Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a431e42e-0d7f-44d0-813f-b5e3a2abbe25/0/3231332e3135372e3131382e302f32332d3233203d3e203230353130.roa
File: 3231332e3135372e3131382e302f32332d3233203d3e203230353130.roa (raw, json)
Hash identifier: seYrznt/EXPMYO3L1829ZbJQ4VyIGwcTFpihoLxVAh8=
Subject key identifier: 96:3A:FE:9B:6A:5D:62:1E:04:7E:B7:0D:09:A4:2C:DB:58:19:F1:F9
Certificate issuer: /CN=8184669b0189b7fabe05e700325a0d74957beb27
Certificate serial: 3810E069E1425B21868726C0C1E3C94D51B6E8C9
Authority key identifier: 81:84:66:9B:01:89:B7:FA:BE:05:E7:00:32:5A:0D:74:95:7B:EB:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gYRmmwGJt_q-BecAMloNdJV76yc.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a431e42e-0d7f-44d0-813f-b5e3a2abbe25/0/3231332e3135372e3131382e302f32332d3233203d3e203230353130.roa
Signing time: Sun 08 Mar 2026 10:46:47 +0000
ROA not before: Sun 08 Mar 2026 10:41:47 +0000
ROA not after: Sun 07 Mar 2027 10:46:47 +0000
asID: 20510
IP address blocks: 213.157.118.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a431e42e-0d7f-44d0-813f-b5e3a2abbe25/0/8184669B0189B7FABE05E700325A0D74957BEB27.crl
rsync://rsync.paas.rpki.ripe.net/repository/a431e42e-0d7f-44d0-813f-b5e3a2abbe25/0/8184669B0189B7FABE05E700325A0D74957BEB27.mft
rsync://rpki.ripe.net/repository/DEFAULT/gYRmmwGJt_q-BecAMloNdJV76yc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 20 Mar 2026 12:21:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:10:e0:69:e1:42:5b:21:86:87:26:c0:c1:e3:c9:4d:51:b6:e8:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8184669b0189b7fabe05e700325a0d74957beb27
Validity
Not Before: Mar 8 10:41:47 2026 GMT
Not After : Mar 7 10:46:47 2027 GMT
Subject: CN=963AFE9B6A5D621E047EB70D09A42CDB5819F1F9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:58:de:e0:15:a5:06:af:be:55:f8:4b:dd:6c:
69:2e:80:92:2d:5a:4a:2c:06:e6:1e:2c:43:a5:1a:
c5:b1:1d:48:0b:cd:58:36:44:1f:67:d4:85:10:19:
4e:7c:85:dd:ae:5b:e9:d1:aa:41:45:1d:43:c7:69:
58:a9:06:b1:49:e3:e6:d4:5a:1a:f0:46:1e:57:ad:
26:ce:a0:49:cf:50:56:0b:ab:7f:d6:16:72:34:81:
6c:8d:90:9c:07:3d:45:0c:17:52:93:c8:0c:07:5e:
44:03:d5:c9:52:0e:b4:1e:78:3e:fd:e8:8d:e4:8b:
ab:1a:10:8f:68:e9:87:a3:22:62:f6:49:17:80:59:
4c:30:49:84:45:30:08:62:34:c7:83:d0:69:be:30:
ff:9a:a3:ac:ad:28:a1:65:fe:9f:a2:ff:39:de:aa:
e6:7e:db:ff:50:e2:5e:08:d2:7c:d9:2c:a5:3d:1b:
ee:f5:5a:20:d4:aa:94:68:a1:b5:23:a2:ba:1a:8f:
7e:6f:c9:14:67:67:45:98:2f:b5:3c:fb:dc:5d:57:
a2:5c:a0:32:ce:d5:ef:4b:1e:f1:70:24:23:49:fb:
70:8c:8a:cf:70:28:4a:a1:c1:97:9c:cc:92:e0:de:
57:b0:cc:98:38:29:6c:b6:24:66:50:93:a5:26:c3:
63:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:3A:FE:9B:6A:5D:62:1E:04:7E:B7:0D:09:A4:2C:DB:58:19:F1:F9
X509v3 Authority Key Identifier:
keyid:81:84:66:9B:01:89:B7:FA:BE:05:E7:00:32:5A:0D:74:95:7B:EB:27
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a431e42e-0d7f-44d0-813f-b5e3a2abbe25/0/8184669B0189B7FABE05E700325A0D74957BEB27.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gYRmmwGJt_q-BecAMloNdJV76yc.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a431e42e-0d7f-44d0-813f-b5e3a2abbe25/0/3231332e3135372e3131382e302f32332d3233203d3e203230353130.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.157.118.0/23
Signature Algorithm: sha256WithRSAEncryption
23:04:68:25:ea:7e:fa:cf:00:3e:2f:56:ae:ae:6d:73:c9:dd:
35:23:4b:49:18:79:a1:b2:0b:fb:65:e6:ea:eb:0a:b4:6f:af:
10:1d:72:67:7c:b5:7c:e4:ba:16:9d:60:db:de:bd:f6:ed:4c:
b8:c3:f6:8f:17:ae:c5:4e:71:07:f5:e5:fd:93:68:8f:78:4f:
ed:e8:f7:96:cb:eb:46:81:64:21:82:ea:d4:97:dc:3d:b4:e5:
18:2d:c6:08:21:09:bb:fc:d7:f4:9c:d0:41:f7:40:a7:9f:6b:
a6:c3:19:68:29:c7:dd:69:37:75:0a:55:ed:10:3c:6f:8e:80:
d1:42:cd:ad:b3:8a:13:e5:a4:3e:e1:8a:2f:30:a1:3d:06:84:
b5:f8:b4:7e:e2:c3:15:2d:5b:1c:f4:0d:9a:e6:c4:16:61:6f:
35:c9:72:2e:49:73:50:fe:cd:93:75:ce:ac:ec:47:4a:1f:f7:
4b:97:ba:d0:e7:53:11:fd:ad:3c:d1:57:11:77:72:0d:55:7a:
46:35:90:28:78:a2:9e:13:95:95:85:36:49:8f:83:b2:34:72:
08:25:1c:52:e2:1a:22:12:da:63:7c:7a:b9:20:a7:9a:f5:95:
06:5e:ea:d8:74:e5:a4:f7:bc:9c:9b:97:8c:ca:67:29:3b:af:
64:0d:e0:1f
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUOBDgaeFCWyGGhybAwePJTVG26MkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODE4NDY2OWIwMTg5YjdmYWJlMDVlNzAwMzI1YTBkNzQ5
NTdiZWIyNzAeFw0yNjAzMDgxMDQxNDdaFw0yNzAzMDcxMDQ2NDdaMDMxMTAvBgNV
BAMTKDk2M0FGRTlCNkE1RDYyMUUwNDdFQjcwRDA5QTQyQ0RCNTgxOUYxRjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgWN7gFaUGr75V+EvdbGkugJIt
WkosBuYeLEOlGsWxHUgLzVg2RB9n1IUQGU58hd2uW+nRqkFFHUPHaVipBrFJ4+bU
WhrwRh5XrSbOoEnPUFYLq3/WFnI0gWyNkJwHPUUMF1KTyAwHXkQD1clSDrQeeD79
6I3ki6saEI9o6YejImL2SReAWUwwSYRFMAhiNMeD0Gm+MP+ao6ytKKFl/p+i/zne
quZ+2/9Q4l4I0nzZLKU9G+71WiDUqpRoobUjoroaj35vyRRnZ0WYL7U8+9xdV6Jc
oDLO1e9LHvFwJCNJ+3CMis9wKEqhwZeczJLg3lewzJg4KWy2JGZQk6Umw2MnAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUljr+m2pdYh4EfrcNCaQs21gZ8fkwHwYDVR0j
BBgwFoAUgYRmmwGJt/q+BecAMloNdJV76ycwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTQzMWU0MmUtMGQ3Zi00NGQwLTgxM2YtYjVlM2EyYWJi
ZTI1LzAvODE4NDY2OUIwMTg5QjdGQUJFMDVFNzAwMzI1QTBENzQ5NTdCRUIyNy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2dZUm1td0dKdF9xLUJlY0FNbG9OZEpW
NzZ5Yy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTQzMWU0MmUt
MGQ3Zi00NGQwLTgxM2YtYjVlM2EyYWJiZTI1LzAvMzIzMTMzMmUzMTM1MzcyZTMx
MzEzODJlMzAyZjMyMzMyZDMyMzMyMDNkM2UyMDMyMzAzNTMxMzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAHVnXYwDQYJKoZIhvcNAQELBQADggEBACMEaCXqfvrPAD4vVq6ubXPJ3TUjS0kY
eaGyC/tl5urrCrRvrxAdcmd8tXzkuhadYNvevfbtTLjD9o8XrsVOcQf15f2TaI94
T+3o95bL60aBZCGC6tSX3D205RgtxgghCbv81/Sc0EH3QKefa6bDGWgpx91pN3UK
Ve0QPG+OgNFCza2zihPlpD7hii8woT0GhLX4tH7iwxUtWxz0DZrmxBZhbzXJci5J
c1D+zZN1zqzsR0of90uXutDnUxH9rTzRVxF3cg1VekY1kCh4op4TlZWFNkmPg7I0
cgglHFLiGiIS2mN8erkgp5r1lQZe6th05aT3vJybl4zKZyk7r2QN4B8=
-----END CERTIFICATE-----
Generated at Fri Mar 20 05:46:14 2026 by rpki-client