Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e38312e302f32342d3234203d3e203232343237.roa
File: 3231332e3133392e38312e302f32342d3234203d3e203232343237.roa (raw, json)
Hash identifier: 5OXqLHfaMz4oBWakF90MFYsUXM1IOnkArdNd9qqILtU=
Subject key identifier: 4B:45:1E:9D:B5:E0:05:DB:CD:97:EA:6E:75:00:16:BF:35:DE:C9:3E
Certificate issuer: /CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Certificate serial: 6CAB7335A5BD35F56FF3E719710DBEE2128F0E78
Authority key identifier: B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e38312e302f32342d3234203d3e203232343237.roa
Signing time: Tue 24 Feb 2026 10:26:18 +0000
ROA not before: Tue 24 Feb 2026 10:21:18 +0000
ROA not after: Tue 23 Feb 2027 10:26:18 +0000
asID: 22427
IP address blocks: 213.139.81.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.mft
rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 19:40:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:ab:73:35:a5:bd:35:f5:6f:f3:e7:19:71:0d:be:e2:12:8f:0e:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Validity
Not Before: Feb 24 10:21:18 2026 GMT
Not After : Feb 23 10:26:18 2027 GMT
Subject: CN=4B451E9DB5E005DBCD97EA6E750016BF35DEC93E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:40:65:23:fa:18:54:f2:d3:2a:e5:a9:47:25:
f8:68:6a:29:c4:1c:16:89:2e:5a:5b:33:12:2d:6e:
87:81:6f:7b:aa:bc:ca:a0:56:32:a4:fd:83:6c:44:
3b:34:d9:55:61:d4:22:63:3e:eb:2e:3a:7a:fa:d1:
85:90:93:a0:d0:ba:2e:42:87:17:eb:d0:6c:c7:ea:
79:44:50:25:ac:dd:55:1a:94:36:a2:15:1f:13:a1:
54:d5:d0:2f:38:b3:56:05:20:f2:96:1b:92:21:e6:
07:2b:8c:69:76:00:40:54:d5:ed:52:7f:fc:01:32:
7f:c7:e8:e4:b4:50:db:28:06:47:09:af:2d:e2:f5:
fe:a3:26:8d:cf:e2:64:ad:ca:12:a7:1b:24:74:62:
b8:4f:63:6f:59:61:ba:25:1c:04:f9:14:e8:49:97:
1a:1b:6b:50:90:a6:4c:f9:65:27:3a:67:83:43:cd:
95:2c:91:a1:5b:50:a2:88:fb:9d:ec:aa:e6:17:df:
fb:03:02:c5:25:b3:bf:0e:54:0a:85:80:48:ef:b2:
07:63:74:07:45:ab:8e:d3:da:f3:ac:9b:26:87:1d:
d8:3c:8f:97:06:e7:dc:af:55:6b:eb:77:88:f3:81:
04:5e:ea:f5:09:06:ac:ab:2c:59:eb:ef:ce:5c:93:
9f:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:45:1E:9D:B5:E0:05:DB:CD:97:EA:6E:75:00:16:BF:35:DE:C9:3E
X509v3 Authority Key Identifier:
keyid:B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e38312e302f32342d3234203d3e203232343237.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.139.81.0/24
Signature Algorithm: sha256WithRSAEncryption
98:f0:1b:af:50:91:47:7e:74:34:03:6f:dc:4c:16:26:14:89:
29:c9:f1:2d:1c:02:b8:d5:8d:f7:1b:a8:84:46:db:c7:7f:8b:
28:36:2b:9f:d5:09:cf:ec:26:65:6f:02:99:4f:1b:87:87:d4:
1f:9d:0e:2c:21:f2:46:d5:be:a4:8f:29:10:76:9d:83:60:c1:
93:0f:74:35:2d:eb:23:cc:ee:5d:cf:1d:43:b0:c8:3c:44:88:
f7:2d:ea:7a:59:3e:25:61:6a:14:bc:b6:67:47:67:da:2c:d4:
60:60:44:59:72:43:b2:1b:ce:01:90:06:dc:fc:f0:8c:92:ad:
45:dc:99:61:a3:a6:16:45:be:8e:a8:7f:9f:5c:b0:43:10:39:
60:28:f3:7e:f4:68:7f:b3:cf:c0:c2:f0:68:d9:14:25:aa:32:
0a:4e:7c:4f:6b:ff:8b:3a:6b:55:49:70:48:b2:75:a2:79:29:
90:98:34:b3:08:aa:5a:d2:dd:b0:e8:23:41:84:af:38:6d:60:
41:d8:f2:8c:15:27:5c:50:74:2f:38:d7:98:57:57:f3:8e:03:
75:12:61:0b:71:a4:1d:57:1b:64:e9:6d:0b:a4:69:57:e5:e5:
97:f1:f7:87:9b:f4:99:93:49:85:a2:8c:c6:1b:fe:9b:fd:f9:
c1:a3:42:ee
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUbKtzNaW9NfVv8+cZcQ2+4hKPDngwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjY4M2YyZWI1MGM1OTk5YTc3NDU2ZTg4MjY4MzE2MDlk
NDhjN2QzZTAeFw0yNjAyMjQxMDIxMThaFw0yNzAyMjMxMDI2MThaMDMxMTAvBgNV
BAMTKDRCNDUxRTlEQjVFMDA1REJDRDk3RUE2RTc1MDAxNkJGMzVERUM5M0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOQGUj+hhU8tMq5alHJfhoainE
HBaJLlpbMxItboeBb3uqvMqgVjKk/YNsRDs02VVh1CJjPusuOnr60YWQk6DQui5C
hxfr0GzH6nlEUCWs3VUalDaiFR8ToVTV0C84s1YFIPKWG5Ih5gcrjGl2AEBU1e1S
f/wBMn/H6OS0UNsoBkcJry3i9f6jJo3P4mStyhKnGyR0YrhPY29ZYbolHAT5FOhJ
lxoba1CQpkz5ZSc6Z4NDzZUskaFbUKKI+53squYX3/sDAsUls78OVAqFgEjvsgdj
dAdFq47T2vOsmyaHHdg8j5cG59yvVWvrd4jzgQRe6vUJBqyrLFnr785ck583AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUS0UenbXgBdvNl+pudQAWvzXeyT4wHwYDVR0j
BBgwFoAUtoPy61DFmZp3RW6IJoMWCdSMfT4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmItYjY2MC00ODlkLTllOWYtOTQwMmU5ZTJj
MmUyLzAvQjY4M0YyRUI1MEM1OTk5QTc3NDU2RTg4MjY4MzE2MDlENDhDN0QzRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3RvUHk2MURGbVpwM1JXNklKb01XQ2RT
TWZUNC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmIt
YjY2MC00ODlkLTllOWYtOTQwMmU5ZTJjMmUyLzAvMzIzMTMzMmUzMTMzMzkyZTM4
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMyMzQzMjM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
1YtRMA0GCSqGSIb3DQEBCwUAA4IBAQCY8BuvUJFHfnQ0A2/cTBYmFIkpyfEtHAK4
1Y33G6iERtvHf4soNiuf1QnP7CZlbwKZTxuHh9QfnQ4sIfJG1b6kjykQdp2DYMGT
D3Q1LesjzO5dzx1DsMg8RIj3Lep6WT4lYWoUvLZnR2faLNRgYERZckOyG84BkAbc
/PCMkq1F3Jlho6YWRb6OqH+fXLBDEDlgKPN+9Gh/s8/AwvBo2RQlqjIKTnxPa/+L
OmtVSXBIsnWieSmQmDSzCKpa0t2w6CNBhK84bWBB2PKMFSdcUHQvONeYV1fzjgN1
EmELcaQdVxtk6W0LpGlX5eWX8feHm/SZk0mFoozGG/6b/fnBo0Lu
-----END CERTIFICATE-----
Generated at Mon Mar 2 12:53:25 2026 by rpki-client