Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e39322e302f32342d3234203d3e203231383430.roa
File: 3231332e3133392e39322e302f32342d3234203d3e203231383430.roa (raw, json)
Hash identifier: sqhbyT+UoS/rAzKFNkGazDeXTVoOM4SKBvQPudGRR/c=
Subject key identifier: DF:8B:05:8D:D2:C1:97:64:F2:4D:D7:42:0D:2B:9D:4D:F7:54:30:FD
Certificate issuer: /CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Certificate serial: 585CC64EFAD64AEE651B92690C9316E89CCD2762
Authority key identifier: B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e39322e302f32342d3234203d3e203231383430.roa
Signing time: Tue 03 Feb 2026 04:24:45 +0000
ROA not before: Tue 03 Feb 2026 04:19:45 +0000
ROA not after: Tue 02 Feb 2027 04:24:45 +0000
asID: 21840
IP address blocks: 213.139.92.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.mft
rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:5c:c6:4e:fa:d6:4a:ee:65:1b:92:69:0c:93:16:e8:9c:cd:27:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Validity
Not Before: Feb 3 04:19:45 2026 GMT
Not After : Feb 2 04:24:45 2027 GMT
Subject: CN=DF8B058DD2C19764F24DD7420D2B9D4DF75430FD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:24:2b:8c:af:8c:b5:21:0d:4c:27:88:c6:c0:
83:c0:83:85:3e:21:fb:dc:dc:5d:cc:62:c7:59:69:
26:eb:1b:63:7e:ba:3f:69:ce:58:e8:01:3c:7e:2d:
3e:84:b3:0e:74:02:69:1a:f8:d0:1a:58:74:d7:30:
31:04:2e:0c:45:4e:77:53:1d:a3:21:b3:0f:f3:ab:
dd:4b:21:b9:50:46:e7:ad:45:38:ae:25:3c:6e:f6:
43:2f:cc:4a:f4:65:d9:6f:64:40:4a:fc:38:93:f5:
8f:71:1c:71:ae:85:67:c9:e8:09:e9:8a:68:0e:74:
65:23:8c:4e:f5:9c:26:84:c1:93:28:ba:31:33:08:
d6:3e:7b:9b:28:4a:43:fe:77:7e:73:5d:5f:5f:9d:
71:eb:6b:f4:67:db:7e:75:02:3f:30:33:08:a8:42:
c6:b1:fd:17:c3:29:be:3a:e6:ae:96:e2:48:3a:42:
39:a6:23:74:ad:14:8e:75:de:d3:e8:ff:93:11:b7:
97:88:25:1d:eb:28:ce:98:8e:4b:1d:08:b2:02:33:
8e:e9:6d:23:cc:60:3b:9d:58:2a:2a:ac:6c:30:db:
73:60:73:3e:23:8f:4e:95:a0:14:5c:41:d0:0f:e4:
f9:de:d0:06:b7:56:83:06:80:a3:e5:ce:4d:ce:f4:
f5:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:8B:05:8D:D2:C1:97:64:F2:4D:D7:42:0D:2B:9D:4D:F7:54:30:FD
X509v3 Authority Key Identifier:
keyid:B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e39322e302f32342d3234203d3e203231383430.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.139.92.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:c2:1b:96:c7:ae:ed:f1:7b:6c:01:fe:2f:fc:06:df:98:ea:
8c:56:ac:bc:8a:ec:83:71:41:1b:a6:b3:fd:42:95:76:9f:37:
9f:45:8b:4b:47:78:1d:91:4c:d9:01:30:c5:bd:c5:b8:4b:fa:
58:e7:d1:91:06:30:68:28:da:0c:f8:7b:12:70:69:a9:06:28:
61:96:ac:12:93:9c:c6:9d:94:09:32:8a:21:44:0f:ae:d2:cf:
37:0a:da:11:d1:db:16:04:33:2f:73:e2:ad:85:83:51:13:71:
d1:29:1f:f3:ca:99:28:90:68:a7:01:1f:f5:da:56:06:86:00:
4f:10:93:08:ab:a8:ab:79:16:17:4a:88:a7:a3:5e:c4:2f:a7:
5f:38:5a:28:f4:57:e3:6d:d8:e6:9d:3d:72:93:8f:aa:d4:23:
2c:bc:2b:c5:d4:be:9c:f0:37:45:fd:32:6a:85:dd:b4:89:23:
84:0b:b4:34:a7:94:ae:04:62:2d:d6:0f:5e:ed:a5:05:95:1c:
bf:af:a6:43:4a:8d:0a:39:ec:6d:33:bd:37:94:72:fa:11:30:
b8:fd:3a:92:e5:f1:32:fe:84:0e:be:7b:25:95:d9:fd:4e:3b:
9e:91:b4:89:a2:7b:f5:37:f0:05:35:66:7a:84:ee:ad:e9:78:
58:57:f8:3f
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUWFzGTvrWSu5lG5JpDJMW6JzNJ2IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjY4M2YyZWI1MGM1OTk5YTc3NDU2ZTg4MjY4MzE2MDlk
NDhjN2QzZTAeFw0yNjAyMDMwNDE5NDVaFw0yNzAyMDIwNDI0NDVaMDMxMTAvBgNV
BAMTKERGOEIwNThERDJDMTk3NjRGMjRERDc0MjBEMkI5RDRERjc1NDMwRkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDeJCuMr4y1IQ1MJ4jGwIPAg4U+
Ifvc3F3MYsdZaSbrG2N+uj9pzljoATx+LT6Esw50Amka+NAaWHTXMDEELgxFTndT
HaMhsw/zq91LIblQRuetRTiuJTxu9kMvzEr0ZdlvZEBK/DiT9Y9xHHGuhWfJ6Anp
imgOdGUjjE71nCaEwZMoujEzCNY+e5soSkP+d35zXV9fnXHra/Rn2351Aj8wMwio
Qsax/RfDKb465q6W4kg6QjmmI3StFI513tPo/5MRt5eIJR3rKM6YjksdCLICM47p
bSPMYDudWCoqrGww23Ngcz4jj06VoBRcQdAP5Pne0Aa3VoMGgKPlzk3O9PVjAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU34sFjdLBl2TyTddCDSudTfdUMP0wHwYDVR0j
BBgwFoAUtoPy61DFmZp3RW6IJoMWCdSMfT4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmItYjY2MC00ODlkLTllOWYtOTQwMmU5ZTJj
MmUyLzAvQjY4M0YyRUI1MEM1OTk5QTc3NDU2RTg4MjY4MzE2MDlENDhDN0QzRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3RvUHk2MURGbVpwM1JXNklKb01XQ2RT
TWZUNC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmIt
YjY2MC00ODlkLTllOWYtOTQwMmU5ZTJjMmUyLzAvMzIzMTMzMmUzMTMzMzkyZTM5
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzgzNDMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
1YtcMA0GCSqGSIb3DQEBCwUAA4IBAQAfwhuWx67t8XtsAf4v/AbfmOqMVqy8iuyD
cUEbprP9QpV2nzefRYtLR3gdkUzZATDFvcW4S/pY59GRBjBoKNoM+HsScGmpBihh
lqwSk5zGnZQJMoohRA+u0s83CtoR0dsWBDMvc+KthYNRE3HRKR/zypkokGinAR/1
2lYGhgBPEJMIq6ireRYXSoino17EL6dfOFoo9FfjbdjmnT1yk4+q1CMsvCvF1L6c
8DdF/TJqhd20iSOEC7Q0p5SuBGIt1g9e7aUFlRy/r6ZDSo0KOextM703lHL6ETC4
/TqS5fEy/oQOvnslldn9TjuekbSJonv1N/AFNWZ6hO6t6XhYV/g/
-----END CERTIFICATE-----
Generated at Sun Mar 1 22:15:38 2026 by rpki-client