Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/33312e39392e3230302e302f32342d3234203d3e20323032303736.roa
File: 33312e39392e3230302e302f32342d3234203d3e20323032303736.roa (raw, json)
Hash identifier: 9aCU0WrowHQDEddqo+4gFdH5kjWR15/2+hM8MI1EWF8=
Subject key identifier: 83:A3:16:14:C6:99:76:A8:51:07:96:81:C6:F2:02:D8:41:8F:5C:38
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 7627DBBCC9162D6F0F1F6BD17F1A6B6B057826D4
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/33312e39392e3230302e302f32342d3234203d3e20323032303736.roa
Signing time: Thu 19 Feb 2026 11:51:41 +0000
ROA not before: Thu 19 Feb 2026 11:46:41 +0000
ROA not after: Thu 18 Feb 2027 11:51:41 +0000
asID: 202076
IP address blocks: 31.99.200.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.mft
rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:27:db:bc:c9:16:2d:6f:0f:1f:6b:d1:7f:1a:6b:6b:05:78:26:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: Feb 19 11:46:41 2026 GMT
Not After : Feb 18 11:51:41 2027 GMT
Subject: CN=83A31614C69976A851079681C6F202D8418F5C38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:dd:9f:2b:4e:c0:49:35:e2:9d:28:23:9b:32:
bd:a2:de:fe:c1:20:29:aa:90:62:bc:61:8d:86:54:
cf:b9:82:76:c8:ec:54:78:01:e5:ec:f9:3a:f0:b8:
5f:75:96:ef:74:19:64:8f:8e:a0:ea:ff:c0:a3:b6:
ed:4a:83:a4:3e:1e:43:63:02:68:98:0e:b7:8e:d2:
fc:a3:83:ff:8d:7a:78:56:a3:1f:4d:5b:2c:74:f6:
87:86:b3:d3:c1:1a:58:3c:03:7b:c4:5c:d9:5c:0c:
03:56:c0:1b:cc:83:81:42:ef:03:a7:b2:da:a3:19:
1f:c3:91:c6:c7:4e:49:70:5e:45:8f:de:d5:65:e5:
f4:fb:68:7d:1e:54:6d:05:e9:21:cd:ec:d0:a5:53:
d2:58:9e:d2:97:99:c0:a5:4b:f2:7a:55:a0:16:da:
43:a6:54:f3:37:d3:63:00:68:34:be:67:22:43:c0:
b4:46:b3:28:e4:cf:c9:c7:e8:c1:e3:66:7f:e3:02:
cc:de:63:e3:82:88:43:ba:75:0c:84:6e:38:85:88:
41:b5:94:04:82:7a:63:0d:36:1d:cc:39:68:e2:ad:
ca:1b:30:16:5d:29:8f:a5:2a:49:aa:8c:65:62:a0:
55:8a:e5:a4:1a:f1:77:a4:88:9f:f5:41:5a:94:37:
5b:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:A3:16:14:C6:99:76:A8:51:07:96:81:C6:F2:02:D8:41:8F:5C:38
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/33312e39392e3230302e302f32342d3234203d3e20323032303736.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.99.200.0/24
Signature Algorithm: sha256WithRSAEncryption
16:6a:a4:41:11:ad:e3:bf:9a:97:4e:77:da:39:84:95:ee:f4:
44:02:fa:92:d3:58:78:2e:a5:0c:05:26:be:a3:4a:63:28:99:
73:38:b8:10:39:72:fa:9e:ea:ae:11:19:b0:8c:a5:c6:f8:9c:
20:e2:f3:a1:5b:c1:fc:99:aa:0a:1a:a1:17:25:97:33:3a:03:
60:d7:07:bb:b5:d3:f3:95:a4:10:8c:cc:75:93:87:dd:29:d5:
45:2c:ac:e5:89:05:f7:1b:36:e0:db:df:a0:8a:15:d8:25:54:
3c:5d:81:e6:9f:f8:dd:f4:0c:f1:1a:d1:3d:3d:57:d3:f8:aa:
c6:c6:50:00:8d:28:1b:df:63:f8:11:4d:99:68:33:82:b9:f7:
67:12:0e:ca:e5:f5:ee:06:1e:58:67:5f:10:78:13:39:bf:e8:
a7:30:dc:b6:2a:1d:5f:59:ab:a0:07:10:47:57:d9:81:1b:9f:
90:34:95:a4:36:6c:ee:03:d2:15:26:13:bb:97:60:8d:ee:32:
78:19:e5:13:f3:13:4a:0f:8d:36:93:17:f5:73:ff:8c:05:0e:
10:2e:a6:1d:59:0f:cc:54:d7:f3:f6:09:dd:c8:49:2a:95:ce:
bc:45:b2:48:51:e4:f5:59:32:90:b6:8c:9b:7d:57:c8:98:31:
d6:56:a3:11
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUdifbvMkWLW8PH2vRfxprawV4JtQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNjAyMTkxMTQ2NDFaFw0yNzAyMTgxMTUxNDFaMDMxMTAvBgNV
BAMTKDgzQTMxNjE0QzY5OTc2QTg1MTA3OTY4MUM2RjIwMkQ4NDE4RjVDMzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/3Z8rTsBJNeKdKCObMr2i3v7B
ICmqkGK8YY2GVM+5gnbI7FR4AeXs+TrwuF91lu90GWSPjqDq/8Cjtu1Kg6Q+HkNj
AmiYDreO0vyjg/+NenhWox9NWyx09oeGs9PBGlg8A3vEXNlcDANWwBvMg4FC7wOn
stqjGR/DkcbHTklwXkWP3tVl5fT7aH0eVG0F6SHN7NClU9JYntKXmcClS/J6VaAW
2kOmVPM302MAaDS+ZyJDwLRGsyjkz8nH6MHjZn/jAszeY+OCiEO6dQyEbjiFiEG1
lASCemMNNh3MOWjircobMBZdKY+lKkmqjGVioFWK5aQa8XekiJ/1QVqUN1vTAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUg6MWFMaZdqhRB5aBxvIC2EGPXDgwHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExM2RkYTYt
N2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4Y2ExLzEvMzMzMTJlMzkzOTJlMzIzMDMw
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDMyMzAzNzM2LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
H2PIMA0GCSqGSIb3DQEBCwUAA4IBAQAWaqRBEa3jv5qXTnfaOYSV7vREAvqS01h4
LqUMBSa+o0pjKJlzOLgQOXL6nuquERmwjKXG+Jwg4vOhW8H8maoKGqEXJZczOgNg
1we7tdPzlaQQjMx1k4fdKdVFLKzliQX3Gzbg29+gihXYJVQ8XYHmn/jd9AzxGtE9
PVfT+KrGxlAAjSgb32P4EU2ZaDOCufdnEg7K5fXuBh5YZ18QeBM5v+inMNy2Kh1f
WaugBxBHV9mBG5+QNJWkNmzuA9IVJhO7l2CN7jJ4GeUT8xNKD402kxf1c/+MBQ4Q
LqYdWQ/MVNfz9gndyEkqlc68RbJIUeT1WTKQtoybfVfImDHWVqMR
-----END CERTIFICATE-----
Generated at Mon Mar 2 05:39:32 2026 by rpki-client