Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/3231322e37342e36332e302f32342d3234203d3e20343032323532.roa
File: 3231322e37342e36332e302f32342d3234203d3e20343032323532.roa (raw, json)
Hash identifier: 1D0vgq53b+Cz09uWH2q4EocBewmKaJP5g/uo9v4vqjA=
Subject key identifier: 96:92:24:F8:0B:C2:C9:50:DE:5B:74:04:10:89:96:AE:05:6B:79:82
Certificate issuer: /CN=4b3aca3a7c652a9faf8e4e119bd2f7bf54afde76
Certificate serial: 18FEBCCF6B29313D6323225DD3AC3F88F668EB36
Authority key identifier: 4B:3A:CA:3A:7C:65:2A:9F:AF:8E:4E:11:9B:D2:F7:BF:54:AF:DE:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SzrKOnxlKp-vjk4Rm9L3v1Sv3nY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/3231322e37342e36332e302f32342d3234203d3e20343032323532.roa
Signing time: Thu 30 Apr 2026 00:55:58 +0000
ROA not before: Thu 30 Apr 2026 00:50:58 +0000
ROA not after: Thu 29 Apr 2027 00:55:58 +0000
asID: 402252
IP address blocks: 212.74.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/4B3ACA3A7C652A9FAF8E4E119BD2F7BF54AFDE76.crl
rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/4B3ACA3A7C652A9FAF8E4E119BD2F7BF54AFDE76.mft
rsync://rpki.ripe.net/repository/DEFAULT/SzrKOnxlKp-vjk4Rm9L3v1Sv3nY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:fe:bc:cf:6b:29:31:3d:63:23:22:5d:d3:ac:3f:88:f6:68:eb:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b3aca3a7c652a9faf8e4e119bd2f7bf54afde76
Validity
Not Before: Apr 30 00:50:58 2026 GMT
Not After : Apr 29 00:55:58 2027 GMT
Subject: CN=969224F80BC2C950DE5B7404108996AE056B7982
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:5b:b6:00:86:a4:04:40:9f:c9:b5:16:b2:c3:
52:95:a1:37:15:f8:d3:37:dc:69:1e:4b:95:dd:ab:
06:6f:81:77:18:2f:1b:5e:24:2f:3a:a5:33:bd:a1:
2a:c0:a3:ee:9c:84:eb:11:f8:bc:3c:74:2c:0f:36:
b4:57:45:22:14:37:9b:04:8a:52:cc:97:de:86:55:
8f:27:39:28:32:b3:b4:39:44:94:6c:00:9a:d2:d2:
90:f7:31:d6:64:0b:91:22:94:5b:4e:98:4b:a0:62:
5c:0e:6c:cd:27:4a:3d:c4:4b:b7:a8:0a:8e:40:4d:
93:c0:1a:e3:1a:98:db:62:2f:ad:5e:6c:a5:b0:d2:
00:eb:7e:24:d0:47:94:57:3a:31:1a:ab:b8:8f:e4:
fd:04:a8:56:75:86:48:58:e3:de:e7:79:32:64:71:
9b:29:37:f9:f4:68:00:c6:b3:e7:6f:f2:1d:5b:61:
2e:ff:1a:90:72:f4:74:43:a2:3e:47:26:1c:f9:1b:
9e:84:f9:ab:25:dd:a6:09:72:e4:4e:ea:a1:fd:dd:
4b:66:65:df:17:5c:5d:c0:dc:2f:16:74:b4:98:db:
94:81:17:80:dc:f3:f7:5f:8b:5f:ce:be:66:9c:c4:
a9:32:d1:c0:6c:1f:05:72:a1:aa:5c:f2:d9:6c:a3:
8c:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:92:24:F8:0B:C2:C9:50:DE:5B:74:04:10:89:96:AE:05:6B:79:82
X509v3 Authority Key Identifier:
keyid:4B:3A:CA:3A:7C:65:2A:9F:AF:8E:4E:11:9B:D2:F7:BF:54:AF:DE:76
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/4B3ACA3A7C652A9FAF8E4E119BD2F7BF54AFDE76.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SzrKOnxlKp-vjk4Rm9L3v1Sv3nY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/3231322e37342e36332e302f32342d3234203d3e20343032323532.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.74.63.0/24
Signature Algorithm: sha256WithRSAEncryption
45:d4:c6:d7:10:f3:bd:9a:e8:fe:d8:64:c2:6a:a5:46:05:6e:
4e:95:b6:83:17:cc:a6:0a:6a:6b:ec:cc:bd:ae:96:c8:39:19:
26:94:0e:a1:34:0d:dd:98:fa:0e:f4:9f:bd:30:fe:1e:5f:8b:
eb:11:ab:4b:b5:55:9b:a3:23:a0:96:c9:b4:a3:7a:18:cc:a2:
b4:ba:4b:91:8c:ff:8a:a4:41:7f:88:39:17:ca:5a:db:0b:95:
12:ea:39:f6:09:5c:cf:50:fd:a2:8e:64:ca:8d:55:88:67:3b:
97:8f:f6:63:a1:c9:3e:8b:ed:d0:89:81:e1:ab:62:90:53:e6:
b9:d7:65:53:cd:3f:62:46:80:72:36:0e:48:00:b9:38:61:a9:
22:b5:05:f3:75:76:c5:3d:45:da:33:17:1e:06:01:2f:06:1e:
c1:76:ca:b6:a4:fd:1a:c9:84:43:05:55:40:8c:56:73:53:70:
f2:ac:77:9d:5c:0b:ca:56:63:40:96:f0:15:b5:08:fd:28:6b:
01:9c:77:a5:ce:af:b0:a2:40:2c:bc:b4:b5:74:44:11:5f:7e:
22:02:a5:cb:fc:27:65:14:3a:4f:2b:5b:8f:12:4c:6a:2d:9a:
20:7f:dd:19:a8:7a:89:7b:22:c4:4d:52:20:1d:82:df:35:49:
24:98:b1:6b
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUGP68z2spMT1jIyJd06w/iPZo6zYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGIzYWNhM2E3YzY1MmE5ZmFmOGU0ZTExOWJkMmY3YmY1
NGFmZGU3NjAeFw0yNjA0MzAwMDUwNThaFw0yNzA0MjkwMDU1NThaMDMxMTAvBgNV
BAMTKDk2OTIyNEY4MEJDMkM5NTBERTVCNzQwNDEwODk5NkFFMDU2Qjc5ODIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEW7YAhqQEQJ/JtRayw1KVoTcV
+NM33GkeS5XdqwZvgXcYLxteJC86pTO9oSrAo+6chOsR+Lw8dCwPNrRXRSIUN5sE
ilLMl96GVY8nOSgys7Q5RJRsAJrS0pD3MdZkC5EilFtOmEugYlwObM0nSj3ES7eo
Co5ATZPAGuMamNtiL61ebKWw0gDrfiTQR5RXOjEaq7iP5P0EqFZ1hkhY497neTJk
cZspN/n0aADGs+dv8h1bYS7/GpBy9HRDoj5HJhz5G56E+asl3aYJcuRO6qH93Utm
Zd8XXF3A3C8WdLSY25SBF4Dc8/dfi1/OvmacxKky0cBsHwVyoapc8tlso4zRAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUlpIk+AvCyVDeW3QEEImWrgVreYIwHwYDVR0j
BBgwFoAUSzrKOnxlKp+vjk4Rm9L3v1Sv3nYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMGQ4NTRjNzctZmQ4Yi00MjVhLWJkNTUtODJlMWQ3ZmFh
NzgyLzAvNEIzQUNBM0E3QzY1MkE5RkFGOEU0RTExOUJEMkY3QkY1NEFGREU3Ni5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1N6cktPbnhsS3AtdmprNFJtOUwzdjFT
djNuWS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMGQ4NTRjNzct
ZmQ4Yi00MjVhLWJkNTUtODJlMWQ3ZmFhNzgyLzAvMzIzMTMyMmUzNzM0MmUzNjMz
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzQzMDMyMzIzNTMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
1Eo/MA0GCSqGSIb3DQEBCwUAA4IBAQBF1MbXEPO9muj+2GTCaqVGBW5OlbaDF8ym
Cmpr7My9rpbIORkmlA6hNA3dmPoO9J+9MP4eX4vrEatLtVWboyOglsm0o3oYzKK0
ukuRjP+KpEF/iDkXylrbC5US6jn2CVzPUP2ijmTKjVWIZzuXj/Zjock+i+3QiYHh
q2KQU+a512VTzT9iRoByNg5IALk4YakitQXzdXbFPUXaMxceBgEvBh7Bdsq2pP0a
yYRDBVVAjFZzU3DyrHedXAvKVmNAlvAVtQj9KGsBnHelzq+wokAsvLS1dEQRX34i
AqXL/CdlFDpPK1uPEkxqLZogf90ZqHqJeyLETVIgHYLfNUkkmLFr
-----END CERTIFICATE-----
Generated at Wed May 13 06:08:08 2026 by rpki-client