Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e36352e302f32342d3234203d3e203331373135.roa
File: 3231332e3133392e36352e302f32342d3234203d3e203331373135.roa (raw, json)
Hash identifier: DLaV1sFNoIrmOFdG/w3fReS7aY1M4x1P7DARyXDc6LA=
Subject key identifier: 8F:62:24:E4:C1:C2:9A:C9:6A:13:DF:1E:DD:C1:AA:78:4F:88:9D:9B
Certificate issuer: /CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Certificate serial: 05DBDC46C86C5DCCFEC34A8053DCB7BB785397E7
Authority key identifier: B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e36352e302f32342d3234203d3e203331373135.roa
Signing time: Tue 24 Feb 2026 10:24:35 +0000
ROA not before: Tue 24 Feb 2026 10:19:35 +0000
ROA not after: Tue 23 Feb 2027 10:24:35 +0000
asID: 31715
IP address blocks: 213.139.65.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.mft
rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:db:dc:46:c8:6c:5d:cc:fe:c3:4a:80:53:dc:b7:bb:78:53:97:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Validity
Not Before: Feb 24 10:19:35 2026 GMT
Not After : Feb 23 10:24:35 2027 GMT
Subject: CN=8F6224E4C1C29AC96A13DF1EDDC1AA784F889D9B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:a7:0c:9f:a8:43:eb:07:8e:39:ca:c4:50:31:
5a:2e:38:09:11:a8:cc:4e:b5:f4:2a:d1:3e:92:21:
ff:4c:12:9b:ff:53:6f:e5:09:8d:08:c4:0f:f6:8e:
72:af:1c:02:b0:53:6d:d8:3d:2e:12:69:38:aa:d4:
fe:8f:76:39:f0:c0:16:e8:29:7d:1b:69:fa:9a:4f:
6a:ce:cc:21:06:84:71:b4:1d:2f:cd:b6:81:e5:af:
e5:db:44:b2:9a:8b:15:39:02:01:5a:41:d6:fa:cf:
6c:11:05:d3:bb:9b:5f:d6:c3:0e:50:17:20:f1:80:
9d:b0:50:34:b1:20:4c:0d:30:3b:2a:80:24:76:0d:
81:7c:70:74:57:6e:f5:cc:f3:3f:b9:31:de:3b:eb:
3e:1d:f8:c8:cd:35:a1:bd:48:9d:bf:e7:b3:a8:3d:
96:8e:f8:77:38:96:a8:7a:fc:f7:33:f5:4e:00:6a:
bd:e8:90:26:84:95:72:2c:06:1b:16:96:37:94:fa:
3c:0b:13:a0:af:d8:eb:56:99:21:e0:39:90:15:42:
52:2a:3f:46:40:40:63:00:6a:42:7f:d9:13:f0:1e:
75:89:b3:11:f3:9d:21:8e:26:f1:82:89:47:6c:00:
00:40:99:11:fd:47:cf:d7:a1:dd:93:31:3a:83:9e:
17:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:62:24:E4:C1:C2:9A:C9:6A:13:DF:1E:DD:C1:AA:78:4F:88:9D:9B
X509v3 Authority Key Identifier:
keyid:B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e36352e302f32342d3234203d3e203331373135.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.139.65.0/24
Signature Algorithm: sha256WithRSAEncryption
80:72:d4:58:9c:7d:84:5c:4e:a3:6d:3c:b5:68:dc:8b:77:8c:
2f:c3:44:1f:76:c5:a9:8e:b5:a3:7c:21:21:00:2c:b1:f3:e3:
64:f1:44:69:fb:6d:c6:b7:fa:35:62:33:35:f5:31:19:66:a7:
e2:69:3e:ad:18:cf:55:c9:90:fc:c5:7d:b1:c3:10:12:76:da:
da:57:25:3b:43:f4:d2:37:61:45:8b:32:4f:95:04:b9:42:14:
9f:4a:1c:f0:f2:86:c5:b0:3f:ac:8d:f7:6a:53:bd:1d:bf:cb:
89:ca:77:e9:99:81:d2:e2:28:55:02:b3:58:34:0c:ab:7c:d7:
4e:de:c5:d5:95:67:8a:fb:cc:58:96:52:f5:ce:a1:0e:4d:97:
1a:38:25:06:f5:a4:e5:a8:b7:bf:80:f7:d1:38:73:40:62:6c:
4c:28:0b:33:de:7e:16:49:bd:be:47:0f:a2:78:d1:3e:5f:11:
fa:57:57:3c:73:4e:d4:bf:b9:f5:38:0f:01:70:e5:0c:c7:63:
ba:f3:c4:8f:8d:61:39:ff:bf:3e:aa:1e:aa:9a:4a:69:e6:70:
6d:39:ca:4e:3b:f3:bf:5e:5b:a2:8b:b4:e0:64:e8:c1:2a:32:
4a:ed:d9:d6:18:3f:9f:95:91:5d:31:4e:5c:75:15:1c:e8:74:
20:fc:7d:6d
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUBdvcRshsXcz+w0qAU9y3u3hTl+cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjY4M2YyZWI1MGM1OTk5YTc3NDU2ZTg4MjY4MzE2MDlk
NDhjN2QzZTAeFw0yNjAyMjQxMDE5MzVaFw0yNzAyMjMxMDI0MzVaMDMxMTAvBgNV
BAMTKDhGNjIyNEU0QzFDMjlBQzk2QTEzREYxRUREQzFBQTc4NEY4ODlEOUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDopwyfqEPrB445ysRQMVouOAkR
qMxOtfQq0T6SIf9MEpv/U2/lCY0IxA/2jnKvHAKwU23YPS4SaTiq1P6PdjnwwBbo
KX0bafqaT2rOzCEGhHG0HS/NtoHlr+XbRLKaixU5AgFaQdb6z2wRBdO7m1/Www5Q
FyDxgJ2wUDSxIEwNMDsqgCR2DYF8cHRXbvXM8z+5Md476z4d+MjNNaG9SJ2/57Oo
PZaO+Hc4lqh6/Pcz9U4Aar3okCaElXIsBhsWljeU+jwLE6Cv2OtWmSHgOZAVQlIq
P0ZAQGMAakJ/2RPwHnWJsxHznSGOJvGCiUdsAABAmRH9R8/Xod2TMTqDnhdjAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUj2Ik5MHCmslqE98e3cGqeE+InZswHwYDVR0j
BBgwFoAUtoPy61DFmZp3RW6IJoMWCdSMfT4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmItYjY2MC00ODlkLTllOWYtOTQwMmU5ZTJj
MmUyLzAvQjY4M0YyRUI1MEM1OTk5QTc3NDU2RTg4MjY4MzE2MDlENDhDN0QzRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3RvUHk2MURGbVpwM1JXNklKb01XQ2RT
TWZUNC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmIt
YjY2MC00ODlkLTllOWYtOTQwMmU5ZTJjMmUyLzAvMzIzMTMzMmUzMTMzMzkyZTM2
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMzMxMzczMTM1LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
1YtBMA0GCSqGSIb3DQEBCwUAA4IBAQCActRYnH2EXE6jbTy1aNyLd4wvw0QfdsWp
jrWjfCEhACyx8+Nk8URp+23Gt/o1YjM19TEZZqfiaT6tGM9VyZD8xX2xwxASdtra
VyU7Q/TSN2FFizJPlQS5QhSfShzw8obFsD+sjfdqU70dv8uJynfpmYHS4ihVArNY
NAyrfNdO3sXVlWeK+8xYllL1zqEOTZcaOCUG9aTlqLe/gPfROHNAYmxMKAsz3n4W
Sb2+Rw+ieNE+XxH6V1c8c07Uv7n1OA8BcOUMx2O688SPjWE5/78+qh6qmkpp5nBt
OcpOO/O/Xluii7TgZOjBKjJK7dnWGD+flZFdMU5cdRUc6HQg/H1t
-----END CERTIFICATE-----
Generated at Mon Mar 2 00:02:07 2026 by rpki-client