Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3231372e36352e37302e302f32342d3234203d3e20343032323637.roa
File: 3231372e36352e37302e302f32342d3234203d3e20343032323637.roa (raw, json)
Hash identifier: DAjNHkuazFVz933IPZPT3FMDe18m7fZE/xhbLqcA+MA=
Subject key identifier: F8:E1:25:F1:04:5C:2D:17:40:A4:1E:4D:E4:C9:C9:68:71:26:A0:9A
Certificate issuer: /CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Certificate serial: 741FF63E59FCB3C6785077F7407F5783923A628D
Authority key identifier: 7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3231372e36352e37302e302f32342d3234203d3e20343032323637.roa
Signing time: Tue 31 Mar 2026 11:01:17 +0000
ROA not before: Tue 31 Mar 2026 10:56:17 +0000
ROA not after: Tue 30 Mar 2027 11:01:17 +0000
asID: 402267
IP address blocks: 217.65.70.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.mft
rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 Apr 2026 22:49:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:1f:f6:3e:59:fc:b3:c6:78:50:77:f7:40:7f:57:83:92:3a:62:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Validity
Not Before: Mar 31 10:56:17 2026 GMT
Not After : Mar 30 11:01:17 2027 GMT
Subject: CN=F8E125F1045C2D1740A41E4DE4C9C9687126A09A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:85:24:53:3f:f3:41:8c:98:e4:74:16:62:74:
98:6d:51:34:68:58:2c:3b:11:af:0c:34:c9:d5:33:
05:00:e4:43:7f:22:36:66:64:90:4c:2c:c8:73:92:
0c:ed:5a:31:00:46:ca:78:e6:ad:d4:d9:44:4d:7e:
e6:15:05:38:bb:c0:3d:29:e3:7a:b4:f0:90:c3:50:
ff:e0:d6:de:09:9d:d5:b5:ff:70:27:0d:07:fa:07:
ff:6a:f9:14:a5:4b:54:ec:61:3d:cd:fb:66:b0:be:
78:2f:30:54:1d:59:0f:db:59:1b:5b:11:4f:25:da:
56:da:59:45:30:bf:8c:61:42:73:33:1a:60:f9:01:
e4:e4:74:50:3b:42:6f:83:84:dc:10:e0:33:82:56:
13:ef:30:12:bd:7e:54:e4:35:1a:ed:76:3e:bd:42:
4d:e4:34:7f:d7:c3:be:cf:1a:e2:a8:31:b7:b0:d7:
bd:f2:18:ab:f1:9d:9f:cb:36:09:7c:94:4f:dd:57:
6a:f2:c1:01:64:55:57:cf:09:8e:44:17:9b:09:41:
50:75:e0:99:5e:05:cc:d0:dc:87:d1:4b:14:9c:8a:
4f:51:3a:29:7f:b4:31:b8:4c:4b:fb:39:70:ae:c0:
a2:8d:8a:97:26:0a:f7:52:8c:44:fa:64:5e:fc:3c:
8c:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:E1:25:F1:04:5C:2D:17:40:A4:1E:4D:E4:C9:C9:68:71:26:A0:9A
X509v3 Authority Key Identifier:
keyid:7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3231372e36352e37302e302f32342d3234203d3e20343032323637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.65.70.0/24
Signature Algorithm: sha256WithRSAEncryption
41:7b:2a:74:7a:d0:b9:46:28:1b:05:7d:c2:e0:d6:42:28:46:
1c:c5:54:72:16:56:54:e8:ab:48:0c:69:03:dd:f8:36:72:76:
35:f5:40:db:75:0b:3e:48:31:4b:a3:2c:9c:b0:2c:e8:90:b7:
a3:0d:d2:4a:5a:6f:ea:ab:89:b0:b3:8c:de:f4:9d:fa:c8:ac:
2e:c9:55:43:69:e3:2f:aa:f1:ea:7d:96:12:a5:bb:27:de:ad:
ec:96:21:86:30:d5:e4:d1:ea:08:b9:33:45:4b:d0:26:27:e1:
9b:62:83:86:6e:f0:8b:37:25:5d:21:b1:72:4e:f7:4b:b4:c4:
1e:47:d7:52:46:a5:c1:e6:77:6a:d4:da:95:79:61:b0:af:fb:
dc:25:d0:b8:c3:34:e2:40:58:e6:01:ee:9f:1f:43:21:c7:9c:
74:81:3c:4c:ce:9f:ce:03:d7:b7:dd:31:f0:7e:96:ee:34:fc:
27:2c:32:f6:b6:b4:9e:a4:63:21:21:7a:d5:63:db:64:df:4b:
d9:cf:35:1c:62:ed:9a:8f:12:47:13:b9:97:38:36:4f:02:56:
2a:43:d2:ad:8a:ed:e9:98:f4:a1:c5:92:86:7f:d9:c9:f9:a0:
ca:a6:36:e5:6c:03:65:23:d6:b4:fa:13:a9:e8:94:8d:59:24:
e3:8f:02:ea
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUdB/2Pln8s8Z4UHf3QH9Xg5I6Yo0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2FkZjYzZTM3NWIwYjc4NTA4MWI1OTQ1YjFkMThkOWRl
ODZlMGVmYzAeFw0yNjAzMzExMDU2MTdaFw0yNzAzMzAxMTAxMTdaMDMxMTAvBgNV
BAMTKEY4RTEyNUYxMDQ1QzJEMTc0MEE0MUU0REU0QzlDOTY4NzEyNkEwOUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDzhSRTP/NBjJjkdBZidJhtUTRo
WCw7Ea8MNMnVMwUA5EN/IjZmZJBMLMhzkgztWjEARsp45q3U2URNfuYVBTi7wD0p
43q08JDDUP/g1t4JndW1/3AnDQf6B/9q+RSlS1TsYT3N+2awvngvMFQdWQ/bWRtb
EU8l2lbaWUUwv4xhQnMzGmD5AeTkdFA7Qm+DhNwQ4DOCVhPvMBK9flTkNRrtdj69
Qk3kNH/Xw77PGuKoMbew173yGKvxnZ/LNgl8lE/dV2rywQFkVVfPCY5EF5sJQVB1
4JleBczQ3IfRSxScik9ROil/tDG4TEv7OXCuwKKNipcmCvdSjET6ZF78PIxJAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU+OEl8QRcLRdApB5N5MnJaHEmoJowHwYDVR0j
BBgwFoAUet9j43Wwt4UIG1lFsdGNnehuDvwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQtOTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2Fi
MDAyLzAvN0FERjYzRTM3NUIwQjc4NTA4MUI1OTQ1QjFEMThEOURFODZFMEVGQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2V0OWo0M1d3dDRVSUcxbEZzZEdObmVo
dUR2dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQt
OTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2FiMDAyLzAvMzIzMTM3MmUzNjM1MmUzNzMw
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzQzMDMyMzIzNjM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
2UFGMA0GCSqGSIb3DQEBCwUAA4IBAQBBeyp0etC5RigbBX3C4NZCKEYcxVRyFlZU
6KtIDGkD3fg2cnY19UDbdQs+SDFLoyycsCzokLejDdJKWm/qq4mws4ze9J36yKwu
yVVDaeMvqvHqfZYSpbsn3q3sliGGMNXk0eoIuTNFS9AmJ+GbYoOGbvCLNyVdIbFy
TvdLtMQeR9dSRqXB5ndq1NqVeWGwr/vcJdC4wzTiQFjmAe6fH0Mhx5x0gTxMzp/O
A9e33THwfpbuNPwnLDL2trSepGMhIXrVY9tk30vZzzUcYu2ajxJHE7mXODZPAlYq
Q9Ktiu3pmPShxZKGf9nJ+aDKpjblbANlI9a0+hOp6JSNWSTjjwLq
-----END CERTIFICATE-----
Generated at Sun Apr 19 08:49:55 2026 by rpki-client