Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/3231332e3233322e3235322e302f32342d3234203d3e2033333230.roa
File: 3231332e3233322e3235322e302f32342d3234203d3e2033333230.roa (raw, json)
Hash identifier: RwKBGj41SrCoSwW63bP9iypbQ5/Pk2wZivtbfEbN3Qk=
Subject key identifier: 93:60:51:FE:71:A7:C8:CF:10:98:CF:BB:62:77:7E:4C:8A:12:2C:6E
Certificate issuer: /CN=ff426f19ba67bc89de5ae6df487c1c8c1e752e27
Certificate serial: 618DA3EFC038FF5E8C941D2F7739CFD321E59BE4
Authority key identifier: FF:42:6F:19:BA:67:BC:89:DE:5A:E6:DF:48:7C:1C:8C:1E:75:2E:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_0JvGbpnvIneWubfSHwcjB51Lic.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/3231332e3233322e3235322e302f32342d3234203d3e2033333230.roa
Signing time: Mon 09 Feb 2026 18:55:38 +0000
ROA not before: Mon 09 Feb 2026 18:50:38 +0000
ROA not after: Mon 08 Feb 2027 18:55:38 +0000
asID: 3320
IP address blocks: 213.232.252.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/FF426F19BA67BC89DE5AE6DF487C1C8C1E752E27.crl
rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/FF426F19BA67BC89DE5AE6DF487C1C8C1E752E27.mft
rsync://rpki.ripe.net/repository/DEFAULT/_0JvGbpnvIneWubfSHwcjB51Lic.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 13:47:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:8d:a3:ef:c0:38:ff:5e:8c:94:1d:2f:77:39:cf:d3:21:e5:9b:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff426f19ba67bc89de5ae6df487c1c8c1e752e27
Validity
Not Before: Feb 9 18:50:38 2026 GMT
Not After : Feb 8 18:55:38 2027 GMT
Subject: CN=936051FE71A7C8CF1098CFBB62777E4C8A122C6E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:12:c2:58:ae:3b:74:7b:7d:78:f3:ee:0c:70:
15:50:ad:b4:3f:dc:00:59:cf:7d:21:b1:df:26:93:
48:ca:df:3b:71:7b:8e:f6:a4:2f:1f:de:b1:cb:d5:
81:dc:24:3c:e1:18:c2:0e:13:29:6e:37:57:72:e4:
b8:01:5f:19:57:70:48:f4:23:1b:8e:b2:03:b7:c4:
c7:31:7c:5e:16:13:23:85:60:07:f7:43:d5:38:3a:
d9:32:38:6a:89:c9:63:77:51:6e:35:a7:c2:f6:cb:
6a:df:12:b7:58:7c:50:2e:23:99:cc:28:a3:74:d5:
06:02:29:b6:08:f7:f9:55:eb:b1:68:97:e0:2a:9b:
69:92:a4:e1:0e:a3:8e:97:3c:9d:ca:c2:ea:29:6a:
be:2b:68:64:59:ed:82:2c:7c:ef:e0:2a:15:d4:3e:
16:5a:81:cf:4f:57:fc:54:3d:27:60:22:77:9a:e7:
dc:ae:9c:23:c4:53:e8:9e:9b:70:52:6d:2c:c7:cf:
16:70:e8:7c:a3:8d:bc:3f:7f:75:fe:0a:56:cb:f2:
f2:41:8b:7e:90:37:93:79:92:51:20:a5:8a:7e:06:
43:36:54:87:46:7b:57:d3:bd:d5:9d:e8:4a:f1:dd:
6f:1a:75:59:1b:d1:85:6d:fe:a3:25:7d:9f:c7:2f:
16:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:60:51:FE:71:A7:C8:CF:10:98:CF:BB:62:77:7E:4C:8A:12:2C:6E
X509v3 Authority Key Identifier:
keyid:FF:42:6F:19:BA:67:BC:89:DE:5A:E6:DF:48:7C:1C:8C:1E:75:2E:27
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/FF426F19BA67BC89DE5AE6DF487C1C8C1E752E27.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_0JvGbpnvIneWubfSHwcjB51Lic.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/3231332e3233322e3235322e302f32342d3234203d3e2033333230.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.232.252.0/24
Signature Algorithm: sha256WithRSAEncryption
91:1b:be:d3:31:9f:9c:5d:d1:ca:9a:70:1b:40:22:a6:0b:36:
a8:19:d6:b5:df:0b:1c:97:30:91:a3:ee:6a:4d:2e:99:96:a0:
fd:ba:bf:e4:36:42:67:7b:71:7c:d2:71:bd:35:19:c6:cc:de:
9e:d7:4d:79:55:35:f4:2d:a7:91:27:16:f2:b6:40:35:1c:c6:
f4:ae:42:f1:ed:83:81:6f:3d:ff:22:c6:60:bd:b5:c7:b0:57:
b6:a1:12:4f:27:a8:e5:d9:b2:2b:a2:db:1d:2d:5c:40:dc:2c:
91:86:36:1f:56:81:23:22:c0:f4:fe:68:85:b0:fe:1b:38:c2:
67:28:c1:60:cb:b8:be:b9:18:d4:71:44:27:5e:c6:e8:c5:e9:
fc:ce:0d:da:f0:6d:29:35:2b:bc:55:1b:8e:4e:81:7f:75:96:
8b:76:11:a0:a3:24:f4:83:29:8d:2c:71:27:14:71:95:60:53:
7e:ec:f1:a0:06:51:04:d2:07:3e:11:14:00:fc:fa:2b:4f:41:
28:a2:e6:72:3f:15:cf:be:fc:40:5f:07:ab:1a:1c:d7:72:42:
cc:37:a5:1d:b2:68:cf:d9:12:ca:e9:b3:17:27:04:40:87:cb:
b8:c3:33:4b:d8:c3:04:06:a5:9f:d6:79:23:82:fc:e6:c0:86:
b8:90:3e:97
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUYY2j78A4/16MlB0vdznP0yHlm+QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZmY0MjZmMTliYTY3YmM4OWRlNWFlNmRmNDg3YzFjOGMx
ZTc1MmUyNzAeFw0yNjAyMDkxODUwMzhaFw0yNzAyMDgxODU1MzhaMDMxMTAvBgNV
BAMTKDkzNjA1MUZFNzFBN0M4Q0YxMDk4Q0ZCQjYyNzc3RTRDOEExMjJDNkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzEsJYrjt0e3148+4McBVQrbQ/
3ABZz30hsd8mk0jK3ztxe472pC8f3rHL1YHcJDzhGMIOEyluN1dy5LgBXxlXcEj0
IxuOsgO3xMcxfF4WEyOFYAf3Q9U4OtkyOGqJyWN3UW41p8L2y2rfErdYfFAuI5nM
KKN01QYCKbYI9/lV67Fol+Aqm2mSpOEOo46XPJ3Kwuopar4raGRZ7YIsfO/gKhXU
PhZagc9PV/xUPSdgInea59yunCPEU+iem3BSbSzHzxZw6Hyjjbw/f3X+ClbL8vJB
i36QN5N5klEgpYp+BkM2VIdGe1fTvdWd6Erx3W8adVkb0YVt/qMlfZ/HLxaPAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUk2BR/nGnyM8QmM+7Ynd+TIoSLG4wHwYDVR0j
BBgwFoAU/0JvGbpnvIneWubfSHwcjB51LicwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNDY4YjA4MWUtYmE5My00NjVmLTliNmUtN2ZiZDYzYmRm
ZjYzLzAvRkY0MjZGMTlCQTY3QkM4OURFNUFFNkRGNDg3QzFDOEMxRTc1MkUyNy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL18wSnZHYnBudkluZVd1YmZTSHdjakI1
MUxpYy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNDY4YjA4MWUt
YmE5My00NjVmLTliNmUtN2ZiZDYzYmRmZjYzLzAvMzIzMTMzMmUzMjMzMzIyZTMy
MzUzMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMzMzMzMjMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
1ej8MA0GCSqGSIb3DQEBCwUAA4IBAQCRG77TMZ+cXdHKmnAbQCKmCzaoGda13wsc
lzCRo+5qTS6ZlqD9ur/kNkJne3F80nG9NRnGzN6e1015VTX0LaeRJxbytkA1HMb0
rkLx7YOBbz3/IsZgvbXHsFe2oRJPJ6jl2bIrotsdLVxA3CyRhjYfVoEjIsD0/miF
sP4bOMJnKMFgy7i+uRjUcUQnXsboxen8zg3a8G0pNSu8VRuOToF/dZaLdhGgoyT0
gymNLHEnFHGVYFN+7PGgBlEE0gc+ERQA/PorT0EoouZyPxXPvvxAXwerGhzXckLM
N6UdsmjP2RLK6bMXJwRAh8u4wzNL2MMEBqWf1nkjgvzmwIa4kD6X
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:29:18 2026 by rpki-client