Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/33312e362e372e302f32342d3234203d3e20323130353335.roa
File: 33312e362e372e302f32342d3234203d3e20323130353335.roa (raw, json)
Hash identifier: tsbcUPtRia51Hhco21bKncfgh60Uwy/wJJ9Zb5r0HAw=
Subject key identifier: 6F:7A:30:04:1B:B8:94:44:A8:9A:85:C1:5F:17:3C:51:8D:83:5F:BE
Certificate issuer: /CN=048af665bf8b186b70220759d26c578f40b5f3e3
Certificate serial: 710860627B1C05580539CCCFA743F1D56A319B9E
Authority key identifier: 04:8A:F6:65:BF:8B:18:6B:70:22:07:59:D2:6C:57:8F:40:B5:F3:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/33312e362e372e302f32342d3234203d3e20323130353335.roa
Signing time: Sat 21 Feb 2026 07:54:47 +0000
ROA not before: Sat 21 Feb 2026 07:49:47 +0000
ROA not after: Sat 20 Feb 2027 07:54:47 +0000
asID: 210535
IP address blocks: 31.6.7.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.crl
rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.mft
rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:08:60:62:7b:1c:05:58:05:39:cc:cf:a7:43:f1:d5:6a:31:9b:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=048af665bf8b186b70220759d26c578f40b5f3e3
Validity
Not Before: Feb 21 07:49:47 2026 GMT
Not After : Feb 20 07:54:47 2027 GMT
Subject: CN=6F7A30041BB89444A89A85C15F173C518D835FBE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:f8:c3:21:24:6b:be:08:a0:e4:e8:b5:80:08:
34:6a:30:b4:a1:85:56:7f:35:67:99:c9:c2:c8:5a:
82:ba:0b:ff:00:fc:81:7e:15:41:a1:fc:f2:f0:84:
e0:ab:53:df:c8:ce:68:b2:cc:bf:77:57:9f:33:d2:
78:73:63:fd:61:c8:5b:e4:84:c4:bd:00:1a:87:24:
94:05:ae:d6:c9:90:9f:02:e5:8a:4a:e1:14:a9:f0:
1b:25:53:ce:e0:8d:23:31:d4:fc:62:32:2e:b4:77:
e4:eb:91:6f:c1:89:3d:54:32:24:01:d1:5c:1a:f8:
7f:8b:47:cf:6a:bc:3c:37:c8:ea:47:e0:83:21:8a:
b9:b2:47:09:ab:d7:f8:f3:4e:10:63:ad:b1:de:04:
f9:0d:8a:29:d9:0e:b6:ba:3c:ce:e8:4a:4f:76:c2:
eb:56:e2:5c:d2:75:7e:81:65:45:3d:5f:70:65:58:
a9:fd:ca:86:b8:ee:32:b7:55:b7:e7:d4:39:73:4c:
e8:35:df:da:25:c7:33:24:6c:85:42:e1:5c:68:e4:
ff:e7:7f:44:73:b7:ba:35:15:2e:a6:b5:be:96:3a:
f4:28:40:25:e3:41:d8:3c:ea:85:b9:bb:24:0c:f8:
91:0e:9a:c3:23:6f:cc:86:18:f6:f4:f5:f2:3f:da:
32:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:7A:30:04:1B:B8:94:44:A8:9A:85:C1:5F:17:3C:51:8D:83:5F:BE
X509v3 Authority Key Identifier:
keyid:04:8A:F6:65:BF:8B:18:6B:70:22:07:59:D2:6C:57:8F:40:B5:F3:E3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/33312e362e372e302f32342d3234203d3e20323130353335.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.6.7.0/24
Signature Algorithm: sha256WithRSAEncryption
26:90:c2:1c:e3:07:d2:80:0e:09:10:c1:20:35:d5:76:21:85:
2d:be:1f:f2:94:96:96:62:8e:33:94:8c:7e:aa:2c:c3:3e:57:
01:97:a9:96:56:e6:f3:61:81:6d:9d:d6:24:6c:63:e5:03:81:
87:d5:0c:df:3a:41:f3:ba:94:ed:d3:6b:b8:ef:35:4d:3b:c0:
44:67:a3:63:2e:92:f1:4c:a6:84:6a:6f:31:6d:20:1d:b2:33:
d9:42:80:1f:da:3e:ba:be:82:f3:10:26:db:1e:95:cd:8f:0b:
23:0c:1a:7e:28:70:5a:43:4d:fc:92:47:3e:5d:ad:3d:68:f1:
d0:18:ac:d9:7b:b6:1d:6a:01:c5:cc:5a:31:a5:ca:11:bb:f1:
c5:6b:e3:e4:33:26:e5:86:ef:c9:2e:c1:4c:3a:50:be:23:0c:
e2:88:1f:7e:d0:01:a0:9a:53:74:30:a3:4d:c6:c8:e9:f4:eb:
59:87:93:9a:d2:f4:6a:ee:b9:b7:fa:f7:24:9f:36:90:88:01:
04:74:28:bd:ac:27:92:71:da:93:3f:36:ef:75:35:23:ea:9b:
17:5f:98:60:36:00:79:9c:92:18:44:3b:4b:86:03:fb:92:a3:
41:24:4c:7f:37:e1:a0:f5:df:df:54:33:b0:5b:63:04:6a:c2:
23:5b:4b:13
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUcQhgYnscBVgFOczPp0Px1Woxm54wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDQ4YWY2NjViZjhiMTg2YjcwMjIwNzU5ZDI2YzU3OGY0
MGI1ZjNlMzAeFw0yNjAyMjEwNzQ5NDdaFw0yNzAyMjAwNzU0NDdaMDMxMTAvBgNV
BAMTKDZGN0EzMDA0MUJCODk0NDRBODlBODVDMTVGMTczQzUxOEQ4MzVGQkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCU+MMhJGu+CKDk6LWACDRqMLSh
hVZ/NWeZycLIWoK6C/8A/IF+FUGh/PLwhOCrU9/IzmiyzL93V58z0nhzY/1hyFvk
hMS9ABqHJJQFrtbJkJ8C5YpK4RSp8BslU87gjSMx1PxiMi60d+TrkW/BiT1UMiQB
0Vwa+H+LR89qvDw3yOpH4IMhirmyRwmr1/jzThBjrbHeBPkNiinZDra6PM7oSk92
wutW4lzSdX6BZUU9X3BlWKn9yoa47jK3Vbfn1DlzTOg139olxzMkbIVC4Vxo5P/n
f0Rzt7o1FS6mtb6WOvQoQCXjQdg86oW5uyQM+JEOmsMjb8yGGPb09fI/2jLXAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUb3owBBu4lESomoXBXxc8UY2DX74wHwYDVR0j
BBgwFoAUBIr2Zb+LGGtwIgdZ0mxXj0C18+MwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODJhOWJmNWItMzljMS00MDUwLWIwNzMtNDgwNzViODYx
ZDg3LzAvMDQ4QUY2NjVCRjhCMTg2QjcwMjIwNzU5RDI2QzU3OEY0MEI1RjNFMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0JJcjJaYi1MR0d0d0lnZFowbXhYajBD
MTgtTS5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODJhOWJmNWIt
MzljMS00MDUwLWIwNzMtNDgwNzViODYxZDg3LzAvMzMzMTJlMzYyZTM3MmUzMDJm
MzIzNDJkMzIzNDIwM2QzZTIwMzIzMTMwMzUzMzM1LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHwYHMA0G
CSqGSIb3DQEBCwUAA4IBAQAmkMIc4wfSgA4JEMEgNdV2IYUtvh/ylJaWYo4zlIx+
qizDPlcBl6mWVubzYYFtndYkbGPlA4GH1QzfOkHzupTt02u47zVNO8BEZ6NjLpLx
TKaEam8xbSAdsjPZQoAf2j66voLzECbbHpXNjwsjDBp+KHBaQ038kkc+Xa09aPHQ
GKzZe7YdagHFzFoxpcoRu/HFa+PkMyblhu/JLsFMOlC+IwziiB9+0AGgmlN0MKNN
xsjp9OtZh5Oa0vRq7rm3+vcknzaQiAEEdCi9rCeScdqTPzbvdTUj6psXX5hgNgB5
nJIYRDtLhgP7kqNBJEx/N+Gg9d/fVDOwW2MEasIjW0sT
-----END CERTIFICATE-----
Generated at Mon Mar 2 10:35:05 2026 by rpki-client