Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/33312e32322e3130352e302f32342d3234203d3e20323030383539.roa
File: 33312e32322e3130352e302f32342d3234203d3e20323030383539.roa (raw, json)
Hash identifier: nw9YLvM7zXyP2kzR5sTyAuZwaZ0QV0qAmB4zg2Dg+gg=
Subject key identifier: DA:5E:6A:C3:7C:C9:3D:CD:8D:5E:AD:22:7F:BB:9A:32:8F:09:2C:CD
Certificate issuer: /CN=c770f43358b97ba0aa9bdc62bbd511e90aeab29d
Certificate serial: 515359C0C5616FA6C6F2BBF24052B757092FDE7F
Authority key identifier: C7:70:F4:33:58:B9:7B:A0:AA:9B:DC:62:BB:D5:11:E9:0A:EA:B2:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x3D0M1i5e6Cqm9xiu9UR6Qrqsp0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/33312e32322e3130352e302f32342d3234203d3e20323030383539.roa
Signing time: Thu 26 Feb 2026 17:24:53 +0000
ROA not before: Thu 26 Feb 2026 17:19:53 +0000
ROA not after: Thu 25 Feb 2027 17:24:53 +0000
asID: 200859
IP address blocks: 31.22.105.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/C770F43358B97BA0AA9BDC62BBD511E90AEAB29D.crl
rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/C770F43358B97BA0AA9BDC62BBD511E90AEAB29D.mft
rsync://rpki.ripe.net/repository/DEFAULT/x3D0M1i5e6Cqm9xiu9UR6Qrqsp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 16:02:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:53:59:c0:c5:61:6f:a6:c6:f2:bb:f2:40:52:b7:57:09:2f:de:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c770f43358b97ba0aa9bdc62bbd511e90aeab29d
Validity
Not Before: Feb 26 17:19:53 2026 GMT
Not After : Feb 25 17:24:53 2027 GMT
Subject: CN=DA5E6AC37CC93DCD8D5EAD227FBB9A328F092CCD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:41:e6:01:b5:58:4c:0e:84:32:c8:1a:16:92:
3e:ec:cd:55:71:6b:39:05:9a:ca:e0:33:7c:bc:ac:
e7:ab:81:30:32:5b:94:f9:f0:47:66:7b:0a:f7:a7:
9b:95:c8:18:06:71:53:2b:f1:f1:02:ef:c3:c8:ae:
b5:ae:38:96:36:a7:49:aa:8c:15:c3:df:78:49:80:
79:a2:00:c2:da:24:17:0e:dc:24:72:16:3c:2e:cb:
6d:4b:33:14:8b:58:72:79:e5:46:c8:9d:35:e1:b9:
c1:cd:61:fc:a0:ee:a8:94:e0:6a:4f:69:7c:17:2f:
97:e2:05:c5:2b:aa:cb:d0:a4:63:8c:90:39:45:d3:
a7:53:cf:0a:03:6a:6b:38:98:4d:c4:3f:6f:14:af:
7f:13:00:4b:c0:3c:22:1a:02:f9:0d:a8:62:5b:61:
6c:12:31:b0:b7:11:90:37:a6:f3:28:f7:64:7a:cf:
79:95:2e:a9:6a:b2:45:fe:d1:f2:1d:cd:61:d5:d8:
68:21:f0:92:57:24:57:9a:50:c6:78:8c:39:21:70:
a4:e4:76:ea:e8:d9:a1:70:7c:81:d5:f5:2e:e0:e3:
e5:5e:ef:f5:67:13:a9:99:8b:ff:54:00:6f:13:15:
6a:15:62:96:34:74:da:49:f5:c1:ca:e8:70:3c:c8:
c9:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:5E:6A:C3:7C:C9:3D:CD:8D:5E:AD:22:7F:BB:9A:32:8F:09:2C:CD
X509v3 Authority Key Identifier:
keyid:C7:70:F4:33:58:B9:7B:A0:AA:9B:DC:62:BB:D5:11:E9:0A:EA:B2:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/C770F43358B97BA0AA9BDC62BBD511E90AEAB29D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x3D0M1i5e6Cqm9xiu9UR6Qrqsp0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/33312e32322e3130352e302f32342d3234203d3e20323030383539.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.22.105.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:4d:fc:a4:09:e1:f7:02:3e:5f:38:45:1c:19:f7:7e:c4:84:
ff:5b:91:0a:aa:38:f0:3b:5e:d4:32:d2:2d:ed:a8:85:c0:bb:
ed:46:96:38:13:58:9e:ff:bb:1c:d3:a5:99:e2:20:5b:fd:01:
19:c1:63:79:8c:5d:f3:18:21:a2:f8:d0:2c:d6:b8:34:8b:58:
0e:5a:d9:18:b4:e4:99:cf:77:10:91:80:7e:af:a8:27:67:e9:
d2:25:7c:e5:6c:ad:02:20:e1:29:24:b7:f1:8f:ad:fa:a6:b4:
b1:cd:cd:7a:96:24:24:6e:a4:3b:f6:3f:82:62:f5:a6:80:b8:
f1:db:2f:2b:1e:95:fd:40:d0:7d:5b:a9:24:d0:28:b9:da:3e:
45:2a:60:9b:b4:fb:37:c0:2e:b2:15:02:c7:40:ef:be:c2:3a:
1c:90:45:d8:b3:56:8f:91:83:44:21:64:bc:45:9d:32:ca:47:
36:16:97:55:14:74:4e:f5:00:7f:98:25:5b:49:47:02:d1:09:
8a:35:93:fd:f8:d5:02:81:1e:91:62:4e:f9:04:8c:88:18:ae:
95:f9:e3:26:1a:d8:6a:ea:f1:c6:72:70:00:07:8e:18:56:67:
b8:17:96:07:85:4c:ed:09:70:58:df:8e:e1:5e:91:c7:d3:e2:
24:67:77:81
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUUVNZwMVhb6bG8rvyQFK3Vwkv3n8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzc3MGY0MzM1OGI5N2JhMGFhOWJkYzYyYmJkNTExZTkw
YWVhYjI5ZDAeFw0yNjAyMjYxNzE5NTNaFw0yNzAyMjUxNzI0NTNaMDMxMTAvBgNV
BAMTKERBNUU2QUMzN0NDOTNEQ0Q4RDVFQUQyMjdGQkI5QTMyOEYwOTJDQ0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMQeYBtVhMDoQyyBoWkj7szVVx
azkFmsrgM3y8rOergTAyW5T58Edmewr3p5uVyBgGcVMr8fEC78PIrrWuOJY2p0mq
jBXD33hJgHmiAMLaJBcO3CRyFjwuy21LMxSLWHJ55UbInTXhucHNYfyg7qiU4GpP
aXwXL5fiBcUrqsvQpGOMkDlF06dTzwoDams4mE3EP28Ur38TAEvAPCIaAvkNqGJb
YWwSMbC3EZA3pvMo92R6z3mVLqlqskX+0fIdzWHV2Ggh8JJXJFeaUMZ4jDkhcKTk
duro2aFwfIHV9S7g4+Ve7/VnE6mZi/9UAG8TFWoVYpY0dNpJ9cHK6HA8yMnxAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU2l5qw3zJPc2NXq0if7uaMo8JLM0wHwYDVR0j
BBgwFoAUx3D0M1i5e6Cqm9xiu9UR6Qrqsp0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZWFmZWJkYjQtNmYwYi00MDRiLTk4ZTItYTI2YmU5NGE2
NjIwLzAvQzc3MEY0MzM1OEI5N0JBMEFBOUJEQzYyQkJENTExRTkwQUVBQjI5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3gzRDBNMWk1ZTZDcW05eGl1OVVSNlFy
cXNwMC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZWFmZWJkYjQt
NmYwYi00MDRiLTk4ZTItYTI2YmU5NGE2NjIwLzAvMzMzMTJlMzIzMjJlMzEzMDM1
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDMwMzgzNTM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
HxZpMA0GCSqGSIb3DQEBCwUAA4IBAQB7TfykCeH3Aj5fOEUcGfd+xIT/W5EKqjjw
O17UMtIt7aiFwLvtRpY4E1ie/7sc06WZ4iBb/QEZwWN5jF3zGCGi+NAs1rg0i1gO
WtkYtOSZz3cQkYB+r6gnZ+nSJXzlbK0CIOEpJLfxj636prSxzc16liQkbqQ79j+C
YvWmgLjx2y8rHpX9QNB9W6kk0Ci52j5FKmCbtPs3wC6yFQLHQO++wjockEXYs1aP
kYNEIWS8RZ0yykc2FpdVFHRO9QB/mCVbSUcC0QmKNZP9+NUCgR6RYk75BIyIGK6V
+eMmGthq6vHGcnAAB44YVme4F5YHhUztCXBY347hXpHH0+IkZ3eB
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:37:16 2026 by rpki-client