Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3231322e32342e3132372e302f32342d3234203d3e203136323736.roa
File: 3231322e32342e3132372e302f32342d3234203d3e203136323736.roa (raw, json)
Hash identifier: Rs7w/chVuiM2q/eQlWg7hYcTj07lMXsGjRzGrKCmtq8=
Subject key identifier: E8:41:CC:0A:B0:12:1C:A4:2B:A2:F0:88:80:38:FE:2A:C6:C7:2A:98
Certificate issuer: /CN=cefce449bea8deaedb1804dba25c584df5873dc4
Certificate serial: 0F9051AC896ED014A334F4666AB2861CD9D2CDAE
Authority key identifier: CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3231322e32342e3132372e302f32342d3234203d3e203136323736.roa
Signing time: Fri 10 Oct 2025 09:23:34 +0000
ROA not before: Fri 10 Oct 2025 09:18:34 +0000
ROA not after: Fri 09 Oct 2026 09:23:34 +0000
asID: 16276
IP address blocks: 212.24.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.mft
rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:90:51:ac:89:6e:d0:14:a3:34:f4:66:6a:b2:86:1c:d9:d2:cd:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cefce449bea8deaedb1804dba25c584df5873dc4
Validity
Not Before: Oct 10 09:18:34 2025 GMT
Not After : Oct 9 09:23:34 2026 GMT
Subject: CN=E841CC0AB0121CA42BA2F0888038FE2AC6C72A98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:80:0b:d9:3e:bc:de:99:be:4f:6d:28:0a:58:
5c:46:ce:4e:e2:21:95:7b:4c:86:ed:1e:17:e3:7a:
a9:ec:fa:59:9a:74:ae:8e:ca:44:63:d4:74:f9:d4:
85:40:fd:58:68:cb:4d:91:36:15:26:a1:2d:9f:23:
89:de:84:19:23:ea:9e:5d:23:78:07:1d:13:fa:90:
b7:a4:6d:67:3a:1c:9c:07:f5:12:fc:f3:d9:33:9b:
5b:cd:92:09:ce:e9:de:ac:7d:a9:5d:a2:76:53:fa:
f6:21:de:52:cf:88:d2:67:08:19:9c:b8:21:fe:e7:
f8:c8:df:70:66:93:b8:cc:4f:89:80:6c:99:09:9d:
48:d1:ae:8f:53:09:6b:41:a2:64:1c:0f:29:8e:0a:
2c:fa:05:58:bf:27:6d:5f:9e:25:0b:69:5a:69:ee:
3a:05:9a:5e:90:c9:6f:de:47:a3:7b:6b:c1:76:8f:
fb:ad:6d:b0:fb:c4:04:72:9b:7d:74:e4:be:33:0a:
22:b0:06:74:3e:64:a1:18:20:2b:ca:c7:9c:63:56:
26:a5:e2:25:bd:2e:49:4b:e7:7b:cd:9c:54:38:1f:
10:81:76:18:d0:f2:8a:3b:d6:92:a8:83:c2:a1:a9:
e9:60:e3:50:03:55:fb:8e:48:67:5c:9b:a1:60:fb:
a0:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:41:CC:0A:B0:12:1C:A4:2B:A2:F0:88:80:38:FE:2A:C6:C7:2A:98
X509v3 Authority Key Identifier:
keyid:CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3231322e32342e3132372e302f32342d3234203d3e203136323736.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.24.127.0/24
Signature Algorithm: sha256WithRSAEncryption
b8:f8:b6:56:34:f7:70:c6:50:3d:d3:af:20:1b:c7:a6:76:a7:
47:86:e8:0c:8f:3d:cd:ab:e6:95:29:d3:d8:5b:b7:41:ba:9e:
d5:62:c1:cc:d1:99:64:63:a7:c7:e5:95:cb:b1:52:e6:aa:91:
4a:9a:9b:9f:24:1b:26:75:67:2e:93:8b:fc:40:4f:88:87:c6:
9b:80:a8:6c:1a:89:f4:37:62:50:89:3b:82:98:bd:c1:e5:79:
99:68:14:92:00:4e:ad:55:89:96:96:96:03:85:09:dc:24:54:
4c:b7:f5:c0:2b:d2:22:0d:ef:21:da:ec:da:80:e7:c8:cb:48:
e5:a5:cb:be:e2:1d:88:4e:09:b1:68:23:8f:9f:fb:59:87:14:
67:09:84:45:fb:de:16:b0:0a:1e:5b:d7:15:26:ed:db:4d:39:
f1:c9:99:56:e2:4f:90:c2:47:b0:9c:20:e7:3c:e9:4a:a0:e8:
ff:89:e9:43:cd:ca:cd:a7:b3:37:cb:9a:85:b7:37:e0:04:da:
9c:ea:35:d1:f9:f0:2c:c6:b3:66:9f:af:32:b0:26:9f:b8:70:
3b:5f:14:4f:9e:31:be:dc:38:3e:f8:35:ea:1f:e2:5a:ca:ef:
44:8b:bc:ea:be:e8:fb:0e:41:d9:49:f1:60:55:88:fd:3b:ed:
80:e7:08:b1
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUD5BRrIlu0BSjNPRmarKGHNnSza4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoY2VmY2U0NDliZWE4ZGVhZWRiMTgwNGRiYTI1YzU4NGRm
NTg3M2RjNDAeFw0yNTEwMTAwOTE4MzRaFw0yNjEwMDkwOTIzMzRaMDMxMTAvBgNV
BAMTKEU4NDFDQzBBQjAxMjFDQTQyQkEyRjA4ODgwMzhGRTJBQzZDNzJBOTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCPgAvZPrzemb5PbSgKWFxGzk7i
IZV7TIbtHhfjeqns+lmadK6OykRj1HT51IVA/Vhoy02RNhUmoS2fI4nehBkj6p5d
I3gHHRP6kLekbWc6HJwH9RL889kzm1vNkgnO6d6sfaldonZT+vYh3lLPiNJnCBmc
uCH+5/jI33Bmk7jMT4mAbJkJnUjRro9TCWtBomQcDymOCiz6BVi/J21fniULaVpp
7joFml6QyW/eR6N7a8F2j/utbbD7xARym3105L4zCiKwBnQ+ZKEYICvKx5xjVial
4iW9LklL53vNnFQ4HxCBdhjQ8oo71pKog8Khqelg41ADVfuOSGdcm6Fg+6AjAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU6EHMCrASHKQrovCIgDj+KsbHKpgwHwYDVR0j
BBgwFoAUzvzkSb6o3q7bGATbolxYTfWHPcQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDFiMzVmOGItNmY0OC00YmFkLWIxODUtNWMxZGFhOGFj
ZGE5LzAvQ0VGQ0U0NDlCRUE4REVBRURCMTgwNERCQTI1QzU4NERGNTg3M0RDNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3p2emtTYjZvM3E3YkdBVGJvbHhZVGZX
SFBjUS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZDFiMzVmOGIt
NmY0OC00YmFkLWIxODUtNWMxZGFhOGFjZGE5LzAvMzIzMTMyMmUzMjM0MmUzMTMy
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM2MzIzNzM2LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
1Bh/MA0GCSqGSIb3DQEBCwUAA4IBAQC4+LZWNPdwxlA9068gG8emdqdHhugMjz3N
q+aVKdPYW7dBup7VYsHM0ZlkY6fH5ZXLsVLmqpFKmpufJBsmdWcuk4v8QE+Ih8ab
gKhsGon0N2JQiTuCmL3B5XmZaBSSAE6tVYmWlpYDhQncJFRMt/XAK9IiDe8h2uza
gOfIy0jlpcu+4h2ITgmxaCOPn/tZhxRnCYRF+94WsAoeW9cVJu3bTTnxyZlW4k+Q
wkewnCDnPOlKoOj/ielDzcrNp7M3y5qFtzfgBNqc6jXR+fAsxrNmn68ysCafuHA7
XxRPnjG+3Dg++DXqH+Jayu9Ei7zqvuj7DkHZSfFgVYj9O+2A5wix
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:25:08 2025 by rpki-client