Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/33312e39392e3230372e302f32342d3234203d3e20323136313338.roa
File: 33312e39392e3230372e302f32342d3234203d3e20323136313338.roa (raw, json)
Hash identifier: KEwn+7zILM5/r3LpTKFJRe00Rd6OV3jrUelJoTJ/baQ=
Subject key identifier: E9:15:23:B0:A2:72:35:5A:BB:03:9D:03:6D:49:67:54:27:A1:7D:F0
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 61D93CCD7C73C91AAD7039DE53239018BCBFACE7
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/33312e39392e3230372e302f32342d3234203d3e20323136313338.roa
Signing time: Tue 19 May 2026 10:02:04 +0000
ROA not before: Tue 19 May 2026 09:57:04 +0000
ROA not after: Tue 18 May 2027 10:02:04 +0000
asID: 216138
IP address blocks: 31.99.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.mft
rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 16:37:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:d9:3c:cd:7c:73:c9:1a:ad:70:39:de:53:23:90:18:bc:bf:ac:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: May 19 09:57:04 2026 GMT
Not After : May 18 10:02:04 2027 GMT
Subject: CN=E91523B0A272355ABB039D036D49675427A17DF0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:48:d4:16:3f:c7:0d:2c:a2:0f:1f:cd:8d:60:
95:fd:e2:b8:78:4e:39:60:3f:4d:10:49:c5:bf:01:
e7:14:15:da:4a:8a:82:30:60:fb:0a:0f:dd:e2:95:
c2:e5:79:1a:49:e6:0f:2f:ca:2b:ba:f4:81:b5:4e:
19:9d:99:1e:e9:a3:a3:76:28:d4:1f:2f:67:7a:69:
40:35:c7:f8:97:be:b5:21:68:4c:33:bf:84:14:65:
24:85:02:dd:6b:93:34:67:59:c0:ae:d1:ef:26:da:
e2:20:dc:99:be:d3:75:8c:ec:03:f9:d0:d1:94:37:
c3:bf:59:22:d1:98:29:c3:bc:57:7e:44:18:03:d4:
40:16:eb:d7:23:b0:fb:f0:1b:17:06:33:91:f3:6f:
00:b3:da:78:6b:7a:06:40:c4:f2:d3:7d:1d:06:08:
d1:c4:e3:78:99:ad:5b:c5:30:ed:51:22:cf:27:dc:
00:77:bc:02:db:f1:31:c3:c0:3d:cc:36:23:be:a8:
31:1c:1e:56:a4:4f:fe:44:cd:c7:55:b8:79:bd:af:
ce:ba:0b:70:6c:56:0f:f1:5b:64:fd:26:ba:f4:26:
86:47:65:94:66:28:85:e9:0d:bd:2b:9c:ed:ad:e1:
11:a3:bc:2a:98:00:61:17:0d:41:90:cc:32:2b:43:
c2:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:15:23:B0:A2:72:35:5A:BB:03:9D:03:6D:49:67:54:27:A1:7D:F0
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/33312e39392e3230372e302f32342d3234203d3e20323136313338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.99.207.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:dd:f6:be:06:08:d7:fa:05:67:72:be:5c:61:3c:e5:08:19:
36:f2:3b:c9:a5:b9:63:32:82:e5:10:e7:fe:5f:47:ce:c9:0f:
ca:28:be:2a:91:16:c2:19:af:e2:a6:58:29:36:5e:81:ec:70:
7a:0d:1a:b5:fa:f5:c9:b4:c3:fe:99:20:68:1a:95:49:65:7a:
1a:32:62:10:86:a3:70:31:26:35:5f:0b:a5:61:c9:24:7e:d0:
ce:05:db:a5:3a:ad:e3:c6:03:f0:6d:4d:11:ee:22:42:93:6a:
7f:e6:1c:31:80:00:fb:8f:67:d0:af:e5:1c:65:44:e3:04:d4:
70:9a:03:64:45:12:df:9f:1d:05:e3:9c:b1:13:3e:97:27:8a:
a8:73:50:39:a1:fb:92:8e:3e:13:b8:13:f2:66:6d:b9:2a:76:
95:e0:9f:48:a3:96:40:80:a3:7c:57:56:70:b5:b6:a5:5d:ad:
dc:58:9f:70:ac:b3:0d:4d:ee:98:0f:3c:dc:78:5c:db:15:76:
fe:4a:be:7f:ce:aa:02:81:91:1c:ef:62:b7:36:6c:e0:29:4f:
eb:66:53:28:b6:14:79:33:af:88:b4:41:3d:df:f9:9d:60:4a:
fa:5f:4c:9f:02:fb:e5:12:ea:21:cb:ca:27:77:b2:33:47:e8:
3f:4a:96:bb
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUYdk8zXxzyRqtcDneUyOQGLy/rOcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNjA1MTkwOTU3MDRaFw0yNzA1MTgxMDAyMDRaMDMxMTAvBgNV
BAMTKEU5MTUyM0IwQTI3MjM1NUFCQjAzOUQwMzZENDk2NzU0MjdBMTdERjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPSNQWP8cNLKIPH82NYJX94rh4
TjlgP00QScW/AecUFdpKioIwYPsKD93ilcLleRpJ5g8vyiu69IG1ThmdmR7po6N2
KNQfL2d6aUA1x/iXvrUhaEwzv4QUZSSFAt1rkzRnWcCu0e8m2uIg3Jm+03WM7AP5
0NGUN8O/WSLRmCnDvFd+RBgD1EAW69cjsPvwGxcGM5HzbwCz2nhregZAxPLTfR0G
CNHE43iZrVvFMO1RIs8n3AB3vALb8THDwD3MNiO+qDEcHlakT/5EzcdVuHm9r866
C3BsVg/xW2T9Jrr0JoZHZZRmKIXpDb0rnO2t4RGjvCqYAGEXDUGQzDIrQ8JvAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU6RUjsKJyNVq7A50DbUlnVCehffAwHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExM2RkYTYt
N2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4Y2ExLzEvMzMzMTJlMzkzOTJlMzIzMDM3
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTM2MzEzMzM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
H2PPMA0GCSqGSIb3DQEBCwUAA4IBAQB63fa+BgjX+gVncr5cYTzlCBk28jvJpblj
MoLlEOf+X0fOyQ/KKL4qkRbCGa/iplgpNl6B7HB6DRq1+vXJtMP+mSBoGpVJZXoa
MmIQhqNwMSY1XwulYckkftDOBdulOq3jxgPwbU0R7iJCk2p/5hwxgAD7j2fQr+Uc
ZUTjBNRwmgNkRRLfnx0F45yxEz6XJ4qoc1A5ofuSjj4TuBPyZm25KnaV4J9Io5ZA
gKN8V1ZwtbalXa3cWJ9wrLMNTe6YDzzceFzbFXb+Sr5/zqoCgZEc72K3NmzgKU/r
ZlMothR5M6+ItEE93/mdYEr6X0yfAvvlEuohy8ond7IzR+g/Spa7
-----END CERTIFICATE-----
Generated at Sat Jun 13 05:52:56 2026 by rpki-client