpuGmxBRCVE252L
B+G/gjOcgUIzyq8mpHAYKEPrAr0ru3bF/g+vfKu//6BGqsoWf6QV/235kGoFHI9/
3vygLM5hHRoERqIc5wnO6oKKfTmNYLinYpuPExyqAVpOgCeedPYb+A1uhhc5YJIo
TWeJ+F6l3geVY3nrU+50XCxNT7U8TBa6jh5rP6Dz8MMQxjUJHiOBW4Hk04ZWocTP
4go5qH9dRmf04Ay27LH+Fk3K0sjhPe4LCTc2f4tcTFyCB0U=
-----END CERTIFICATE-----
Generated at Tue Jun 2 20:50:36 2026 by rpki-client