Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/3137362e39372e3231332e302f32342d3234203d3e20323136303330.roa
File: 3137362e39372e3231332e302f32342d3234203d3e20323136303330.roa (raw, json)
Hash identifier: NG6zwhRpuGaOaqAr2bnhB0WNjn5u7NK5ztm1d2XSjOs=
Subject key identifier: BF:5D:D9:E9:64:EF:EF:11:21:45:A3:A5:9D:3B:7D:BB:82:F4:B5:45
Certificate issuer: /CN=ff426f19ba67bc89de5ae6df487c1c8c1e752e27
Certificate serial: 130A582F16EA82E5D70C5C0CA5BAA2B972598AD3
Authority key identifier: FF:42:6F:19:BA:67:BC:89:DE:5A:E6:DF:48:7C:1C:8C:1E:75:2E:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_0JvGbpnvIneWubfSHwcjB51Lic.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/3137362e39372e3231332e302f32342d3234203d3e20323136303330.roa
Signing time: Mon 09 Feb 2026 18:55:37 +0000
ROA not before: Mon 09 Feb 2026 18:50:37 +0000
ROA not after: Mon 08 Feb 2027 18:55:37 +0000
asID: 216030
IP address blocks: 176.97.213.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/FF426F19BA67BC89DE5AE6DF487C1C8C1E752E27.crl
rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/FF426F19BA67BC89DE5AE6DF487C1C8C1E752E27.mft
rsync://rpki.ripe.net/repository/DEFAULT/_0JvGbpnvIneWubfSHwcjB51Lic.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 13:47:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:0a:58:2f:16:ea:82:e5:d7:0c:5c:0c:a5:ba:a2:b9:72:59:8a:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff426f19ba67bc89de5ae6df487c1c8c1e752e27
Validity
Not Before: Feb 9 18:50:37 2026 GMT
Not After : Feb 8 18:55:37 2027 GMT
Subject: CN=BF5DD9E964EFEF112145A3A59D3B7DBB82F4B545
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:99:f5:16:50:30:88:39:cd:a9:17:2f:c8:e0:
4e:13:ae:af:dc:fa:49:dd:2c:5b:f5:5f:5f:bc:20:
57:57:03:01:a8:14:17:a1:19:04:5d:7d:5f:3f:84:
10:71:5a:24:8a:61:15:2d:15:c3:08:51:57:2a:9b:
2d:55:d5:2b:96:6c:96:36:6e:59:30:94:ef:d8:bf:
1a:66:da:4e:54:6c:ba:d9:85:1e:83:aa:9d:cf:7f:
45:2f:17:91:21:35:f6:26:bd:9a:80:08:f9:90:1b:
05:3f:ff:2c:6c:67:c1:0d:8b:ed:c1:f4:a1:7e:d0:
22:ad:0c:b7:04:20:0a:a4:f3:bb:95:69:7d:13:b0:
3a:93:39:00:ac:42:74:43:1e:aa:69:ff:85:37:d9:
c0:b1:09:ff:ae:55:f2:0a:5e:d7:37:da:1a:dd:67:
49:be:df:7f:dd:2f:9b:d7:b6:42:85:f2:3f:30:70:
e4:cd:91:5c:69:b0:35:f5:45:e9:cf:88:c7:e8:87:
14:6a:5d:a2:09:37:a3:47:2e:ff:07:ba:e6:bf:b3:
e1:c0:62:57:8b:f0:e2:8a:e1:c1:18:11:76:84:be:
b4:98:0f:dd:60:50:18:2c:d6:48:eb:a3:36:a3:0e:
0a:55:7c:54:17:27:de:6c:61:4c:37:5e:87:44:70:
18:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:5D:D9:E9:64:EF:EF:11:21:45:A3:A5:9D:3B:7D:BB:82:F4:B5:45
X509v3 Authority Key Identifier:
keyid:FF:42:6F:19:BA:67:BC:89:DE:5A:E6:DF:48:7C:1C:8C:1E:75:2E:27
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/FF426F19BA67BC89DE5AE6DF487C1C8C1E752E27.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_0JvGbpnvIneWubfSHwcjB51Lic.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/3137362e39372e3231332e302f32342d3234203d3e20323136303330.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.97.213.0/24
Signature Algorithm: sha256WithRSAEncryption
48:ab:21:42:b5:6c:95:99:2f:73:79:0a:4b:25:20:2e:63:98:
db:af:2b:be:23:f3:59:83:64:f9:3d:49:5f:4c:91:5c:42:21:
6c:89:85:98:c1:ba:78:36:32:5f:8d:a9:8a:df:fe:ef:44:16:
94:75:64:b9:0b:b0:3d:4a:3b:bc:a5:74:df:3e:1e:81:03:b3:
e5:e4:bb:47:0c:b7:22:4d:92:c1:99:51:81:f5:dc:b6:3d:b7:
5f:1a:56:c3:fd:e4:44:16:b5:94:f0:d0:70:3d:37:fe:ba:20:
af:37:4f:7c:f8:8d:53:46:46:ea:5f:80:72:c1:3d:e6:51:66:
4d:d3:94:ed:a2:6c:c7:6e:ea:8a:3a:a6:88:98:7b:b9:05:fc:
bc:d8:8d:1f:4e:1b:d5:69:46:e1:b7:41:50:0b:d5:fa:61:13:
7a:54:ae:4a:e1:db:67:86:92:7b:20:53:e5:f2:c2:c7:7c:f8:
5e:5e:ef:5f:70:e3:41:b2:4e:c1:a6:68:df:79:27:ae:ec:ab:
b8:fb:c1:4c:d9:bf:c1:1f:4f:9c:b9:05:e6:99:87:7a:7f:a3:
7e:87:4a:2c:6c:2c:59:a3:93:85:e0:92:3c:26:2e:41:16:34:
36:e3:29:43:ed:35:f7:7a:2d:98:e0:3a:d4:71:96:6d:9c:36:
ff:90:dc:79
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUEwpYLxbqguXXDFwMpbqiuXJZitMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZmY0MjZmMTliYTY3YmM4OWRlNWFlNmRmNDg3YzFjOGMx
ZTc1MmUyNzAeFw0yNjAyMDkxODUwMzdaFw0yNzAyMDgxODU1MzdaMDMxMTAvBgNV
BAMTKEJGNUREOUU5NjRFRkVGMTEyMTQ1QTNBNTlEM0I3REJCODJGNEI1NDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKmfUWUDCIOc2pFy/I4E4Trq/c
+kndLFv1X1+8IFdXAwGoFBehGQRdfV8/hBBxWiSKYRUtFcMIUVcqmy1V1SuWbJY2
blkwlO/Yvxpm2k5UbLrZhR6Dqp3Pf0UvF5EhNfYmvZqACPmQGwU//yxsZ8ENi+3B
9KF+0CKtDLcEIAqk87uVaX0TsDqTOQCsQnRDHqpp/4U32cCxCf+uVfIKXtc32hrd
Z0m+33/dL5vXtkKF8j8wcOTNkVxpsDX1RenPiMfohxRqXaIJN6NHLv8Huua/s+HA
YleL8OKK4cEYEXaEvrSYD91gUBgs1kjrozajDgpVfFQXJ95sYUw3XodEcBgdAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUv13Z6WTv7xEhRaOlnTt9u4L0tUUwHwYDVR0j
BBgwFoAU/0JvGbpnvIneWubfSHwcjB51LicwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNDY4YjA4MWUtYmE5My00NjVmLTliNmUtN2ZiZDYzYmRm
ZjYzLzAvRkY0MjZGMTlCQTY3QkM4OURFNUFFNkRGNDg3QzFDOEMxRTc1MkUyNy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL18wSnZHYnBudkluZVd1YmZTSHdjakI1
MUxpYy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNDY4YjA4MWUt
YmE5My00NjVmLTliNmUtN2ZiZDYzYmRmZjYzLzAvMzEzNzM2MmUzOTM3MmUzMjMx
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzYzMDMzMzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACwYdUwDQYJKoZIhvcNAQELBQADggEBAEirIUK1bJWZL3N5CkslIC5jmNuvK74j
81mDZPk9SV9MkVxCIWyJhZjBung2Ml+NqYrf/u9EFpR1ZLkLsD1KO7yldN8+HoED
s+Xku0cMtyJNksGZUYH13LY9t18aVsP95EQWtZTw0HA9N/66IK83T3z4jVNGRupf
gHLBPeZRZk3TlO2ibMdu6oo6poiYe7kF/LzYjR9OG9VpRuG3QVAL1fphE3pUrkrh
22eGknsgU+Xywsd8+F5e719w40GyTsGmaN95J67sq7j7wUzZv8EfT5y5BeaZh3p/
o36HSixsLFmjk4XgkjwmLkEWNDbjKUPtNfd6LZjgOtRxlm2cNv+Q3Hk=
-----END CERTIFICATE-----
Generated at Mon Mar 2 08:18:19 2026 by rpki-client