Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a431e42e-0d7f-44d0-813f-b5e3a2abbe25/0/3231332e3135372e3130372e302f32342d3234203d3e203530323631.roa
File: 3231332e3135372e3130372e302f32342d3234203d3e203530323631.roa (raw, json)
Hash identifier: XYg9rq7u2qeQohZKrdmx+RfNgyAnLmLulXQ/wUuozA0=
Subject key identifier: 88:A1:39:EB:EB:CC:B5:04:2F:09:E1:F2:AC:40:2D:6A:10:16:66:A8
Certificate issuer: /CN=8184669b0189b7fabe05e700325a0d74957beb27
Certificate serial: 25989DE5E3B33E8AFE5F4A379F3CE6965603A6B3
Authority key identifier: 81:84:66:9B:01:89:B7:FA:BE:05:E7:00:32:5A:0D:74:95:7B:EB:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gYRmmwGJt_q-BecAMloNdJV76yc.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a431e42e-0d7f-44d0-813f-b5e3a2abbe25/0/3231332e3135372e3130372e302f32342d3234203d3e203530323631.roa
Signing time: Sun 08 Mar 2026 10:46:47 +0000
ROA not before: Sun 08 Mar 2026 10:41:47 +0000
ROA not after: Sun 07 Mar 2027 10:46:47 +0000
asID: 50261
IP address blocks: 213.157.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a431e42e-0d7f-44d0-813f-b5e3a2abbe25/0/8184669B0189B7FABE05E700325A0D74957BEB27.crl
rsync://rsync.paas.rpki.ripe.net/repository/a431e42e-0d7f-44d0-813f-b5e3a2abbe25/0/8184669B0189B7FABE05E700325A0D74957BEB27.mft
rsync://rpki.ripe.net/repository/DEFAULT/gYRmmwGJt_q-BecAMloNdJV76yc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 20 Mar 2026 12:21:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:98:9d:e5:e3:b3:3e:8a:fe:5f:4a:37:9f:3c:e6:96:56:03:a6:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8184669b0189b7fabe05e700325a0d74957beb27
Validity
Not Before: Mar 8 10:41:47 2026 GMT
Not After : Mar 7 10:46:47 2027 GMT
Subject: CN=88A139EBEBCCB5042F09E1F2AC402D6A101666A8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:de:0a:7a:f6:d1:b3:5c:7a:0f:0b:24:2c:d0:
b1:44:0e:67:d6:ab:db:32:a2:b9:f9:db:46:e1:69:
74:fe:b0:3b:a1:60:6e:ea:33:c3:f4:67:4f:a7:af:
88:7d:9b:3d:8c:ee:5c:9f:5f:75:b3:12:39:cc:31:
fe:31:ed:50:fc:18:27:89:4c:f1:86:a4:4f:96:4f:
f6:6e:a8:ea:75:29:71:2b:5f:c5:c4:74:34:3d:77:
36:86:67:d4:33:2e:df:dd:7b:78:04:a9:c6:16:bc:
f2:70:29:e0:2f:a8:76:56:f0:7d:d9:d9:dc:3d:90:
bf:5a:76:5e:9a:01:78:9d:b0:0b:ca:72:d1:6b:da:
c6:a5:64:87:b0:3d:5e:16:61:65:c9:57:22:10:27:
ff:64:6b:4b:a3:75:74:03:8e:35:2f:b3:29:b3:65:
e1:f5:cc:94:d9:19:b3:90:8c:0e:26:18:00:ae:c5:
63:62:a8:4a:84:51:46:19:df:25:eb:2a:92:d4:19:
b1:3a:27:74:0a:97:4f:79:01:7f:e4:0b:6f:07:23:
71:ea:d3:e4:5f:e5:f0:bb:58:ca:f8:ab:a5:0c:a5:
21:0e:1a:94:5a:45:32:67:28:8d:9a:16:93:9e:43:
85:d4:4b:95:3e:b9:4d:0f:94:39:15:c9:0d:8b:6f:
e1:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:A1:39:EB:EB:CC:B5:04:2F:09:E1:F2:AC:40:2D:6A:10:16:66:A8
X509v3 Authority Key Identifier:
keyid:81:84:66:9B:01:89:B7:FA:BE:05:E7:00:32:5A:0D:74:95:7B:EB:27
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a431e42e-0d7f-44d0-813f-b5e3a2abbe25/0/8184669B0189B7FABE05E700325A0D74957BEB27.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gYRmmwGJt_q-BecAMloNdJV76yc.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a431e42e-0d7f-44d0-813f-b5e3a2abbe25/0/3231332e3135372e3130372e302f32342d3234203d3e203530323631.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.157.107.0/24
Signature Algorithm: sha256WithRSAEncryption
55:8a:51:cd:c6:51:14:43:2e:e0:4c:18:55:08:e6:26:50:f2:
33:d3:be:c7:5b:1d:0c:03:dd:ed:43:1b:12:a8:8a:c5:dc:90:
67:4c:8f:8e:28:c4:dc:b4:7c:6f:fa:d7:f8:e4:84:57:89:6c:
e5:1e:c2:a2:12:ab:6f:b2:33:d6:e1:d3:1d:04:28:62:56:79:
93:1a:59:e8:1f:68:6d:fe:8d:9e:57:59:14:ec:72:c8:59:c5:
66:34:bc:35:8e:c4:58:62:79:a4:8d:a6:90:5d:8c:79:80:43:
5c:2f:bf:5b:d7:8f:70:c4:a6:16:83:d1:f7:ce:01:da:43:2e:
4d:89:09:bc:cf:a5:22:e3:8c:12:cb:a3:a5:d6:1b:31:d4:73:
89:cb:2d:da:55:2f:6b:83:c5:49:71:f6:53:fe:49:6f:f3:89:
9c:05:93:30:fe:78:0d:59:b2:38:ec:f4:7d:b7:8b:e3:b3:a6:
85:e7:c9:12:b7:b8:62:ec:0d:4a:39:7d:43:83:17:80:18:c9:
6a:48:48:2f:bb:0c:58:f1:bd:6a:01:c3:85:90:c2:5e:96:cb:
c4:c4:53:d3:8b:81:db:2a:3e:5b:78:28:95:d0:54:cf:cb:2b:
6b:89:9b:ff:57:0b:9e:cd:c5:51:d5:9e:3d:c3:0e:85:1e:79:
13:24:5f:2e
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUJZid5eOzPor+X0o3nzzmllYDprMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODE4NDY2OWIwMTg5YjdmYWJlMDVlNzAwMzI1YTBkNzQ5
NTdiZWIyNzAeFw0yNjAzMDgxMDQxNDdaFw0yNzAzMDcxMDQ2NDdaMDMxMTAvBgNV
BAMTKDg4QTEzOUVCRUJDQ0I1MDQyRjA5RTFGMkFDNDAyRDZBMTAxNjY2QTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCi3gp69tGzXHoPCyQs0LFEDmfW
q9syorn520bhaXT+sDuhYG7qM8P0Z0+nr4h9mz2M7lyfX3WzEjnMMf4x7VD8GCeJ
TPGGpE+WT/ZuqOp1KXErX8XEdDQ9dzaGZ9QzLt/de3gEqcYWvPJwKeAvqHZW8H3Z
2dw9kL9adl6aAXidsAvKctFr2salZIewPV4WYWXJVyIQJ/9ka0ujdXQDjjUvsymz
ZeH1zJTZGbOQjA4mGACuxWNiqEqEUUYZ3yXrKpLUGbE6J3QKl095AX/kC28HI3Hq
0+Rf5fC7WMr4q6UMpSEOGpRaRTJnKI2aFpOeQ4XUS5U+uU0PlDkVyQ2Lb+EZAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUiKE56+vMtQQvCeHyrEAtahAWZqgwHwYDVR0j
BBgwFoAUgYRmmwGJt/q+BecAMloNdJV76ycwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTQzMWU0MmUtMGQ3Zi00NGQwLTgxM2YtYjVlM2EyYWJi
ZTI1LzAvODE4NDY2OUIwMTg5QjdGQUJFMDVFNzAwMzI1QTBENzQ5NTdCRUIyNy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2dZUm1td0dKdF9xLUJlY0FNbG9OZEpW
NzZ5Yy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTQzMWU0MmUt
MGQ3Zi00NGQwLTgxM2YtYjVlM2EyYWJiZTI1LzAvMzIzMTMzMmUzMTM1MzcyZTMx
MzAzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM1MzAzMjM2MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADVnWswDQYJKoZIhvcNAQELBQADggEBAFWKUc3GURRDLuBMGFUI5iZQ8jPTvsdb
HQwD3e1DGxKoisXckGdMj44oxNy0fG/61/jkhFeJbOUewqISq2+yM9bh0x0EKGJW
eZMaWegfaG3+jZ5XWRTscshZxWY0vDWOxFhieaSNppBdjHmAQ1wvv1vXj3DEphaD
0ffOAdpDLk2JCbzPpSLjjBLLo6XWGzHUc4nLLdpVL2uDxUlx9lP+SW/ziZwFkzD+
eA1Zsjjs9H23i+OzpoXnyRK3uGLsDUo5fUODF4AYyWpISC+7DFjxvWoBw4WQwl6W
y8TEU9OLgdsqPlt4KJXQVM/LK2uJm/9XC57NxVHVnj3DDoUeeRMkXy4=
-----END CERTIFICATE-----
Generated at Fri Mar 20 05:47:48 2026 by rpki-client