Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/36352e38372e3232332e302f32342d3234203d3e20323033363632.roa
File: 36352e38372e3232332e302f32342d3234203d3e20323033363632.roa (raw, json)
Hash identifier: uDqsDbk+jAyhFocaRSPAMdO9Mr05b3roPn4X2XhRNdQ=
Subject key identifier: 7F:FF:AD:81:40:A1:93:55:21:64:88:F7:33:B9:4B:C6:38:1D:7E:35
Certificate issuer: /CN=3134ee987e08d8b5583feef621a03150c4f35434
Certificate serial: 2E62CBB2C8B63F921084E2DB4C70575B164F6589
Authority key identifier: 31:34:EE:98:7E:08:D8:B5:58:3F:EE:F6:21:A0:31:50:C4:F3:54:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/36352e38372e3232332e302f32342d3234203d3e20323033363632.roa
Signing time: Mon 13 Apr 2026 13:49:03 +0000
ROA not before: Mon 13 Apr 2026 13:44:03 +0000
ROA not after: Mon 12 Apr 2027 13:49:03 +0000
asID: 203662
IP address blocks: 65.87.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.crl
rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.mft
rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 16:27:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:62:cb:b2:c8:b6:3f:92:10:84:e2:db:4c:70:57:5b:16:4f:65:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3134ee987e08d8b5583feef621a03150c4f35434
Validity
Not Before: Apr 13 13:44:03 2026 GMT
Not After : Apr 12 13:49:03 2027 GMT
Subject: CN=7FFFAD8140A19355216488F733B94BC6381D7E35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:d2:9a:e1:d3:d4:d8:37:4b:44:b4:40:ae:ac:
54:c3:12:a7:b3:26:36:5f:ed:4b:be:c4:9c:7d:ee:
b7:83:5c:ea:b4:2e:55:f5:d1:99:78:31:29:d9:d8:
dc:1e:9d:43:51:a6:13:39:59:27:21:66:c9:15:bd:
31:48:b1:80:08:31:18:cc:e0:77:39:10:a7:e6:da:
2c:89:1f:95:f2:55:57:ec:6f:46:18:a7:e2:eb:e6:
2a:e8:d6:de:34:96:7b:f7:09:02:97:e8:cc:a6:50:
98:05:b3:0a:0d:52:5a:9e:c4:ab:c8:2f:03:a9:11:
c1:1d:50:1e:3c:4c:4c:35:31:b2:9c:47:fb:88:a8:
b7:75:a3:40:92:fa:33:b8:93:95:03:c3:4b:69:04:
b8:f9:70:90:71:90:20:ff:78:d1:33:67:ea:28:09:
cd:f8:9d:72:4b:76:58:d2:cd:93:7b:85:b5:14:bc:
25:a0:03:0e:bd:61:5b:ee:cc:1b:32:12:6f:52:00:
4f:f9:e4:ee:e0:f8:84:07:84:f3:fd:15:f3:8d:02:
6b:49:b3:76:2e:ff:f4:20:93:fe:6e:c2:01:bf:12:
0f:5c:9d:dd:c0:d2:61:3a:0d:a3:e3:d1:78:e6:d2:
f6:ec:13:ad:b6:75:04:4c:c6:73:34:e2:37:1d:c0:
ce:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:FF:AD:81:40:A1:93:55:21:64:88:F7:33:B9:4B:C6:38:1D:7E:35
X509v3 Authority Key Identifier:
keyid:31:34:EE:98:7E:08:D8:B5:58:3F:EE:F6:21:A0:31:50:C4:F3:54:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/36352e38372e3232332e302f32342d3234203d3e20323033363632.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
65.87.223.0/24
Signature Algorithm: sha256WithRSAEncryption
50:3e:89:3d:f4:fc:fa:95:5a:b5:fc:56:2a:0b:a0:6d:e1:5a:
3d:21:33:0c:33:09:ad:77:14:b0:ee:d3:c6:8a:66:bc:44:59:
41:6f:46:56:68:e6:6d:d8:12:69:8a:1b:3d:b7:34:96:55:fe:
d7:fd:71:63:71:18:7e:0e:2e:88:19:dd:00:53:50:64:41:32:
75:09:47:e2:03:03:33:2a:e0:ef:5b:ba:5e:38:7f:f6:c7:7c:
95:fe:02:67:51:70:57:d0:64:55:2b:37:1c:5c:f2:50:13:b5:
0e:36:8b:fd:b5:dc:38:d8:df:87:97:01:4e:b3:b0:04:0a:a8:
94:96:d8:eb:dc:ed:2c:7f:23:a4:e7:c4:8b:ae:5f:f3:4c:98:
dc:ae:06:dc:aa:bb:b7:03:6e:13:6a:f7:85:44:f4:a6:d4:8d:
bf:16:fd:d0:1e:d4:db:91:0d:80:9c:60:b6:ee:9c:e1:57:d1:
41:89:6a:be:ba:62:fa:04:bc:92:29:64:c4:93:c9:b4:65:37:
59:3a:f2:83:54:dc:d1:f5:26:62:04:38:2d:c6:1c:8e:a7:ea:
af:3f:d3:af:e5:a6:e6:ae:f2:7c:13:5a:71:64:88:a0:13:1c:
20:b0:d5:b3:8c:06:6d:96:e7:a5:8f:e0:1a:2f:60:68:b1:df:
ac:88:eb:51
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIULmLLssi2P5IQhOLbTHBXWxZPZYkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzEzNGVlOTg3ZTA4ZDhiNTU4M2ZlZWY2MjFhMDMxNTBj
NGYzNTQzNDAeFw0yNjA0MTMxMzQ0MDNaFw0yNzA0MTIxMzQ5MDNaMDMxMTAvBgNV
BAMTKDdGRkZBRDgxNDBBMTkzNTUyMTY0ODhGNzMzQjk0QkM2MzgxRDdFMzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCo0prh09TYN0tEtECurFTDEqez
JjZf7Uu+xJx97reDXOq0LlX10Zl4MSnZ2NwenUNRphM5WSchZskVvTFIsYAIMRjM
4Hc5EKfm2iyJH5XyVVfsb0YYp+Lr5iro1t40lnv3CQKX6MymUJgFswoNUlqexKvI
LwOpEcEdUB48TEw1MbKcR/uIqLd1o0CS+jO4k5UDw0tpBLj5cJBxkCD/eNEzZ+oo
Cc34nXJLdljSzZN7hbUUvCWgAw69YVvuzBsyEm9SAE/55O7g+IQHhPP9FfONAmtJ
s3Yu//Qgk/5uwgG/Eg9cnd3A0mE6DaPj0Xjm0vbsE622dQRMxnM04jcdwM6jAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUf/+tgUChk1UhZIj3M7lLxjgdfjUwHwYDVR0j
BBgwFoAUMTTumH4I2LVYP+72IaAxUMTzVDQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWEzYmI5M2YtOThhNC00YzdlLWEwZTEtODA1N2E0ZjA4
NmM5LzAvMzEzNEVFOTg3RTA4RDhCNTU4M0ZFRUY2MjFBMDMxNTBDNEYzNTQzNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL01UVHVtSDRJMkxWWVAtNzJJYUF4VU1U
elZEUS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWEzYmI5M2Yt
OThhNC00YzdlLWEwZTEtODA1N2E0ZjA4NmM5LzAvMzYzNTJlMzgzNzJlMzIzMjMz
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDMzMzYzNjMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
QVffMA0GCSqGSIb3DQEBCwUAA4IBAQBQPok99Pz6lVq1/FYqC6Bt4Vo9ITMMMwmt
dxSw7tPGima8RFlBb0ZWaOZt2BJpihs9tzSWVf7X/XFjcRh+Di6IGd0AU1BkQTJ1
CUfiAwMzKuDvW7peOH/2x3yV/gJnUXBX0GRVKzccXPJQE7UONov9tdw42N+HlwFO
s7AECqiUltjr3O0sfyOk58SLrl/zTJjcrgbcqru3A24TaveFRPSm1I2/Fv3QHtTb
kQ2AnGC27pzhV9FBiWq+umL6BLySKWTEk8m0ZTdZOvKDVNzR9SZiBDgtxhyOp+qv
P9Ov5abmrvJ8E1pxZIigExwgsNWzjAZtluelj+AaL2Bosd+siOtR
-----END CERTIFICATE-----
Generated at Fri Apr 17 01:20:23 2026 by rpki-client