Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a431e42e-0d7f-44d0-813f-b5e3a2abbe25/0/3231332e3135372e3132322e302f32342d3234203d3e2039333034.roa
File: 3231332e3135372e3132322e302f32342d3234203d3e2039333034.roa (raw, json)
Hash identifier: hiuvdGWkDUVa4rSBhYvM7ua/xqxtZdK1NbRIraGMMFQ=
Subject key identifier: 51:7A:2B:1C:25:01:91:61:86:3E:B9:96:17:59:5F:3C:F1:E5:18:4C
Certificate issuer: /CN=8184669b0189b7fabe05e700325a0d74957beb27
Certificate serial: 33E861030BC32C3D1A080BB5EF5B261898513690
Authority key identifier: 81:84:66:9B:01:89:B7:FA:BE:05:E7:00:32:5A:0D:74:95:7B:EB:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gYRmmwGJt_q-BecAMloNdJV76yc.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a431e42e-0d7f-44d0-813f-b5e3a2abbe25/0/3231332e3135372e3132322e302f32342d3234203d3e2039333034.roa
Signing time: Mon 04 May 2026 16:47:07 +0000
ROA not before: Mon 04 May 2026 16:42:07 +0000
ROA not after: Mon 03 May 2027 16:47:07 +0000
asID: 9304
IP address blocks: 213.157.122.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a431e42e-0d7f-44d0-813f-b5e3a2abbe25/0/8184669B0189B7FABE05E700325A0D74957BEB27.crl
rsync://rsync.paas.rpki.ripe.net/repository/a431e42e-0d7f-44d0-813f-b5e3a2abbe25/0/8184669B0189B7FABE05E700325A0D74957BEB27.mft
rsync://rpki.ripe.net/repository/DEFAULT/gYRmmwGJt_q-BecAMloNdJV76yc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:e8:61:03:0b:c3:2c:3d:1a:08:0b:b5:ef:5b:26:18:98:51:36:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8184669b0189b7fabe05e700325a0d74957beb27
Validity
Not Before: May 4 16:42:07 2026 GMT
Not After : May 3 16:47:07 2027 GMT
Subject: CN=517A2B1C25019161863EB99617595F3CF1E5184C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:9a:75:66:c3:1f:0f:dd:7d:d7:34:d5:e6:93:
4d:84:1f:47:78:d6:56:89:1f:00:00:95:ef:42:0c:
a2:dd:a5:36:f9:52:e3:5f:21:ea:c3:e6:d6:4a:62:
0e:73:92:ac:58:93:bd:96:36:e1:97:5b:0f:f5:a4:
8a:80:70:26:d5:e4:12:bb:53:56:a9:1c:d5:d9:b6:
c0:58:1e:c4:e5:6e:15:cf:3b:7c:4a:ff:7e:22:00:
ed:23:9f:14:50:98:d7:10:79:c3:57:b8:8f:12:96:
c5:74:5c:bb:29:8d:e9:78:0e:4a:81:04:1a:13:96:
8a:ee:ff:bc:ab:79:6f:f4:0b:9b:7c:51:6e:8b:ce:
66:50:02:bf:6b:d5:21:20:c7:07:89:69:3e:9e:36:
e9:4c:44:3f:7c:fe:3b:ff:d0:d6:fc:3b:11:52:7c:
f3:65:90:f0:42:9d:d4:a9:15:93:4e:ff:b2:b3:4e:
6a:7a:64:58:70:e8:13:d4:90:d4:d0:bd:16:4e:a9:
b2:c0:f4:15:a1:37:61:1c:e4:5f:fc:87:35:93:80:
97:e0:54:42:38:0a:f0:37:16:b3:b0:a2:53:e6:bf:
77:12:32:51:78:d5:71:a7:96:e2:bc:87:9f:8e:8b:
1c:9b:f5:5e:a2:ef:07:a5:01:a5:6b:98:34:4f:5b:
7d:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:7A:2B:1C:25:01:91:61:86:3E:B9:96:17:59:5F:3C:F1:E5:18:4C
X509v3 Authority Key Identifier:
keyid:81:84:66:9B:01:89:B7:FA:BE:05:E7:00:32:5A:0D:74:95:7B:EB:27
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a431e42e-0d7f-44d0-813f-b5e3a2abbe25/0/8184669B0189B7FABE05E700325A0D74957BEB27.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gYRmmwGJt_q-BecAMloNdJV76yc.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a431e42e-0d7f-44d0-813f-b5e3a2abbe25/0/3231332e3135372e3132322e302f32342d3234203d3e2039333034.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.157.122.0/24
Signature Algorithm: sha256WithRSAEncryption
81:8c:33:80:a2:4a:07:89:56:ee:2f:57:27:bb:c1:a2:13:31:
22:f5:91:5a:8a:0d:d0:fa:1d:09:38:95:11:09:14:00:95:f9:
ff:13:69:8f:d5:8f:23:a4:95:1f:78:c4:03:83:eb:81:b9:d3:
66:67:e3:3b:b7:69:f5:2e:48:34:32:98:93:46:15:a9:67:55:
0b:cd:9a:31:16:55:6b:c6:03:e8:bf:21:69:a4:21:24:ab:55:
0a:c0:a5:52:a9:a1:64:f8:e0:86:0a:56:af:a2:9e:b9:13:46:
20:49:89:64:f3:00:95:0f:ab:13:a4:12:de:de:87:30:7d:75:
8d:3f:72:36:12:59:16:27:57:a4:90:80:d8:9c:47:6a:cf:24:
82:19:5a:4d:aa:bb:6c:23:9e:53:62:a1:bf:92:69:8d:0f:a8:
88:1b:3f:31:32:78:b8:09:22:aa:94:59:7a:7d:05:47:14:6f:
f4:3d:47:70:b9:f6:4f:f4:e6:e5:53:66:ca:cc:2f:68:24:13:
bc:8c:8f:d8:64:7f:8d:42:9e:d0:61:78:50:b6:3d:97:11:78:
dd:2d:d8:c2:0b:99:9e:c3:24:3b:5d:37:50:0f:df:67:f9:47:
d8:cb:20:e8:77:f2:3d:21:be:78:a6:89:f3:da:bf:d9:09:c5:
94:e7:3b:e7
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUM+hhAwvDLD0aCAu171smGJhRNpAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODE4NDY2OWIwMTg5YjdmYWJlMDVlNzAwMzI1YTBkNzQ5
NTdiZWIyNzAeFw0yNjA1MDQxNjQyMDdaFw0yNzA1MDMxNjQ3MDdaMDMxMTAvBgNV
BAMTKDUxN0EyQjFDMjUwMTkxNjE4NjNFQjk5NjE3NTk1RjNDRjFFNTE4NEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnmnVmwx8P3X3XNNXmk02EH0d4
1laJHwAAle9CDKLdpTb5UuNfIerD5tZKYg5zkqxYk72WNuGXWw/1pIqAcCbV5BK7
U1apHNXZtsBYHsTlbhXPO3xK/34iAO0jnxRQmNcQecNXuI8SlsV0XLspjel4DkqB
BBoTloru/7yreW/0C5t8UW6LzmZQAr9r1SEgxweJaT6eNulMRD98/jv/0Nb8OxFS
fPNlkPBCndSpFZNO/7KzTmp6ZFhw6BPUkNTQvRZOqbLA9BWhN2Ec5F/8hzWTgJfg
VEI4CvA3FrOwolPmv3cSMlF41XGnluK8h5+Oixyb9V6i7welAaVrmDRPW31RAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUUXorHCUBkWGGPrmWF1lfPPHlGEwwHwYDVR0j
BBgwFoAUgYRmmwGJt/q+BecAMloNdJV76ycwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTQzMWU0MmUtMGQ3Zi00NGQwLTgxM2YtYjVlM2EyYWJi
ZTI1LzAvODE4NDY2OUIwMTg5QjdGQUJFMDVFNzAwMzI1QTBENzQ5NTdCRUIyNy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2dZUm1td0dKdF9xLUJlY0FNbG9OZEpW
NzZ5Yy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTQzMWU0MmUt
MGQ3Zi00NGQwLTgxM2YtYjVlM2EyYWJiZTI1LzAvMzIzMTMzMmUzMTM1MzcyZTMx
MzIzMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM5MzMzMDM0LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
1Z16MA0GCSqGSIb3DQEBCwUAA4IBAQCBjDOAokoHiVbuL1cnu8GiEzEi9ZFaig3Q
+h0JOJURCRQAlfn/E2mP1Y8jpJUfeMQDg+uBudNmZ+M7t2n1Lkg0MpiTRhWpZ1UL
zZoxFlVrxgPovyFppCEkq1UKwKVSqaFk+OCGClavop65E0YgSYlk8wCVD6sTpBLe
3ocwfXWNP3I2ElkWJ1ekkIDYnEdqzySCGVpNqrtsI55TYqG/kmmND6iIGz8xMni4
CSKqlFl6fQVHFG/0PUdwufZP9OblU2bKzC9oJBO8jI/YZH+NQp7QYXhQtj2XEXjd
LdjCC5mewyQ7XTdQD99n+UfYyyDod/I9Ib54ponz2r/ZCcWU5zvn
-----END CERTIFICATE-----
Generated at Wed May 13 01:43:40 2026 by rpki-client