Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/3231322e37342e35352e302f32342d3234203d3e20323133343237.roa
File: 3231322e37342e35352e302f32342d3234203d3e20323133343237.roa (raw, json)
Hash identifier: KpsblvZhJdjoozRws/vKvFom2/S5R7MIjC15rBE2JMg=
Subject key identifier: 43:01:E1:47:2B:44:69:C9:33:FB:C6:4F:B8:5D:D7:BA:FF:E0:35:19
Certificate issuer: /CN=4b3aca3a7c652a9faf8e4e119bd2f7bf54afde76
Certificate serial: 7284553BB728B82FBFEF3CC6BA44720A71288FA8
Authority key identifier: 4B:3A:CA:3A:7C:65:2A:9F:AF:8E:4E:11:9B:D2:F7:BF:54:AF:DE:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SzrKOnxlKp-vjk4Rm9L3v1Sv3nY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/3231322e37342e35352e302f32342d3234203d3e20323133343237.roa
Signing time: Tue 24 Feb 2026 12:01:31 +0000
ROA not before: Tue 24 Feb 2026 11:56:31 +0000
ROA not after: Tue 23 Feb 2027 12:01:31 +0000
asID: 213427
IP address blocks: 212.74.55.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/4B3ACA3A7C652A9FAF8E4E119BD2F7BF54AFDE76.crl
rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/4B3ACA3A7C652A9FAF8E4E119BD2F7BF54AFDE76.mft
rsync://rpki.ripe.net/repository/DEFAULT/SzrKOnxlKp-vjk4Rm9L3v1Sv3nY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 16:07:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:84:55:3b:b7:28:b8:2f:bf:ef:3c:c6:ba:44:72:0a:71:28:8f:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b3aca3a7c652a9faf8e4e119bd2f7bf54afde76
Validity
Not Before: Feb 24 11:56:31 2026 GMT
Not After : Feb 23 12:01:31 2027 GMT
Subject: CN=4301E1472B4469C933FBC64FB85DD7BAFFE03519
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:08:13:b8:db:c0:d6:c4:39:58:23:7a:2a:ef:
ca:b1:dc:05:a6:57:b4:0e:9b:fa:d2:d8:35:27:57:
8e:43:f4:e4:75:b2:7f:40:11:23:82:ab:6f:b2:f9:
bf:5d:6e:69:ca:51:cd:52:24:9e:68:10:93:23:d3:
30:0e:ff:be:8d:62:4d:9d:8a:22:70:b5:28:f0:f1:
5d:bd:18:ee:21:9a:19:dd:64:18:fb:5d:23:16:67:
dd:95:ee:73:cb:ee:bd:14:1c:c5:56:2d:a7:17:00:
5e:a8:e9:5c:60:c1:b1:6b:d6:bb:4b:75:3a:96:25:
52:70:89:40:fa:1d:73:b7:9a:f7:3d:c6:16:60:f5:
d0:3f:ad:ec:8c:6e:7a:a9:30:a3:7e:ab:b1:5e:32:
c1:50:3a:66:6d:e1:b9:1b:da:a3:11:0d:00:38:99:
73:cf:62:47:77:16:60:e8:41:ce:61:48:10:8c:e2:
33:08:8a:19:37:f4:c4:34:6a:74:65:e2:97:7d:d0:
7f:81:6d:2d:10:b1:8a:64:0d:14:cc:0a:08:fa:fb:
12:60:a7:6b:2d:7f:fa:91:15:37:51:ca:3f:cc:93:
90:fc:97:21:3d:35:b1:d8:cd:f6:24:b0:6e:a7:ee:
04:3e:d7:e8:2a:41:0f:2a:06:49:4f:66:09:71:9c:
ce:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:01:E1:47:2B:44:69:C9:33:FB:C6:4F:B8:5D:D7:BA:FF:E0:35:19
X509v3 Authority Key Identifier:
keyid:4B:3A:CA:3A:7C:65:2A:9F:AF:8E:4E:11:9B:D2:F7:BF:54:AF:DE:76
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/4B3ACA3A7C652A9FAF8E4E119BD2F7BF54AFDE76.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SzrKOnxlKp-vjk4Rm9L3v1Sv3nY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/3231322e37342e35352e302f32342d3234203d3e20323133343237.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.74.55.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:58:11:15:82:b1:4f:4c:b9:ba:a5:18:07:18:5e:16:b7:98:
f6:b8:c5:c3:63:cb:7e:4c:56:39:dc:26:72:99:93:6c:4e:a0:
12:b3:b8:fd:74:a4:1e:26:c4:fa:57:6e:61:19:df:a6:d8:1b:
8d:89:3b:ee:05:5d:05:1c:d8:c9:86:0c:87:0f:21:c5:60:4a:
ed:16:37:7a:f5:70:7f:1e:b5:f7:9b:f1:6d:f3:79:0b:0b:dd:
bd:ac:e7:f7:14:e5:49:fb:f8:bc:63:c2:f4:ee:1c:e2:fc:d0:
4e:34:c7:03:9c:2c:6f:6a:6d:e9:7a:55:ab:9e:cc:0f:4a:6b:
f6:5d:f5:b2:a3:78:da:b9:b5:7b:e3:48:0f:37:63:24:c6:9b:
65:3a:df:94:6b:86:6f:bc:04:8b:d9:36:f8:2b:9e:0d:90:68:
a6:35:6a:8d:cf:82:1c:2a:96:2a:75:08:be:32:3b:60:fc:24:
55:be:b5:fa:31:2a:d4:aa:8d:0a:11:1c:25:dc:f2:4d:b0:92:
11:a8:1e:3e:21:fd:c3:e1:34:b6:5f:0e:f8:a3:15:df:31:7c:
f0:be:16:8d:4e:0e:ee:06:de:cc:70:04:3b:1a:54:ad:c1:05:
e7:19:33:8a:cc:1a:d2:62:e8:c8:87:71:34:39:45:df:a7:65:
29:10:ec:5b
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUcoRVO7couC+/7zzGukRyCnEoj6gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGIzYWNhM2E3YzY1MmE5ZmFmOGU0ZTExOWJkMmY3YmY1
NGFmZGU3NjAeFw0yNjAyMjQxMTU2MzFaFw0yNzAyMjMxMjAxMzFaMDMxMTAvBgNV
BAMTKDQzMDFFMTQ3MkI0NDY5QzkzM0ZCQzY0RkI4NUREN0JBRkZFMDM1MTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCWCBO428DWxDlYI3oq78qx3AWm
V7QOm/rS2DUnV45D9OR1sn9AESOCq2+y+b9dbmnKUc1SJJ5oEJMj0zAO/76NYk2d
iiJwtSjw8V29GO4hmhndZBj7XSMWZ92V7nPL7r0UHMVWLacXAF6o6VxgwbFr1rtL
dTqWJVJwiUD6HXO3mvc9xhZg9dA/reyMbnqpMKN+q7FeMsFQOmZt4bkb2qMRDQA4
mXPPYkd3FmDoQc5hSBCM4jMIihk39MQ0anRl4pd90H+BbS0QsYpkDRTMCgj6+xJg
p2stf/qRFTdRyj/Mk5D8lyE9NbHYzfYksG6n7gQ+1+gqQQ8qBklPZglxnM6pAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUQwHhRytEackz+8ZPuF3Xuv/gNRkwHwYDVR0j
BBgwFoAUSzrKOnxlKp+vjk4Rm9L3v1Sv3nYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMGQ4NTRjNzctZmQ4Yi00MjVhLWJkNTUtODJlMWQ3ZmFh
NzgyLzAvNEIzQUNBM0E3QzY1MkE5RkFGOEU0RTExOUJEMkY3QkY1NEFGREU3Ni5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1N6cktPbnhsS3AtdmprNFJtOUwzdjFT
djNuWS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMGQ4NTRjNzct
ZmQ4Yi00MjVhLWJkNTUtODJlMWQ3ZmFhNzgyLzAvMzIzMTMyMmUzNzM0MmUzNTM1
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTMzMzQzMjM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
1Eo3MA0GCSqGSIb3DQEBCwUAA4IBAQA6WBEVgrFPTLm6pRgHGF4Wt5j2uMXDY8t+
TFY53CZymZNsTqASs7j9dKQeJsT6V25hGd+m2BuNiTvuBV0FHNjJhgyHDyHFYErt
Fjd69XB/HrX3m/Ft83kLC929rOf3FOVJ+/i8Y8L07hzi/NBONMcDnCxvam3pelWr
nswPSmv2XfWyo3jaubV740gPN2MkxptlOt+Ua4ZvvASL2Tb4K54NkGimNWqNz4Ic
KpYqdQi+Mjtg/CRVvrX6MSrUqo0KERwl3PJNsJIRqB4+If3D4TS2Xw74oxXfMXzw
vhaNTg7uBt7McAQ7GlStwQXnGTOKzBrSYujIh3E0OUXfp2UpEOxb
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:57:27 2026 by rpki-client