Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/3231322e37342e36302e302f32342d3234203d3e20383334.roa
File: 3231322e37342e36302e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: kpT2E8voK7o919ltKn23zLHO9qtkyhfGeA1NWL14F4o=
Subject key identifier: B6:4B:5E:82:E1:F7:8B:4B:56:15:F7:F5:84:FA:86:CE:F7:AD:C5:2B
Certificate issuer: /CN=4b3aca3a7c652a9faf8e4e119bd2f7bf54afde76
Certificate serial: 2F16D6F5B549462BBBBB35080EAD7D701D2E4C1E
Authority key identifier: 4B:3A:CA:3A:7C:65:2A:9F:AF:8E:4E:11:9B:D2:F7:BF:54:AF:DE:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SzrKOnxlKp-vjk4Rm9L3v1Sv3nY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/3231322e37342e36302e302f32342d3234203d3e20383334.roa
Signing time: Wed 25 Feb 2026 03:22:18 +0000
ROA not before: Wed 25 Feb 2026 03:17:18 +0000
ROA not after: Wed 24 Feb 2027 03:22:18 +0000
asID: 834
IP address blocks: 212.74.60.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/4B3ACA3A7C652A9FAF8E4E119BD2F7BF54AFDE76.crl
rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/4B3ACA3A7C652A9FAF8E4E119BD2F7BF54AFDE76.mft
rsync://rpki.ripe.net/repository/DEFAULT/SzrKOnxlKp-vjk4Rm9L3v1Sv3nY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 16:07:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:16:d6:f5:b5:49:46:2b:bb:bb:35:08:0e:ad:7d:70:1d:2e:4c:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b3aca3a7c652a9faf8e4e119bd2f7bf54afde76
Validity
Not Before: Feb 25 03:17:18 2026 GMT
Not After : Feb 24 03:22:18 2027 GMT
Subject: CN=B64B5E82E1F78B4B5615F7F584FA86CEF7ADC52B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:42:29:ee:c9:1d:29:b3:c9:12:ca:52:0d:c2:
88:fe:6f:d4:26:39:68:2d:c6:85:a1:c0:5d:40:48:
02:ab:f3:b7:87:9a:08:c1:56:c9:71:0a:71:6f:31:
b5:e0:55:c2:80:a8:ff:94:d6:fa:23:b9:af:48:97:
8a:9c:41:30:97:4b:75:49:20:5f:eb:47:dc:e8:19:
89:94:00:c9:3d:2c:3c:1a:b3:24:b9:0c:98:93:ea:
3c:61:87:20:41:ba:29:90:a0:a7:f6:86:1a:bb:ea:
e4:44:10:b1:ed:61:b4:e7:c5:f9:c7:79:f5:2e:06:
50:82:2e:3d:68:cd:51:a7:89:8e:10:ab:cc:bc:c4:
cc:11:8e:a0:aa:82:a7:dc:27:b4:58:37:26:b5:32:
8b:a6:95:44:e4:ca:b0:f8:4d:16:69:0a:bf:4b:10:
1a:a8:cf:51:d8:0e:e1:6d:35:17:7c:9a:ed:0b:6a:
44:d8:06:13:98:4f:b9:f8:53:e1:ed:36:80:e1:6a:
93:6d:c4:22:56:73:58:4b:5d:d4:87:0c:f6:35:34:
e9:0d:c0:ee:aa:f0:c7:ad:f1:a8:40:a3:61:a4:f3:
bd:fa:b0:e0:01:0f:6a:0d:88:99:4f:8f:8f:1f:b1:
b2:15:cf:e4:52:f8:77:6e:ba:2b:bf:e2:45:7b:e7:
63:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:4B:5E:82:E1:F7:8B:4B:56:15:F7:F5:84:FA:86:CE:F7:AD:C5:2B
X509v3 Authority Key Identifier:
keyid:4B:3A:CA:3A:7C:65:2A:9F:AF:8E:4E:11:9B:D2:F7:BF:54:AF:DE:76
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/4B3ACA3A7C652A9FAF8E4E119BD2F7BF54AFDE76.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SzrKOnxlKp-vjk4Rm9L3v1Sv3nY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/3231322e37342e36302e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.74.60.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:6f:85:e1:32:01:07:42:d5:d9:c4:c4:e2:78:57:39:21:8f:
e8:a2:af:60:08:3f:f5:15:5d:b7:2c:39:8f:33:43:df:46:dc:
ca:72:28:20:f7:aa:f6:c7:53:c3:9e:13:ce:08:9a:ef:81:0d:
c9:ce:c3:16:e6:1d:a2:eb:7e:3e:0a:31:bd:25:79:17:69:1a:
21:7c:62:1c:db:6b:29:8d:41:32:1e:58:2f:8a:d4:2f:b5:32:
7a:f9:47:02:4e:5c:d4:68:9e:22:70:af:a5:f6:95:d8:93:4b:
f8:80:62:21:26:b4:e5:e8:d1:ee:33:11:79:a0:6b:41:74:75:
6a:0e:7f:ed:f3:59:3f:39:5d:39:12:4c:6c:45:5e:e3:61:84:
d5:bf:90:65:b5:e3:87:d1:a2:d9:08:70:6e:1d:c2:7e:9c:59:
f6:95:4e:f1:cc:6e:9d:58:5a:29:2e:c6:6a:0e:04:4d:78:70:
41:fb:dd:e9:37:01:59:b9:16:6b:22:6d:8d:1f:f2:c4:c2:21:
ec:54:d9:e9:e6:a5:3a:ca:08:40:d2:e3:1f:2a:71:79:b6:d0:
d9:c6:f0:39:a4:73:ef:04:45:06:48:84:f1:70:89:54:a9:78:
08:03:47:c5:14:a7:68:bf:81:39:eb:32:23:4e:56:52:52:bd:
4d:46:50:f0
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIULxbW9bVJRiu7uzUIDq19cB0uTB4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGIzYWNhM2E3YzY1MmE5ZmFmOGU0ZTExOWJkMmY3YmY1
NGFmZGU3NjAeFw0yNjAyMjUwMzE3MThaFw0yNzAyMjQwMzIyMThaMDMxMTAvBgNV
BAMTKEI2NEI1RTgyRTFGNzhCNEI1NjE1RjdGNTg0RkE4NkNFRjdBREM1MkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDlQinuyR0ps8kSylINwoj+b9Qm
OWgtxoWhwF1ASAKr87eHmgjBVslxCnFvMbXgVcKAqP+U1vojua9Il4qcQTCXS3VJ
IF/rR9zoGYmUAMk9LDwasyS5DJiT6jxhhyBBuimQoKf2hhq76uREELHtYbTnxfnH
efUuBlCCLj1ozVGniY4Qq8y8xMwRjqCqgqfcJ7RYNya1MoumlUTkyrD4TRZpCr9L
EBqoz1HYDuFtNRd8mu0LakTYBhOYT7n4U+HtNoDhapNtxCJWc1hLXdSHDPY1NOkN
wO6q8Met8ahAo2Gk8736sOABD2oNiJlPj48fsbIVz+RS+Hduuiu/4kV752PFAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUtkteguH3i0tWFff1hPqGzvetxSswHwYDVR0j
BBgwFoAUSzrKOnxlKp+vjk4Rm9L3v1Sv3nYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMGQ4NTRjNzctZmQ4Yi00MjVhLWJkNTUtODJlMWQ3ZmFh
NzgyLzAvNEIzQUNBM0E3QzY1MkE5RkFGOEU0RTExOUJEMkY3QkY1NEFGREU3Ni5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1N6cktPbnhsS3AtdmprNFJtOUwzdjFT
djNuWS5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMGQ4NTRjNzct
ZmQ4Yi00MjVhLWJkNTUtODJlMWQ3ZmFhNzgyLzAvMzIzMTMyMmUzNzM0MmUzNjMw
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzgzMzM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1Eo8MA0G
CSqGSIb3DQEBCwUAA4IBAQCnb4XhMgEHQtXZxMTieFc5IY/ooq9gCD/1FV23LDmP
M0PfRtzKcigg96r2x1PDnhPOCJrvgQ3JzsMW5h2i634+CjG9JXkXaRohfGIc22sp
jUEyHlgvitQvtTJ6+UcCTlzUaJ4icK+l9pXYk0v4gGIhJrTl6NHuMxF5oGtBdHVq
Dn/t81k/OV05EkxsRV7jYYTVv5BlteOH0aLZCHBuHcJ+nFn2lU7xzG6dWFopLsZq
DgRNeHBB+93pNwFZuRZrIm2NH/LEwiHsVNnp5qU6yghA0uMfKnF5ttDZxvA5pHPv
BEUGSITxcIlUqXgIA0fFFKdov4E56zIjTlZSUr1NRlDw
-----END CERTIFICATE-----
Generated at Mon Mar 2 04:22:55 2026 by rpki-client