Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/3231322e38372e3230332e302f32342d3234203d3e20313938323530.roa
File: 3231322e38372e3230332e302f32342d3234203d3e20313938323530.roa (raw, json)
Hash identifier: MoSmI1HXNmCPeOcu1IWYk4cbCoe2Mm0tsW1yAco/tcI=
Subject key identifier: E0:7C:9D:7F:C5:74:6D:F9:B3:D4:D6:57:54:19:98:8E:11:EA:F8:EC
Certificate issuer: /CN=7fea37fdfe29b34173e97f1b637a44ec41acebb8
Certificate serial: 7BD81127E6AB5887DC2822A3D0A542A988B66810
Authority key identifier: 7F:EA:37:FD:FE:29:B3:41:73:E9:7F:1B:63:7A:44:EC:41:AC:EB:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f-o3_f4ps0Fz6X8bY3pE7EGs67g.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/3231322e38372e3230332e302f32342d3234203d3e20313938323530.roa
Signing time: Fri 10 Apr 2026 12:19:26 +0000
ROA not before: Fri 10 Apr 2026 12:14:26 +0000
ROA not after: Fri 09 Apr 2027 12:19:26 +0000
asID: 198250
IP address blocks: 212.87.203.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/7FEA37FDFE29B34173E97F1B637A44EC41ACEBB8.crl
rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/7FEA37FDFE29B34173E97F1B637A44EC41ACEBB8.mft
rsync://rpki.ripe.net/repository/DEFAULT/f-o3_f4ps0Fz6X8bY3pE7EGs67g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 00:22:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:d8:11:27:e6:ab:58:87:dc:28:22:a3:d0:a5:42:a9:88:b6:68:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7fea37fdfe29b34173e97f1b637a44ec41acebb8
Validity
Not Before: Apr 10 12:14:26 2026 GMT
Not After : Apr 9 12:19:26 2027 GMT
Subject: CN=E07C9D7FC5746DF9B3D4D6575419988E11EAF8EC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:71:49:3f:8e:ed:ae:fb:8b:75:ea:82:1d:bf:
b6:e8:76:24:f1:1c:5f:b5:10:51:0e:87:f4:7c:4b:
ed:28:8a:04:d5:c1:07:1e:60:35:fb:7b:15:37:1a:
72:30:b9:f1:4f:a8:ce:7c:d8:21:5d:e2:1b:56:6c:
78:b6:0d:47:d3:1d:cd:00:f1:45:b9:98:98:81:d4:
f6:31:76:8b:cd:1d:88:75:08:5c:76:5d:cf:1d:78:
90:03:41:ec:ac:8b:b6:b1:81:89:6d:80:7e:35:c1:
03:9d:f4:47:44:ea:d9:93:23:8e:69:41:b8:d6:ab:
a3:2f:cc:77:6a:fb:34:f1:53:ab:a6:d0:1d:ad:4b:
0b:20:54:03:73:8e:d5:2f:61:93:2c:c0:8b:ee:01:
63:d4:d0:63:07:51:67:1e:4a:45:82:74:31:c2:75:
72:26:b8:91:76:e1:3d:4d:a7:b8:b0:e6:e3:6b:30:
0d:23:1a:96:2e:02:2f:5c:05:a1:dc:83:20:f5:32:
46:bc:d1:d8:76:36:e2:52:43:27:68:90:ae:bd:d8:
f4:ac:4f:b5:4b:da:80:5a:31:a1:44:db:15:b7:4c:
9e:f8:28:52:1f:65:24:39:68:0a:ac:d1:ed:4e:19:
d4:a1:29:2d:62:4c:58:73:9d:72:42:7f:dd:43:50:
3d:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:7C:9D:7F:C5:74:6D:F9:B3:D4:D6:57:54:19:98:8E:11:EA:F8:EC
X509v3 Authority Key Identifier:
keyid:7F:EA:37:FD:FE:29:B3:41:73:E9:7F:1B:63:7A:44:EC:41:AC:EB:B8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/7FEA37FDFE29B34173E97F1B637A44EC41ACEBB8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f-o3_f4ps0Fz6X8bY3pE7EGs67g.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/3231322e38372e3230332e302f32342d3234203d3e20313938323530.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.87.203.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:96:c6:4b:ee:d5:2c:54:c8:0e:b2:af:9f:a4:aa:e0:8a:47:
48:f9:96:bd:80:dd:1d:5e:90:a1:ad:65:a2:53:31:3f:52:87:
a6:b7:10:0e:5b:73:7d:7f:7e:20:af:46:2c:65:80:9a:0d:49:
bd:c6:d4:77:fa:13:f5:e1:f8:11:ca:82:0d:86:d2:4c:cb:7b:
f1:58:61:5d:56:de:8b:1f:f9:bb:47:34:3d:a0:7a:40:53:a3:
a3:c7:7c:b2:07:a8:d4:5f:f4:aa:7c:45:23:40:7e:f5:d7:6e:
42:a1:c8:8d:09:e8:f0:35:d0:a5:8a:9f:fd:ec:3b:fe:3e:b0:
84:8c:44:7a:28:7b:22:1d:71:58:ea:4c:c7:a0:35:ea:1d:7f:
ed:b7:02:69:48:9e:8e:53:c4:6e:6b:ae:91:38:2f:9b:b5:e8:
ee:46:c3:d4:10:06:38:2b:70:4d:e7:94:06:35:0c:82:2a:61:
20:80:a7:ac:8a:64:74:fe:7f:56:51:68:7a:51:cf:ae:7c:3f:
f9:4f:8c:6d:3d:9c:d9:11:ff:8a:3b:d3:0e:c2:ae:36:38:ca:
b9:ac:c6:60:16:39:23:18:b9:aa:73:1a:31:94:56:5e:83:ac:
56:21:b1:c4:fb:8a:5f:0a:41:d1:12:06:cb:99:f3:45:c6:ea:
29:7e:fa:17
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUe9gRJ+arWIfcKCKj0KVCqYi2aBAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2ZlYTM3ZmRmZTI5YjM0MTczZTk3ZjFiNjM3YTQ0ZWM0
MWFjZWJiODAeFw0yNjA0MTAxMjE0MjZaFw0yNzA0MDkxMjE5MjZaMDMxMTAvBgNV
BAMTKEUwN0M5RDdGQzU3NDZERjlCM0Q0RDY1NzU0MTk5ODhFMTFFQUY4RUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+cUk/ju2u+4t16oIdv7bodiTx
HF+1EFEOh/R8S+0oigTVwQceYDX7exU3GnIwufFPqM582CFd4htWbHi2DUfTHc0A
8UW5mJiB1PYxdovNHYh1CFx2Xc8deJADQeysi7axgYltgH41wQOd9EdE6tmTI45p
QbjWq6MvzHdq+zTxU6um0B2tSwsgVANzjtUvYZMswIvuAWPU0GMHUWceSkWCdDHC
dXImuJF24T1Np7iw5uNrMA0jGpYuAi9cBaHcgyD1Mka80dh2NuJSQydokK692PSs
T7VL2oBaMaFE2xW3TJ74KFIfZSQ5aAqs0e1OGdShKS1iTFhznXJCf91DUD05AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU4Hydf8V0bfmz1NZXVBmYjhHq+OwwHwYDVR0j
BBgwFoAUf+o3/f4ps0Fz6X8bY3pE7EGs67gwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDNkZDQ4ZWItZDEzNi00ZjBlLWFmOGEtNTdhNmJkZDkz
YTlkLzAvN0ZFQTM3RkRGRTI5QjM0MTczRTk3RjFCNjM3QTQ0RUM0MUFDRUJCOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2YtbzNfZjRwczBGejZYOGJZM3BFN0VH
czY3Zy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDNkZDQ4ZWIt
ZDEzNi00ZjBlLWFmOGEtNTdhNmJkZDkzYTlkLzAvMzIzMTMyMmUzODM3MmUzMjMw
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM5MzgzMjM1MzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADUV8swDQYJKoZIhvcNAQELBQADggEBAH2Wxkvu1SxUyA6yr5+kquCKR0j5lr2A
3R1ekKGtZaJTMT9Sh6a3EA5bc31/fiCvRixlgJoNSb3G1Hf6E/Xh+BHKgg2G0kzL
e/FYYV1W3osf+btHND2gekBTo6PHfLIHqNRf9Kp8RSNAfvXXbkKhyI0J6PA10KWK
n/3sO/4+sISMRHooeyIdcVjqTMegNeodf+23AmlIno5TxG5rrpE4L5u16O5Gw9QQ
BjgrcE3nlAY1DIIqYSCAp6yKZHT+f1ZRaHpRz658P/lPjG09nNkR/4o70w7CrjY4
yrmsxmAWOSMYuapzGjGUVl6DrFYhscT7il8KQdESBsuZ80XG6il++hc=
-----END CERTIFICATE-----
Generated at Sun Apr 19 10:17:24 2026 by rpki-client