Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/352e3232362e3139312e302f32342d3234203d3e20323135323338.roa
File: 352e3232362e3139312e302f32342d3234203d3e20323135323338.roa (raw, json)
Hash identifier: oMT5W+1A+v1pwvSVM/yS6Grj9zILUfxp/QJKJB7R/M8=
Subject key identifier: A4:49:E1:64:CF:B1:5E:4C:D8:49:E7:AD:3E:7E:B2:0D:14:93:CC:4D
Certificate issuer: /CN=f768ff6e681858c0ec19f3a93fa1792cd16ceed3
Certificate serial: 606780C94B8A29BDC5CADEFCAC8DF094B6A7F488
Authority key identifier: F7:68:FF:6E:68:18:58:C0:EC:19:F3:A9:3F:A1:79:2C:D1:6C:EE:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/352e3232362e3139312e302f32342d3234203d3e20323135323338.roa
Signing time: Sat 02 May 2026 19:47:07 +0000
ROA not before: Sat 02 May 2026 19:42:07 +0000
ROA not after: Sat 01 May 2027 19:47:07 +0000
asID: 215238
IP address blocks: 5.226.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/F768FF6E681858C0EC19F3A93FA1792CD16CEED3.crl
rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/F768FF6E681858C0EC19F3A93FA1792CD16CEED3.mft
rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:67:80:c9:4b:8a:29:bd:c5:ca:de:fc:ac:8d:f0:94:b6:a7:f4:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f768ff6e681858c0ec19f3a93fa1792cd16ceed3
Validity
Not Before: May 2 19:42:07 2026 GMT
Not After : May 1 19:47:07 2027 GMT
Subject: CN=A449E164CFB15E4CD849E7AD3E7EB20D1493CC4D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:84:9d:d8:d5:ec:63:47:67:93:be:2f:04:a2:
a8:5b:1a:63:3f:be:e9:39:a1:1e:2b:15:4c:62:2d:
0b:b2:36:be:a7:55:16:86:3c:8a:3e:31:9a:af:4c:
30:fc:f2:80:b3:83:6a:46:a5:94:7a:48:b7:f9:b2:
c6:8f:27:c3:02:ee:b9:fb:6c:9e:e1:82:a3:1e:21:
7d:e3:73:25:48:49:d5:eb:df:46:4f:f0:27:21:6f:
17:11:fd:95:3a:7b:d2:88:e7:09:d9:4c:94:19:09:
dc:98:9f:93:8f:4b:ab:7c:83:a3:1e:b2:95:5c:4c:
41:41:72:1c:ca:0f:43:52:70:37:a2:42:62:ee:ed:
09:14:c4:30:ae:70:6c:15:e3:49:dc:de:32:83:6b:
89:29:ef:a9:c7:00:36:52:39:96:de:a3:54:14:cd:
14:b0:f9:68:21:0e:dc:43:05:4e:77:97:27:33:ae:
03:ab:77:cf:1f:aa:2f:06:fb:5f:b9:58:fc:1a:79:
e9:04:2a:60:f4:e0:2a:5a:8d:e7:16:ca:d4:86:e1:
46:45:7f:54:a2:d2:c1:09:a4:ef:6b:76:31:ee:10:
74:d1:d4:60:d4:bc:93:8d:2c:8a:47:6f:f5:68:60:
96:81:aa:db:a9:4a:e1:fa:9e:32:39:49:00:71:bc:
25:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:49:E1:64:CF:B1:5E:4C:D8:49:E7:AD:3E:7E:B2:0D:14:93:CC:4D
X509v3 Authority Key Identifier:
keyid:F7:68:FF:6E:68:18:58:C0:EC:19:F3:A9:3F:A1:79:2C:D1:6C:EE:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/F768FF6E681858C0EC19F3A93FA1792CD16CEED3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/352e3232362e3139312e302f32342d3234203d3e20323135323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.226.191.0/24
Signature Algorithm: sha256WithRSAEncryption
29:fc:b8:d8:1d:60:dd:1f:9a:b9:6c:54:a0:83:43:84:34:c8:
57:48:3c:5d:8c:68:00:ef:a9:48:ee:22:03:c1:13:c4:2a:cc:
e9:1e:67:1f:2f:6a:32:65:73:65:21:9c:38:4b:17:28:4d:43:
ce:d1:cc:6a:1a:36:c9:f7:4c:50:75:a7:84:78:05:d5:88:1e:
07:97:18:00:9c:bc:91:27:ca:17:bf:d8:65:71:ec:65:d9:85:
cb:5c:d3:24:0b:3d:7f:b1:f4:2e:7f:8c:25:4d:fb:0a:6a:b7:
5f:53:93:e6:56:65:e2:a8:cb:45:ac:df:04:5f:92:ac:24:cf:
33:78:5f:26:e9:2c:bf:a1:44:65:66:82:33:a2:b8:b4:2b:b2:
76:44:6f:83:42:e6:2e:b3:81:8a:93:83:53:dd:a4:05:01:fb:
60:a7:9f:84:ca:bb:21:b7:72:15:45:ca:65:fa:ca:b6:35:5c:
f2:3d:1e:76:09:92:43:12:7d:5b:52:1b:32:2b:6b:89:8e:4e:
70:36:0e:b5:f6:ac:27:dd:69:44:b6:04:41:14:f5:e5:cd:d7:
6a:6a:2b:f8:d0:20:d7:86:b9:da:bc:1f:e1:05:07:62:7a:5e:
51:50:ac:33:5d:5c:96:33:37:3c:b2:e8:a5:c3:fc:ad:ba:52:
44:3e:66:f7
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUYGeAyUuKKb3Fyt78rI3wlLan9IgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZjc2OGZmNmU2ODE4NThjMGVjMTlmM2E5M2ZhMTc5MmNk
MTZjZWVkMzAeFw0yNjA1MDIxOTQyMDdaFw0yNzA1MDExOTQ3MDdaMDMxMTAvBgNV
BAMTKEE0NDlFMTY0Q0ZCMTVFNENEODQ5RTdBRDNFN0VCMjBEMTQ5M0NDNEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3hJ3Y1exjR2eTvi8EoqhbGmM/
vuk5oR4rFUxiLQuyNr6nVRaGPIo+MZqvTDD88oCzg2pGpZR6SLf5ssaPJ8MC7rn7
bJ7hgqMeIX3jcyVISdXr30ZP8CchbxcR/ZU6e9KI5wnZTJQZCdyYn5OPS6t8g6Me
spVcTEFBchzKD0NScDeiQmLu7QkUxDCucGwV40nc3jKDa4kp76nHADZSOZbeo1QU
zRSw+WghDtxDBU53lyczrgOrd88fqi8G+1+5WPwaeekEKmD04CpajecWytSG4UZF
f1Si0sEJpO9rdjHuEHTR1GDUvJONLIpHb/VoYJaBqtupSuH6njI5SQBxvCUlAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUpEnhZM+xXkzYSeetPn6yDRSTzE0wHwYDVR0j
BBgwFoAU92j/bmgYWMDsGfOpP6F5LNFs7tMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMGNjMDg3MzctOTI2Ny00MDJhLTk5ZDQtN2FhYWZlYTQ0
NGVkLzAvRjc2OEZGNkU2ODE4NThDMEVDMTlGM0E5M0ZBMTc5MkNEMTZDRUVEMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzkyal9ibWdZV01Ec0dmT3BQNkY1TE5G
czd0TS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMGNjMDg3Mzct
OTI2Ny00MDJhLTk5ZDQtN2FhYWZlYTQ0NGVkLzAvMzUyZTMyMzIzNjJlMzEzOTMx
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTM1MzIzMzM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
BeK/MA0GCSqGSIb3DQEBCwUAA4IBAQAp/LjYHWDdH5q5bFSgg0OENMhXSDxdjGgA
76lI7iIDwRPEKszpHmcfL2oyZXNlIZw4SxcoTUPO0cxqGjbJ90xQdaeEeAXViB4H
lxgAnLyRJ8oXv9hlcexl2YXLXNMkCz1/sfQuf4wlTfsKardfU5PmVmXiqMtFrN8E
X5KsJM8zeF8m6Sy/oURlZoIzori0K7J2RG+DQuYus4GKk4NT3aQFAftgp5+Eyrsh
t3IVRcpl+sq2NVzyPR52CZJDEn1bUhsyK2uJjk5wNg619qwn3WlEtgRBFPXlzddq
aiv40CDXhrnavB/hBQdiel5RUKwzXVyWMzc8suilw/ytulJEPmb3
-----END CERTIFICATE-----
Generated at Wed May 13 09:36:06 2026 by rpki-client