Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/3231332e352e3132392e302f32342d3234203d3e20323132323338.roa
File: 3231332e352e3132392e302f32342d3234203d3e20323132323338.roa (raw, json)
Hash identifier: WnRHsnv1v5lgeZmFGSte0JZSgCKL85MQLwyrUB8BqVw=
Subject key identifier: E1:3F:30:61:E5:FE:9D:E3:01:07:60:50:27:14:37:B1:BF:81:97:CF
Certificate issuer: /CN=ff426f19ba67bc89de5ae6df487c1c8c1e752e27
Certificate serial: 2818E662EB03B9191504FE0F9638CB30B1DF0E1D
Authority key identifier: FF:42:6F:19:BA:67:BC:89:DE:5A:E6:DF:48:7C:1C:8C:1E:75:2E:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_0JvGbpnvIneWubfSHwcjB51Lic.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/3231332e352e3132392e302f32342d3234203d3e20323132323338.roa
Signing time: Mon 09 Feb 2026 18:55:37 +0000
ROA not before: Mon 09 Feb 2026 18:50:37 +0000
ROA not after: Mon 08 Feb 2027 18:55:37 +0000
asID: 212238
IP address blocks: 213.5.129.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/FF426F19BA67BC89DE5AE6DF487C1C8C1E752E27.crl
rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/FF426F19BA67BC89DE5AE6DF487C1C8C1E752E27.mft
rsync://rpki.ripe.net/repository/DEFAULT/_0JvGbpnvIneWubfSHwcjB51Lic.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 13:47:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:18:e6:62:eb:03:b9:19:15:04:fe:0f:96:38:cb:30:b1:df:0e:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff426f19ba67bc89de5ae6df487c1c8c1e752e27
Validity
Not Before: Feb 9 18:50:37 2026 GMT
Not After : Feb 8 18:55:37 2027 GMT
Subject: CN=E13F3061E5FE9DE301076050271437B1BF8197CF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:3b:ff:cf:a7:e4:ec:60:41:be:43:36:92:54:
2c:06:99:23:e1:a8:aa:d8:c7:81:4a:5e:ca:fd:e4:
95:9e:d7:3e:e7:4b:35:59:2f:1b:b2:6c:65:76:bd:
38:24:c9:d9:c9:c3:18:33:3a:31:48:4d:b2:d1:09:
e7:cf:b4:bf:bd:1c:3d:56:2d:a4:1b:19:79:46:c2:
3a:53:8e:da:9a:df:5a:e8:b8:e2:74:87:25:d4:53:
75:ac:18:33:cc:17:96:5a:3f:85:96:2f:77:b0:33:
38:1b:44:52:7a:0b:da:87:c0:e0:a8:f9:81:55:db:
e4:43:42:c3:b5:fc:6f:cb:4b:4a:e4:d3:bf:40:95:
d6:c0:c3:b0:6d:f8:51:70:ab:c9:58:af:ec:4e:db:
29:ea:7b:8e:d2:cb:37:d9:02:d3:da:71:3d:a3:f6:
e0:c7:3a:6a:00:ee:20:92:81:98:25:f2:cf:52:f0:
a7:ef:c3:a9:26:c3:a1:91:4a:f9:2e:b2:89:27:4b:
04:69:6d:83:e2:24:b7:82:66:a6:18:10:ed:7a:21:
15:4f:70:34:21:c4:f5:8c:23:e8:2c:d5:c8:45:de:
75:97:65:5d:e2:3e:d6:73:d3:cb:ce:06:0c:0d:c8:
82:02:ef:d9:14:d7:05:7c:48:9d:65:c3:69:9a:74:
d5:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:3F:30:61:E5:FE:9D:E3:01:07:60:50:27:14:37:B1:BF:81:97:CF
X509v3 Authority Key Identifier:
keyid:FF:42:6F:19:BA:67:BC:89:DE:5A:E6:DF:48:7C:1C:8C:1E:75:2E:27
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/FF426F19BA67BC89DE5AE6DF487C1C8C1E752E27.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_0JvGbpnvIneWubfSHwcjB51Lic.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/3231332e352e3132392e302f32342d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.5.129.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:ca:3c:f7:c7:ac:b5:47:06:77:68:7b:33:10:65:c7:2a:fd:
fd:7d:ef:7c:4f:04:90:d1:0d:cb:e1:36:74:f2:95:54:fd:f2:
0e:d0:a3:ae:0d:fb:2b:db:65:5a:48:b9:07:25:61:6c:db:30:
58:65:67:cd:ca:01:6d:bd:ef:a6:93:1d:3f:5a:4c:22:3f:03:
1d:23:f2:20:8c:a1:de:7d:3d:56:3c:48:b6:38:5d:ff:8a:5e:
35:24:18:24:ea:64:7f:3b:f5:92:10:35:b9:9b:04:3d:80:8d:
62:e2:43:91:3a:09:f1:0a:4b:61:42:ea:58:20:e3:04:07:0c:
a7:ab:a9:2d:19:24:b8:ba:fd:9f:81:c4:48:d4:70:b7:0d:91:
db:32:45:33:9c:d6:aa:7f:e3:62:76:04:9a:16:a6:7d:34:31:
0c:af:cc:94:0a:8a:94:c0:4c:58:7f:a1:24:9c:30:33:c1:13:
24:ec:49:5e:a1:85:14:36:b0:8b:ff:cd:a3:b1:1a:a1:26:f0:
a4:a2:25:6a:83:0f:61:24:05:a1:63:54:65:08:08:e6:09:e2:
94:39:64:09:57:28:1e:7e:d0:16:0b:24:8c:0d:6d:58:ec:cf:
5e:50:60:2a:72:71:1f:3c:4d:d5:01:e0:c1:a9:b3:23:e3:1f:
d4:2a:1a:9d
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUKBjmYusDuRkVBP4PljjLMLHfDh0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZmY0MjZmMTliYTY3YmM4OWRlNWFlNmRmNDg3YzFjOGMx
ZTc1MmUyNzAeFw0yNjAyMDkxODUwMzdaFw0yNzAyMDgxODU1MzdaMDMxMTAvBgNV
BAMTKEUxM0YzMDYxRTVGRTlERTMwMTA3NjA1MDI3MTQzN0IxQkY4MTk3Q0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtO//Pp+TsYEG+QzaSVCwGmSPh
qKrYx4FKXsr95JWe1z7nSzVZLxuybGV2vTgkydnJwxgzOjFITbLRCefPtL+9HD1W
LaQbGXlGwjpTjtqa31rouOJ0hyXUU3WsGDPMF5ZaP4WWL3ewMzgbRFJ6C9qHwOCo
+YFV2+RDQsO1/G/LS0rk079AldbAw7Bt+FFwq8lYr+xO2ynqe47SyzfZAtPacT2j
9uDHOmoA7iCSgZgl8s9S8Kfvw6kmw6GRSvkusoknSwRpbYPiJLeCZqYYEO16IRVP
cDQhxPWMI+gs1chF3nWXZV3iPtZz08vOBgwNyIIC79kU1wV8SJ1lw2madNUjAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU4T8wYeX+neMBB2BQJxQ3sb+Bl88wHwYDVR0j
BBgwFoAU/0JvGbpnvIneWubfSHwcjB51LicwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNDY4YjA4MWUtYmE5My00NjVmLTliNmUtN2ZiZDYzYmRm
ZjYzLzAvRkY0MjZGMTlCQTY3QkM4OURFNUFFNkRGNDg3QzFDOEMxRTc1MkUyNy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL18wSnZHYnBudkluZVd1YmZTSHdjakI1
MUxpYy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNDY4YjA4MWUt
YmE5My00NjVmLTliNmUtN2ZiZDYzYmRmZjYzLzAvMzIzMTMzMmUzNTJlMzEzMjM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTMyMzIzMzM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
1QWBMA0GCSqGSIb3DQEBCwUAA4IBAQBvyjz3x6y1RwZ3aHszEGXHKv39fe98TwSQ
0Q3L4TZ08pVU/fIO0KOuDfsr22VaSLkHJWFs2zBYZWfNygFtve+mkx0/WkwiPwMd
I/IgjKHefT1WPEi2OF3/il41JBgk6mR/O/WSEDW5mwQ9gI1i4kOROgnxCkthQupY
IOMEBwynq6ktGSS4uv2fgcRI1HC3DZHbMkUznNaqf+NidgSaFqZ9NDEMr8yUCoqU
wExYf6EknDAzwRMk7EleoYUUNrCL/82jsRqhJvCkoiVqgw9hJAWhY1RlCAjmCeKU
OWQJVygeftAWCySMDW1Y7M9eUGAqcnEfPE3VAeDBqbMj4x/UKhqd
-----END CERTIFICATE-----
Generated at Mon Mar 2 04:42:44 2026 by rpki-client