Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e38302e302f32342d3234203d3e20383334.roa
File: 3231332e3133392e38302e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: iLbvpS3GBJ9IZHCthfOkqaBx3pQEVB7YYvlDaNi6mwI=
Subject key identifier: 18:10:4D:02:4A:10:49:86:3B:0D:25:E1:5D:EE:FE:21:88:40:F7:A7
Certificate issuer: /CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Certificate serial: 0DBC9B4ED0400EDBBF4D566584907A5EADBE8700
Authority key identifier: B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e38302e302f32342d3234203d3e20383334.roa
Signing time: Wed 03 Jun 2026 02:09:51 +0000
ROA not before: Wed 03 Jun 2026 02:04:51 +0000
ROA not after: Wed 02 Jun 2027 02:09:51 +0000
asID: 834
IP address blocks: 213.139.80.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.mft
rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Jun 2026 02:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:bc:9b:4e:d0:40:0e:db:bf:4d:56:65:84:90:7a:5e:ad:be:87:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Validity
Not Before: Jun 3 02:04:51 2026 GMT
Not After : Jun 2 02:09:51 2027 GMT
Subject: CN=18104D024A1049863B0D25E15DEEFE218840F7A7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:7c:95:9c:6e:01:53:32:fa:e1:11:2d:3a:04:
53:1e:c1:86:f0:10:56:ec:8e:ff:91:14:0a:72:4c:
10:c8:ca:08:28:c5:3c:6a:f7:c2:21:de:3c:1e:01:
ad:eb:58:ae:60:83:99:e5:6f:e4:c9:9e:48:7d:04:
63:16:88:8c:dc:8d:57:d9:95:28:e1:a5:43:e0:da:
09:01:8b:98:b7:fa:b9:a7:14:e0:de:69:af:b9:e7:
80:6f:37:10:f1:7d:56:76:3a:a3:79:41:05:27:28:
5d:91:50:e4:72:6d:92:9e:db:a2:0f:60:28:41:c1:
40:b9:c7:f8:46:3e:a1:fd:ed:9e:8e:ae:3c:a8:88:
47:f8:ee:67:97:8a:e9:53:3a:62:30:d8:48:04:bd:
dc:b5:f9:61:3a:e9:01:b6:a5:74:a3:43:80:97:3b:
0d:8a:61:a2:fc:86:b1:4d:26:d9:43:42:56:de:67:
d5:6c:b8:c2:0c:a0:1d:9a:ed:be:02:af:a2:83:8d:
ba:21:48:d7:d8:3a:72:19:e8:b8:05:d0:4b:41:ae:
c0:22:28:04:76:e3:21:d0:53:8b:e5:85:4f:65:77:
65:d7:48:17:75:93:8a:12:11:bb:f1:04:6a:5a:66:
57:10:cf:31:38:30:9a:2f:30:9e:c2:dd:63:36:a5:
6f:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:10:4D:02:4A:10:49:86:3B:0D:25:E1:5D:EE:FE:21:88:40:F7:A7
X509v3 Authority Key Identifier:
keyid:B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e38302e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.139.80.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:7b:56:74:af:eb:d1:66:56:16:45:8d:05:79:f4:9f:22:81:
6d:36:33:5a:35:3f:86:9e:ed:9d:12:d5:40:ae:0b:46:8c:c7:
ce:6a:00:52:ad:4e:bc:1f:6a:04:c8:be:a1:6b:4f:d7:0b:cc:
98:68:3e:ba:74:e6:31:57:b1:8e:3b:25:1b:10:d3:f6:5e:40:
92:e0:55:a7:a9:79:8d:7b:9d:e9:41:c7:a9:99:e6:9b:25:88:
8d:7a:f3:76:4e:ac:34:0c:ba:72:a7:46:c5:0a:1e:55:7f:12:
8f:af:b2:60:d3:04:33:82:59:60:45:ce:29:f6:a5:c0:2a:2d:
d7:78:5e:0a:4e:3e:98:57:14:27:88:bc:7f:6b:bf:85:fc:f0:
24:c6:0a:b0:c3:b0:0a:b4:6d:40:17:88:ec:18:bf:bb:f2:2e:
7c:36:6a:fa:27:09:b7:49:c2:84:c0:e7:dd:d3:5a:95:25:e2:
63:b1:40:df:24:04:f3:80:22:c6:6e:55:2f:a8:00:04:cb:56:
a6:92:94:1c:45:9e:74:3a:ac:ed:3e:16:cc:75:b7:49:c5:c7:
57:39:78:45:94:a7:50:f5:cd:7c:5f:cd:98:ae:39:43:af:39:
cf:ce:a0:7c:4f:c0:50:a8:f2:10:cb:63:11:17:5d:67:eb:9f:
ed:ca:6c:ee
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUDbybTtBADtu/TVZlhJB6Xq2+hwAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjY4M2YyZWI1MGM1OTk5YTc3NDU2ZTg4MjY4MzE2MDlk
NDhjN2QzZTAeFw0yNjA2MDMwMjA0NTFaFw0yNzA2MDIwMjA5NTFaMDMxMTAvBgNV
BAMTKDE4MTA0RDAyNEExMDQ5ODYzQjBEMjVFMTVERUVGRTIxODg0MEY3QTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFfJWcbgFTMvrhES06BFMewYbw
EFbsjv+RFApyTBDIyggoxTxq98Ih3jweAa3rWK5gg5nlb+TJnkh9BGMWiIzcjVfZ
lSjhpUPg2gkBi5i3+rmnFODeaa+554BvNxDxfVZ2OqN5QQUnKF2RUORybZKe26IP
YChBwUC5x/hGPqH97Z6OrjyoiEf47meXiulTOmIw2EgEvdy1+WE66QG2pXSjQ4CX
Ow2KYaL8hrFNJtlDQlbeZ9VsuMIMoB2a7b4Cr6KDjbohSNfYOnIZ6LgF0EtBrsAi
KAR24yHQU4vlhU9ld2XXSBd1k4oSEbvxBGpaZlcQzzE4MJovMJ7C3WM2pW/tAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUGBBNAkoQSYY7DSXhXe7+IYhA96cwHwYDVR0j
BBgwFoAUtoPy61DFmZp3RW6IJoMWCdSMfT4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmItYjY2MC00ODlkLTllOWYtOTQwMmU5ZTJj
MmUyLzAvQjY4M0YyRUI1MEM1OTk5QTc3NDU2RTg4MjY4MzE2MDlENDhDN0QzRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3RvUHk2MURGbVpwM1JXNklKb01XQ2RT
TWZUNC5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmIt
YjY2MC00ODlkLTllOWYtOTQwMmU5ZTJjMmUyLzAvMzIzMTMzMmUzMTMzMzkyZTM4
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADVi1Aw
DQYJKoZIhvcNAQELBQADggEBAEt7VnSv69FmVhZFjQV59J8igW02M1o1P4ae7Z0S
1UCuC0aMx85qAFKtTrwfagTIvqFrT9cLzJhoPrp05jFXsY47JRsQ0/ZeQJLgVaep
eY17nelBx6mZ5psliI1683ZOrDQMunKnRsUKHlV/Eo+vsmDTBDOCWWBFzin2pcAq
Ldd4XgpOPphXFCeIvH9rv4X88CTGCrDDsAq0bUAXiOwYv7vyLnw2avonCbdJwoTA
593TWpUl4mOxQN8kBPOAIsZuVS+oAATLVqaSlBxFnnQ6rO0+Fsx1t0nFx1c5eEWU
p1D1zXxfzZiuOUOvOc/OoHxPwFCo8hDLYxEXXWfrn+3KbO4=
-----END CERTIFICATE-----
Generated at Sat Jun 6 08:11:51 2026 by rpki-client