Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/33372e3134302e3232332e302f32342d3234203d3e20323036303932.roa
File: 33372e3134302e3232332e302f32342d3234203d3e20323036303932.roa (raw, json)
Hash identifier: v+xhc6fxafxAfS7MdKJ1T7i4/dfRVtX123aAkTRxKjs=
Subject key identifier: C3:D2:C4:51:AC:B3:C0:41:AA:80:18:E4:C0:8E:06:3D:8D:9A:97:5F
Certificate issuer: /CN=ff426f19ba67bc89de5ae6df487c1c8c1e752e27
Certificate serial: 542D10BAA5BA200691F8E075848D792904A0D0E3
Authority key identifier: FF:42:6F:19:BA:67:BC:89:DE:5A:E6:DF:48:7C:1C:8C:1E:75:2E:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_0JvGbpnvIneWubfSHwcjB51Lic.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/33372e3134302e3232332e302f32342d3234203d3e20323036303932.roa
Signing time: Mon 09 Feb 2026 18:55:37 +0000
ROA not before: Mon 09 Feb 2026 18:50:37 +0000
ROA not after: Mon 08 Feb 2027 18:55:37 +0000
asID: 206092
IP address blocks: 37.140.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/FF426F19BA67BC89DE5AE6DF487C1C8C1E752E27.crl
rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/FF426F19BA67BC89DE5AE6DF487C1C8C1E752E27.mft
rsync://rpki.ripe.net/repository/DEFAULT/_0JvGbpnvIneWubfSHwcjB51Lic.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 13:47:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:2d:10:ba:a5:ba:20:06:91:f8:e0:75:84:8d:79:29:04:a0:d0:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff426f19ba67bc89de5ae6df487c1c8c1e752e27
Validity
Not Before: Feb 9 18:50:37 2026 GMT
Not After : Feb 8 18:55:37 2027 GMT
Subject: CN=C3D2C451ACB3C041AA8018E4C08E063D8D9A975F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:2e:b0:e3:ec:e0:f5:e7:1f:4c:9c:36:87:bb:
7a:50:27:d1:ae:8c:df:0a:2e:f9:20:da:2c:43:e1:
78:64:c1:5b:a5:21:7e:da:b5:d7:72:ef:d4:44:e1:
70:ee:36:ce:61:6b:6d:e6:ac:c1:87:fe:87:03:0d:
e8:3b:30:8f:f6:9d:8f:99:f0:c8:e3:92:8f:5f:68:
aa:28:2b:ab:ab:d6:67:a9:12:5d:1a:7c:6f:94:c7:
0a:a4:16:ed:c4:3e:1a:3b:f4:75:95:a4:14:fd:4a:
7c:84:2c:4f:2c:99:55:a2:45:06:32:b5:ea:ad:09:
60:57:b1:fb:2f:85:2c:a9:85:c7:a6:a2:6e:67:66:
22:b1:36:f0:90:a2:e5:90:12:b3:2a:14:45:d4:c6:
f4:08:65:b9:f8:d8:38:b8:0d:eb:76:fb:e9:22:d6:
72:82:f9:eb:22:30:b7:a1:1b:ee:7f:79:7a:26:72:
5a:18:a4:79:81:42:dd:1a:53:e9:df:90:58:d8:49:
44:a3:44:ea:c9:d4:16:f9:00:53:6b:fe:01:dc:45:
55:a9:3e:cc:b4:9f:22:cb:a0:b1:cd:8b:6a:1d:f9:
2c:86:82:f4:17:91:d7:5e:35:34:fb:73:be:97:c8:
37:5b:51:0d:ef:0a:ae:69:d0:f2:9c:05:0b:09:a9:
7e:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:D2:C4:51:AC:B3:C0:41:AA:80:18:E4:C0:8E:06:3D:8D:9A:97:5F
X509v3 Authority Key Identifier:
keyid:FF:42:6F:19:BA:67:BC:89:DE:5A:E6:DF:48:7C:1C:8C:1E:75:2E:27
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/FF426F19BA67BC89DE5AE6DF487C1C8C1E752E27.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_0JvGbpnvIneWubfSHwcjB51Lic.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/33372e3134302e3232332e302f32342d3234203d3e20323036303932.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.140.223.0/24
Signature Algorithm: sha256WithRSAEncryption
70:be:17:20:0a:2c:7a:00:78:7a:13:42:9d:83:72:45:04:ea:
b2:4e:f9:95:06:35:47:09:30:db:46:a1:81:2b:59:87:72:65:
8d:a6:5b:82:b7:20:bd:a1:d3:b4:c0:08:49:d1:27:f5:57:ab:
68:02:e7:be:22:06:1c:ff:2a:3f:27:29:90:14:b5:cf:d0:78:
2b:08:49:b3:38:ed:20:da:2c:e1:13:0d:12:68:71:7b:16:e9:
0c:8b:f4:6d:71:7f:7d:f3:71:f8:db:53:1f:8b:2a:56:57:a1:
5d:30:75:b3:dc:93:07:82:17:00:bf:15:62:b6:37:c0:f5:49:
c3:fe:7f:af:21:f6:6e:c0:35:61:90:89:c8:7d:f0:95:b5:45:
7e:c0:25:08:56:b6:9d:c9:bb:ad:1e:28:5d:47:56:70:1a:e3:
95:18:77:de:61:a1:d8:4a:3b:b7:28:cd:65:c1:0e:97:f4:f2:
44:17:b7:21:f2:98:e0:98:c2:0e:26:7a:50:dc:8f:c6:94:0f:
8f:d2:fe:eb:83:cb:71:bc:87:8b:3e:23:1e:d9:12:fd:98:7b:
b0:0f:ff:f4:d7:10:cb:b4:c2:40:37:ac:24:89:33:2c:77:aa:
06:dd:bb:89:d5:c9:30:5f:89:9b:ba:d4:2f:c1:a3:46:4e:68:
b5:f0:e9:66
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUVC0QuqW6IAaR+OB1hI15KQSg0OMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZmY0MjZmMTliYTY3YmM4OWRlNWFlNmRmNDg3YzFjOGMx
ZTc1MmUyNzAeFw0yNjAyMDkxODUwMzdaFw0yNzAyMDgxODU1MzdaMDMxMTAvBgNV
BAMTKEMzRDJDNDUxQUNCM0MwNDFBQTgwMThFNEMwOEUwNjNEOEQ5QTk3NUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD5LrDj7OD15x9MnDaHu3pQJ9Gu
jN8KLvkg2ixD4XhkwVulIX7atddy79RE4XDuNs5ha23mrMGH/ocDDeg7MI/2nY+Z
8Mjjko9faKooK6ur1mepEl0afG+UxwqkFu3EPho79HWVpBT9SnyELE8smVWiRQYy
teqtCWBXsfsvhSyphcemom5nZiKxNvCQouWQErMqFEXUxvQIZbn42Di4Det2++ki
1nKC+esiMLehG+5/eXomcloYpHmBQt0aU+nfkFjYSUSjROrJ1Bb5AFNr/gHcRVWp
Psy0nyLLoLHNi2od+SyGgvQXkddeNTT7c76XyDdbUQ3vCq5p0PKcBQsJqX7dAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUw9LEUayzwEGqgBjkwI4GPY2al18wHwYDVR0j
BBgwFoAU/0JvGbpnvIneWubfSHwcjB51LicwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNDY4YjA4MWUtYmE5My00NjVmLTliNmUtN2ZiZDYzYmRm
ZjYzLzAvRkY0MjZGMTlCQTY3QkM4OURFNUFFNkRGNDg3QzFDOEMxRTc1MkUyNy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL18wSnZHYnBudkluZVd1YmZTSHdjakI1
MUxpYy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNDY4YjA4MWUt
YmE5My00NjVmLTliNmUtN2ZiZDYzYmRmZjYzLzAvMzMzNzJlMzEzNDMwMmUzMjMy
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzYzMDM5MzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAljN8wDQYJKoZIhvcNAQELBQADggEBAHC+FyAKLHoAeHoTQp2DckUE6rJO+ZUG
NUcJMNtGoYErWYdyZY2mW4K3IL2h07TACEnRJ/VXq2gC574iBhz/Kj8nKZAUtc/Q
eCsISbM47SDaLOETDRJocXsW6QyL9G1xf33zcfjbUx+LKlZXoV0wdbPckweCFwC/
FWK2N8D1ScP+f68h9m7ANWGQich98JW1RX7AJQhWtp3Ju60eKF1HVnAa45UYd95h
odhKO7cozWXBDpf08kQXtyHymOCYwg4melDcj8aUD4/S/uuDy3G8h4s+Ix7ZEv2Y
e7AP//TXEMu0wkA3rCSJMyx3qgbdu4nVyTBfiZu61C/Bo0ZOaLXw6WY=
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:34:31 2026 by rpki-client