Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e33302e302f32342d3234203d3e203633343733.roa
File: 33312e3232302e33302e302f32342d3234203d3e203633343733.roa (raw, json)
Hash identifier: aaJ8hPoYbG9klT+/eJVJOL/BsCxrrx7FCZmWHotU+Do=
Subject key identifier: 8B:C0:06:5A:0C:F7:AE:FB:BF:BF:72:61:FD:15:2F:E4:13:48:D8:70
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 1EB76FA52AB0B0A7B6B40A424C7D36CBC5C7CD4E
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e33302e302f32342d3234203d3e203633343733.roa
Signing time: Mon 29 Dec 2025 09:50:45 +0000
ROA not before: Mon 29 Dec 2025 09:45:45 +0000
ROA not after: Mon 28 Dec 2026 09:50:45 +0000
asID: 63473
IP address blocks: 31.220.30.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 06:04:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:b7:6f:a5:2a:b0:b0:a7:b6:b4:0a:42:4c:7d:36:cb:c5:c7:cd:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Dec 29 09:45:45 2025 GMT
Not After : Dec 28 09:50:45 2026 GMT
Subject: CN=8BC0065A0CF7AEFBBFBF7261FD152FE41348D870
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:81:a6:04:e0:a3:ef:1a:fc:cc:d2:d8:23:fe:
df:9a:00:a2:f6:4a:ec:06:e2:28:69:f7:54:ab:0d:
17:5b:c9:ad:e3:80:73:c6:cd:51:4c:1d:14:b5:7f:
c5:98:bf:87:99:2a:b8:b1:cf:3f:3c:9e:6d:76:ab:
49:94:13:53:d1:2b:2a:9c:97:05:90:13:f2:32:85:
cf:e5:9b:e4:85:28:c8:42:47:38:e9:8d:f8:35:d0:
85:ec:6a:3b:13:48:9f:5b:92:69:a9:42:72:70:25:
30:60:27:04:45:f8:54:3f:c8:a1:1a:3f:89:e0:15:
a4:ee:8a:8f:c1:1d:15:cc:1c:52:d2:e6:f7:a1:f5:
fd:74:09:d3:d1:61:f2:7b:62:f6:97:23:54:3d:c3:
f9:d5:86:5c:33:72:6d:41:03:ed:47:a4:c3:df:fe:
13:f8:3d:9c:cf:26:70:b0:54:f5:46:aa:be:c4:a6:
a3:de:c1:38:64:36:56:6d:0d:80:8e:ae:9b:cf:d7:
4c:ae:46:cb:47:f0:63:44:6b:ca:b6:cf:31:be:35:
91:af:78:e2:6b:0f:de:53:20:28:99:da:02:58:6d:
3a:da:3d:ca:57:10:31:b8:14:70:4e:90:46:a2:71:
21:df:b2:48:58:ee:41:ec:6d:eb:6e:ff:0e:eb:78:
a9:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:C0:06:5A:0C:F7:AE:FB:BF:BF:72:61:FD:15:2F:E4:13:48:D8:70
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e33302e302f32342d3234203d3e203633343733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.220.30.0/24
Signature Algorithm: sha256WithRSAEncryption
40:07:3c:cd:9b:7d:ce:95:ff:21:b1:26:97:0b:5a:4d:cf:c2:
e6:27:7d:cb:fc:12:16:7b:af:de:49:f5:05:d2:68:ee:1c:7c:
81:39:b4:48:d8:99:6b:c2:47:bd:b3:0d:9e:15:91:16:13:c2:
a1:34:f7:ea:65:e2:30:b6:3e:64:8d:6f:da:b7:eb:92:e2:25:
e6:96:c8:3b:8a:45:4f:22:9a:46:0c:a3:12:dd:bb:b1:e5:4b:
6d:a3:ee:7c:33:69:ea:c1:a5:06:55:05:e3:c2:d2:e9:a1:54:
11:f5:8a:a6:45:0d:09:4e:e9:2c:f3:e1:e4:77:ad:dd:f6:c4:
a0:65:36:17:80:8b:27:cf:48:5b:59:28:60:d2:e3:71:db:da:
c0:f2:30:14:a5:92:10:0a:c1:a9:59:95:0d:d1:c4:cf:71:a3:
91:0b:67:dc:8b:11:63:77:cd:1d:c9:5c:c4:7d:35:68:11:b9:
15:83:77:d8:09:a7:3d:35:f2:14:79:20:d1:2e:e3:55:3a:bc:
e1:81:5b:be:f9:c1:ec:c4:59:82:e1:75:7a:15:28:00:ab:cb:
76:10:fc:3f:3c:1c:c2:96:da:f5:e3:2f:25:b6:f6:9e:1f:19:
00:e8:90:47:19:28:a4:8a:96:bc:b8:45:b8:19:98:90:28:f5:
e7:1c:f3:57
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUHrdvpSqwsKe2tApCTH02y8XHzU4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTEyMjkwOTQ1NDVaFw0yNjEyMjgwOTUwNDVaMDMxMTAvBgNV
BAMTKDhCQzAwNjVBMENGN0FFRkJCRkJGNzI2MUZEMTUyRkU0MTM0OEQ4NzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPgaYE4KPvGvzM0tgj/t+aAKL2
SuwG4ihp91SrDRdbya3jgHPGzVFMHRS1f8WYv4eZKrixzz88nm12q0mUE1PRKyqc
lwWQE/Iyhc/lm+SFKMhCRzjpjfg10IXsajsTSJ9bkmmpQnJwJTBgJwRF+FQ/yKEa
P4ngFaTuio/BHRXMHFLS5veh9f10CdPRYfJ7YvaXI1Q9w/nVhlwzcm1BA+1HpMPf
/hP4PZzPJnCwVPVGqr7EpqPewThkNlZtDYCOrpvP10yuRstH8GNEa8q2zzG+NZGv
eOJrD95TICiZ2gJYbTraPcpXEDG4FHBOkEaicSHfskhY7kHsbetu/w7reKl/AgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUi8AGWgz3rvu/v3Jh/RUv5BNI2HAwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzMzMTJlMzIzMjMwMmUzMzMw
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzYzMzM0MzczMy5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAB/c
HjANBgkqhkiG9w0BAQsFAAOCAQEAQAc8zZt9zpX/IbEmlwtaTc/C5id9y/wSFnuv
3kn1BdJo7hx8gTm0SNiZa8JHvbMNnhWRFhPCoTT36mXiMLY+ZI1v2rfrkuIl5pbI
O4pFTyKaRgyjEt27seVLbaPufDNp6sGlBlUF48LS6aFUEfWKpkUNCU7pLPPh5Het
3fbEoGU2F4CLJ89IW1koYNLjcdvawPIwFKWSEArBqVmVDdHEz3GjkQtn3IsRY3fN
HclcxH01aBG5FYN32AmnPTXyFHkg0S7jVTq84YFbvvnB7MRZguF1ehUoAKvLdhD8
Pzwcwpba9eMvJbb2nh8ZAOiQRxkopIqWvLhFuBmYkCj15xzzVw==
-----END CERTIFICATE-----
Generated at Sun Mar 1 22:33:54 2026 by rpki-client