Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e37352e302f32342d3234203d3e203231383430.roa
File: 3231332e3133392e37352e302f32342d3234203d3e203231383430.roa (raw, json)
Hash identifier: v250iXtra+Z/KKJJC+rUD3hpGZMyGlwjTm5LLjqKRQ4=
Subject key identifier: 8F:73:26:38:92:96:F7:C1:C1:22:A2:71:C1:1C:D6:35:DA:DE:B7:5E
Certificate issuer: /CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Certificate serial: 20A0299E6C9CE09285E74F488581B012045A9FFF
Authority key identifier: B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e37352e302f32342d3234203d3e203231383430.roa
Signing time: Tue 24 Feb 2026 10:25:14 +0000
ROA not before: Tue 24 Feb 2026 10:20:14 +0000
ROA not after: Tue 23 Feb 2027 10:25:14 +0000
asID: 21840
IP address blocks: 213.139.75.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.mft
rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:a0:29:9e:6c:9c:e0:92:85:e7:4f:48:85:81:b0:12:04:5a:9f:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Validity
Not Before: Feb 24 10:20:14 2026 GMT
Not After : Feb 23 10:25:14 2027 GMT
Subject: CN=8F7326389296F7C1C122A271C11CD635DADEB75E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:d1:6f:e9:65:1c:e4:76:43:a9:c0:4e:0c:f6:
89:7b:10:4c:4f:ad:b6:f8:cd:5c:0f:cf:55:17:4b:
df:f9:6e:77:59:4f:31:1e:2e:6c:ff:8f:d8:ef:9c:
f7:ca:f5:cd:01:ca:48:97:47:2e:1c:77:0f:8e:fe:
f2:a1:6e:92:a8:19:b3:7e:ef:1b:25:20:90:6e:62:
14:0a:83:10:12:26:29:53:43:3d:51:4c:0b:54:17:
e2:54:70:bd:b5:e4:00:bd:5f:95:73:ba:de:66:7d:
51:7c:67:73:6a:02:e5:5a:bc:d8:b3:fc:19:54:1a:
35:56:c9:6b:95:c9:3b:4e:52:8c:98:14:17:f8:f1:
2b:e4:f0:a3:e6:c0:c3:c8:af:10:ce:87:11:33:69:
54:d1:70:e3:94:c3:fa:43:13:0b:2c:db:55:03:10:
39:09:06:88:03:fb:83:44:e6:59:3d:09:5e:04:9d:
8d:4d:18:51:2c:95:7a:95:74:4f:9b:1a:ca:08:82:
89:40:cc:48:a1:6c:14:98:d1:5d:4d:39:e5:51:24:
79:fa:ba:78:0f:92:43:8d:84:f6:a2:99:f1:c1:d4:
94:e3:d1:a9:bd:c4:a4:83:26:6b:a2:80:a4:14:8f:
e4:3d:ae:d8:51:6a:82:93:3c:e0:d5:8c:3a:e9:b1:
17:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:73:26:38:92:96:F7:C1:C1:22:A2:71:C1:1C:D6:35:DA:DE:B7:5E
X509v3 Authority Key Identifier:
keyid:B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e37352e302f32342d3234203d3e203231383430.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.139.75.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:77:2f:58:ff:4d:47:42:d5:79:c3:61:89:d2:8b:4e:b0:2d:
c1:ac:69:a8:87:53:d7:bd:88:f9:62:03:42:42:07:f8:a4:58:
aa:8a:6c:97:6c:e1:9c:4d:52:aa:f9:6e:f6:0d:5c:b3:03:60:
60:b3:0a:37:44:af:53:e9:2f:e0:71:fe:f0:7e:cb:d3:b0:a6:
65:b9:80:c6:08:dd:00:b4:ee:dd:b9:e5:d2:c5:ec:8a:ee:4c:
65:ca:f7:d1:bd:e3:21:b6:8a:61:f4:df:6d:95:f7:52:ab:76:
c0:97:5c:4c:23:05:4f:58:c6:66:f9:54:45:c0:30:fa:04:90:
05:d1:c1:eb:4d:64:ee:3c:70:c9:d2:ae:c9:64:f6:ba:04:8f:
9d:58:7b:4a:1d:c3:6a:bb:37:48:05:41:16:16:0e:eb:96:5a:
aa:f7:e5:8b:26:30:77:1f:92:be:63:9d:2f:a2:db:24:4a:08:
56:66:76:09:46:28:bf:54:43:79:cd:cd:f6:41:ef:cb:f7:7d:
df:cf:55:5f:6b:83:6d:6d:26:2d:ff:4f:3f:8f:6a:26:dd:32:
fb:b6:8a:bc:f5:0b:93:b9:d3:23:00:d7:a1:f8:75:23:2d:de:
a2:5f:b5:34:64:8e:01:22:15:cd:ae:e4:01:4d:7c:13:22:44:
83:76:35:59
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUIKApnmyc4JKF509IhYGwEgRan/8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjY4M2YyZWI1MGM1OTk5YTc3NDU2ZTg4MjY4MzE2MDlk
NDhjN2QzZTAeFw0yNjAyMjQxMDIwMTRaFw0yNzAyMjMxMDI1MTRaMDMxMTAvBgNV
BAMTKDhGNzMyNjM4OTI5NkY3QzFDMTIyQTI3MUMxMUNENjM1REFERUI3NUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC30W/pZRzkdkOpwE4M9ol7EExP
rbb4zVwPz1UXS9/5bndZTzEeLmz/j9jvnPfK9c0BykiXRy4cdw+O/vKhbpKoGbN+
7xslIJBuYhQKgxASJilTQz1RTAtUF+JUcL215AC9X5Vzut5mfVF8Z3NqAuVavNiz
/BlUGjVWyWuVyTtOUoyYFBf48Svk8KPmwMPIrxDOhxEzaVTRcOOUw/pDEwss21UD
EDkJBogD+4NE5lk9CV4EnY1NGFEslXqVdE+bGsoIgolAzEihbBSY0V1NOeVRJHn6
ungPkkONhPaimfHB1JTj0am9xKSDJmuigKQUj+Q9rthRaoKTPODVjDrpsRcNAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUj3MmOJKW98HBIqJxwRzWNdret14wHwYDVR0j
BBgwFoAUtoPy61DFmZp3RW6IJoMWCdSMfT4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmItYjY2MC00ODlkLTllOWYtOTQwMmU5ZTJj
MmUyLzAvQjY4M0YyRUI1MEM1OTk5QTc3NDU2RTg4MjY4MzE2MDlENDhDN0QzRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3RvUHk2MURGbVpwM1JXNklKb01XQ2RT
TWZUNC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmIt
YjY2MC00ODlkLTllOWYtOTQwMmU5ZTJjMmUyLzAvMzIzMTMzMmUzMTMzMzkyZTM3
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzgzNDMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
1YtLMA0GCSqGSIb3DQEBCwUAA4IBAQAudy9Y/01HQtV5w2GJ0otOsC3BrGmoh1PX
vYj5YgNCQgf4pFiqimyXbOGcTVKq+W72DVyzA2Bgswo3RK9T6S/gcf7wfsvTsKZl
uYDGCN0AtO7dueXSxeyK7kxlyvfRveMhtoph9N9tlfdSq3bAl1xMIwVPWMZm+VRF
wDD6BJAF0cHrTWTuPHDJ0q7JZPa6BI+dWHtKHcNquzdIBUEWFg7rllqq9+WLJjB3
H5K+Y50votskSghWZnYJRii/VEN5zc32Qe/L933fz1Vfa4NtbSYt/08/j2om3TL7
toq89QuTudMjANeh+HUjLd6iX7U0ZI4BIhXNruQBTXwTIkSDdjVZ
-----END CERTIFICATE-----
Generated at Mon Mar 2 00:02:12 2026 by rpki-client