Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/33312e39392e3230372e302f32342d3234203d3e203233353332.roa
File: 33312e39392e3230372e302f32342d3234203d3e203233353332.roa (raw, json)
Hash identifier: YMiDlEuFwiUmBJ750UnQ/2kXWbSgbu6U7u+ywjD409w=
Subject key identifier: BF:BB:86:B4:16:92:AA:BD:CF:EB:56:CE:4C:69:3F:20:5D:8E:D9:47
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 094CF7A1CDFFD66A2EEC584C9241D5A193CCBC7A
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/33312e39392e3230372e302f32342d3234203d3e203233353332.roa
Signing time: Tue 19 May 2026 10:02:04 +0000
ROA not before: Tue 19 May 2026 09:57:04 +0000
ROA not after: Tue 18 May 2027 10:02:04 +0000
asID: 23532
IP address blocks: 31.99.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.mft
rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 16:37:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:4c:f7:a1:cd:ff:d6:6a:2e:ec:58:4c:92:41:d5:a1:93:cc:bc:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: May 19 09:57:04 2026 GMT
Not After : May 18 10:02:04 2027 GMT
Subject: CN=BFBB86B41692AABDCFEB56CE4C693F205D8ED947
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:87:75:4d:a3:5d:0c:fb:d0:db:bc:5c:b5:ed:
dd:b8:b8:20:46:53:67:9c:7c:33:18:e3:e0:76:98:
e8:d0:82:b3:ff:78:8a:a5:9c:50:f5:98:e5:df:4e:
40:c1:0b:e5:4a:39:41:cf:d1:d4:c9:21:f9:4f:71:
e0:49:ec:2e:e5:56:9e:0b:64:41:2e:8a:93:ca:47:
be:b4:33:04:9c:e6:9a:b8:b7:97:bd:a5:06:fd:72:
fe:52:1a:b9:b1:93:2f:56:c0:df:6d:53:7a:a3:5a:
34:59:67:d2:dd:ef:60:43:e5:38:81:4e:b0:17:ef:
54:ca:c9:5b:c5:83:54:71:0e:27:55:71:6b:8c:a7:
84:d1:f6:d1:5c:c0:cc:86:7f:31:c3:61:3c:00:b4:
8e:1b:07:d1:d4:4a:58:0c:df:6e:e3:0f:53:17:39:
27:91:47:d2:a8:a8:37:f5:bf:7f:52:79:d5:42:05:
8b:18:80:d6:82:3e:7c:78:43:1e:86:be:89:7b:c1:
c2:e0:f5:51:dd:af:1b:c7:71:d4:8b:23:cf:b5:a0:
f3:3c:f3:9b:de:63:89:2a:a2:30:19:21:a2:e2:50:
64:d1:6c:7e:f7:bb:ea:a0:9f:b7:54:0d:a8:14:5f:
d4:08:bd:47:a7:33:f8:93:e8:4a:02:4e:10:90:55:
0f:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:BB:86:B4:16:92:AA:BD:CF:EB:56:CE:4C:69:3F:20:5D:8E:D9:47
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/33312e39392e3230372e302f32342d3234203d3e203233353332.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.99.207.0/24
Signature Algorithm: sha256WithRSAEncryption
46:00:09:14:bb:ce:94:87:27:6c:95:b2:25:c3:7a:02:5c:0d:
47:e4:b5:e5:1f:b8:41:92:29:53:01:fb:20:8b:43:64:ed:0d:
01:74:2f:5b:f9:3d:56:d5:71:c5:f5:48:bf:7d:9f:76:3b:d8:
0d:29:77:81:6b:df:ff:b4:c9:35:ce:11:2d:14:25:cd:57:c3:
7d:bd:87:6d:57:93:9e:00:a1:aa:be:dc:f2:9a:d4:ab:28:eb:
2e:46:82:63:ea:ee:63:cf:fe:9f:ef:b0:39:df:f0:be:c5:e7:
3b:6e:81:77:a1:6d:ce:b3:d0:82:69:cb:72:a5:e1:c9:36:23:
57:f9:16:fd:31:8f:82:9b:e5:c7:a5:c0:02:da:8b:5c:83:42:
66:23:17:4e:97:a5:e5:e6:ee:fa:68:51:8c:7d:7e:ac:0e:fb:
82:9f:f3:db:bf:c9:cf:4d:69:aa:ac:1f:3d:6c:6f:a3:90:35:
78:21:1f:d2:85:79:5a:1b:90:d2:7d:11:77:e7:f4:98:2f:1b:
fc:d7:f5:5a:33:42:ac:61:fe:78:26:b3:5f:29:8b:27:71:54:
2a:03:36:5c:f1:aa:a3:98:6b:4c:57:06:04:9f:2b:bf:0c:87:
0f:02:31:4e:a0:72:a9:13:d1:22:5f:bc:ad:d6:56:fd:72:46:
e7:f9:56:44
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUCUz3oc3/1mou7FhMkkHVoZPMvHowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNjA1MTkwOTU3MDRaFw0yNzA1MTgxMDAyMDRaMDMxMTAvBgNV
BAMTKEJGQkI4NkI0MTY5MkFBQkRDRkVCNTZDRTRDNjkzRjIwNUQ4RUQ5NDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGh3VNo10M+9DbvFy17d24uCBG
U2ecfDMY4+B2mOjQgrP/eIqlnFD1mOXfTkDBC+VKOUHP0dTJIflPceBJ7C7lVp4L
ZEEuipPKR760MwSc5pq4t5e9pQb9cv5SGrmxky9WwN9tU3qjWjRZZ9Ld72BD5TiB
TrAX71TKyVvFg1RxDidVcWuMp4TR9tFcwMyGfzHDYTwAtI4bB9HUSlgM327jD1MX
OSeRR9KoqDf1v39SedVCBYsYgNaCPnx4Qx6Gvol7wcLg9VHdrxvHcdSLI8+1oPM8
85veY4kqojAZIaLiUGTRbH73u+qgn7dUDagUX9QIvUenM/iT6EoCThCQVQ8hAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUv7uGtBaSqr3P61bOTGk/IF2O2UcwHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExM2RkYTYt
N2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4Y2ExLzEvMzMzMTJlMzkzOTJlMzIzMDM3
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMzM1MzMzMi5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAB9j
zzANBgkqhkiG9w0BAQsFAAOCAQEARgAJFLvOlIcnbJWyJcN6AlwNR+S15R+4QZIp
UwH7IItDZO0NAXQvW/k9VtVxxfVIv32fdjvYDSl3gWvf/7TJNc4RLRQlzVfDfb2H
bVeTngChqr7c8prUqyjrLkaCY+ruY8/+n++wOd/wvsXnO26Bd6FtzrPQgmnLcqXh
yTYjV/kW/TGPgpvlx6XAAtqLXINCZiMXTpel5ebu+mhRjH1+rA77gp/z27/Jz01p
qqwfPWxvo5A1eCEf0oV5WhuQ0n0Rd+f0mC8b/Nf1WjNCrGH+eCazXymLJ3FUKgM2
XPGqo5hrTFcGBJ8rvwyHDwIxTqByqRPRIl+8rdZW/XJG5/lWRA==
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:02:26 2026 by rpki-client