Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/352e3232362e3134362e302f32342d3234203d3e203538323939.roa
File: 352e3232362e3134362e302f32342d3234203d3e203538323939.roa (raw, json)
Hash identifier: OTY62siYkGA8TjCDBGlStI631WGudjZO+6OJTtXltR8=
Subject key identifier: DD:B0:AF:2B:81:9D:4A:DC:F5:E7:59:4A:7C:84:6D:C2:89:6A:2C:42
Certificate issuer: /CN=fac4708d7e265db1044f9bb0ee8728587f48b484
Certificate serial: 535385A4B8CC8BD642F8CCCED9E0D431ADDE007B
Authority key identifier: FA:C4:70:8D:7E:26:5D:B1:04:4F:9B:B0:EE:87:28:58:7F:48:B4:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-sRwjX4mXbEET5uw7ocoWH9ItIQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/352e3232362e3134362e302f32342d3234203d3e203538323939.roa
Signing time: Wed 06 May 2026 22:13:46 +0000
ROA not before: Wed 06 May 2026 22:08:46 +0000
ROA not after: Wed 05 May 2027 22:13:46 +0000
asID: 58299
IP address blocks: 5.226.146.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/FAC4708D7E265DB1044F9BB0EE8728587F48B484.crl
rsync://rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/FAC4708D7E265DB1044F9BB0EE8728587F48B484.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-sRwjX4mXbEET5uw7ocoWH9ItIQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:53:85:a4:b8:cc:8b:d6:42:f8:cc:ce:d9:e0:d4:31:ad:de:00:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fac4708d7e265db1044f9bb0ee8728587f48b484
Validity
Not Before: May 6 22:08:46 2026 GMT
Not After : May 5 22:13:46 2027 GMT
Subject: CN=DDB0AF2B819D4ADCF5E7594A7C846DC2896A2C42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:bc:c4:df:9a:32:3a:e1:a9:1f:6c:1e:30:53:
3b:19:e7:29:4b:6b:25:bd:0c:b5:27:6b:a3:d2:81:
05:a2:cd:8a:95:5b:63:d5:54:5f:06:bb:f0:80:e6:
4e:21:16:7d:40:85:52:84:1f:bc:ca:88:5a:1e:1e:
a0:4f:7e:6f:38:36:32:be:d0:49:21:c7:50:00:5e:
49:1f:3d:fd:cf:42:b1:3a:57:4d:0f:71:f5:c5:1d:
bb:27:b2:50:f0:20:cf:36:f0:b4:c8:a1:88:d0:2d:
28:3b:58:55:9c:de:e7:0d:0c:e1:d6:c8:2c:76:99:
0f:d5:ec:b4:d3:08:eb:96:cd:79:90:98:71:05:83:
9d:9b:80:d5:2d:67:1d:33:ce:34:83:01:ef:20:bf:
5e:b1:d8:8a:70:1b:59:48:a4:b0:28:94:ef:44:9d:
c5:7c:6f:e1:0e:13:ed:e1:b4:27:ec:5e:30:50:e1:
6f:84:e6:3d:82:5a:a8:9d:c7:23:62:bc:82:da:f6:
5c:6c:e4:fd:a6:56:e7:51:b9:23:63:3c:eb:c3:64:
a9:24:fa:f4:e3:8c:bb:3d:dd:bb:80:e9:4e:b0:53:
9c:98:31:cf:22:99:61:16:56:00:e2:ec:3c:2b:a7:
7a:74:f8:dd:8f:47:4b:b7:d9:e6:04:8d:64:c6:eb:
90:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:B0:AF:2B:81:9D:4A:DC:F5:E7:59:4A:7C:84:6D:C2:89:6A:2C:42
X509v3 Authority Key Identifier:
keyid:FA:C4:70:8D:7E:26:5D:B1:04:4F:9B:B0:EE:87:28:58:7F:48:B4:84
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/FAC4708D7E265DB1044F9BB0EE8728587F48B484.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-sRwjX4mXbEET5uw7ocoWH9ItIQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/352e3232362e3134362e302f32342d3234203d3e203538323939.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.226.146.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:3e:b7:a8:5e:b8:fd:46:30:d8:97:61:66:ee:32:cf:e7:c8:
4c:64:ef:d9:09:03:61:d3:f4:7e:b9:f6:34:e2:5d:48:2a:40:
e0:6c:95:01:72:84:10:dc:40:ba:82:d5:4c:ea:d2:9b:37:23:
6d:1f:44:0f:04:8e:70:bb:23:4d:95:6b:fc:29:60:65:11:62:
7e:51:0c:a0:75:08:94:6e:18:63:2a:c5:ec:5f:b2:5c:ca:21:
a6:fc:97:63:e1:05:9e:de:2a:d5:0d:e4:00:0e:84:2f:2a:37:
b9:71:3d:b4:aa:ee:bc:5b:54:cb:a6:6e:03:a6:ca:a7:bb:21:
69:c2:1e:fa:91:c3:00:bc:54:f0:0c:0b:56:34:7e:5e:3c:90:
99:39:6a:75:52:14:57:c8:cc:dc:af:f6:13:3f:7d:6e:fd:64:
da:7d:73:50:4d:25:62:17:6c:5a:a1:89:fb:ee:5c:fe:00:5c:
a9:bb:72:67:b6:a9:e3:0c:50:8b:2b:5e:05:a5:c9:95:10:38:
68:37:5e:19:d4:3d:a9:b1:4f:6e:b0:c2:9d:9d:36:66:b3:89:
35:c1:94:8e:2c:6e:c5:15:1f:25:1e:b8:ab:d5:2d:3a:63:d8:
63:6c:57:44:90:94:a5:d8:f1:52:39:c2:5f:43:7b:a6:73:22:
3c:91:4c:56
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIUU1OFpLjMi9ZC+MzO2eDUMa3eAHswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZmFjNDcwOGQ3ZTI2NWRiMTA0NGY5YmIwZWU4NzI4NTg3
ZjQ4YjQ4NDAeFw0yNjA1MDYyMjA4NDZaFw0yNzA1MDUyMjEzNDZaMDMxMTAvBgNV
BAMTKEREQjBBRjJCODE5RDRBRENGNUU3NTk0QTdDODQ2REMyODk2QTJDNDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDqvMTfmjI64akfbB4wUzsZ5ylL
ayW9DLUna6PSgQWizYqVW2PVVF8Gu/CA5k4hFn1AhVKEH7zKiFoeHqBPfm84NjK+
0Ekhx1AAXkkfPf3PQrE6V00PcfXFHbsnslDwIM828LTIoYjQLSg7WFWc3ucNDOHW
yCx2mQ/V7LTTCOuWzXmQmHEFg52bgNUtZx0zzjSDAe8gv16x2IpwG1lIpLAolO9E
ncV8b+EOE+3htCfsXjBQ4W+E5j2CWqidxyNivILa9lxs5P2mVudRuSNjPOvDZKkk
+vTjjLs93buA6U6wU5yYMc8imWEWVgDi7Dwrp3p0+N2PR0u32eYEjWTG65CfAgMB
AAGjggI8MIICODAdBgNVHQ4EFgQU3bCvK4GdStz151lKfIRtwolqLEIwHwYDVR0j
BBgwFoAU+sRwjX4mXbEET5uw7ocoWH9ItIQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNWI1OGU2NDYtZTdhMi00NjVjLTg3YzUtNDNjMzU5YWQ5
MzY5LzAvRkFDNDcwOEQ3RTI2NURCMTA0NEY5QkIwRUU4NzI4NTg3RjQ4QjQ4NC5j
cmwwZQYIKwYBBQUHAQEEWTBXMFUGCCsGAQUFBzAChklyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzEtc1J3alg0bVhiRUVUNXV3N29jb1dI
OUl0SVEuY2VyMIGrBggrBgEFBQcBCwSBnjCBmzCBmAYIKwYBBQUHMAuGgYtyc3lu
YzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzViNThlNjQ2
LWU3YTItNDY1Yy04N2M1LTQzYzM1OWFkOTM2OS8wLzM1MmUzMjMyMzYyZTMxMzQz
NjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM1MzgzMjM5Mzkucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAF
4pIwDQYJKoZIhvcNAQELBQADggEBAK4+t6heuP1GMNiXYWbuMs/nyExk79kJA2HT
9H659jTiXUgqQOBslQFyhBDcQLqC1Uzq0ps3I20fRA8EjnC7I02Va/wpYGURYn5R
DKB1CJRuGGMqxexfslzKIab8l2PhBZ7eKtUN5AAOhC8qN7lxPbSq7rxbVMumbgOm
yqe7IWnCHvqRwwC8VPAMC1Y0fl48kJk5anVSFFfIzNyv9hM/fW79ZNp9c1BNJWIX
bFqhifvuXP4AXKm7cme2qeMMUIsrXgWlyZUQOGg3XhnUPamxT26wwp2dNmaziTXB
lI4sbsUVHyUeuKvVLTpj2GNsV0SQlKXY8VI5wl9De6ZzIjyRTFY=
-----END CERTIFICATE-----
Generated at Wed May 13 07:07:55 2026 by rpki-client