Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a431e42e-0d7f-44d0-813f-b5e3a2abbe25/0/3231332e3135372e39362e302f32302d3230203d3e203230353130.roa
File: 3231332e3135372e39362e302f32302d3230203d3e203230353130.roa (raw, json)
Hash identifier: uXrdK0X7/NnmFTn32ldHmEE9aiPk6VWFQcLiW0WKLMQ=
Subject key identifier: A4:6A:AF:90:A6:EB:B1:9E:D8:99:9A:7E:C5:DA:1B:6A:AE:80:CE:EA
Certificate issuer: /CN=8184669b0189b7fabe05e700325a0d74957beb27
Certificate serial: 3D7EF500DFCC8D5E4EE8FCF4A7E81C1F18FF2E95
Authority key identifier: 81:84:66:9B:01:89:B7:FA:BE:05:E7:00:32:5A:0D:74:95:7B:EB:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gYRmmwGJt_q-BecAMloNdJV76yc.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a431e42e-0d7f-44d0-813f-b5e3a2abbe25/0/3231332e3135372e39362e302f32302d3230203d3e203230353130.roa
Signing time: Sun 08 Mar 2026 10:46:47 +0000
ROA not before: Sun 08 Mar 2026 10:41:47 +0000
ROA not after: Sun 07 Mar 2027 10:46:47 +0000
asID: 20510
IP address blocks: 213.157.96.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a431e42e-0d7f-44d0-813f-b5e3a2abbe25/0/8184669B0189B7FABE05E700325A0D74957BEB27.crl
rsync://rsync.paas.rpki.ripe.net/repository/a431e42e-0d7f-44d0-813f-b5e3a2abbe25/0/8184669B0189B7FABE05E700325A0D74957BEB27.mft
rsync://rpki.ripe.net/repository/DEFAULT/gYRmmwGJt_q-BecAMloNdJV76yc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 20 Mar 2026 12:21:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:7e:f5:00:df:cc:8d:5e:4e:e8:fc:f4:a7:e8:1c:1f:18:ff:2e:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8184669b0189b7fabe05e700325a0d74957beb27
Validity
Not Before: Mar 8 10:41:47 2026 GMT
Not After : Mar 7 10:46:47 2027 GMT
Subject: CN=A46AAF90A6EBB19ED8999A7EC5DA1B6AAE80CEEA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:af:1f:82:f9:08:11:ae:01:3c:4c:76:b3:4c:
2d:d2:bb:41:57:6b:62:b7:74:d0:80:01:3e:bd:87:
8b:9d:56:34:dd:1c:d3:ce:ce:8d:d5:22:cf:78:f5:
17:ad:15:e0:2c:0d:ba:3d:ed:69:3a:cb:bc:7e:b7:
21:4e:fe:1d:f7:72:b0:0b:60:94:45:2a:4f:a4:e9:
26:90:50:29:a9:92:f6:7f:5f:6b:95:c5:f2:57:57:
86:c0:b8:62:67:49:af:70:94:aa:00:d0:39:0a:3a:
3e:58:8a:41:4d:63:85:fb:92:b6:24:3d:ab:83:1a:
e0:40:56:80:ff:89:e8:74:b7:1b:8e:02:d1:e5:b7:
83:36:a0:ea:47:fd:6c:2f:28:6d:1d:86:f7:c0:eb:
b0:90:f0:83:85:05:a6:ec:3c:74:97:50:fa:96:a4:
6a:bd:03:75:9c:de:cf:d5:76:76:f0:ea:38:63:c9:
ed:92:06:2a:ff:ca:c0:d0:1d:62:55:4c:a1:35:a5:
d9:73:40:58:b6:c5:01:a0:c3:2f:01:ab:8d:99:d6:
c2:91:64:34:6e:e6:2d:18:6f:96:8a:6c:e7:4f:da:
49:b0:d6:59:4c:34:95:4f:44:78:06:d8:cf:26:05:
fe:e9:f6:fe:c7:ff:ac:9d:c6:71:d2:85:c0:60:f6:
83:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:6A:AF:90:A6:EB:B1:9E:D8:99:9A:7E:C5:DA:1B:6A:AE:80:CE:EA
X509v3 Authority Key Identifier:
keyid:81:84:66:9B:01:89:B7:FA:BE:05:E7:00:32:5A:0D:74:95:7B:EB:27
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a431e42e-0d7f-44d0-813f-b5e3a2abbe25/0/8184669B0189B7FABE05E700325A0D74957BEB27.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gYRmmwGJt_q-BecAMloNdJV76yc.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a431e42e-0d7f-44d0-813f-b5e3a2abbe25/0/3231332e3135372e39362e302f32302d3230203d3e203230353130.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.157.96.0/20
Signature Algorithm: sha256WithRSAEncryption
50:17:e4:79:b7:d4:1e:07:85:9e:c5:dd:cd:d8:b6:eb:5a:9e:
fb:6d:3a:c7:ec:d4:52:c7:0e:31:a5:70:b3:5a:59:04:97:fc:
9b:73:93:84:db:87:5c:91:7d:8a:7e:ab:4c:50:53:a3:ea:ae:
03:31:82:ed:97:38:5f:25:76:cc:5a:db:18:f6:44:54:c4:62:
17:35:80:56:5d:dd:8e:97:12:d9:1d:9e:22:ad:f1:5e:cf:39:
82:30:89:97:35:a5:32:f0:e6:db:f6:e3:66:cb:ba:4d:ad:46:
4f:3e:b2:f5:50:76:dc:bb:4d:e1:68:f8:3d:bb:2b:05:6b:30:
3e:23:0a:84:f5:94:f7:c2:4d:04:e6:60:d6:5e:dc:43:82:37:
a7:c9:f1:87:4e:70:6f:9c:4a:ad:50:1c:e5:16:ee:b4:3e:a3:
89:ca:1d:44:24:cd:4b:76:ac:26:f0:b8:09:d8:a8:a6:95:c3:
4e:19:3a:39:d7:b6:2d:40:7c:94:c5:ca:9e:7a:db:5c:bf:54:
f3:c3:e6:e9:ad:16:eb:80:8b:32:cb:b8:c3:27:51:04:75:58:
cc:70:31:89:2f:aa:03:b3:1f:b1:fa:b7:36:cd:3c:9f:51:d2:
5f:32:f5:5e:14:b9:33:9a:b3:63:71:72:21:28:f8:a8:3f:ed:
84:fe:9b:32
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUPX71AN/MjV5O6Pz0p+gcHxj/LpUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODE4NDY2OWIwMTg5YjdmYWJlMDVlNzAwMzI1YTBkNzQ5
NTdiZWIyNzAeFw0yNjAzMDgxMDQxNDdaFw0yNzAzMDcxMDQ2NDdaMDMxMTAvBgNV
BAMTKEE0NkFBRjkwQTZFQkIxOUVEODk5OUE3RUM1REExQjZBQUU4MENFRUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDArx+C+QgRrgE8THazTC3Su0FX
a2K3dNCAAT69h4udVjTdHNPOzo3VIs949RetFeAsDbo97Wk6y7x+tyFO/h33crAL
YJRFKk+k6SaQUCmpkvZ/X2uVxfJXV4bAuGJnSa9wlKoA0DkKOj5YikFNY4X7krYk
PauDGuBAVoD/ieh0txuOAtHlt4M2oOpH/WwvKG0dhvfA67CQ8IOFBabsPHSXUPqW
pGq9A3Wc3s/Vdnbw6jhjye2SBir/ysDQHWJVTKE1pdlzQFi2xQGgwy8Bq42Z1sKR
ZDRu5i0Yb5aKbOdP2kmw1llMNJVPRHgG2M8mBf7p9v7H/6ydxnHShcBg9oOvAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUpGqvkKbrsZ7YmZp+xdobaq6AzuowHwYDVR0j
BBgwFoAUgYRmmwGJt/q+BecAMloNdJV76ycwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTQzMWU0MmUtMGQ3Zi00NGQwLTgxM2YtYjVlM2EyYWJi
ZTI1LzAvODE4NDY2OUIwMTg5QjdGQUJFMDVFNzAwMzI1QTBENzQ5NTdCRUIyNy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2dZUm1td0dKdF9xLUJlY0FNbG9OZEpW
NzZ5Yy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTQzMWU0MmUt
MGQ3Zi00NGQwLTgxM2YtYjVlM2EyYWJiZTI1LzAvMzIzMTMzMmUzMTM1MzcyZTM5
MzYyZTMwMmYzMjMwMmQzMjMwMjAzZDNlMjAzMjMwMzUzMTMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE
1Z1gMA0GCSqGSIb3DQEBCwUAA4IBAQBQF+R5t9QeB4Wexd3N2LbrWp77bTrH7NRS
xw4xpXCzWlkEl/ybc5OE24dckX2KfqtMUFOj6q4DMYLtlzhfJXbMWtsY9kRUxGIX
NYBWXd2OlxLZHZ4irfFezzmCMImXNaUy8Obb9uNmy7pNrUZPPrL1UHbcu03haPg9
uysFazA+IwqE9ZT3wk0E5mDWXtxDgjenyfGHTnBvnEqtUBzlFu60PqOJyh1EJM1L
dqwm8LgJ2KimlcNOGTo517YtQHyUxcqeettcv1Tzw+bprRbrgIsyy7jDJ1EEdVjM
cDGJL6oDsx+x+rc2zTyfUdJfMvVeFLkzmrNjcXIhKPioP+2E/psy
-----END CERTIFICATE-----
Generated at Fri Mar 20 05:46:16 2026 by rpki-client