Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/33312e39392e3230322e302f32342d3234203d3e20323133363530.roa
File: 33312e39392e3230322e302f32342d3234203d3e20323133363530.roa (raw, json)
Hash identifier: 0Bngyrmrdfz47mx/mnuSCDuWlf2EDWIUujRrINoh4uI=
Subject key identifier: 8E:50:61:40:45:59:E3:E3:11:41:E4:D6:35:DE:C2:1B:2F:9A:7A:A5
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 3660C165316A8964B62E3DDF4950F8AF4AB50A74
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/33312e39392e3230322e302f32342d3234203d3e20323133363530.roa
Signing time: Thu 19 Feb 2026 11:47:38 +0000
ROA not before: Thu 19 Feb 2026 11:42:38 +0000
ROA not after: Thu 18 Feb 2027 11:47:38 +0000
asID: 213650
IP address blocks: 31.99.202.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.mft
rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:60:c1:65:31:6a:89:64:b6:2e:3d:df:49:50:f8:af:4a:b5:0a:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: Feb 19 11:42:38 2026 GMT
Not After : Feb 18 11:47:38 2027 GMT
Subject: CN=8E5061404559E3E31141E4D635DEC21B2F9A7AA5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:e4:76:b3:47:fe:15:6f:c9:dd:6a:78:56:aa:
98:5a:45:d0:0c:71:b1:a7:40:69:02:7d:44:ce:06:
eb:f5:69:96:47:40:c0:d1:b6:86:83:03:dc:b5:f6:
50:31:51:5c:14:5f:59:c3:0a:86:e8:85:7d:36:dc:
89:22:d3:05:58:44:45:29:31:5b:99:91:dc:18:49:
cf:75:05:3c:96:8f:10:75:2e:0d:ab:86:2d:b7:b7:
57:25:54:03:77:fa:c2:3b:eb:d9:c9:57:9a:43:76:
1a:07:01:7a:b7:36:f4:35:71:83:35:d1:e1:d6:5d:
43:12:86:62:da:3c:82:d2:cc:46:89:83:4d:90:05:
65:1b:6a:e8:26:f1:1d:f8:73:1a:9e:85:63:0e:0f:
3b:13:bc:b5:4d:3d:4f:a3:4f:47:2c:73:5b:11:52:
97:be:2a:5d:e7:13:fa:3e:75:28:af:da:f0:7b:97:
91:61:8a:8c:af:24:e1:1e:cd:17:81:db:23:fc:27:
97:e6:86:9a:5b:1e:28:b9:91:0f:0c:e0:05:55:3c:
47:d4:15:43:92:f8:85:5b:66:7b:3d:47:67:f4:da:
ce:9c:66:4d:2b:21:14:66:2a:95:83:62:49:28:f0:
42:cc:2c:81:71:37:1a:c2:f1:08:de:e6:d9:bc:5c:
81:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:50:61:40:45:59:E3:E3:11:41:E4:D6:35:DE:C2:1B:2F:9A:7A:A5
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/33312e39392e3230322e302f32342d3234203d3e20323133363530.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.99.202.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:84:aa:79:78:8e:d5:ee:b7:1f:41:89:54:f2:8e:a1:fe:48:
39:c3:3f:df:81:69:58:e6:07:b5:15:41:88:d3:cb:4c:c8:dc:
43:e5:cd:d9:f6:53:2b:86:47:f7:b1:b6:cf:7e:8f:2f:de:f4:
66:e4:77:7e:f7:b2:db:22:26:1c:af:31:41:cf:4c:e5:e6:e0:
26:3b:a7:e8:18:04:a9:2b:e0:01:7b:92:73:85:d5:fd:4a:91:
c3:5a:bb:fb:1c:6c:65:d0:44:99:b4:17:d5:b6:7b:68:33:d2:
ac:d6:56:de:7e:2d:89:1c:77:bc:32:ed:de:35:4a:68:11:19:
16:5b:6c:14:03:12:91:94:cc:6b:cc:aa:af:b3:3d:40:ae:3b:
8e:34:5d:3a:7a:20:c3:99:76:b4:b4:1c:0e:da:0b:f3:27:73:
31:cf:3f:4a:a0:15:36:3d:51:ec:9c:ae:26:ef:77:d0:ac:05:
f1:d3:c2:8f:ae:81:8f:e3:ae:96:96:98:bc:6b:2b:6b:04:d9:
0c:01:c7:cd:f2:da:d6:20:10:03:72:3d:a6:ee:0e:5a:62:16:
d2:66:92:80:d4:e5:b2:80:ad:06:67:19:53:26:45:f6:d8:5a:
ad:57:aa:f0:11:35:fb:6c:bd:57:e9:63:40:20:a8:04:df:60:
b4:19:8b:8e
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUNmDBZTFqiWS2Lj3fSVD4r0q1CnQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNjAyMTkxMTQyMzhaFw0yNzAyMTgxMTQ3MzhaMDMxMTAvBgNV
BAMTKDhFNTA2MTQwNDU1OUUzRTMxMTQxRTRENjM1REVDMjFCMkY5QTdBQTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDP5HazR/4Vb8ndanhWqphaRdAM
cbGnQGkCfUTOBuv1aZZHQMDRtoaDA9y19lAxUVwUX1nDCobohX023Iki0wVYREUp
MVuZkdwYSc91BTyWjxB1Lg2rhi23t1clVAN3+sI769nJV5pDdhoHAXq3NvQ1cYM1
0eHWXUMShmLaPILSzEaJg02QBWUbaugm8R34cxqehWMODzsTvLVNPU+jT0csc1sR
Upe+Kl3nE/o+dSiv2vB7l5FhioyvJOEezReB2yP8J5fmhppbHii5kQ8M4AVVPEfU
FUOS+IVbZns9R2f02s6cZk0rIRRmKpWDYkko8ELMLIFxNxrC8Qje5tm8XIElAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUjlBhQEVZ4+MRQeTWNd7CGy+aeqUwHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExM2RkYTYt
N2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4Y2ExLzEvMzMzMTJlMzkzOTJlMzIzMDMy
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTMzMzYzNTMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
H2PKMA0GCSqGSIb3DQEBCwUAA4IBAQBOhKp5eI7V7rcfQYlU8o6h/kg5wz/fgWlY
5ge1FUGI08tMyNxD5c3Z9lMrhkf3sbbPfo8v3vRm5Hd+97LbIiYcrzFBz0zl5uAm
O6foGASpK+ABe5JzhdX9SpHDWrv7HGxl0ESZtBfVtntoM9Ks1lbefi2JHHe8Mu3e
NUpoERkWW2wUAxKRlMxrzKqvsz1ArjuONF06eiDDmXa0tBwO2gvzJ3Mxzz9KoBU2
PVHsnK4m73fQrAXx08KProGP466Wlpi8aytrBNkMAcfN8trWIBADcj2m7g5aYhbS
ZpKA1OWygK0GZxlTJkX22FqtV6rwETX7bL1X6WNAIKgE32C0GYuO
-----END CERTIFICATE-----
Generated at Mon Mar 2 08:43:31 2026 by rpki-client