Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3135302e3235312e3232382e302f32342d3234203d3e20323136313239.roa
File: 3135302e3235312e3232382e302f32342d3234203d3e20323136313239.roa (raw, json)
Hash identifier: ymjbqRa7LlbWqFxGGhUyWJeWONvw58RqD6TISmOcLfs=
Subject key identifier: E7:6A:57:DB:66:A5:C6:0A:6F:11:36:5A:9F:51:9B:90:1C:32:EE:70
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 546EF462932DA1AF41D3F3C04605133C8170A2DE
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3135302e3235312e3232382e302f32342d3234203d3e20323136313239.roa
Signing time: Sat 09 May 2026 09:59:02 +0000
ROA not before: Sat 09 May 2026 09:54:02 +0000
ROA not after: Sat 08 May 2027 09:59:02 +0000
asID: 216129
IP address blocks: 150.251.228.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.mft
rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 01:10:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:6e:f4:62:93:2d:a1:af:41:d3:f3:c0:46:05:13:3c:81:70:a2:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: May 9 09:54:02 2026 GMT
Not After : May 8 09:59:02 2027 GMT
Subject: CN=E76A57DB66A5C60A6F11365A9F519B901C32EE70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:ec:c5:d5:be:9d:a3:2e:0d:06:df:14:e4:cf:
02:44:56:87:ed:86:45:c2:a7:04:9c:ac:cf:ba:6e:
7f:0c:3a:ec:c9:aa:6e:8d:f2:d2:86:f5:4a:8b:60:
a4:c6:00:08:6e:57:5b:39:20:dd:5e:ce:86:f0:7f:
09:4a:a1:c4:19:d1:00:0c:38:76:34:9b:02:d6:2e:
97:b3:62:d0:8b:68:ec:53:d4:80:98:d7:1e:f0:6d:
d8:12:16:ba:13:ef:bd:ff:8c:fc:2b:16:47:55:a8:
c2:1d:30:3f:63:96:2a:0c:47:1f:91:57:0c:d1:6e:
89:22:1c:b6:67:12:98:55:02:9d:10:02:76:bf:aa:
1f:f6:d3:83:d5:df:07:01:18:c8:d4:46:12:af:0b:
5c:59:5a:e0:1d:80:d5:2c:ce:46:bc:a5:ea:25:30:
db:0c:05:ae:0f:5a:0a:6e:a1:15:41:4c:fc:c0:f6:
05:ac:97:8b:ba:5c:66:bf:65:48:f2:5e:d6:57:02:
c7:e5:e8:e2:d4:5d:91:e4:3e:22:0d:79:eb:32:c7:
1b:6c:a4:3e:30:c8:71:a7:2f:c4:bf:38:b5:70:36:
7f:82:7a:84:19:21:cb:e2:12:c3:65:f6:36:60:4d:
5f:d0:6d:72:b4:31:f5:4a:13:8c:a9:e1:39:0d:30:
50:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:6A:57:DB:66:A5:C6:0A:6F:11:36:5A:9F:51:9B:90:1C:32:EE:70
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3135302e3235312e3232382e302f32342d3234203d3e20323136313239.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
150.251.228.0/24
Signature Algorithm: sha256WithRSAEncryption
47:6b:47:0b:22:e7:70:c5:56:12:e2:74:f1:bd:aa:40:39:49:
29:07:8d:e1:3c:1f:5b:9b:d0:db:30:03:fe:b9:74:91:0c:7f:
79:ac:bd:f8:3e:a6:e5:1e:7a:35:b0:d0:ae:e0:9a:cd:25:fa:
86:5a:37:b4:4b:bc:37:40:95:21:eb:90:c8:5d:9b:c5:82:de:
b6:d3:a7:0b:c3:59:09:34:ac:55:ce:8b:c0:9c:9f:32:da:bb:
48:4a:df:f3:36:81:ab:ef:85:cf:b1:0b:8b:42:05:8d:16:9d:
29:ba:07:59:c7:18:cb:b6:8b:50:a4:30:cd:38:97:34:1f:06:
d3:a2:ef:f9:4c:9c:43:82:44:d2:e5:5e:11:4a:7c:ce:ea:27:
e3:90:da:08:3c:af:1a:5d:7c:fe:46:22:4a:69:9d:63:56:df:
db:ac:33:bf:4e:78:9d:ed:42:c8:f3:4b:50:a3:c5:ae:2a:24:
be:e3:42:ad:d1:4d:00:e6:52:35:a5:17:e0:17:58:a5:4d:61:
33:91:d1:72:60:0f:ef:72:f9:b0:c8:e1:4a:4d:af:15:36:39:
41:5a:07:f9:0a:84:d7:c1:78:bd:65:90:3e:43:30:bb:15:31:
29:df:93:21:d5:79:c4:a7:f2:4e:7b:4b:e1:8c:b5:7b:37:71:
dc:19:db:16
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUVG70YpMtoa9B0/PARgUTPIFwot4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNjA1MDkwOTU0MDJaFw0yNzA1MDgwOTU5MDJaMDMxMTAvBgNV
BAMTKEU3NkE1N0RCNjZBNUM2MEE2RjExMzY1QTlGNTE5QjkwMUMzMkVFNzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDB7MXVvp2jLg0G3xTkzwJEVoft
hkXCpwScrM+6bn8MOuzJqm6N8tKG9UqLYKTGAAhuV1s5IN1ezobwfwlKocQZ0QAM
OHY0mwLWLpezYtCLaOxT1ICY1x7wbdgSFroT773/jPwrFkdVqMIdMD9jlioMRx+R
VwzRbokiHLZnEphVAp0QAna/qh/204PV3wcBGMjURhKvC1xZWuAdgNUszka8peol
MNsMBa4PWgpuoRVBTPzA9gWsl4u6XGa/ZUjyXtZXAsfl6OLUXZHkPiINeesyxxts
pD4wyHGnL8S/OLVwNn+CeoQZIcviEsNl9jZgTV/QbXK0MfVKE4yp4TkNMFCPAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU52pX22alxgpvETZan1GbkBwy7nAwHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExM2RkYTYt
N2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4Y2ExLzEvMzEzNTMwMmUzMjM1MzEyZTMy
MzIzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzNjMxMzIzOS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAJb75DANBgkqhkiG9w0BAQsFAAOCAQEAR2tHCyLncMVWEuJ08b2qQDlJKQeN
4TwfW5vQ2zAD/rl0kQx/eay9+D6m5R56NbDQruCazSX6hlo3tEu8N0CVIeuQyF2b
xYLettOnC8NZCTSsVc6LwJyfMtq7SErf8zaBq++Fz7ELi0IFjRadKboHWccYy7aL
UKQwzTiXNB8G06Lv+UycQ4JE0uVeEUp8zuon45DaCDyvGl18/kYiSmmdY1bf26wz
v054ne1CyPNLUKPFriokvuNCrdFNAOZSNaUX4BdYpU1hM5HRcmAP73L5sMjhSk2v
FTY5QVoH+QqE18F4vWWQPkMwuxUxKd+TIdV5xKfyTntL4Yy1ezdx3BnbFg==
-----END CERTIFICATE-----
Generated at Wed May 13 10:39:25 2026 by rpki-client