Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/33312e39392e3230302e302f32342d3234203d3e20313534313332.roa
File: 33312e39392e3230302e302f32342d3234203d3e20313534313332.roa (raw, json)
Hash identifier: tiVmBBSnaAQ9jn9x7Ocsa/f+jBgRfiMhr3FwzsZcRlQ=
Subject key identifier: C8:20:C9:CC:C9:43:F5:BC:AB:CC:7F:42:D5:41:B8:A2:2A:EE:B5:B7
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 799C8CD776C4557D718991CD8C35496FBC06DBE3
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/33312e39392e3230302e302f32342d3234203d3e20313534313332.roa
Signing time: Wed 03 Jun 2026 03:23:42 +0000
ROA not before: Wed 03 Jun 2026 03:18:42 +0000
ROA not after: Wed 02 Jun 2027 03:23:42 +0000
asID: 154132
IP address blocks: 31.99.200.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.mft
rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 16:37:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:9c:8c:d7:76:c4:55:7d:71:89:91:cd:8c:35:49:6f:bc:06:db:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: Jun 3 03:18:42 2026 GMT
Not After : Jun 2 03:23:42 2027 GMT
Subject: CN=C820C9CCC943F5BCABCC7F42D541B8A22AEEB5B7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:e7:44:cd:c0:ff:11:88:a0:e9:ec:52:47:68:
6c:1a:9b:34:67:df:a4:49:ad:be:de:1d:f3:ca:50:
db:cd:78:a9:73:e6:78:da:50:c8:72:30:66:c0:8d:
00:52:a1:f2:2e:50:b3:ff:55:02:bc:4e:5b:20:ec:
43:da:38:23:a9:f7:72:56:b8:db:ce:8b:ce:f8:48:
e1:7c:f8:37:09:17:86:2d:d3:e8:93:14:22:71:6c:
9e:59:3c:34:c6:d9:60:87:bb:00:ea:79:0e:ea:65:
b4:75:75:74:16:4f:f4:82:5e:62:d6:6a:ed:db:fd:
46:fe:64:9d:e8:df:a7:3e:99:a5:f4:30:48:a0:a0:
c8:69:ce:b0:b4:b7:d2:db:02:ff:a4:bb:9a:fd:f4:
2e:69:5b:c2:a2:b1:d4:fa:72:fe:8e:13:9b:51:19:
42:6c:7a:f3:12:ed:d1:80:95:dc:b8:f1:c6:0b:84:
58:e2:67:0e:94:cd:f7:e5:53:da:de:40:d4:e9:38:
cd:9d:18:13:9e:17:af:29:ee:ae:af:df:67:46:d8:
eb:f3:48:f7:13:e2:4c:c8:91:63:59:ed:38:33:cf:
22:6c:b0:c5:7e:dc:44:bc:72:52:bc:ef:01:f8:47:
39:6f:97:28:3e:c3:29:3f:f5:16:4b:79:58:1e:9e:
81:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:20:C9:CC:C9:43:F5:BC:AB:CC:7F:42:D5:41:B8:A2:2A:EE:B5:B7
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/33312e39392e3230302e302f32342d3234203d3e20313534313332.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.99.200.0/24
Signature Algorithm: sha256WithRSAEncryption
68:8d:24:4a:a4:77:ea:25:3e:8a:98:d2:af:c0:9d:5d:17:c7:
f4:fb:d5:04:2d:64:7c:7a:73:e6:42:04:0d:e6:4a:e1:85:a0:
b8:a7:28:0f:68:50:67:2c:e6:ac:20:5a:40:1a:bf:fc:de:04:
55:0f:30:0e:19:ca:b9:6d:f4:6b:ab:07:04:74:fa:81:ed:32:
cb:78:7d:69:b3:97:86:fb:cd:0b:40:ff:d0:bc:ce:75:c7:90:
8c:a1:25:b9:e2:4a:0c:86:07:35:55:26:65:40:fc:cd:49:b7:
1d:c0:4c:47:35:86:19:af:a9:35:d8:34:84:83:1b:4f:e3:24:
3b:e7:a9:d5:17:3e:cd:40:f1:5f:d7:9b:2d:c7:13:86:a7:cd:
1b:50:12:8c:e1:b2:89:e5:8d:04:cf:23:f3:5b:c0:fe:ad:04:
a8:3f:36:90:cb:e4:e1:0a:0c:de:1b:05:97:99:b7:ec:69:52:
f4:c6:22:d1:a3:b0:72:f7:de:3c:76:3c:b8:8f:2d:13:3f:ea:
4a:df:e5:b3:a2:73:c9:8d:e6:b6:43:53:ef:02:7e:77:3f:c3:
1c:70:40:29:55:00:80:0d:f4:62:94:2a:20:4b:89:95:bb:a8:
0a:dd:81:62:4e:e2:a3:ac:65:1b:c5:a5:15:05:d4:79:3c:56:
d3:ce:eb:d4
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUeZyM13bEVX1xiZHNjDVJb7wG2+MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNjA2MDMwMzE4NDJaFw0yNzA2MDIwMzIzNDJaMDMxMTAvBgNV
BAMTKEM4MjBDOUNDQzk0M0Y1QkNBQkNDN0Y0MkQ1NDFCOEEyMkFFRUI1QjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDD50TNwP8RiKDp7FJHaGwamzRn
36RJrb7eHfPKUNvNeKlz5njaUMhyMGbAjQBSofIuULP/VQK8Tlsg7EPaOCOp93JW
uNvOi874SOF8+DcJF4Yt0+iTFCJxbJ5ZPDTG2WCHuwDqeQ7qZbR1dXQWT/SCXmLW
au3b/Ub+ZJ3o36c+maX0MEigoMhpzrC0t9LbAv+ku5r99C5pW8KisdT6cv6OE5tR
GUJsevMS7dGAldy48cYLhFjiZw6UzfflU9reQNTpOM2dGBOeF68p7q6v32dG2Ovz
SPcT4kzIkWNZ7TgzzyJssMV+3ES8clK87wH4Rzlvlyg+wyk/9RZLeVgenoHTAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUyCDJzMlD9byrzH9C1UG4oirutbcwHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExM2RkYTYt
N2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4Y2ExLzEvMzMzMTJlMzkzOTJlMzIzMDMw
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzNTM0MzEzMzMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
H2PIMA0GCSqGSIb3DQEBCwUAA4IBAQBojSRKpHfqJT6KmNKvwJ1dF8f0+9UELWR8
enPmQgQN5krhhaC4pygPaFBnLOasIFpAGr/83gRVDzAOGcq5bfRrqwcEdPqB7TLL
eH1ps5eG+80LQP/QvM51x5CMoSW54koMhgc1VSZlQPzNSbcdwExHNYYZr6k12DSE
gxtP4yQ756nVFz7NQPFf15stxxOGp80bUBKM4bKJ5Y0EzyPzW8D+rQSoPzaQy+Th
CgzeGwWXmbfsaVL0xiLRo7By9948djy4jy0TP+pK3+WzonPJjea2Q1PvAn53P8Mc
cEApVQCADfRilCogS4mVu6gK3YFiTuKjrGUbxaUVBdR5PFbTzuvU
-----END CERTIFICATE-----
Generated at Sat Jun 13 05:45:17 2026 by rpki-client