Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/33312e362e35372e302f32342d3234203d3e20333935333734.roa
File: 33312e362e35372e302f32342d3234203d3e20333935333734.roa (raw, json)
Hash identifier: PtlcJzVGNivv4QrnnpiHH51TbqhItH6lr4Ycl8XB6jY=
Subject key identifier: 4A:D0:6C:89:84:A8:72:2A:B5:7B:C6:97:86:CD:4C:FC:C2:AD:41:85
Certificate issuer: /CN=048af665bf8b186b70220759d26c578f40b5f3e3
Certificate serial: 07F8D88D761F6DCC9F36E47522A4B87212C78D19
Authority key identifier: 04:8A:F6:65:BF:8B:18:6B:70:22:07:59:D2:6C:57:8F:40:B5:F3:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/33312e362e35372e302f32342d3234203d3e20333935333734.roa
Signing time: Fri 29 May 2026 10:47:18 +0000
ROA not before: Fri 29 May 2026 10:42:18 +0000
ROA not after: Fri 28 May 2027 10:47:18 +0000
asID: 395374
IP address blocks: 31.6.57.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.crl
rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.mft
rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 13:27:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:f8:d8:8d:76:1f:6d:cc:9f:36:e4:75:22:a4:b8:72:12:c7:8d:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=048af665bf8b186b70220759d26c578f40b5f3e3
Validity
Not Before: May 29 10:42:18 2026 GMT
Not After : May 28 10:47:18 2027 GMT
Subject: CN=4AD06C8984A8722AB57BC69786CD4CFCC2AD4185
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:41:19:c9:92:41:18:50:e9:e7:94:36:be:04:
82:40:2b:06:ee:53:1d:c8:58:80:ea:a4:8d:a7:c5:
e6:61:43:c9:46:d6:87:f5:f9:4e:d5:64:98:88:bc:
5d:6b:aa:bb:5d:06:75:2d:b5:17:35:a2:af:68:e1:
52:28:b8:d4:9e:5e:2c:bd:ce:62:57:77:ed:41:aa:
09:aa:7b:c6:e9:c1:f4:0f:ac:e5:01:28:e2:c9:18:
8c:28:7b:5d:23:b7:8a:fe:33:9e:03:60:f5:ec:7f:
79:88:3f:06:6b:fc:c1:3c:3d:3a:8c:41:dc:b0:ed:
e6:d4:6f:03:04:f2:a0:b1:e6:a1:af:62:c6:13:c1:
66:22:c9:34:32:bc:6e:5b:a6:ab:85:98:61:17:4d:
12:d9:2c:a5:d5:3a:ca:de:33:5c:32:ea:1e:dd:46:
01:e7:96:42:5f:8c:c0:6a:99:21:af:eb:4d:24:62:
ef:a2:01:74:9e:82:61:9e:c9:40:f0:a4:43:b9:bd:
5e:8c:d5:08:1d:4f:38:4c:f1:7f:53:1e:15:b3:81:
b6:0d:2a:4e:da:48:13:fd:83:5a:48:36:22:e5:7a:
2a:c6:6b:14:ba:a2:b6:45:be:5d:58:6e:0a:44:76:
b5:43:75:e4:aa:19:53:6d:9b:39:64:e1:80:2e:65:
eb:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:D0:6C:89:84:A8:72:2A:B5:7B:C6:97:86:CD:4C:FC:C2:AD:41:85
X509v3 Authority Key Identifier:
keyid:04:8A:F6:65:BF:8B:18:6B:70:22:07:59:D2:6C:57:8F:40:B5:F3:E3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/33312e362e35372e302f32342d3234203d3e20333935333734.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.6.57.0/24
Signature Algorithm: sha256WithRSAEncryption
39:8c:dc:39:0c:36:35:e7:e9:91:b8:78:b8:2c:87:d8:66:c4:
fe:07:5a:e1:57:52:76:1e:c5:80:cb:dd:64:c3:ba:ef:94:fd:
e8:81:6a:02:90:bc:c7:c4:c9:ae:17:b5:05:12:76:06:d0:66:
f5:1d:d0:22:1e:6f:29:35:99:5a:06:14:32:82:24:a3:f7:7d:
d0:bd:fa:fe:84:0f:72:9f:73:c2:79:ae:55:11:fd:ff:89:55:
b8:a5:25:80:0a:8c:4b:60:89:21:56:91:ae:83:e6:1c:18:98:
18:25:b2:83:1f:fa:41:cc:69:f0:fa:fd:41:60:9b:ba:f1:f8:
6f:c3:a7:b6:44:b4:c7:9b:13:af:fe:8b:0d:e4:4f:b8:ba:c2:
ca:d9:91:00:16:5c:b7:07:cb:d2:93:db:8b:76:43:2c:d0:6c:
d1:39:14:df:46:da:65:b4:18:9a:c6:73:93:51:57:74:07:e5:
bf:f3:20:d8:5a:1f:5d:91:49:fa:bc:f3:90:97:1f:22:cd:b6:
38:f1:94:62:f9:e0:c8:3d:92:c5:99:46:e0:e3:b8:e2:02:aa:
d2:e9:93:89:ee:c8:ec:58:4c:f3:8a:b3:27:08:60:19:61:5f:
45:47:ad:88:39:7b:24:63:bc:39:c6:d4:c4:80:8b:af:71:b7:
ba:03:b5:c1
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUB/jYjXYfbcyfNuR1IqS4chLHjRkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDQ4YWY2NjViZjhiMTg2YjcwMjIwNzU5ZDI2YzU3OGY0
MGI1ZjNlMzAeFw0yNjA1MjkxMDQyMThaFw0yNzA1MjgxMDQ3MThaMDMxMTAvBgNV
BAMTKDRBRDA2Qzg5ODRBODcyMkFCNTdCQzY5Nzg2Q0Q0Q0ZDQzJBRDQxODUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOQRnJkkEYUOnnlDa+BIJAKwbu
Ux3IWIDqpI2nxeZhQ8lG1of1+U7VZJiIvF1rqrtdBnUttRc1oq9o4VIouNSeXiy9
zmJXd+1Bqgmqe8bpwfQPrOUBKOLJGIwoe10jt4r+M54DYPXsf3mIPwZr/ME8PTqM
Qdyw7ebUbwME8qCx5qGvYsYTwWYiyTQyvG5bpquFmGEXTRLZLKXVOsreM1wy6h7d
RgHnlkJfjMBqmSGv600kYu+iAXSegmGeyUDwpEO5vV6M1QgdTzhM8X9THhWzgbYN
Kk7aSBP9g1pINiLleirGaxS6orZFvl1YbgpEdrVDdeSqGVNtmzlk4YAuZeu1AgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUStBsiYSociq1e8aXhs1M/MKtQYUwHwYDVR0j
BBgwFoAUBIr2Zb+LGGtwIgdZ0mxXj0C18+MwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODJhOWJmNWItMzljMS00MDUwLWIwNzMtNDgwNzViODYx
ZDg3LzAvMDQ4QUY2NjVCRjhCMTg2QjcwMjIwNzU5RDI2QzU3OEY0MEI1RjNFMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0JJcjJaYi1MR0d0d0lnZFowbXhYajBD
MTgtTS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODJhOWJmNWIt
MzljMS00MDUwLWIwNzMtNDgwNzViODYxZDg3LzAvMzMzMTJlMzYyZTM1MzcyZTMw
MmYzMjM0MmQzMjM0MjAzZDNlMjAzMzM5MzUzMzM3MzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAfBjkw
DQYJKoZIhvcNAQELBQADggEBADmM3DkMNjXn6ZG4eLgsh9hmxP4HWuFXUnYexYDL
3WTDuu+U/eiBagKQvMfEya4XtQUSdgbQZvUd0CIebyk1mVoGFDKCJKP3fdC9+v6E
D3Kfc8J5rlUR/f+JVbilJYAKjEtgiSFWka6D5hwYmBglsoMf+kHMafD6/UFgm7rx
+G/Dp7ZEtMebE6/+iw3kT7i6wsrZkQAWXLcHy9KT24t2QyzQbNE5FN9G2mW0GJrG
c5NRV3QH5b/zINhaH12RSfq885CXHyLNtjjxlGL54Mg9ksWZRuDjuOICqtLpk4nu
yOxYTPOKsycIYBlhX0VHrYg5eyRjvDnG1MSAi69xt7oDtcE=
-----END CERTIFICATE-----
Generated at Thu Jun 11 18:28:47 2026 by rpki-client