Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/3231332e3232352e3233382e302f32342d3234203d3e20323732363932.roa
File: 3231332e3232352e3233382e302f32342d3234203d3e20323732363932.roa (raw, json)
Hash identifier: /lE504/n5MHV61y4OXy6umkppSIjj02+bYfLKI4SboQ=
Subject key identifier: 61:FA:CC:BC:19:F5:C5:1C:3D:96:17:B1:3E:28:2A:A1:17:6C:17:51
Certificate issuer: /CN=0d059f10d18d00052c808eb8069f90d47e30564a
Certificate serial: 01B0089BF96E55ABA31155762CFB66542517C9F0
Authority key identifier: 0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/3231332e3232352e3233382e302f32342d3234203d3e20323732363932.roa
Signing time: Thu 05 Feb 2026 11:55:36 +0000
ROA not before: Thu 05 Feb 2026 11:50:36 +0000
ROA not after: Thu 04 Feb 2027 11:55:36 +0000
asID: 272692
IP address blocks: 213.225.238.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.mft
rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 15:05:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:b0:08:9b:f9:6e:55:ab:a3:11:55:76:2c:fb:66:54:25:17:c9:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d059f10d18d00052c808eb8069f90d47e30564a
Validity
Not Before: Feb 5 11:50:36 2026 GMT
Not After : Feb 4 11:55:36 2027 GMT
Subject: CN=61FACCBC19F5C51C3D9617B13E282AA1176C1751
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:b2:f1:bc:87:75:f2:94:cb:1c:c5:73:88:df:
c5:a6:2e:1f:f3:6c:80:9f:23:2a:ec:d4:a5:3d:40:
14:af:1d:7e:de:d9:4b:ba:4b:b4:52:32:48:1c:d9:
4b:f0:49:72:81:03:39:6a:9a:be:5d:c2:3f:70:b9:
08:06:e2:12:36:44:d2:ce:26:a3:57:79:b9:f3:06:
dc:8b:2e:43:58:58:c7:ab:ef:bb:57:2f:da:5a:7b:
68:3d:4f:a9:21:5d:f3:ec:73:8e:61:ab:ea:5a:f5:
ab:9b:85:4a:1f:0a:8f:3d:14:92:0c:ab:b9:c1:78:
28:1c:dd:40:83:aa:d1:26:e8:b0:33:7a:62:62:e6:
25:77:14:2a:d7:13:6b:4e:39:f5:f0:d1:2c:76:a4:
1c:ab:49:49:e2:15:d0:50:56:a2:19:66:67:30:29:
98:a7:ed:d2:59:72:fc:c4:ac:90:0e:bc:d4:90:8b:
ce:c6:9c:5c:1c:7c:8c:3a:e5:8f:55:ca:85:29:c5:
60:fd:37:45:dd:d4:e9:80:b4:e1:a2:e2:53:09:cc:
89:7f:2f:38:15:63:b2:24:e2:1c:62:6e:93:16:3a:
a4:f3:2c:74:fa:90:b9:13:79:14:34:70:2d:53:f9:
0d:ff:fb:16:92:44:ed:54:6f:2b:07:e4:6c:d3:c4:
aa:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:FA:CC:BC:19:F5:C5:1C:3D:96:17:B1:3E:28:2A:A1:17:6C:17:51
X509v3 Authority Key Identifier:
keyid:0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/3231332e3232352e3233382e302f32342d3234203d3e20323732363932.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.225.238.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:42:cf:76:50:09:bf:d5:62:d9:0c:42:d9:1d:5e:ba:81:5d:
74:a5:e1:7d:2e:41:58:6e:4d:de:6b:15:7e:85:63:b3:03:03:
c3:de:21:ab:dc:65:4a:dc:54:90:dd:be:86:1a:d9:02:54:34:
5e:96:11:f1:3f:e4:ac:2f:fc:79:b0:c1:05:53:07:94:18:de:
47:2d:d0:9b:da:cf:30:6a:6a:1b:f9:f4:29:19:bd:0c:8d:0a:
00:65:a6:e9:f8:d0:3b:a1:b8:9f:3f:41:25:e8:9d:ed:fb:49:
13:e9:fd:04:ac:2b:e9:bb:9e:01:55:aa:88:0f:f8:6f:46:2e:
67:ae:79:6d:27:b8:b5:98:ac:fe:13:9c:7c:fb:95:fb:29:81:
fb:4c:40:c4:ff:9c:27:9c:57:0a:d1:d9:a3:4d:b8:b2:b6:a2:
7e:63:89:94:8a:4f:90:05:95:e7:06:d3:70:a8:ba:3f:21:bf:
22:eb:f8:bb:12:a2:6c:6d:b4:cf:8b:e3:6d:c3:66:93:ac:34:
2a:3c:6a:30:49:99:db:46:7e:f0:a2:80:bb:f3:6b:e1:5d:9d:
85:cc:f2:36:10:75:d7:13:f8:04:1f:41:61:89:bf:8d:6b:34:
b0:23:09:62:6e:b1:0d:7f:5f:a3:89:5f:7d:f9:db:18:17:52:
8f:85:6c:c1
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUAbAIm/luVaujEVV2LPtmVCUXyfAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQwNTlmMTBkMThkMDAwNTJjODA4ZWI4MDY5ZjkwZDQ3
ZTMwNTY0YTAeFw0yNjAyMDUxMTUwMzZaFw0yNzAyMDQxMTU1MzZaMDMxMTAvBgNV
BAMTKDYxRkFDQ0JDMTlGNUM1MUMzRDk2MTdCMTNFMjgyQUExMTc2QzE3NTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOsvG8h3XylMscxXOI38WmLh/z
bICfIyrs1KU9QBSvHX7e2Uu6S7RSMkgc2UvwSXKBAzlqmr5dwj9wuQgG4hI2RNLO
JqNXebnzBtyLLkNYWMer77tXL9pae2g9T6khXfPsc45hq+pa9aubhUofCo89FJIM
q7nBeCgc3UCDqtEm6LAzemJi5iV3FCrXE2tOOfXw0Sx2pByrSUniFdBQVqIZZmcw
KZin7dJZcvzErJAOvNSQi87GnFwcfIw65Y9VyoUpxWD9N0Xd1OmAtOGi4lMJzIl/
LzgVY7Ik4hxibpMWOqTzLHT6kLkTeRQ0cC1T+Q3/+xaSRO1UbysH5GzTxKq7AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUYfrMvBn1xRw9lhexPigqoRdsF1EwHwYDVR0j
BBgwFoAUDQWfENGNAAUsgI64Bp+Q1H4wVkowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQtMjg1NC00MDgwLTlhMDktNzI2MjMyNmM5
ZTIyLzEvMEQwNTlGMTBEMThEMDAwNTJDODA4RUI4MDY5RjkwRDQ3RTMwNTY0QS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RRV2ZFTkdOQUFVc2dJNjRCcC1RMUg0
d1Zrby5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQt
Mjg1NC00MDgwLTlhMDktNzI2MjMyNmM5ZTIyLzEvMzIzMTMzMmUzMjMyMzUyZTMy
MzMzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzczMjM2MzkzMi5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEANXh7jANBgkqhkiG9w0BAQsFAAOCAQEAbULPdlAJv9Vi2QxC2R1euoFddKXh
fS5BWG5N3msVfoVjswMDw94hq9xlStxUkN2+hhrZAlQ0XpYR8T/krC/8ebDBBVMH
lBjeRy3Qm9rPMGpqG/n0KRm9DI0KAGWm6fjQO6G4nz9BJeid7ftJE+n9BKwr6bue
AVWqiA/4b0YuZ655bSe4tZis/hOcfPuV+ymB+0xAxP+cJ5xXCtHZo024sraifmOJ
lIpPkAWV5wbTcKi6PyG/Iuv4uxKibG20z4vjbcNmk6w0KjxqMEmZ20Z+8KKAu/Nr
4V2dhczyNhB11xP4BB9BYYm/jWs0sCMJYm6xDX9fo4lfffnbGBdSj4VswQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 19:09:09 2026 by rpki-client