Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS0.roa
File: AS0.roa (raw, json)
Hash identifier: EuWkHqX9jv7CS5gZOOcjW5MgMreV9ADRjKA65XsKltc=
Subject key identifier: 88:74:C1:5D:C4:59:CB:5C:4E:C5:64:EE:06:B6:F0:81:DF:60:4E:E8
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 46ED70CE96EC58243C37A26A2A44667A11AFECDD
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS0.roa
Signing time: Sun 10 May 2026 11:54:06 +0000
ROA not before: Sun 10 May 2026 11:49:06 +0000
ROA not after: Sun 09 May 2027 11:54:06 +0000
asID: 0
IP address blocks: 193.150.40.0/24 maxlen: 24
2a14:7580:50::/44 maxlen: 44
2a14:7580:b00::/40 maxlen: 48
2a14:7580:ffef::/48 maxlen: 48
2a14:7581::/40 maxlen: 48
2a14:7581:fe6::/48 maxlen: 48
2a14:7581:fea::/48 maxlen: 48
2a14:7581:fec::/48 maxlen: 48
2a14:7581:fed::/48 maxlen: 48
2a14:7581:fef::/48 maxlen: 48
2a14:7581:ff2::/48 maxlen: 48
2a14:7581:ff6::/48 maxlen: 48
2a14:7581:ff7::/48 maxlen: 48
2a14:7581:ffa::/48 maxlen: 48
2a14:7581:ffc::/48 maxlen: 48
2a14:7581:5000::/36 maxlen: 48
2a14:7581:9ff0::/44 maxlen: 48
2a14:7583:4000::/36 maxlen: 48
2a14:7583:8000::/36 maxlen: 48
2a14:7584:1000::/36 maxlen: 48
2a14:7584:3000::/36 maxlen: 48
2a14:7586:7000::/36 maxlen: 48
2a14:7586:9000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 08:48:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:ed:70:ce:96:ec:58:24:3c:37:a2:6a:2a:44:66:7a:11:af:ec:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: May 10 11:49:06 2026 GMT
Not After : May 9 11:54:06 2027 GMT
Subject: CN=8874C15DC459CB5C4EC564EE06B6F081DF604EE8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:fc:c9:98:e2:7d:8b:ea:4c:67:dd:5c:af:09:
55:ca:48:e5:fc:8c:44:14:d8:4b:21:b3:50:35:b0:
c2:ce:57:7d:2b:65:e7:aa:23:5e:7b:7b:ca:38:ec:
3f:20:e6:f9:24:66:27:7b:13:76:42:d3:f3:dc:11:
d2:b4:81:77:13:90:f1:0e:a4:af:7a:c2:b6:83:aa:
5b:ac:c7:be:2e:d2:e6:ab:94:ea:90:f0:93:a9:ed:
f9:61:8b:32:3f:1c:14:b4:9e:f2:0b:d6:d0:fd:e8:
cc:de:86:c2:ed:62:d5:da:4d:43:f7:9b:ab:2c:1a:
18:32:4f:4b:34:fb:e3:e3:db:3d:ba:3b:62:72:e8:
df:da:58:93:25:e3:23:d0:f7:4e:1d:79:0d:60:85:
e3:bc:32:95:39:e9:b8:e5:ac:75:78:3b:07:cf:04:
6e:d2:cf:70:be:09:ef:bc:3f:40:61:15:34:9f:d2:
ed:e6:5e:05:76:fa:2b:da:6b:ad:b6:18:ea:35:d8:
0d:c9:61:b7:ad:99:3f:f1:ea:01:51:97:f6:8e:31:
e0:3e:77:f5:05:3f:2e:8c:2d:3b:ac:a0:a6:ae:4f:
fd:34:bc:c6:de:5d:9f:59:bf:e1:3a:ca:9b:06:7e:
76:ae:7a:bd:b8:ba:43:ae:8f:b5:56:d2:74:dd:e5:
9d:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:74:C1:5D:C4:59:CB:5C:4E:C5:64:EE:06:B6:F0:81:DF:60:4E:E8
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS0.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.150.40.0/24
IPv6:
2a14:7580:50::/44
2a14:7580:b00::/40
2a14:7580:ffef::/48
2a14:7581::/40
2a14:7581:fe6::/48
2a14:7581:fea::/48
2a14:7581:fec::/47
2a14:7581:fef::/48
2a14:7581:ff2::/48
2a14:7581:ff6::/47
2a14:7581:ffa::/48
2a14:7581:ffc::/48
2a14:7581:5000::/36
2a14:7581:9ff0::/44
2a14:7583:4000::/36
2a14:7583:8000::/36
2a14:7584:1000::/36
2a14:7584:3000::/36
2a14:7586:7000::/36
2a14:7586:9000::/36
Signature Algorithm: sha256WithRSAEncryption
98:f6:dd:99:12:50:99:82:52:55:1e:fe:68:ef:6a:6b:fa:fe:
a5:46:b7:aa:cb:98:ae:10:9f:95:56:c6:53:16:a2:4d:09:d4:
c5:0f:3c:d4:77:ec:38:e9:7c:14:f9:43:86:1c:0b:97:82:12:
b7:1a:bd:3d:d3:eb:ca:3c:fb:cc:05:b5:64:e2:be:44:bb:b9:
21:17:3d:0b:2e:36:d6:1b:e8:2d:fd:aa:99:a2:c5:fc:64:63:
76:61:7f:19:be:a8:04:98:7e:82:88:c6:a0:0b:fd:9e:50:8c:
ae:50:da:56:ec:49:e7:e9:c9:42:74:1a:88:f6:5b:08:6f:84:
50:d7:ca:bc:16:d4:5c:e0:a4:ba:68:04:a4:0f:f0:5a:3f:d7:
d1:15:ed:a7:7d:d3:00:18:74:99:61:98:0b:b2:79:7c:0a:56:
ef:63:f2:07:e9:39:f5:be:51:f1:8f:62:43:55:b6:50:26:8f:
c0:0f:92:8f:04:64:dc:37:9e:08:31:b3:70:85:ee:4d:49:b2:
4a:35:97:e4:45:c2:da:fb:53:b5:ad:92:82:43:21:4f:ce:63:
1d:c0:45:53:15:91:85:4e:9a:00:59:26:d6:0b:27:ff:b0:4e:
35:c3:71:35:dd:34:9d:3f:83:c4:72:97:9a:d8:91:1e:7a:51:
6a:da:fe:de
-----BEGIN CERTIFICATE-----
MIIFszCCBJugAwIBAgIURu1wzpbsWCQ8N6JqKkRmehGv7N0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNjA1MTAxMTQ5MDZaFw0yNzA1MDkxMTU0MDZaMDMxMTAvBgNV
BAMTKDg4NzRDMTVEQzQ1OUNCNUM0RUM1NjRFRTA2QjZGMDgxREY2MDRFRTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+/MmY4n2L6kxn3VyvCVXKSOX8
jEQU2Eshs1A1sMLOV30rZeeqI157e8o47D8g5vkkZid7E3ZC0/PcEdK0gXcTkPEO
pK96wraDqlusx74u0uarlOqQ8JOp7flhizI/HBS0nvIL1tD96MzehsLtYtXaTUP3
m6ssGhgyT0s0++Pj2z26O2Jy6N/aWJMl4yPQ904deQ1gheO8MpU56bjlrHV4OwfP
BG7Sz3C+Ce+8P0BhFTSf0u3mXgV2+ivaa622GOo12A3JYbetmT/x6gFRl/aOMeA+
d/UFPy6MLTusoKauT/00vMbeXZ9Zv+E6ypsGfnauer24ukOuj7VW0nTd5Z3dAgMB
AAGjggK9MIICuTAdBgNVHQ4EFgQUiHTBXcRZy1xOxWTuBrbwgd9gTugwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwdgYIKwYBBQUHAQsEajBoMGYGCCsGAQUFBzALhlpyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjCB1gYIKwYBBQUHAQcBAf8EgcYwgcMwDAQCAAEwBgMEAMGWKDCB
sgQCAAIwgasDBwQqFHWAAFADBgAqFHWACwMHACoUdYD/7wMGACoUdYEAAwcAKhR1
gQ/mAwcAKhR1gQ/qAwcBKhR1gQ/sAwcAKhR1gQ/vAwcAKhR1gQ/yAwcBKhR1gQ/2
AwcAKhR1gQ/6AwcAKhR1gQ/8AwYEKhR1gVADBwQqFHWBn/ADBgQqFHWDQAMGBCoU
dYOAAwYEKhR1hBADBgQqFHWEMAMGBCoUdYZwAwYEKhR1hpAwDQYJKoZIhvcNAQEL
BQADggEBAJj23ZkSUJmCUlUe/mjvamv6/qVGt6rLmK4Qn5VWxlMWok0J1MUPPNR3
7DjpfBT5Q4YcC5eCErcavT3T68o8+8wFtWTivkS7uSEXPQsuNtYb6C39qpmixfxk
Y3Zhfxm+qASYfoKIxqAL/Z5QjK5Q2lbsSefpyUJ0Goj2WwhvhFDXyrwW1FzgpLpo
BKQP8Fo/19EV7ad90wAYdJlhmAuyeXwKVu9j8gfpOfW+UfGPYkNVtlAmj8APko8E
ZNw3nggxs3CF7k1Jsko1l+RFwtr7U7WtkoJDIU/OYx3ARVMVkYVOmgBZJtYLJ/+w
TjXDcTXdNJ0/g8Ryl5rYkR56UWra/t4=
-----END CERTIFICATE-----
Generated at Tue May 12 22:37:12 2026 by rpki-client