Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/33312e39392e3230362e302f32342d3234203d3e20323130343935.roa
File: 33312e39392e3230362e302f32342d3234203d3e20323130343935.roa (raw, json)
Hash identifier: OC80Hx5Gq1jN6Ym5UmCqnC8fGlp8VQazYJOfXpnB8WU=
Subject key identifier: 2A:0D:1D:76:D5:FE:86:11:D1:C1:FC:EF:F6:F7:AD:EA:E2:B2:B0:A6
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 200B04C9BC48DD70A503EA581E877DEE5C67E1F4
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/33312e39392e3230362e302f32342d3234203d3e20323130343935.roa
Signing time: Wed 18 Feb 2026 13:32:50 +0000
ROA not before: Wed 18 Feb 2026 13:27:50 +0000
ROA not after: Wed 17 Feb 2027 13:32:50 +0000
asID: 210495
IP address blocks: 31.99.206.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.mft
rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:0b:04:c9:bc:48:dd:70:a5:03:ea:58:1e:87:7d:ee:5c:67:e1:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: Feb 18 13:27:50 2026 GMT
Not After : Feb 17 13:32:50 2027 GMT
Subject: CN=2A0D1D76D5FE8611D1C1FCEFF6F7ADEAE2B2B0A6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:75:91:2e:9b:08:72:72:df:fb:91:bd:c3:dc:
05:f5:1c:8a:c4:c3:de:5d:75:69:53:ae:03:c1:ed:
b8:80:2a:ea:81:4c:d4:0e:2d:f6:37:83:f3:4c:a4:
fd:30:86:f9:09:48:e8:00:65:a3:e1:86:b5:4d:02:
c3:10:bb:2d:e5:c6:e7:61:f6:8a:74:5a:1e:09:60:
cd:95:c9:36:e7:55:8a:e7:37:a2:98:73:76:1b:13:
6c:83:34:63:ff:58:fa:dd:95:96:ea:0b:c5:b5:82:
f0:26:e6:38:a4:09:0b:31:c2:70:2f:7f:79:b2:96:
1f:1a:56:fc:8c:87:b2:58:1f:d4:7a:6b:95:aa:94:
f3:cf:85:79:95:0f:11:3b:a9:27:69:ae:78:90:8c:
cb:26:a4:1f:07:0e:22:34:6f:05:4b:1a:89:60:89:
69:1a:e3:b2:c7:d8:3f:82:aa:0a:0f:ba:75:bc:ee:
e7:94:60:b3:53:b9:95:a2:0f:d8:f3:20:6e:7e:83:
1b:a7:10:02:9b:7d:4a:bb:a8:51:54:fd:ae:a3:df:
bd:f0:03:89:3e:cf:1e:20:6e:4b:20:99:66:98:06:
d6:d4:1f:dc:ec:dc:ad:52:91:b3:eb:96:48:93:1e:
14:09:bd:f4:08:91:c1:1c:d1:a2:90:0f:35:2a:2c:
1e:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:0D:1D:76:D5:FE:86:11:D1:C1:FC:EF:F6:F7:AD:EA:E2:B2:B0:A6
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/33312e39392e3230362e302f32342d3234203d3e20323130343935.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.99.206.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:06:07:58:72:61:4d:8a:10:b8:51:0b:51:41:ed:8e:10:f2:
a7:c4:6b:c6:70:cb:58:eb:90:05:7b:7f:45:22:21:ff:e2:d3:
d3:62:a8:66:27:0d:4c:73:5e:64:d6:29:fc:15:c5:45:87:dc:
3e:8b:e4:de:67:f2:b3:5e:e6:d7:9b:02:e9:fa:e0:8c:91:e5:
2e:10:c6:cc:f1:b6:e1:b8:58:77:d0:57:23:f2:c8:d7:9b:f5:
84:49:04:16:a1:09:13:55:05:b0:47:e7:49:1d:aa:1a:f3:c1:
d4:1c:28:a3:60:f3:27:59:af:93:4f:e3:f1:af:63:b4:dc:e8:
ec:73:14:26:c0:37:b3:dd:d3:70:25:b9:ad:ad:5c:cd:e1:83:
9b:19:16:4d:b9:bb:98:46:38:b9:6e:4c:cc:53:dc:92:be:ae:
99:3b:33:13:0f:01:86:b8:0e:19:fc:b0:d6:b5:2e:f8:3d:83:
e1:04:ae:c7:9d:da:85:47:5f:0d:86:32:52:1c:8a:4a:de:2c:
03:50:ab:4f:34:5f:5a:a5:5c:b8:12:61:8e:50:0f:84:7a:5d:
91:ea:66:de:b4:87:47:32:08:32:7c:4d:1b:d0:ea:e5:e9:80:
34:14:13:15:6e:07:94:2f:76:a2:43:8b:9a:4e:56:aa:80:7e:
f6:b9:ef:cc
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUIAsEybxI3XClA+pYHod97lxn4fQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNjAyMTgxMzI3NTBaFw0yNzAyMTcxMzMyNTBaMDMxMTAvBgNV
BAMTKDJBMEQxRDc2RDVGRTg2MTFEMUMxRkNFRkY2RjdBREVBRTJCMkIwQTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCSdZEumwhyct/7kb3D3AX1HIrE
w95ddWlTrgPB7biAKuqBTNQOLfY3g/NMpP0whvkJSOgAZaPhhrVNAsMQuy3lxudh
9op0Wh4JYM2VyTbnVYrnN6KYc3YbE2yDNGP/WPrdlZbqC8W1gvAm5jikCQsxwnAv
f3mylh8aVvyMh7JYH9R6a5WqlPPPhXmVDxE7qSdprniQjMsmpB8HDiI0bwVLGolg
iWka47LH2D+CqgoPunW87ueUYLNTuZWiD9jzIG5+gxunEAKbfUq7qFFU/a6j373w
A4k+zx4gbksgmWaYBtbUH9zs3K1SkbPrlkiTHhQJvfQIkcEc0aKQDzUqLB4dAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUKg0ddtX+hhHRwfzv9vet6uKysKYwHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExM2RkYTYt
N2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4Y2ExLzEvMzMzMTJlMzkzOTJlMzIzMDM2
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTMwMzQzOTM1LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
H2POMA0GCSqGSIb3DQEBCwUAA4IBAQCmBgdYcmFNihC4UQtRQe2OEPKnxGvGcMtY
65AFe39FIiH/4tPTYqhmJw1Mc15k1in8FcVFh9w+i+TeZ/KzXubXmwLp+uCMkeUu
EMbM8bbhuFh30Fcj8sjXm/WESQQWoQkTVQWwR+dJHaoa88HUHCijYPMnWa+TT+Px
r2O03OjscxQmwDez3dNwJbmtrVzN4YObGRZNubuYRji5bkzMU9ySvq6ZOzMTDwGG
uA4Z/LDWtS74PYPhBK7HndqFR18NhjJSHIpK3iwDUKtPNF9apVy4EmGOUA+Eel2R
6mbetIdHMggyfE0b0Orl6YA0FBMVbgeUL3aiQ4uaTlaqgH72ue/M
-----END CERTIFICATE-----
Generated at Mon Mar 2 08:25:06 2026 by rpki-client