Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e39322e302f32342d3234203d3e203331373135.roa
File: 3231332e3133392e39322e302f32342d3234203d3e203331373135.roa (raw, json)
Hash identifier: BYAn2P29WRgE+5pdG5goQ8GsMhYsyn767YwPiSlp0aI=
Subject key identifier: 7E:F4:3A:DE:F9:28:4B:D7:17:5E:2A:E0:8D:FA:62:58:90:03:13:DE
Certificate issuer: /CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Certificate serial: 4F13C2280C014C9F5882E6CA0A99511024597302
Authority key identifier: B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e39322e302f32342d3234203d3e203331373135.roa
Signing time: Wed 11 Mar 2026 08:26:11 +0000
ROA not before: Wed 11 Mar 2026 08:21:11 +0000
ROA not after: Wed 10 Mar 2027 08:26:11 +0000
asID: 31715
IP address blocks: 213.139.92.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.mft
rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 20 Mar 2026 16:11:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:13:c2:28:0c:01:4c:9f:58:82:e6:ca:0a:99:51:10:24:59:73:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Validity
Not Before: Mar 11 08:21:11 2026 GMT
Not After : Mar 10 08:26:11 2027 GMT
Subject: CN=7EF43ADEF9284BD7175E2AE08DFA6258900313DE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:4c:72:df:31:02:92:d8:b1:61:a4:4a:a0:d1:
72:dd:a3:e3:ae:34:9b:d3:32:92:7e:bb:a6:0e:c1:
c1:2c:df:82:0c:f4:12:e9:df:ec:c3:62:26:cb:6f:
95:43:27:ca:86:29:d0:df:15:ff:9a:f8:90:00:4a:
1e:4b:c9:c3:90:8e:74:c0:c6:47:16:ba:0f:e4:e8:
c7:7b:1d:37:fa:13:ce:b5:16:7a:7c:40:68:ee:f0:
95:22:04:ed:f8:51:2c:6f:55:9e:42:23:b8:d1:e5:
39:5d:9f:6d:d0:77:2f:c9:ab:a9:6e:48:9b:3d:1a:
1c:54:5d:76:c0:5a:29:a8:c1:fa:63:75:03:f2:43:
1a:9e:16:79:40:86:04:cd:37:84:4d:ca:1c:bb:cf:
c8:3f:85:6a:2c:23:6c:7c:9e:a1:2d:83:31:4e:3c:
7f:54:c3:43:3b:c8:0c:6c:d9:b9:f6:33:1f:66:a3:
7b:ab:27:23:d0:f5:de:19:0c:95:75:cb:6a:ae:ae:
41:91:8c:b3:19:a5:26:19:18:a2:b5:17:5e:0c:96:
1a:9e:a5:9f:6e:59:a9:9c:0c:1b:09:95:e1:5a:45:
0d:3d:03:20:8f:6d:b7:e2:18:c0:be:03:84:af:ed:
48:58:45:f2:d6:fc:eb:2f:38:98:4b:cf:dd:4c:93:
4d:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:F4:3A:DE:F9:28:4B:D7:17:5E:2A:E0:8D:FA:62:58:90:03:13:DE
X509v3 Authority Key Identifier:
keyid:B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e39322e302f32342d3234203d3e203331373135.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.139.92.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:a4:b0:2d:b2:28:db:0c:01:43:04:27:c6:98:45:d9:a9:31:
ff:e3:de:86:9d:fb:8d:69:ed:ae:d2:c6:ae:50:53:bd:58:8e:
b4:fc:54:91:ff:e8:55:d1:2f:13:00:fb:ac:b5:9f:58:ac:00:
55:ff:86:16:4c:e3:5f:08:36:77:d7:b5:61:9d:16:97:94:e3:
41:df:b2:94:67:86:2c:4f:56:a3:a5:fd:c3:ba:12:17:b7:6d:
b9:20:7f:4e:b2:41:c8:49:17:c8:66:63:ca:89:47:5a:ef:41:
5e:13:0a:b8:b7:4f:73:cb:25:e3:cc:ea:b7:d5:47:ec:e6:f7:
19:4c:09:87:92:ce:79:d3:93:0f:3a:cd:d9:6c:49:5d:cc:1f:
52:36:f8:5f:7f:c9:0d:5b:d8:13:72:bb:72:92:a6:c1:ac:2e:
ff:20:40:8a:4d:89:b8:48:32:12:59:14:3d:00:3b:a9:cd:8b:
b5:71:ef:97:bc:ef:53:c9:c2:7b:25:3e:17:df:7e:36:2a:48:
82:de:b1:b1:06:06:db:50:e1:36:be:77:77:a4:07:02:90:75:
94:6a:11:04:c5:55:01:3a:09:1f:45:9b:d0:34:81:cf:3d:f7:
e0:d7:d0:2e:4f:7c:14:79:e3:10:2e:f4:08:0d:c1:0c:0f:8d:
68:ed:14:ee
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUTxPCKAwBTJ9YgubKCplRECRZcwIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjY4M2YyZWI1MGM1OTk5YTc3NDU2ZTg4MjY4MzE2MDlk
NDhjN2QzZTAeFw0yNjAzMTEwODIxMTFaFw0yNzAzMTAwODI2MTFaMDMxMTAvBgNV
BAMTKDdFRjQzQURFRjkyODRCRDcxNzVFMkFFMDhERkE2MjU4OTAwMzEzREUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDqTHLfMQKS2LFhpEqg0XLdo+Ou
NJvTMpJ+u6YOwcEs34IM9BLp3+zDYibLb5VDJ8qGKdDfFf+a+JAASh5LycOQjnTA
xkcWug/k6Md7HTf6E861Fnp8QGju8JUiBO34USxvVZ5CI7jR5Tldn23Qdy/Jq6lu
SJs9GhxUXXbAWimowfpjdQPyQxqeFnlAhgTNN4RNyhy7z8g/hWosI2x8nqEtgzFO
PH9Uw0M7yAxs2bn2Mx9mo3urJyPQ9d4ZDJV1y2qurkGRjLMZpSYZGKK1F14Mlhqe
pZ9uWamcDBsJleFaRQ09AyCPbbfiGMC+A4Sv7UhYRfLW/OsvOJhLz91Mk013AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUfvQ63vkoS9cXXirgjfpiWJADE94wHwYDVR0j
BBgwFoAUtoPy61DFmZp3RW6IJoMWCdSMfT4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmItYjY2MC00ODlkLTllOWYtOTQwMmU5ZTJj
MmUyLzAvQjY4M0YyRUI1MEM1OTk5QTc3NDU2RTg4MjY4MzE2MDlENDhDN0QzRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3RvUHk2MURGbVpwM1JXNklKb01XQ2RT
TWZUNC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmIt
YjY2MC00ODlkLTllOWYtOTQwMmU5ZTJjMmUyLzAvMzIzMTMzMmUzMTMzMzkyZTM5
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMzMxMzczMTM1LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
1YtcMA0GCSqGSIb3DQEBCwUAA4IBAQCwpLAtsijbDAFDBCfGmEXZqTH/496GnfuN
ae2u0sauUFO9WI60/FSR/+hV0S8TAPustZ9YrABV/4YWTONfCDZ317VhnRaXlONB
37KUZ4YsT1ajpf3DuhIXt225IH9OskHISRfIZmPKiUda70FeEwq4t09zyyXjzOq3
1Ufs5vcZTAmHks5505MPOs3ZbEldzB9SNvhff8kNW9gTcrtykqbBrC7/IECKTYm4
SDISWRQ9ADupzYu1ce+XvO9TycJ7JT4X3342KkiC3rGxBgbbUOE2vnd3pAcCkHWU
ahEExVUBOgkfRZvQNIHPPffg19AuT3wUeeMQLvQIDcEMD41o7RTu
-----END CERTIFICATE-----
Generated at Fri Mar 20 02:13:48 2026 by rpki-client