Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/33312e39392e3230312e302f32342d3234203d3e20323133363530.roa
File: 33312e39392e3230312e302f32342d3234203d3e20323133363530.roa (raw, json)
Hash identifier: LZe/oPKdzHBDXdq7jgdrUvSsiw189QvXVXiPjXqJiLQ=
Subject key identifier: 65:F4:80:F6:E1:8D:60:A3:A7:1A:23:5A:11:2B:3A:BE:71:43:42:CE
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 6AAD5C68278BF68A9C990D379011B57F51F297E2
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/33312e39392e3230312e302f32342d3234203d3e20323133363530.roa
Signing time: Thu 19 Feb 2026 11:47:52 +0000
ROA not before: Thu 19 Feb 2026 11:42:52 +0000
ROA not after: Thu 18 Feb 2027 11:47:52 +0000
asID: 213650
IP address blocks: 31.99.201.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.mft
rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 11:39:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:ad:5c:68:27:8b:f6:8a:9c:99:0d:37:90:11:b5:7f:51:f2:97:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: Feb 19 11:42:52 2026 GMT
Not After : Feb 18 11:47:52 2027 GMT
Subject: CN=65F480F6E18D60A3A71A235A112B3ABE714342CE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:27:ab:34:5a:66:44:61:bf:08:e8:3b:bd:d9:
1d:f0:4f:1c:dd:74:10:98:6f:b3:dd:1c:f5:f3:b7:
f1:49:0a:a8:eb:82:c5:77:a1:20:ad:b3:95:e4:43:
19:b8:5d:84:80:cf:89:54:c2:f7:35:14:cc:e5:41:
10:f9:7b:8c:0d:c4:a2:eb:80:21:99:75:f5:54:85:
8a:f5:4c:4a:fb:2a:c0:4b:13:bb:01:4c:4c:a7:25:
a8:22:22:7c:92:9e:d2:7b:c0:b4:a6:97:c1:ae:c2:
ec:e6:1a:43:ce:2e:8f:1a:34:6b:58:bb:20:e6:b3:
3e:8f:4b:cf:84:29:f7:59:8c:8f:33:14:4d:ed:2d:
61:27:db:24:29:a4:e9:d3:00:cb:47:7a:7f:e9:c3:
22:bb:ab:a0:32:ef:8c:fa:44:05:e8:a2:ee:37:fd:
7b:36:c8:6a:42:b1:45:50:9f:07:3a:79:11:e5:d7:
25:55:69:13:a5:12:4d:44:f7:86:00:11:1a:13:ca:
1b:69:c6:7a:6d:71:7e:18:54:b6:2f:01:a7:d3:9e:
8c:90:41:82:56:94:4a:bc:fa:07:7e:49:4c:4e:63:
ad:95:8d:10:3e:00:1e:11:b2:9e:6c:af:5d:fb:96:
f7:87:8f:68:be:8a:27:c7:8b:8f:63:46:f9:ef:d4:
d2:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:F4:80:F6:E1:8D:60:A3:A7:1A:23:5A:11:2B:3A:BE:71:43:42:CE
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/33312e39392e3230312e302f32342d3234203d3e20323133363530.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.99.201.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:31:7b:e9:f3:e4:12:61:14:95:8e:6a:9f:8d:46:9d:0a:84:
33:34:81:22:74:e1:04:53:a0:00:23:c4:cd:f5:e1:62:d4:0b:
0c:3a:82:c1:e1:7c:d1:0d:2a:79:13:e1:e8:54:35:31:68:87:
cf:61:0b:15:31:7f:f7:43:a3:6c:aa:58:25:30:75:ab:54:86:
74:df:f4:d6:a9:b2:a3:3a:0c:20:62:f4:63:7f:fd:2b:d0:28:
ca:3c:93:4d:19:a3:63:5c:ae:d8:6a:84:20:a3:bc:40:84:e8:
38:da:1c:0b:7b:c6:e4:c1:c1:36:f2:dc:de:f5:bb:06:9f:99:
33:71:18:5d:ec:7f:8f:24:3e:52:2a:fe:68:35:61:57:d3:f2:
51:d4:4f:e9:4f:8d:5d:30:a1:ac:29:ff:65:cc:06:c8:e7:3c:
fc:ce:bf:ee:46:31:90:05:96:f7:ba:1e:ed:30:55:6c:29:21:
8c:06:ab:1e:49:e7:1a:56:4f:b6:ae:54:d8:8c:5a:9a:28:4c:
d1:c8:ff:53:6c:27:75:79:48:06:91:d9:51:98:fc:14:47:f7:
e6:90:9b:a3:23:de:d7:53:ee:76:06:6e:76:68:d4:77:ce:fb:
81:31:d5:d2:11:55:78:1d:21:a7:85:01:42:b9:05:72:19:c3:
fb:b8:06:f2
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUaq1caCeL9oqcmQ03kBG1f1Hyl+IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNjAyMTkxMTQyNTJaFw0yNzAyMTgxMTQ3NTJaMDMxMTAvBgNV
BAMTKDY1RjQ4MEY2RTE4RDYwQTNBNzFBMjM1QTExMkIzQUJFNzE0MzQyQ0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2J6s0WmZEYb8I6Du92R3wTxzd
dBCYb7PdHPXzt/FJCqjrgsV3oSCts5XkQxm4XYSAz4lUwvc1FMzlQRD5e4wNxKLr
gCGZdfVUhYr1TEr7KsBLE7sBTEynJagiInySntJ7wLSml8GuwuzmGkPOLo8aNGtY
uyDmsz6PS8+EKfdZjI8zFE3tLWEn2yQppOnTAMtHen/pwyK7q6Ay74z6RAXoou43
/Xs2yGpCsUVQnwc6eRHl1yVVaROlEk1E94YAERoTyhtpxnptcX4YVLYvAafTnoyQ
QYJWlEq8+gd+SUxOY62VjRA+AB4Rsp5sr137lveHj2i+iifHi49jRvnv1NIlAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUZfSA9uGNYKOnGiNaESs6vnFDQs4wHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExM2RkYTYt
N2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4Y2ExLzEvMzMzMTJlMzkzOTJlMzIzMDMx
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTMzMzYzNTMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
H2PJMA0GCSqGSIb3DQEBCwUAA4IBAQAuMXvp8+QSYRSVjmqfjUadCoQzNIEidOEE
U6AAI8TN9eFi1AsMOoLB4XzRDSp5E+HoVDUxaIfPYQsVMX/3Q6NsqlglMHWrVIZ0
3/TWqbKjOgwgYvRjf/0r0CjKPJNNGaNjXK7YaoQgo7xAhOg42hwLe8bkwcE28tze
9bsGn5kzcRhd7H+PJD5SKv5oNWFX0/JR1E/pT41dMKGsKf9lzAbI5zz8zr/uRjGQ
BZb3uh7tMFVsKSGMBqseSecaVk+2rlTYjFqaKEzRyP9TbCd1eUgGkdlRmPwUR/fm
kJujI97XU+52Bm52aNR3zvuBMdXSEVV4HSGnhQFCuQVyGcP7uAby
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:19:19 2026 by rpki-client