Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/323030313a3637633a3333633a3a2f34382d3438203d3e2035343634.roa
File: 323030313a3637633a3333633a3a2f34382d3438203d3e2035343634.roa (raw, json)
Hash identifier: dhFxJ7SHU2zkEVcuJxqQC02YpfjNfDTWdE/+WmV8cgA=
Subject key identifier: F4:E8:46:78:31:39:6C:38:19:74:E3:D4:70:04:62:BB:6B:E5:47:B8
Certificate issuer: /CN=9f0d24c855eee00fe4abf3903c6e8fcc7083ed4d
Certificate serial: 376E55EFAB9016E6E6BED03A1636EBF083DB23FC
Authority key identifier: 9F:0D:24:C8:55:EE:E0:0F:E4:AB:F3:90:3C:6E:8F:CC:70:83:ED:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nw0kyFXu4A_kq_OQPG6PzHCD7U0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/323030313a3637633a3333633a3a2f34382d3438203d3e2035343634.roa
Signing time: Wed 25 Mar 2026 17:46:54 +0000
ROA not before: Wed 25 Mar 2026 17:41:54 +0000
ROA not after: Wed 24 Mar 2027 17:46:54 +0000
asID: 5464
IP address blocks: 2001:67c:33c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/9F0D24C855EEE00FE4ABF3903C6E8FCC7083ED4D.crl
rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/9F0D24C855EEE00FE4ABF3903C6E8FCC7083ED4D.mft
rsync://rpki.ripe.net/repository/DEFAULT/nw0kyFXu4A_kq_OQPG6PzHCD7U0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 19:35:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:6e:55:ef:ab:90:16:e6:e6:be:d0:3a:16:36:eb:f0:83:db:23:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f0d24c855eee00fe4abf3903c6e8fcc7083ed4d
Validity
Not Before: Mar 25 17:41:54 2026 GMT
Not After : Mar 24 17:46:54 2027 GMT
Subject: CN=F4E8467831396C381974E3D4700462BB6BE547B8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:67:a8:e9:b1:d5:c1:7f:b7:24:08:ac:28:9a:
d7:a5:7a:ea:96:a9:9d:84:6e:d7:14:ca:ee:48:ba:
43:0a:ac:2e:49:fa:db:17:9f:a1:90:fc:eb:8c:c6:
fd:41:12:05:13:a5:3b:01:42:db:52:0b:f7:f6:c5:
73:24:a6:cb:80:48:49:ae:4e:7c:f5:ce:85:86:cd:
de:fc:24:b8:12:aa:79:fa:5f:4b:46:17:d9:9d:34:
74:67:10:e0:e4:e8:ac:24:7a:5c:c7:d2:36:42:a5:
7c:7e:b3:33:18:f6:6e:d1:1d:00:ac:b7:e0:57:5e:
4e:9e:f2:77:65:e1:0a:86:8a:6e:23:d7:2d:82:51:
7c:ef:80:57:38:5a:92:f2:c3:3c:9f:48:76:3f:27:
94:9c:ea:3a:4f:65:e5:b8:dc:b6:da:8a:1b:b6:52:
4a:a8:b5:72:70:68:45:f0:62:4b:82:64:89:18:97:
de:59:ee:e6:fd:6d:c0:fe:02:52:fb:ae:7d:2e:1f:
a1:2e:8b:99:3a:04:cb:93:59:4c:70:1b:3d:f8:89:
af:76:4d:3c:15:7d:bf:f9:73:94:ff:ad:8e:2a:18:
eb:ee:a3:b2:f7:29:ff:49:fd:3f:8f:08:96:d4:de:
19:9d:d0:26:ce:92:67:d5:74:2e:a6:04:ff:5c:bb:
a3:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:E8:46:78:31:39:6C:38:19:74:E3:D4:70:04:62:BB:6B:E5:47:B8
X509v3 Authority Key Identifier:
keyid:9F:0D:24:C8:55:EE:E0:0F:E4:AB:F3:90:3C:6E:8F:CC:70:83:ED:4D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/9F0D24C855EEE00FE4ABF3903C6E8FCC7083ED4D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nw0kyFXu4A_kq_OQPG6PzHCD7U0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/323030313a3637633a3333633a3a2f34382d3438203d3e2035343634.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:33c::/48
Signature Algorithm: sha256WithRSAEncryption
11:92:0c:59:bd:72:58:a2:44:a0:e9:68:ed:a1:42:5e:c3:2a:
f1:64:b3:42:c5:c5:aa:cf:e5:32:dc:38:a3:2b:dc:0d:7c:d3:
55:86:c4:59:45:86:f3:59:4e:f4:a3:63:00:9a:e4:bf:6a:ec:
19:86:5b:d2:4c:7c:0a:87:36:b7:39:4f:2f:66:a9:b0:7b:c9:
7b:dd:9f:05:88:5b:45:58:be:1c:46:86:17:2c:7d:ca:63:0b:
c5:38:eb:cc:2a:b0:bd:fa:c6:6f:20:b3:da:57:9e:0b:1c:a6:
1c:4c:b1:da:9b:64:c0:2d:6a:c1:43:c4:f1:c9:f4:c4:84:75:
e7:cc:e0:b5:6e:17:c1:c0:15:fd:66:98:9c:e6:88:47:25:45:
ef:c8:24:0a:85:86:3f:06:71:67:7a:ab:df:78:9f:48:b1:29:
d8:75:05:67:34:6d:b3:5f:a1:96:e1:8a:3c:97:2e:3a:4b:8a:
ec:2f:00:ff:19:af:d8:9d:b8:26:f2:45:f0:76:da:c6:e4:20:
bd:96:7c:1b:af:b9:de:3e:89:f7:ec:ea:98:87:49:5b:b9:38:
be:97:e7:5c:b2:44:39:96:fe:b1:17:1f:81:74:e9:12:7e:eb:
4f:20:64:6a:77:b8:1b:82:ce:5d:de:49:84:35:9a:a4:75:3a:
21:50:e1:c4
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUN25V76uQFubmvtA6Fjbr8IPbI/wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWYwZDI0Yzg1NWVlZTAwZmU0YWJmMzkwM2M2ZThmY2M3
MDgzZWQ0ZDAeFw0yNjAzMjUxNzQxNTRaFw0yNzAzMjQxNzQ2NTRaMDMxMTAvBgNV
BAMTKEY0RTg0Njc4MzEzOTZDMzgxOTc0RTNENDcwMDQ2MkJCNkJFNTQ3QjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIZ6jpsdXBf7ckCKwomteleuqW
qZ2EbtcUyu5IukMKrC5J+tsXn6GQ/OuMxv1BEgUTpTsBQttSC/f2xXMkpsuASEmu
Tnz1zoWGzd78JLgSqnn6X0tGF9mdNHRnEODk6KwkelzH0jZCpXx+szMY9m7RHQCs
t+BXXk6e8ndl4QqGim4j1y2CUXzvgFc4WpLywzyfSHY/J5Sc6jpPZeW43Lbaihu2
UkqotXJwaEXwYkuCZIkYl95Z7ub9bcD+AlL7rn0uH6Eui5k6BMuTWUxwGz34ia92
TTwVfb/5c5T/rY4qGOvuo7L3Kf9J/T+PCJbU3hmd0CbOkmfVdC6mBP9cu6MlAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQU9OhGeDE5bDgZdOPUcARiu2vlR7gwHwYDVR0j
BBgwFoAUnw0kyFXu4A/kq/OQPG6PzHCD7U0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWYzMTc2OGQtNDJiMS00ZTkyLWI4M2YtYmVmN2VlMDE3
ODEzLzAvOUYwRDI0Qzg1NUVFRTAwRkU0QUJGMzkwM0M2RThGQ0M3MDgzRUQ0RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL253MGt5Rlh1NEFfa3FfT1FQRzZQekhD
RDdVMC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWYzMTc2OGQt
NDJiMS00ZTkyLWI4M2YtYmVmN2VlMDE3ODEzLzAvMzIzMDMwMzEzYTM2Mzc2MzNh
MzMzMzYzM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzUzNDM2MzQucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkD
BwAgAQZ8AzwwDQYJKoZIhvcNAQELBQADggEBABGSDFm9cliiRKDpaO2hQl7DKvFk
s0LFxarP5TLcOKMr3A1801WGxFlFhvNZTvSjYwCa5L9q7BmGW9JMfAqHNrc5Ty9m
qbB7yXvdnwWIW0VYvhxGhhcsfcpjC8U468wqsL36xm8gs9pXngscphxMsdqbZMAt
asFDxPHJ9MSEdefM4LVuF8HAFf1mmJzmiEclRe/IJAqFhj8GcWd6q994n0ixKdh1
BWc0bbNfoZbhijyXLjpLiuwvAP8Zr9iduCbyRfB22sbkIL2WfBuvud4+iffs6piH
SVu5OL6X51yyRDmW/rEXH4F06RJ+608gZGp3uBuCzl3eSYQ1mqR1OiFQ4cQ=
-----END CERTIFICATE-----
Generated at Thu Mar 26 12:56:26 2026 by rpki-client