Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/3231322e37342e35382e302f32342d3234203d3e20323033303735.roa
File: 3231322e37342e35382e302f32342d3234203d3e20323033303735.roa (raw, json)
Hash identifier: 0ePJF50BdXp0C7uUnHAyLfQ7J/MeKrx+gZFHLpBqWk8=
Subject key identifier: 69:81:AA:0D:A8:F2:E8:40:E4:33:4D:08:A5:46:00:B7:4E:B1:93:CE
Certificate issuer: /CN=4b3aca3a7c652a9faf8e4e119bd2f7bf54afde76
Certificate serial: 011BDBD6D920A6A0267381B0EA7FA16AABA1AC12
Authority key identifier: 4B:3A:CA:3A:7C:65:2A:9F:AF:8E:4E:11:9B:D2:F7:BF:54:AF:DE:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SzrKOnxlKp-vjk4Rm9L3v1Sv3nY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/3231322e37342e35382e302f32342d3234203d3e20323033303735.roa
Signing time: Fri 06 Feb 2026 04:11:53 +0000
ROA not before: Fri 06 Feb 2026 04:06:53 +0000
ROA not after: Fri 05 Feb 2027 04:11:53 +0000
asID: 203075
IP address blocks: 212.74.58.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/4B3ACA3A7C652A9FAF8E4E119BD2F7BF54AFDE76.crl
rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/4B3ACA3A7C652A9FAF8E4E119BD2F7BF54AFDE76.mft
rsync://rpki.ripe.net/repository/DEFAULT/SzrKOnxlKp-vjk4Rm9L3v1Sv3nY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:1b:db:d6:d9:20:a6:a0:26:73:81:b0:ea:7f:a1:6a:ab:a1:ac:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b3aca3a7c652a9faf8e4e119bd2f7bf54afde76
Validity
Not Before: Feb 6 04:06:53 2026 GMT
Not After : Feb 5 04:11:53 2027 GMT
Subject: CN=6981AA0DA8F2E840E4334D08A54600B74EB193CE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:12:a7:ae:91:6d:46:60:1e:c6:94:90:29:62:
72:fb:a4:9e:7b:97:60:2e:f5:ae:f5:63:66:bd:c8:
2b:25:c3:42:e1:fc:65:99:18:82:6b:64:44:bb:97:
8e:ea:0a:39:9d:5a:66:d7:a9:9b:5a:d2:45:3e:98:
2f:5c:09:62:f7:50:47:5b:45:7f:a4:fe:d0:a9:11:
7d:a7:61:99:f5:09:2a:be:35:b1:33:24:f4:0a:ec:
e9:ce:38:51:b3:1c:23:f3:a6:f0:d0:6f:94:b1:51:
c6:a3:db:16:0c:f1:27:e7:d1:dd:a5:0e:3a:2d:51:
bf:38:b8:2e:76:16:2b:0b:18:af:44:5c:80:91:75:
49:eb:8a:4f:1a:01:8a:45:e6:af:62:55:f1:8e:1e:
2c:84:81:3b:a6:19:77:7c:5a:1d:a1:4a:6d:f7:2a:
33:53:81:2e:92:34:d2:fd:87:c5:c4:52:d5:13:0b:
04:9e:65:cc:08:73:5f:8b:06:57:ff:b7:06:ec:3a:
be:46:1f:6d:b3:7b:b6:85:58:7a:da:35:ab:7c:53:
3b:00:75:6e:f2:18:5f:09:d5:87:b5:e2:8f:e3:1c:
39:20:29:3f:19:ee:e4:5c:7d:9a:91:da:14:15:42:
bf:49:39:92:79:ed:ac:45:b2:35:b8:6b:78:d3:f2:
a2:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:81:AA:0D:A8:F2:E8:40:E4:33:4D:08:A5:46:00:B7:4E:B1:93:CE
X509v3 Authority Key Identifier:
keyid:4B:3A:CA:3A:7C:65:2A:9F:AF:8E:4E:11:9B:D2:F7:BF:54:AF:DE:76
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/4B3ACA3A7C652A9FAF8E4E119BD2F7BF54AFDE76.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SzrKOnxlKp-vjk4Rm9L3v1Sv3nY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/3231322e37342e35382e302f32342d3234203d3e20323033303735.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.74.58.0/24
Signature Algorithm: sha256WithRSAEncryption
95:55:d3:38:97:75:59:19:93:4d:17:e1:16:df:d8:9f:3b:9a:
b2:42:50:44:f9:00:7c:e7:03:7e:25:bd:1a:b3:77:44:8d:bc:
03:ad:6a:8d:a2:04:d2:f1:02:34:b8:83:1a:a1:2b:79:27:39:
21:68:a0:fa:87:79:26:70:34:ae:49:2b:63:85:ff:8f:e6:d7:
7b:60:54:3a:b8:04:ab:7a:a4:24:fe:1f:78:15:c6:a1:9e:6e:
f9:36:c4:64:6a:e7:62:60:7e:97:0b:01:bc:17:3e:57:a2:50:
89:05:3c:7a:fb:69:76:6a:d2:f7:34:dd:6e:38:fb:28:26:a7:
6e:79:89:4b:b1:b5:ed:37:5c:28:81:91:d7:7e:2f:68:cd:20:
1f:38:71:ad:f7:8f:e2:ec:82:5c:b2:80:16:cf:ae:6d:d5:d5:
e0:f8:3c:32:ed:30:ed:fb:52:1f:af:f7:cb:bf:45:43:de:a8:
37:e9:7a:fa:ca:bd:bf:2b:2d:59:89:4c:0c:b2:06:74:ab:15:
bb:d3:99:b2:4a:ef:ae:18:1f:92:72:40:0f:a5:6c:b5:64:5c:
db:35:7f:b3:2d:2e:b0:b5:c6:57:6b:a2:ff:0e:e7:ce:06:9b:
f7:01:14:9f:05:0a:a1:f5:a3:5f:86:0e:65:5b:5a:2e:15:f4:
e5:3f:c7:0f
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUARvb1tkgpqAmc4Gw6n+haquhrBIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGIzYWNhM2E3YzY1MmE5ZmFmOGU0ZTExOWJkMmY3YmY1
NGFmZGU3NjAeFw0yNjAyMDYwNDA2NTNaFw0yNzAyMDUwNDExNTNaMDMxMTAvBgNV
BAMTKDY5ODFBQTBEQThGMkU4NDBFNDMzNEQwOEE1NDYwMEI3NEVCMTkzQ0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCeEqeukW1GYB7GlJApYnL7pJ57
l2Au9a71Y2a9yCslw0Lh/GWZGIJrZES7l47qCjmdWmbXqZta0kU+mC9cCWL3UEdb
RX+k/tCpEX2nYZn1CSq+NbEzJPQK7OnOOFGzHCPzpvDQb5SxUcaj2xYM8Sfn0d2l
DjotUb84uC52FisLGK9EXICRdUnrik8aAYpF5q9iVfGOHiyEgTumGXd8Wh2hSm33
KjNTgS6SNNL9h8XEUtUTCwSeZcwIc1+LBlf/twbsOr5GH22ze7aFWHraNat8UzsA
dW7yGF8J1Ye14o/jHDkgKT8Z7uRcfZqR2hQVQr9JOZJ57axFsjW4a3jT8qLfAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUaYGqDajy6EDkM00IpUYAt06xk84wHwYDVR0j
BBgwFoAUSzrKOnxlKp+vjk4Rm9L3v1Sv3nYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMGQ4NTRjNzctZmQ4Yi00MjVhLWJkNTUtODJlMWQ3ZmFh
NzgyLzAvNEIzQUNBM0E3QzY1MkE5RkFGOEU0RTExOUJEMkY3QkY1NEFGREU3Ni5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1N6cktPbnhsS3AtdmprNFJtOUwzdjFT
djNuWS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMGQ4NTRjNzct
ZmQ4Yi00MjVhLWJkNTUtODJlMWQ3ZmFhNzgyLzAvMzIzMTMyMmUzNzM0MmUzNTM4
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDMzMzAzNzM1LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
1Eo6MA0GCSqGSIb3DQEBCwUAA4IBAQCVVdM4l3VZGZNNF+EW39ifO5qyQlBE+QB8
5wN+Jb0as3dEjbwDrWqNogTS8QI0uIMaoSt5JzkhaKD6h3kmcDSuSStjhf+P5td7
YFQ6uASreqQk/h94Fcahnm75NsRkaudiYH6XCwG8Fz5XolCJBTx6+2l2atL3NN1u
OPsoJqdueYlLsbXtN1wogZHXfi9ozSAfOHGt94/i7IJcsoAWz65t1dXg+Dwy7TDt
+1Ifr/fLv0VD3qg36Xr6yr2/Ky1ZiUwMsgZ0qxW705mySu+uGB+SckAPpWy1ZFzb
NX+zLS6wtcZXa6L/DufOBpv3ARSfBQqh9aNfhg5lW1ouFfTlP8cP
-----END CERTIFICATE-----
Generated at Mon Mar 2 10:46:34 2026 by rpki-client