Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/352e3232362e3134342e302f32312d3231203d3e203538323939.roa
File: 352e3232362e3134342e302f32312d3231203d3e203538323939.roa (raw, json)
Hash identifier: 9Du58jIfrC4IOAewMm3gmrSSjSaHNUeGPoXXxkc+8h8=
Subject key identifier: CC:39:D9:CD:2B:E4:18:DB:65:CE:67:32:B1:C8:AB:CC:2F:08:FC:C3
Certificate issuer: /CN=fac4708d7e265db1044f9bb0ee8728587f48b484
Certificate serial: 4CF1D6B2FB1844B482EBD6001DCBD0A488FBD771
Authority key identifier: FA:C4:70:8D:7E:26:5D:B1:04:4F:9B:B0:EE:87:28:58:7F:48:B4:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-sRwjX4mXbEET5uw7ocoWH9ItIQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/352e3232362e3134342e302f32312d3231203d3e203538323939.roa
Signing time: Wed 06 May 2026 22:13:43 +0000
ROA not before: Wed 06 May 2026 22:08:43 +0000
ROA not after: Wed 05 May 2027 22:13:43 +0000
asID: 58299
IP address blocks: 5.226.144.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/FAC4708D7E265DB1044F9BB0EE8728587F48B484.crl
rsync://rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/FAC4708D7E265DB1044F9BB0EE8728587F48B484.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-sRwjX4mXbEET5uw7ocoWH9ItIQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:f1:d6:b2:fb:18:44:b4:82:eb:d6:00:1d:cb:d0:a4:88:fb:d7:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fac4708d7e265db1044f9bb0ee8728587f48b484
Validity
Not Before: May 6 22:08:43 2026 GMT
Not After : May 5 22:13:43 2027 GMT
Subject: CN=CC39D9CD2BE418DB65CE6732B1C8ABCC2F08FCC3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:e1:1c:d1:b0:21:1b:04:21:b4:91:8c:d6:d6:
22:4f:33:e6:b0:ba:01:e8:98:37:a1:4b:da:55:8a:
9a:a3:3c:f3:f0:f9:44:41:4b:5e:9f:66:35:8f:7d:
94:61:ac:ef:51:30:79:08:c8:e5:64:14:60:09:c0:
f1:4a:fe:7b:f3:fa:16:a5:a9:57:d4:59:aa:8c:6b:
05:cf:35:30:d3:e4:4b:40:1c:7d:f5:2a:9e:4e:ca:
ab:0d:db:33:d5:ea:fe:ee:b3:cd:7a:a5:56:4d:d1:
cf:93:25:17:82:50:cd:c6:61:e3:6e:86:2f:11:95:
75:82:6d:01:e0:96:81:28:fd:19:49:da:58:03:12:
86:d5:18:7d:68:8f:ce:bc:5b:11:65:b2:a6:3f:95:
d8:0b:b8:78:8e:97:71:cb:ab:22:eb:71:56:5f:ed:
14:bd:53:86:f5:f7:e6:c9:a7:c6:07:17:7e:ec:83:
1d:c4:a1:c6:a6:7c:e9:25:3a:d5:e6:d6:2d:ee:f0:
59:51:3e:64:d3:e9:8b:23:37:ab:f0:57:5c:06:31:
29:1e:37:24:4a:00:57:90:3d:ed:49:11:ec:9e:05:
d4:ea:22:15:70:31:2a:75:cc:f2:0a:4e:ef:7a:6d:
6b:04:af:3a:5e:d3:32:aa:a1:2d:62:05:7c:47:2d:
2e:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:39:D9:CD:2B:E4:18:DB:65:CE:67:32:B1:C8:AB:CC:2F:08:FC:C3
X509v3 Authority Key Identifier:
keyid:FA:C4:70:8D:7E:26:5D:B1:04:4F:9B:B0:EE:87:28:58:7F:48:B4:84
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/FAC4708D7E265DB1044F9BB0EE8728587F48B484.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-sRwjX4mXbEET5uw7ocoWH9ItIQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/352e3232362e3134342e302f32312d3231203d3e203538323939.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.226.144.0/21
Signature Algorithm: sha256WithRSAEncryption
0d:62:a9:b4:a4:16:21:e5:20:78:bb:e0:66:30:ec:8d:6c:8c:
81:6a:bf:c9:0b:85:f4:60:d6:fd:39:21:f6:d5:b8:48:e8:f7:
57:4c:71:b2:2e:e3:db:d7:55:5e:8c:9f:4b:9d:b2:65:27:d2:
47:5d:9c:7d:0d:2a:66:5f:34:6f:cf:01:15:3b:85:c2:4e:7d:
b3:c2:f9:c9:74:5d:b4:3f:9a:32:00:a3:76:6a:3b:3a:42:0e:
58:e1:7f:3d:d5:77:51:33:b9:81:d1:c8:3b:df:24:bf:5a:36:
db:f1:fb:a6:f2:b1:6e:59:e8:03:a2:03:c1:8f:b6:2f:c4:d9:
d8:0e:22:92:96:12:91:36:c9:91:11:9c:3c:54:1e:28:e4:e3:
4f:fb:df:0d:5f:46:37:ea:9c:56:5d:2d:c1:93:20:1c:80:84:
c1:18:78:73:8d:1b:45:0e:ce:ac:95:91:3b:88:29:73:2b:39:
c9:6d:dd:36:ee:86:74:dc:c3:d7:a9:0e:dd:e1:64:c1:e2:fc:
1b:17:c6:2c:fa:46:9e:f5:0e:69:df:40:10:91:5d:a6:a0:bb:
8c:30:1c:ad:7f:83:1c:34:38:10:db:d2:f5:11:24:d5:9a:e0:
a6:c9:b2:0a:32:c1:85:71:16:8f:a3:74:a4:09:5b:bc:54:00:
3b:78:9d:3e
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIUTPHWsvsYRLSC69YAHcvQpIj713EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZmFjNDcwOGQ3ZTI2NWRiMTA0NGY5YmIwZWU4NzI4NTg3
ZjQ4YjQ4NDAeFw0yNjA1MDYyMjA4NDNaFw0yNzA1MDUyMjEzNDNaMDMxMTAvBgNV
BAMTKENDMzlEOUNEMkJFNDE4REI2NUNFNjczMkIxQzhBQkNDMkYwOEZDQzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDf4RzRsCEbBCG0kYzW1iJPM+aw
ugHomDehS9pVipqjPPPw+URBS16fZjWPfZRhrO9RMHkIyOVkFGAJwPFK/nvz+hal
qVfUWaqMawXPNTDT5EtAHH31Kp5OyqsN2zPV6v7us816pVZN0c+TJReCUM3GYeNu
hi8RlXWCbQHgloEo/RlJ2lgDEobVGH1oj868WxFlsqY/ldgLuHiOl3HLqyLrcVZf
7RS9U4b19+bJp8YHF37sgx3EocamfOklOtXm1i3u8FlRPmTT6YsjN6vwV1wGMSke
NyRKAFeQPe1JEeyeBdTqIhVwMSp1zPIKTu96bWsErzpe0zKqoS1iBXxHLS4NAgMB
AAGjggI8MIICODAdBgNVHQ4EFgQUzDnZzSvkGNtlzmcyscirzC8I/MMwHwYDVR0j
BBgwFoAU+sRwjX4mXbEET5uw7ocoWH9ItIQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNWI1OGU2NDYtZTdhMi00NjVjLTg3YzUtNDNjMzU5YWQ5
MzY5LzAvRkFDNDcwOEQ3RTI2NURCMTA0NEY5QkIwRUU4NzI4NTg3RjQ4QjQ4NC5j
cmwwZQYIKwYBBQUHAQEEWTBXMFUGCCsGAQUFBzAChklyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzEtc1J3alg0bVhiRUVUNXV3N29jb1dI
OUl0SVEuY2VyMIGrBggrBgEFBQcBCwSBnjCBmzCBmAYIKwYBBQUHMAuGgYtyc3lu
YzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzViNThlNjQ2
LWU3YTItNDY1Yy04N2M1LTQzYzM1OWFkOTM2OS8wLzM1MmUzMjMyMzYyZTMxMzQz
NDJlMzAyZjMyMzEyZDMyMzEyMDNkM2UyMDM1MzgzMjM5Mzkucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAMF
4pAwDQYJKoZIhvcNAQELBQADggEBAA1iqbSkFiHlIHi74GYw7I1sjIFqv8kLhfRg
1v05IfbVuEjo91dMcbIu49vXVV6Mn0udsmUn0kddnH0NKmZfNG/PARU7hcJOfbPC
+cl0XbQ/mjIAo3ZqOzpCDljhfz3Vd1EzuYHRyDvfJL9aNtvx+6bysW5Z6AOiA8GP
ti/E2dgOIpKWEpE2yZERnDxUHijk40/73w1fRjfqnFZdLcGTIByAhMEYeHONG0UO
zqyVkTuIKXMrOclt3TbuhnTcw9epDt3hZMHi/BsXxiz6Rp71DmnfQBCRXaagu4ww
HK1/gxw0OBDb0vURJNWa4KbJsgoywYVxFo+jdKQJW7xUADt4nT4=
-----END CERTIFICATE-----
Generated at Wed May 13 06:42:39 2026 by rpki-client