Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e37372e302f32342d3234203d3e20333938323536.roa
File: 3231332e3133392e37372e302f32342d3234203d3e20333938323536.roa (raw, json)
Hash identifier: YJQzrkCNdtcHF03SEJIbUA14cqWLzrSdWGFwfzoZWw8=
Subject key identifier: F3:E0:ED:48:92:56:0A:76:21:D7:F4:EB:75:8B:AD:96:DF:4A:56:BD
Certificate issuer: /CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Certificate serial: 5CB5724941FAF77E7CD8F0F86986118E79E43F9D
Authority key identifier: B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e37372e302f32342d3234203d3e20333938323536.roa
Signing time: Sat 13 Jun 2026 17:47:33 +0000
ROA not before: Sat 13 Jun 2026 17:42:33 +0000
ROA not after: Sat 12 Jun 2027 17:47:33 +0000
asID: 398256
IP address blocks: 213.139.77.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.mft
rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Jun 2026 22:57:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:b5:72:49:41:fa:f7:7e:7c:d8:f0:f8:69:86:11:8e:79:e4:3f:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Validity
Not Before: Jun 13 17:42:33 2026 GMT
Not After : Jun 12 17:47:33 2027 GMT
Subject: CN=F3E0ED4892560A7621D7F4EB758BAD96DF4A56BD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:a0:62:88:4a:43:e1:38:4e:19:ba:6d:d0:de:
e4:8f:5f:29:1e:ee:f5:7b:f3:0c:c5:90:1f:12:e2:
f9:82:3a:d4:3d:27:02:7f:26:e9:b9:08:08:bd:79:
86:d6:09:de:6d:2e:cd:69:14:42:bd:8c:98:f6:c5:
66:eb:a9:89:47:62:4f:a0:ab:92:8f:45:28:28:0a:
ef:00:bb:03:6b:9d:c8:80:ce:89:15:04:7d:76:97:
df:34:73:68:e8:7c:15:a3:0a:e8:ce:1c:e1:cc:80:
2b:20:2c:10:27:cf:0b:ff:2c:3e:9d:90:2e:f4:29:
43:62:04:83:10:a7:33:16:60:24:0d:89:c6:0a:b7:
95:5d:ab:56:5d:7e:e1:0e:be:5e:39:7a:b9:5c:55:
eb:87:82:ce:80:29:42:0d:91:d2:6b:0e:80:03:c3:
03:96:04:aa:7b:44:2c:00:02:90:bf:9f:4d:e9:0d:
ca:ec:d7:c1:0a:2c:c7:dc:ce:b3:3a:05:5d:ab:6d:
49:95:df:c1:e4:e7:32:a5:30:d2:3e:86:8e:a0:f1:
b8:33:ca:b5:e7:39:1b:1a:ab:b8:50:47:70:53:6d:
ac:75:39:98:fc:11:c7:f4:c2:2c:dc:33:53:29:f1:
0f:ae:ce:27:a6:9d:ff:de:95:95:76:d7:bb:ea:60:
6d:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:E0:ED:48:92:56:0A:76:21:D7:F4:EB:75:8B:AD:96:DF:4A:56:BD
X509v3 Authority Key Identifier:
keyid:B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e37372e302f32342d3234203d3e20333938323536.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.139.77.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:a9:e3:b8:ff:12:85:25:28:5e:7b:65:4d:6c:bc:09:66:d0:
bd:88:76:df:07:fd:60:49:af:dc:dd:c1:24:7d:0c:58:a1:73:
07:ae:b4:da:58:a3:75:a7:2a:af:e1:d6:d2:b3:93:84:8d:29:
8b:bb:0c:ef:8f:b3:d2:cf:9e:4e:82:d5:8e:3b:16:0e:e2:46:
c8:e0:b0:ce:04:07:6b:c6:b2:d4:c4:5c:3b:d1:7e:5c:10:45:
26:13:c4:3f:af:14:8e:90:20:43:43:96:c1:ab:20:37:6a:cd:
3a:b2:44:f6:66:67:41:1d:a5:cc:97:c2:59:87:76:ee:90:c2:
cb:8f:61:69:c7:1a:18:c3:b7:49:b9:91:7a:f8:75:09:ea:b8:
d4:a5:d3:69:49:d1:43:01:c4:fc:3e:57:a6:00:58:34:c4:c5:
a7:f5:22:00:cc:9e:ec:74:f6:d7:6d:50:88:84:b0:19:64:a6:
b5:45:3a:83:64:1c:c4:89:08:d4:56:97:fb:c8:6c:bc:1d:48:
97:2a:94:64:bc:e6:19:63:5e:cc:21:6d:e5:f8:02:67:46:6f:
fa:76:4a:29:c8:30:81:0d:28:b4:b7:69:cc:de:33:55:14:65:
6f:03:fe:60:3f:1c:de:76:f7:ee:a7:fc:34:08:21:51:03:ea:
a4:15:51:e9
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUXLVySUH693582PD4aYYRjnnkP50wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjY4M2YyZWI1MGM1OTk5YTc3NDU2ZTg4MjY4MzE2MDlk
NDhjN2QzZTAeFw0yNjA2MTMxNzQyMzNaFw0yNzA2MTIxNzQ3MzNaMDMxMTAvBgNV
BAMTKEYzRTBFRDQ4OTI1NjBBNzYyMUQ3RjRFQjc1OEJBRDk2REY0QTU2QkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDoGKISkPhOE4Zum3Q3uSPXyke
7vV78wzFkB8S4vmCOtQ9JwJ/Jum5CAi9eYbWCd5tLs1pFEK9jJj2xWbrqYlHYk+g
q5KPRSgoCu8AuwNrnciAzokVBH12l980c2jofBWjCujOHOHMgCsgLBAnzwv/LD6d
kC70KUNiBIMQpzMWYCQNicYKt5Vdq1ZdfuEOvl45erlcVeuHgs6AKUINkdJrDoAD
wwOWBKp7RCwAApC/n03pDcrs18EKLMfczrM6BV2rbUmV38Hk5zKlMNI+ho6g8bgz
yrXnORsaq7hQR3BTbax1OZj8Ecf0wizcM1Mp8Q+uziemnf/elZV217vqYG31AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU8+DtSJJWCnYh1/TrdYutlt9KVr0wHwYDVR0j
BBgwFoAUtoPy61DFmZp3RW6IJoMWCdSMfT4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmItYjY2MC00ODlkLTllOWYtOTQwMmU5ZTJj
MmUyLzAvQjY4M0YyRUI1MEM1OTk5QTc3NDU2RTg4MjY4MzE2MDlENDhDN0QzRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3RvUHk2MURGbVpwM1JXNklKb01XQ2RT
TWZUNC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmIt
YjY2MC00ODlkLTllOWYtOTQwMmU5ZTJjMmUyLzAvMzIzMTMzMmUzMTMzMzkyZTM3
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMzM5MzgzMjM1MzYucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADVi00wDQYJKoZIhvcNAQELBQADggEBAK2p47j/EoUlKF57ZU1svAlm0L2Idt8H
/WBJr9zdwSR9DFihcweutNpYo3WnKq/h1tKzk4SNKYu7DO+Ps9LPnk6C1Y47Fg7i
RsjgsM4EB2vGstTEXDvRflwQRSYTxD+vFI6QIENDlsGrIDdqzTqyRPZmZ0EdpcyX
wlmHdu6QwsuPYWnHGhjDt0m5kXr4dQnquNSl02lJ0UMBxPw+V6YAWDTExaf1IgDM
nux09tdtUIiEsBlkprVFOoNkHMSJCNRWl/vIbLwdSJcqlGS85hljXswhbeX4AmdG
b/p2SinIMIENKLS3aczeM1UUZW8D/mA/HN529+6n/DQIIVED6qQVUek=
-----END CERTIFICATE-----
Generated at Fri Jun 26 03:54:37 2026 by rpki-client