Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ac0e13d8-bfe0-4235-afb4-d53edfbacdd2/0/3231332e3235342e3137302e302f32342d3234203d3e20323038343833.roa
File: 3231332e3235342e3137302e302f32342d3234203d3e20323038343833.roa (raw, json)
Hash identifier: LH3qwxx3cFGEc2nT11lVGioc4VsEH2u028n8n+GZTy8=
Subject key identifier: EE:F8:DB:F7:5C:D5:9C:56:9C:9A:F8:4E:9A:71:63:CE:D6:AC:A5:3E
Certificate issuer: /CN=5ecb4cadbbadd500f49ca697d566a2761e017608
Certificate serial: 65E2CD62E0E7526C2DC252ED6DE1136554DDE4A8
Authority key identifier: 5E:CB:4C:AD:BB:AD:D5:00:F4:9C:A6:97:D5:66:A2:76:1E:01:76:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XstMrbut1QD0nKaX1Waidh4Bdgg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ac0e13d8-bfe0-4235-afb4-d53edfbacdd2/0/3231332e3235342e3137302e302f32342d3234203d3e20323038343833.roa
Signing time: Mon 01 Jun 2026 13:47:20 +0000
ROA not before: Mon 01 Jun 2026 13:42:20 +0000
ROA not after: Mon 31 May 2027 13:47:20 +0000
asID: 208483
IP address blocks: 213.254.170.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ac0e13d8-bfe0-4235-afb4-d53edfbacdd2/0/5ECB4CADBBADD500F49CA697D566A2761E017608.crl
rsync://rsync.paas.rpki.ripe.net/repository/ac0e13d8-bfe0-4235-afb4-d53edfbacdd2/0/5ECB4CADBBADD500F49CA697D566A2761E017608.mft
rsync://rpki.ripe.net/repository/DEFAULT/XstMrbut1QD0nKaX1Waidh4Bdgg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Jun 2026 13:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:e2:cd:62:e0:e7:52:6c:2d:c2:52:ed:6d:e1:13:65:54:dd:e4:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ecb4cadbbadd500f49ca697d566a2761e017608
Validity
Not Before: Jun 1 13:42:20 2026 GMT
Not After : May 31 13:47:20 2027 GMT
Subject: CN=EEF8DBF75CD59C569C9AF84E9A7163CED6ACA53E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:04:11:1e:0c:b4:98:db:9b:39:3b:1f:52:5f:
5c:78:8e:ab:c4:11:10:17:c1:ea:a3:24:28:05:cf:
0a:78:41:4b:fb:e1:87:69:77:a0:12:b9:ee:5e:d8:
98:95:3e:13:63:0e:72:96:30:47:15:03:b7:10:ef:
6d:65:ab:29:03:8d:c6:be:b8:e9:ed:3c:33:62:d2:
b9:ee:be:69:b7:b7:9e:7c:e5:13:cf:6f:dc:36:67:
dc:1c:8e:6d:20:0c:ab:94:59:32:41:e0:b3:1f:12:
f7:3c:5e:3a:6b:ae:78:ea:c0:40:78:05:27:5d:d1:
f5:e5:59:dd:78:d1:0d:59:8e:ea:ad:38:fe:bf:74:
3c:d8:b1:21:b4:4e:2d:52:3f:df:f8:9d:37:73:64:
21:11:01:a4:db:c7:fd:dd:17:0a:ad:bb:bb:95:8a:
43:ee:45:1d:15:08:45:ad:be:d9:c2:6d:d8:64:73:
34:0e:ee:bf:d0:9c:2e:3c:c0:3a:96:f2:af:f3:ba:
a6:8f:25:42:22:d2:5c:26:08:48:93:2d:05:db:1c:
3d:9e:1c:c7:9c:72:e6:89:2e:e3:3f:9f:c8:07:5d:
1f:21:b6:9a:a6:1c:d9:0a:01:43:c0:84:63:b0:b5:
4b:bb:e7:25:28:8a:af:0c:d3:97:c9:43:54:cb:eb:
ad:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:F8:DB:F7:5C:D5:9C:56:9C:9A:F8:4E:9A:71:63:CE:D6:AC:A5:3E
X509v3 Authority Key Identifier:
keyid:5E:CB:4C:AD:BB:AD:D5:00:F4:9C:A6:97:D5:66:A2:76:1E:01:76:08
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ac0e13d8-bfe0-4235-afb4-d53edfbacdd2/0/5ECB4CADBBADD500F49CA697D566A2761E017608.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XstMrbut1QD0nKaX1Waidh4Bdgg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ac0e13d8-bfe0-4235-afb4-d53edfbacdd2/0/3231332e3235342e3137302e302f32342d3234203d3e20323038343833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.254.170.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:7f:bc:38:e8:e3:ab:00:78:8b:4a:74:ca:ea:7f:99:d3:85:
24:4c:47:d4:05:78:fa:b9:2a:35:8a:c2:a9:eb:bb:6d:ea:8c:
62:ad:49:38:9d:f6:03:c3:77:21:73:b7:7d:c6:ea:2a:cf:ad:
1f:df:12:7d:10:9c:99:67:1f:f2:66:a4:92:1b:d5:c2:40:f9:
41:63:26:d7:d8:e3:1a:4a:7e:25:bf:98:91:b1:87:7d:ad:4d:
b1:cc:36:06:6f:e0:07:6a:dc:dc:1b:e4:c9:a5:d1:52:5c:a7:
16:bb:7b:94:02:16:b8:8e:26:f1:12:78:2f:97:99:68:2d:e0:
28:9d:73:df:f8:b4:c1:4b:77:d2:50:13:34:76:06:fd:4c:e3:
fa:22:ea:58:1e:9d:e4:4e:48:1f:de:70:e5:07:c9:d4:2e:52:
dc:a3:08:70:9a:7b:95:ea:d7:cc:84:2b:90:56:50:77:65:2f:
a6:66:ba:52:94:43:88:61:70:39:78:95:6a:29:94:78:6c:75:
bf:39:cd:38:9a:ef:f8:99:d0:47:36:fa:81:ea:b2:06:c2:a2:
f1:1a:6a:89:a3:ee:4d:c0:3b:9f:36:4f:87:22:a5:da:6e:a8:
1f:94:84:1c:63:cf:76:d6:16:a4:04:2b:43:05:d3:c9:3d:8a:
af:91:61:5c
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUZeLNYuDnUmwtwlLtbeETZVTd5KgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWVjYjRjYWRiYmFkZDUwMGY0OWNhNjk3ZDU2NmEyNzYx
ZTAxNzYwODAeFw0yNjA2MDExMzQyMjBaFw0yNzA1MzExMzQ3MjBaMDMxMTAvBgNV
BAMTKEVFRjhEQkY3NUNENTlDNTY5QzlBRjg0RTlBNzE2M0NFRDZBQ0E1M0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCOBBEeDLSY25s5Ox9SX1x4jqvE
ERAXweqjJCgFzwp4QUv74Ydpd6ASue5e2JiVPhNjDnKWMEcVA7cQ721lqykDjca+
uOntPDNi0rnuvmm3t5585RPPb9w2Z9wcjm0gDKuUWTJB4LMfEvc8XjprrnjqwEB4
BSdd0fXlWd140Q1ZjuqtOP6/dDzYsSG0Ti1SP9/4nTdzZCERAaTbx/3dFwqtu7uV
ikPuRR0VCEWtvtnCbdhkczQO7r/QnC48wDqW8q/zuqaPJUIi0lwmCEiTLQXbHD2e
HMeccuaJLuM/n8gHXR8htpqmHNkKAUPAhGOwtUu75yUoiq8M05fJQ1TL662tAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU7vjb91zVnFacmvhOmnFjztaspT4wHwYDVR0j
BBgwFoAUXstMrbut1QD0nKaX1Waidh4BdggwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWMwZTEzZDgtYmZlMC00MjM1LWFmYjQtZDUzZWRmYmFj
ZGQyLzAvNUVDQjRDQURCQkFERDUwMEY0OUNBNjk3RDU2NkEyNzYxRTAxNzYwOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hzdE1yYnV0MVFEMG5LYVgxV2FpZGg0
QmRnZy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWMwZTEzZDgt
YmZlMC00MjM1LWFmYjQtZDUzZWRmYmFjZGQyLzAvMzIzMTMzMmUzMjM1MzQyZTMx
MzczMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzODM0MzgzMy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEANX+qjANBgkqhkiG9w0BAQsFAAOCAQEADn+8OOjjqwB4i0p0yup/mdOFJExH
1AV4+rkqNYrCqeu7beqMYq1JOJ32A8N3IXO3fcbqKs+tH98SfRCcmWcf8makkhvV
wkD5QWMm19jjGkp+Jb+YkbGHfa1Nscw2Bm/gB2rc3BvkyaXRUlynFrt7lAIWuI4m
8RJ4L5eZaC3gKJ1z3/i0wUt30lATNHYG/Uzj+iLqWB6d5E5IH95w5QfJ1C5S3KMI
cJp7lerXzIQrkFZQd2Uvpma6UpRDiGFwOXiVaimUeGx1vznNOJrv+JnQRzb6geqy
BsKi8RpqiaPuTcA7nzZPhyKl2m6oH5SEHGPPdtYWpAQrQwXTyT2Kr5FhXA==
-----END CERTIFICATE-----
Generated at Sat Jun 6 19:28:30 2026 by rpki-client