Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS0.roa
File: AS0.roa (raw, json)
Hash identifier: xLb1D91QRJgrnOepi+XouGkkkWzB9aUjoxoZ5k4GgZM=
Subject key identifier: 96:B0:9C:35:F9:2A:E0:91:49:B2:7A:91:E7:BA:1D:B3:9F:67:FE:30
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 30A2820C3817D31793EA015CE5262E98353ED652
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS0.roa
Signing time: Mon 23 Mar 2026 21:44:16 +0000
ROA not before: Mon 23 Mar 2026 21:39:16 +0000
ROA not after: Mon 22 Mar 2027 21:44:16 +0000
asID: 0
IP address blocks: 193.150.40.0/24 maxlen: 24
2a14:7580:50::/44 maxlen: 44
2a14:7580:b00::/40 maxlen: 48
2a14:7580:4000::/36 maxlen: 48
2a14:7580:e700::/40 maxlen: 48
2a14:7580:e800::/40 maxlen: 48
2a14:7580:e900::/40 maxlen: 48
2a14:7580:ea00::/40 maxlen: 48
2a14:7580:eb00::/40 maxlen: 48
2a14:7580:ec00::/40 maxlen: 48
2a14:7580:ffef::/48 maxlen: 48
2a14:7581:fe6::/48 maxlen: 48
2a14:7581:fea::/48 maxlen: 48
2a14:7581:fec::/48 maxlen: 48
2a14:7581:ff2::/48 maxlen: 48
2a14:7581:ff7::/48 maxlen: 48
2a14:7581:ffa::/48 maxlen: 48
2a14:7581:ffc::/48 maxlen: 48
2a14:7581:9f60::/44 maxlen: 48
2a14:7581:9f70::/44 maxlen: 48
2a14:7581:9f80::/44 maxlen: 48
2a14:7581:9f90::/44 maxlen: 48
2a14:7583:3000::/36 maxlen: 48
2a14:7583:8000::/36 maxlen: 48
2a14:7583:e800::/40 maxlen: 48
2a14:7586:e000::/36 maxlen: 48
2a14:7587::/32 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:a2:82:0c:38:17:d3:17:93:ea:01:5c:e5:26:2e:98:35:3e:d6:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Mar 23 21:39:16 2026 GMT
Not After : Mar 22 21:44:16 2027 GMT
Subject: CN=96B09C35F92AE09149B27A91E7BA1DB39F67FE30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:c0:0a:02:34:b0:44:4c:35:40:49:e8:c5:38:
01:c4:31:f9:44:60:c7:8d:18:f2:54:33:4b:ca:aa:
f2:cd:a9:4b:94:27:db:48:e5:19:56:ad:5d:a2:cc:
a8:ca:51:01:d7:4e:cf:b9:49:eb:24:04:ff:10:9c:
41:8e:f3:09:d8:b4:b4:ca:d3:72:8a:d6:6f:c2:61:
0f:da:9f:c9:57:cc:d4:f9:df:71:c7:8f:41:bf:89:
f3:10:3a:51:9f:c3:4f:db:42:9b:77:f3:19:07:e3:
bc:98:62:c7:b8:c9:a7:7a:b7:19:90:81:9c:ca:f2:
2b:55:82:f0:d3:4f:79:cc:be:9c:55:d4:44:1c:5c:
a3:9d:f5:2f:1d:2d:81:d4:23:54:3d:31:e8:64:1f:
df:76:eb:7c:ff:dd:8d:7a:9a:8e:05:3a:e8:7c:17:
ce:1b:5b:e6:16:ec:e9:3b:69:5c:98:41:dc:f8:e0:
fa:7c:e8:c7:4f:e8:0f:76:ee:ba:66:2f:32:ac:ad:
ea:cf:f3:71:08:bb:14:88:e2:97:e5:0c:97:fc:52:
3e:4b:28:48:77:6e:56:f4:ae:83:81:ba:c9:3f:c5:
5c:88:22:23:00:c0:13:a3:67:6c:ed:7f:0e:98:9f:
55:14:4c:61:a9:92:10:71:dc:92:77:86:87:09:b9:
24:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:B0:9C:35:F9:2A:E0:91:49:B2:7A:91:E7:BA:1D:B3:9F:67:FE:30
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS0.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.150.40.0/24
IPv6:
2a14:7580:50::/44
2a14:7580:b00::/40
2a14:7580:4000::/36
2a14:7580:e700::-2a14:7580:ecff:ffff:ffff:ffff:ffff:ffff
2a14:7580:ffef::/48
2a14:7581:fe6::/48
2a14:7581:fea::/48
2a14:7581:fec::/48
2a14:7581:ff2::/48
2a14:7581:ff7::/48
2a14:7581:ffa::/48
2a14:7581:ffc::/48
2a14:7581:9f60::-2a14:7581:9f9f:ffff:ffff:ffff:ffff:ffff
2a14:7583:3000::/36
2a14:7583:8000::/36
2a14:7583:e800::/40
2a14:7586:e000::/36
2a14:7587::/32
Signature Algorithm: sha256WithRSAEncryption
06:89:dc:01:6e:9c:d5:90:a5:d0:3b:65:93:e3:d2:90:72:3f:
4c:c9:b1:e0:30:31:fd:3f:25:76:08:c2:13:3b:70:e4:54:74:
ea:5d:de:60:fe:f6:39:33:d9:19:41:ee:bd:31:d0:f6:a7:4a:
9c:dc:09:1d:30:72:d5:0d:5e:a5:d4:fe:26:f1:02:6b:06:ea:
22:33:8b:84:22:b9:ca:b9:f4:30:43:ea:ba:ac:4f:23:66:58:
1f:70:c2:2c:78:f7:37:08:0f:cf:fe:70:b4:2f:7d:fe:09:5d:
96:c8:51:74:9b:28:07:a9:6f:75:73:e6:23:28:e1:ac:c7:21:
36:d2:20:f8:af:8d:74:71:36:01:c8:b3:d7:aa:3f:0f:b9:ea:
17:21:ba:ed:24:7a:58:03:c7:dd:ea:e2:7a:75:7a:9a:a2:9d:
05:bd:e5:b8:79:85:c2:d3:ad:a4:02:97:9e:57:94:cb:88:0f:
72:98:59:62:4a:25:bd:8e:64:5e:ad:e3:28:ce:45:89:18:a0:
d0:a7:34:c9:87:6c:17:56:85:d9:9e:a8:27:c0:83:aa:30:4b:
60:0f:e9:f8:0f:0c:f7:67:67:f1:fa:23:d0:1f:28:ed:85:a2:
c3:e7:f3:2c:29:89:29:ba:d8:28:a2:d1:c3:c2:03:f5:e7:56:
6d:94:76:17
-----BEGIN CERTIFICATE-----
MIIFtjCCBJ6gAwIBAgIUMKKCDDgX0xeT6gFc5SYumDU+1lIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNjAzMjMyMTM5MTZaFw0yNzAzMjIyMTQ0MTZaMDMxMTAvBgNV
BAMTKDk2QjA5QzM1RjkyQUUwOTE0OUIyN0E5MUU3QkExREIzOUY2N0ZFMzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCWwAoCNLBETDVASejFOAHEMflE
YMeNGPJUM0vKqvLNqUuUJ9tI5RlWrV2izKjKUQHXTs+5SeskBP8QnEGO8wnYtLTK
03KK1m/CYQ/an8lXzNT533HHj0G/ifMQOlGfw0/bQpt38xkH47yYYse4yad6txmQ
gZzK8itVgvDTT3nMvpxV1EQcXKOd9S8dLYHUI1Q9MehkH99263z/3Y16mo4FOuh8
F84bW+YW7Ok7aVyYQdz44Pp86MdP6A927rpmLzKsrerP83EIuxSI4pflDJf8Uj5L
KEh3blb0roOBusk/xVyIIiMAwBOjZ2ztfw6Yn1UUTGGpkhBx3JJ3hocJuSSrAgMB
AAGjggLAMIICvDAdBgNVHQ4EFgQUlrCcNfkq4JFJsnqR57ods59n/jAwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwdgYIKwYBBQUHAQsEajBoMGYGCCsGAQUFBzALhlpyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjCB2QYIKwYBBQUHAQcBAf8EgckwgcYwDAQCAAEwBgMEAMGWKDCB
tQQCAAIwga4DBwQqFHWAAFADBgAqFHWACwMGBCoUdYBAMBADBgAqFHWA5wMGACoU
dYDsAwcAKhR1gP/vAwcAKhR1gQ/mAwcAKhR1gQ/qAwcAKhR1gQ/sAwcAKhR1gQ/y
AwcAKhR1gQ/3AwcAKhR1gQ/6AwcAKhR1gQ/8MBIDBwUqFHWBn2ADBwUqFHWBn4AD
BgQqFHWDMAMGBCoUdYOAAwYAKhR1g+gDBgQqFHWG4AMFACoUdYcwDQYJKoZIhvcN
AQELBQADggEBAAaJ3AFunNWQpdA7ZZPj0pByP0zJseAwMf0/JXYIwhM7cORUdOpd
3mD+9jkz2RlB7r0x0PanSpzcCR0wctUNXqXU/ibxAmsG6iIzi4Qiucq59DBD6rqs
TyNmWB9wwix49zcID8/+cLQvff4JXZbIUXSbKAepb3Vz5iMo4azHITbSIPivjXRx
NgHIs9eqPw+56hchuu0kelgDx93q4np1epqinQW95bh5hcLTraQCl55XlMuID3KY
WWJKJb2OZF6t4yjORYkYoNCnNMmHbBdWhdmeqCfAg6owS2AP6fgPDPdnZ/H6I9Af
KO2FosPn8ywpiSm62Cii0cPCA/XnVm2Udhc=
-----END CERTIFICATE-----
Generated at Thu Mar 26 01:46:14 2026 by rpki-client