Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/33312e32322e3130372e302f32342d3234203d3e20333935343730.roa
File: 33312e32322e3130372e302f32342d3234203d3e20333935343730.roa (raw, json)
Hash identifier: pW3DU1f9F88CUcSRQA40az6AE2g6dkESCvpY8IyOEck=
Subject key identifier: 41:AC:99:C1:41:37:8F:8A:2F:BF:A8:47:C5:F5:2F:02:AC:0B:F1:3A
Certificate issuer: /CN=c770f43358b97ba0aa9bdc62bbd511e90aeab29d
Certificate serial: 78C1C6284B941CD99235B9DC34EECA51B4BA1CD0
Authority key identifier: C7:70:F4:33:58:B9:7B:A0:AA:9B:DC:62:BB:D5:11:E9:0A:EA:B2:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x3D0M1i5e6Cqm9xiu9UR6Qrqsp0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/33312e32322e3130372e302f32342d3234203d3e20333935343730.roa
Signing time: Mon 13 Apr 2026 08:56:19 +0000
ROA not before: Mon 13 Apr 2026 08:51:19 +0000
ROA not after: Mon 12 Apr 2027 08:56:19 +0000
asID: 395470
IP address blocks: 31.22.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/C770F43358B97BA0AA9BDC62BBD511E90AEAB29D.crl
rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/C770F43358B97BA0AA9BDC62BBD511E90AEAB29D.mft
rsync://rpki.ripe.net/repository/DEFAULT/x3D0M1i5e6Cqm9xiu9UR6Qrqsp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 06:57:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:c1:c6:28:4b:94:1c:d9:92:35:b9:dc:34:ee:ca:51:b4:ba:1c:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c770f43358b97ba0aa9bdc62bbd511e90aeab29d
Validity
Not Before: Apr 13 08:51:19 2026 GMT
Not After : Apr 12 08:56:19 2027 GMT
Subject: CN=41AC99C141378F8A2FBFA847C5F52F02AC0BF13A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:8f:c0:d9:bd:ba:4f:5b:0d:55:9a:e2:9c:09:
6f:16:6c:f1:fa:01:48:5c:12:14:03:fe:e4:6e:8b:
44:b0:ab:ae:71:89:4e:3d:b6:22:b5:ea:3e:6b:2e:
dc:e0:cb:42:20:64:96:67:16:b6:86:b8:fe:de:5f:
30:70:38:c8:e2:99:05:25:06:67:63:f6:70:ea:50:
b2:f7:7b:79:2c:f7:a2:1e:92:45:18:e6:28:3b:37:
52:d4:5e:75:35:3f:9b:93:be:ca:23:be:3f:14:cd:
fc:a5:07:57:3e:29:db:23:50:8b:75:59:3d:9b:5c:
8e:4e:ab:3c:13:90:5a:47:73:94:2c:f3:61:df:7a:
b3:4f:8c:90:47:a4:b8:24:21:af:62:44:3e:d4:43:
5e:c5:5a:9a:8f:58:38:e4:a2:bd:b8:a1:12:b7:0b:
05:8e:22:69:19:15:f6:4c:7e:f4:27:15:ac:a9:df:
47:a2:27:2a:7b:64:51:51:a2:01:3c:c7:d0:81:59:
14:35:3f:e0:ae:fe:4a:e4:87:d1:62:e7:5d:0d:54:
b6:1b:07:06:58:14:71:1c:f3:99:dd:c4:0b:99:94:
ee:70:81:b1:e0:d4:cc:dc:c6:74:c1:3c:c7:2b:e8:
2a:c7:88:0f:c1:8c:9d:e0:68:d5:1e:f1:26:c6:ca:
83:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:AC:99:C1:41:37:8F:8A:2F:BF:A8:47:C5:F5:2F:02:AC:0B:F1:3A
X509v3 Authority Key Identifier:
keyid:C7:70:F4:33:58:B9:7B:A0:AA:9B:DC:62:BB:D5:11:E9:0A:EA:B2:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/C770F43358B97BA0AA9BDC62BBD511E90AEAB29D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x3D0M1i5e6Cqm9xiu9UR6Qrqsp0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/33312e32322e3130372e302f32342d3234203d3e20333935343730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.22.107.0/24
Signature Algorithm: sha256WithRSAEncryption
69:71:fe:94:ab:86:a8:4e:29:9b:47:d4:08:98:14:5d:a9:49:
5a:02:0f:2f:e9:89:b9:64:f2:2c:67:50:aa:5c:43:a6:49:ed:
da:ab:ad:bd:f1:3d:c6:c2:14:93:bb:ee:2f:63:c2:29:f5:be:
84:4a:2f:f4:73:fc:56:d2:9b:a7:86:92:bd:39:e4:e5:b5:47:
f4:9e:5e:19:f3:56:17:2b:f8:3b:3f:e4:e7:f1:fd:de:ac:44:
58:b5:2a:f1:33:d3:1b:0a:42:72:2b:0c:33:02:d5:fb:2b:65:
70:9d:03:af:5c:4a:e8:01:49:fa:b7:84:99:69:c4:cb:44:cd:
02:48:41:e7:bc:fd:55:7a:df:d6:38:27:fa:8d:89:d0:9f:f6:
cb:c0:3e:0d:f0:07:44:45:e8:74:3e:de:d4:cc:d6:a9:4b:0c:
f4:18:91:59:6e:22:94:39:04:12:ad:d2:62:92:8c:da:af:cb:
41:84:d0:41:da:16:cc:35:15:fe:41:6b:6c:b5:87:d9:38:45:
7a:85:5b:56:11:d5:62:af:e4:f7:38:ab:b0:07:10:ba:51:10:
bf:a5:d7:98:a8:71:2f:7b:8e:62:ac:8a:40:c1:73:b4:99:45:
27:53:6b:5c:82:df:52:d5:17:cb:2e:1f:d7:b4:de:5f:db:63:
5b:7e:71:9a
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUeMHGKEuUHNmSNbncNO7KUbS6HNAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzc3MGY0MzM1OGI5N2JhMGFhOWJkYzYyYmJkNTExZTkw
YWVhYjI5ZDAeFw0yNjA0MTMwODUxMTlaFw0yNzA0MTIwODU2MTlaMDMxMTAvBgNV
BAMTKDQxQUM5OUMxNDEzNzhGOEEyRkJGQTg0N0M1RjUyRjAyQUMwQkYxM0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7j8DZvbpPWw1VmuKcCW8WbPH6
AUhcEhQD/uRui0Swq65xiU49tiK16j5rLtzgy0IgZJZnFraGuP7eXzBwOMjimQUl
Bmdj9nDqULL3e3ks96IekkUY5ig7N1LUXnU1P5uTvsojvj8UzfylB1c+KdsjUIt1
WT2bXI5OqzwTkFpHc5Qs82HferNPjJBHpLgkIa9iRD7UQ17FWpqPWDjkor24oRK3
CwWOImkZFfZMfvQnFayp30eiJyp7ZFFRogE8x9CBWRQ1P+Cu/krkh9Fi510NVLYb
BwZYFHEc85ndxAuZlO5wgbHg1MzcxnTBPMcr6CrHiA/BjJ3gaNUe8SbGyoOVAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUQayZwUE3j4ovv6hHxfUvAqwL8TowHwYDVR0j
BBgwFoAUx3D0M1i5e6Cqm9xiu9UR6Qrqsp0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZWFmZWJkYjQtNmYwYi00MDRiLTk4ZTItYTI2YmU5NGE2
NjIwLzAvQzc3MEY0MzM1OEI5N0JBMEFBOUJEQzYyQkJENTExRTkwQUVBQjI5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3gzRDBNMWk1ZTZDcW05eGl1OVVSNlFy
cXNwMC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZWFmZWJkYjQt
NmYwYi00MDRiLTk4ZTItYTI2YmU5NGE2NjIwLzAvMzMzMTJlMzIzMjJlMzEzMDM3
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzMzOTM1MzQzNzMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
HxZrMA0GCSqGSIb3DQEBCwUAA4IBAQBpcf6Uq4aoTimbR9QImBRdqUlaAg8v6Ym5
ZPIsZ1CqXEOmSe3aq6298T3GwhSTu+4vY8Ip9b6ESi/0c/xW0punhpK9OeTltUf0
nl4Z81YXK/g7P+Tn8f3erERYtSrxM9MbCkJyKwwzAtX7K2VwnQOvXEroAUn6t4SZ
acTLRM0CSEHnvP1Vet/WOCf6jYnQn/bLwD4N8AdEReh0Pt7UzNapSwz0GJFZbiKU
OQQSrdJikozar8tBhNBB2hbMNRX+QWtstYfZOEV6hVtWEdVir+T3OKuwBxC6URC/
pdeYqHEve45irIpAwXO0mUUnU2tcgt9S1RfLLh/XtN5f22NbfnGa
-----END CERTIFICATE-----
Generated at Fri Apr 17 13:30:36 2026 by rpki-client