Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e31312e302f32342d3234203d3e20313336373837.roa
File: 33312e3232302e31312e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: A+PF7EG3whV5kZEo1pgz3Q+Kl8JzLZAp5c6vKYy+pN0=
Subject key identifier: 4F:F8:A7:90:E0:A4:E2:20:C9:FD:6D:F9:E7:19:FA:A4:F6:7A:F0:D0
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 7E0343F29B037A9556CBC371625014F2B9830C9F
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e31312e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 15 Mar 2026 12:23:27 +0000
ROA not before: Sun 15 Mar 2026 12:18:27 +0000
ROA not after: Sun 14 Mar 2027 12:23:27 +0000
asID: 136787
IP address blocks: 31.220.11.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:03:43:f2:9b:03:7a:95:56:cb:c3:71:62:50:14:f2:b9:83:0c:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 15 12:18:27 2026 GMT
Not After : Mar 14 12:23:27 2027 GMT
Subject: CN=4FF8A790E0A4E220C9FD6DF9E719FAA4F67AF0D0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:35:b3:1a:f9:1a:f0:b3:71:7b:d3:2d:ba:1f:
bb:8c:14:fc:2b:36:d9:e5:37:91:0f:d1:8e:8e:18:
cb:4b:aa:62:46:15:7a:48:4d:10:d5:ea:0b:67:cd:
15:17:62:a6:87:ad:da:99:74:74:58:e9:bf:f4:3a:
c3:67:3d:ba:81:24:83:cd:2f:ad:0d:94:d3:66:69:
65:44:41:f4:53:bf:ae:95:08:07:8c:78:72:61:b8:
04:f3:2d:17:a9:d2:95:54:93:05:bb:ec:5d:57:12:
e1:fc:68:15:69:9b:9f:b9:c2:4a:68:46:39:2c:6c:
d0:a6:07:0d:46:06:1d:9f:9b:5e:e8:73:48:92:02:
83:5a:76:af:23:9b:94:96:8e:db:03:f3:82:54:bf:
91:79:ea:11:f2:bb:e1:03:38:c7:1d:d3:3f:ce:8c:
50:70:f7:ee:2d:ab:8a:b7:b1:71:70:02:2f:46:33:
b6:4c:8a:31:ee:e2:9b:fd:e2:67:68:b9:d6:05:c4:
30:91:e9:bc:54:4a:1d:61:79:b5:28:b1:6d:2f:35:
c9:64:86:d9:15:a6:cb:cb:c6:cb:9b:7c:e4:b0:11:
6c:9c:90:da:21:97:35:76:b2:b0:aa:dc:1e:51:ba:
be:bf:79:a5:42:6e:34:18:a1:2d:6b:23:78:86:7e:
8d:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:F8:A7:90:E0:A4:E2:20:C9:FD:6D:F9:E7:19:FA:A4:F6:7A:F0:D0
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e31312e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.220.11.0/24
Signature Algorithm: sha256WithRSAEncryption
25:3e:59:7d:c3:d4:d6:a4:29:00:df:3e:ba:fb:93:59:f7:c0:
d5:12:b6:fe:8f:1d:d7:50:3e:81:ed:e2:5d:23:e1:98:5d:68:
b5:39:3b:8c:c3:4a:d0:ed:1e:fc:9e:ff:64:62:ae:51:18:35:
c8:d3:42:41:0f:c1:01:52:0c:05:b9:2f:42:7f:e8:10:d7:69:
c8:b3:92:de:90:c7:ba:09:36:f0:22:93:ab:fc:f2:25:c6:fb:
ad:5c:21:79:44:53:5a:60:85:25:70:4e:51:f5:12:b5:d1:28:
99:0a:7b:f9:10:91:02:47:9d:1f:be:f6:64:b1:6f:f2:66:88:
8e:cd:fd:57:19:a0:ab:c2:61:32:22:6d:9f:d6:d2:62:5f:ad:
93:21:e4:c6:cf:8b:bc:9a:c3:79:2c:f0:a4:22:24:9a:04:d8:
06:69:20:9f:8b:fd:11:9c:84:84:b0:92:cb:76:20:30:f0:12:
f3:2c:15:44:c2:75:a1:3e:62:03:3a:d6:34:cc:4d:e0:bd:a9:
55:d5:e6:28:85:fc:9d:ec:63:9c:78:2b:46:67:b7:ea:3b:a3:
14:07:b5:fb:6f:3f:2e:58:8d:7e:fb:88:2f:bc:92:b2:6b:93:
35:2f:b6:db:9a:fa:8d:da:5c:7e:69:7c:4f:ac:f2:3e:1d:d6:
c8:6a:47:dc
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUfgND8psDepVWy8NxYlAU8rmDDJ8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjAzMTUxMjE4MjdaFw0yNzAzMTQxMjIzMjdaMDMxMTAvBgNV
BAMTKDRGRjhBNzkwRTBBNEUyMjBDOUZENkRGOUU3MTlGQUE0RjY3QUYwRDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3NbMa+Rrws3F70y26H7uMFPwr
NtnlN5EP0Y6OGMtLqmJGFXpITRDV6gtnzRUXYqaHrdqZdHRY6b/0OsNnPbqBJIPN
L60NlNNmaWVEQfRTv66VCAeMeHJhuATzLRep0pVUkwW77F1XEuH8aBVpm5+5wkpo
RjksbNCmBw1GBh2fm17oc0iSAoNadq8jm5SWjtsD84JUv5F56hHyu+EDOMcd0z/O
jFBw9+4tq4q3sXFwAi9GM7ZMijHu4pv94mdoudYFxDCR6bxUSh1hebUosW0vNclk
htkVpsvLxsubfOSwEWyckNohlzV2srCq3B5Rur6/eaVCbjQYoS1rI3iGfo3jAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUT/inkOCk4iDJ/W355xn6pPZ68NAwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzMzMTJlMzIzMjMwMmUzMTMx
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
H9wLMA0GCSqGSIb3DQEBCwUAA4IBAQAlPll9w9TWpCkA3z66+5NZ98DVErb+jx3X
UD6B7eJdI+GYXWi1OTuMw0rQ7R78nv9kYq5RGDXI00JBD8EBUgwFuS9Cf+gQ12nI
s5LekMe6CTbwIpOr/PIlxvutXCF5RFNaYIUlcE5R9RK10SiZCnv5EJECR50fvvZk
sW/yZoiOzf1XGaCrwmEyIm2f1tJiX62TIeTGz4u8msN5LPCkIiSaBNgGaSCfi/0R
nISEsJLLdiAw8BLzLBVEwnWhPmIDOtY0zE3gvalV1eYohfyd7GOceCtGZ7fqO6MU
B7X7bz8uWI1++4gvvJKya5M1L7bbmvqN2lx+aXxPrPI+HdbIakfc
-----END CERTIFICATE-----
Generated at Thu Mar 26 11:32:13 2026 by rpki-client