Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/33312e39392e3230372e302f32342d3234203d3e20323030393139.roa
File: 33312e39392e3230372e302f32342d3234203d3e20323030393139.roa (raw, json)
Hash identifier: Sx4gimOMm/cDt00enlx4Don8b0BAMFnFutmPQSumeeM=
Subject key identifier: CD:F7:2A:B4:2E:4B:D4:1F:20:EE:45:95:AB:70:A0:FF:AF:B0:3A:67
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 6764938910918F85C19886B7EEE6DE89C2D4D725
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/33312e39392e3230372e302f32342d3234203d3e20323030393139.roa
Signing time: Tue 24 Feb 2026 10:28:00 +0000
ROA not before: Tue 24 Feb 2026 10:23:00 +0000
ROA not after: Tue 23 Feb 2027 10:28:00 +0000
asID: 200919
IP address blocks: 31.99.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.mft
rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:64:93:89:10:91:8f:85:c1:98:86:b7:ee:e6:de:89:c2:d4:d7:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: Feb 24 10:23:00 2026 GMT
Not After : Feb 23 10:28:00 2027 GMT
Subject: CN=CDF72AB42E4BD41F20EE4595AB70A0FFAFB03A67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:e4:57:59:bf:fd:a5:f6:60:1f:01:87:55:af:
2a:41:b7:0c:29:f7:ac:08:55:94:ae:0a:a2:8d:7e:
48:59:af:13:a1:c1:fd:13:ea:2a:69:a8:98:22:46:
9b:35:5a:ef:ae:b2:32:45:e0:2e:60:7c:59:e6:e3:
0c:d8:31:23:d9:40:66:5e:54:b6:8f:86:79:cc:7c:
4b:9d:d7:68:38:bf:05:b9:ee:b2:61:95:0a:f8:ef:
f2:0a:5b:29:74:34:7b:7a:45:fc:60:5d:a4:8a:7f:
47:68:67:5f:10:6e:91:50:b4:f5:44:3e:3d:df:34:
06:b4:a5:e6:dc:d2:d9:72:2c:e8:dd:89:04:ae:bb:
68:09:82:6c:45:2b:f1:56:b6:14:b3:c5:ae:f8:2d:
fd:01:87:b3:4e:09:70:bf:41:f7:91:9b:1c:a7:5c:
3e:55:9d:55:ee:81:36:ec:ad:86:ff:d4:ef:27:3c:
a4:be:26:30:5d:b7:7f:51:ba:34:c6:94:a6:85:17:
51:7b:06:0a:18:5d:ca:8a:18:bb:63:1b:f6:0b:d7:
71:41:47:38:97:7f:b4:bc:44:6e:4f:33:a5:b2:04:
ca:25:19:36:fe:c6:e9:3f:32:3b:62:44:3e:48:2d:
cb:ab:2a:39:fb:ed:4a:f7:1b:6c:23:ae:ff:6d:25:
2f:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:F7:2A:B4:2E:4B:D4:1F:20:EE:45:95:AB:70:A0:FF:AF:B0:3A:67
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/33312e39392e3230372e302f32342d3234203d3e20323030393139.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.99.207.0/24
Signature Algorithm: sha256WithRSAEncryption
34:59:d4:3f:d2:77:3c:64:36:5a:dd:02:ac:fa:ab:84:86:ed:
8d:a2:5d:d4:e8:22:64:17:f8:6d:83:a9:89:46:2b:cd:42:60:
57:1b:0b:61:02:98:96:59:16:4b:61:8a:29:87:f5:8d:8d:d7:
db:6a:7c:f1:4c:55:4b:77:61:48:37:d0:36:62:6b:b8:a6:96:
8a:42:9f:2d:cd:8c:26:9a:4c:c5:6c:a7:59:e3:e6:27:4b:17:
5d:85:ba:a1:65:82:0c:09:68:c5:fb:3d:a5:59:6f:4b:2b:81:
d8:aa:38:b8:b0:8e:d1:a0:22:5a:b5:7c:63:94:0a:94:b8:70:
25:bd:33:b6:ce:58:ea:ca:c0:a3:85:a2:ab:7f:4f:7d:d6:21:
69:21:8d:1d:d0:9f:1b:6b:93:81:b0:ac:b1:16:4e:c3:5e:3d:
0b:dd:42:6f:c0:83:36:85:7a:e8:0b:a0:7e:f6:35:3b:fc:89:
cf:82:56:59:bf:7b:e5:3a:a7:37:19:0d:14:7b:49:74:40:46:
99:72:ae:e2:e6:37:cc:5d:36:f3:84:6c:5a:fb:b8:7c:bb:39:
f9:eb:69:4b:e4:ce:60:c1:16:44:03:6f:67:37:98:c2:6e:f0:
9e:d0:82:b0:a9:59:9b:e4:f6:02:5e:bb:ca:4f:ad:37:39:a3:
8a:68:eb:02
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUZ2STiRCRj4XBmIa37ubeicLU1yUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNjAyMjQxMDIzMDBaFw0yNzAyMjMxMDI4MDBaMDMxMTAvBgNV
BAMTKENERjcyQUI0MkU0QkQ0MUYyMEVFNDU5NUFCNzBBMEZGQUZCMDNBNjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC15FdZv/2l9mAfAYdVrypBtwwp
96wIVZSuCqKNfkhZrxOhwf0T6ippqJgiRps1Wu+usjJF4C5gfFnm4wzYMSPZQGZe
VLaPhnnMfEud12g4vwW57rJhlQr47/IKWyl0NHt6RfxgXaSKf0doZ18QbpFQtPVE
Pj3fNAa0pebc0tlyLOjdiQSuu2gJgmxFK/FWthSzxa74Lf0Bh7NOCXC/QfeRmxyn
XD5VnVXugTbsrYb/1O8nPKS+JjBdt39RujTGlKaFF1F7BgoYXcqKGLtjG/YL13FB
RziXf7S8RG5PM6WyBMolGTb+xuk/MjtiRD5ILcurKjn77Ur3G2wjrv9tJS9TAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUzfcqtC5L1B8g7kWVq3Cg/6+wOmcwHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExM2RkYTYt
N2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4Y2ExLzEvMzMzMTJlMzkzOTJlMzIzMDM3
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDMwMzkzMTM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
H2PPMA0GCSqGSIb3DQEBCwUAA4IBAQA0WdQ/0nc8ZDZa3QKs+quEhu2Nol3U6CJk
F/htg6mJRivNQmBXGwthApiWWRZLYYoph/WNjdfbanzxTFVLd2FIN9A2Ymu4ppaK
Qp8tzYwmmkzFbKdZ4+YnSxddhbqhZYIMCWjF+z2lWW9LK4HYqji4sI7RoCJatXxj
lAqUuHAlvTO2zljqysCjhaKrf0991iFpIY0d0J8ba5OBsKyxFk7DXj0L3UJvwIM2
hXroC6B+9jU7/InPglZZv3vlOqc3GQ0Ue0l0QEaZcq7i5jfMXTbzhGxa+7h8uzn5
62lL5M5gwRZEA29nN5jCbvCe0IKwqVmb5PYCXrvKT603OaOKaOsC
-----END CERTIFICATE-----
Generated at Mon Mar 2 08:25:17 2026 by rpki-client