Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/35312e3134362e3136302e302f32302d3234203d3e20383334.roa
File: 35312e3134362e3136302e302f32302d3234203d3e20383334.roa (raw, json)
Hash identifier: N5PAmSI6XKwC9WflU1hCtcVZerQjhi8003+KS0E1eKY=
Subject key identifier: 69:27:A4:0F:66:42:9F:5C:83:2C:5A:1B:31:EC:E4:12:B1:BF:C2:06
Certificate issuer: /CN=0e20ccf5083a63b9f5887e3ea39d04e2d62b3da5
Certificate serial: 557D877E8288493C35874B948FDE6020782FF9BD
Authority key identifier: 0E:20:CC:F5:08:3A:63:B9:F5:88:7E:3E:A3:9D:04:E2:D6:2B:3D:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/35312e3134362e3136302e302f32302d3234203d3e20383334.roa
Signing time: Mon 09 Mar 2026 16:26:28 +0000
ROA not before: Mon 09 Mar 2026 16:21:28 +0000
ROA not after: Mon 08 Mar 2027 16:26:28 +0000
asID: 834
IP address blocks: 51.146.160.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.crl
rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.mft
rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 11:13:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:7d:87:7e:82:88:49:3c:35:87:4b:94:8f:de:60:20:78:2f:f9:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e20ccf5083a63b9f5887e3ea39d04e2d62b3da5
Validity
Not Before: Mar 9 16:21:28 2026 GMT
Not After : Mar 8 16:26:28 2027 GMT
Subject: CN=6927A40F66429F5C832C5A1B31ECE412B1BFC206
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:ad:fa:72:96:a0:12:98:30:f9:df:b8:df:b7:
7f:e4:79:ff:18:ae:44:e7:79:c1:2b:af:0b:2d:6e:
a4:0b:43:a7:be:40:0f:8d:e7:c5:f4:8d:dc:33:87:
c8:a0:18:dc:81:e2:84:53:ef:1b:9a:a0:a7:4e:c1:
50:cc:ed:bf:a9:9a:4c:ca:fd:83:9c:12:f6:37:49:
15:b7:a3:d2:f9:ec:7f:55:4b:49:d2:8e:c7:b1:c5:
e6:28:67:df:65:b2:78:74:d4:9c:14:59:68:6f:8f:
bd:c3:75:a4:01:b7:85:04:08:4b:81:49:44:4f:bb:
2e:da:eb:b8:6b:34:c7:47:b6:a6:07:19:15:2a:ec:
0d:ae:e1:dd:96:5f:90:8e:21:f4:e8:29:fb:03:24:
40:5a:f2:2d:b5:57:22:6d:09:7d:42:87:a3:4d:36:
6d:f3:7e:d3:c5:c2:de:a7:cf:57:be:92:53:29:b1:
88:45:03:13:65:8e:80:21:ba:58:5e:f2:5d:4d:85:
93:02:27:78:90:c2:15:1a:78:06:b6:ea:8b:6b:c3:
21:b3:7d:06:19:0e:d0:05:2b:62:66:69:3c:5e:4b:
84:5a:27:48:60:84:21:0f:f1:34:33:17:24:c3:57:
d3:51:48:09:00:25:b4:42:b8:02:24:b7:75:e8:c9:
4b:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:27:A4:0F:66:42:9F:5C:83:2C:5A:1B:31:EC:E4:12:B1:BF:C2:06
X509v3 Authority Key Identifier:
keyid:0E:20:CC:F5:08:3A:63:B9:F5:88:7E:3E:A3:9D:04:E2:D6:2B:3D:A5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/35312e3134362e3136302e302f32302d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.146.160.0/20
Signature Algorithm: sha256WithRSAEncryption
56:fa:8e:75:9f:df:ac:62:7d:84:fb:b7:42:17:99:97:26:c9:
bd:20:ff:72:73:59:ee:aa:04:99:d3:7c:a7:99:a1:a8:2e:a0:
85:73:57:b8:e0:72:bb:cc:c1:cf:32:78:3b:d1:f3:ca:e6:bf:
09:3c:a0:1f:37:ea:65:50:d9:2f:04:f3:3a:c7:f1:d4:bf:7d:
64:5b:ee:ed:b9:e2:99:8d:8a:c7:e9:fd:23:57:89:4f:75:5a:
13:7f:17:1e:aa:d7:a6:aa:b9:f3:76:87:95:94:3a:e0:00:e3:
df:21:0c:6c:50:06:96:b0:38:73:46:60:a9:4f:34:16:f6:26:
bc:df:fe:ac:e2:77:e6:29:2a:62:24:fb:aa:c8:ac:fb:76:6b:
9f:ce:98:e4:82:90:93:f9:c5:3e:14:26:cf:8b:48:8f:89:55:
ae:0c:9a:e1:8e:10:1e:b2:03:b7:ae:2c:f7:6d:5a:4c:29:9f:
6c:16:8a:02:8e:1c:f8:b9:e5:0a:03:85:a0:36:6f:06:06:1b:
76:70:9a:f7:87:3c:06:18:4f:70:e6:a4:12:c5:cf:8d:0c:dd:
f6:ed:f5:94:b1:9f:fa:10:b1:d9:2b:19:78:32:52:44:e1:e3:
37:b8:00:bb:ff:48:b3:7e:a4:1e:b2:d5:21:10:e9:cc:7c:43:
33:8f:f7:66
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUVX2HfoKISTw1h0uUj95gIHgv+b0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGUyMGNjZjUwODNhNjNiOWY1ODg3ZTNlYTM5ZDA0ZTJk
NjJiM2RhNTAeFw0yNjAzMDkxNjIxMjhaFw0yNzAzMDgxNjI2MjhaMDMxMTAvBgNV
BAMTKDY5MjdBNDBGNjY0MjlGNUM4MzJDNUExQjMxRUNFNDEyQjFCRkMyMDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFrfpylqASmDD537jft3/kef8Y
rkTnecErrwstbqQLQ6e+QA+N58X0jdwzh8igGNyB4oRT7xuaoKdOwVDM7b+pmkzK
/YOcEvY3SRW3o9L57H9VS0nSjsexxeYoZ99lsnh01JwUWWhvj73DdaQBt4UECEuB
SURPuy7a67hrNMdHtqYHGRUq7A2u4d2WX5COIfToKfsDJEBa8i21VyJtCX1Ch6NN
Nm3zftPFwt6nz1e+klMpsYhFAxNljoAhulhe8l1NhZMCJ3iQwhUaeAa26otrwyGz
fQYZDtAFK2JmaTxeS4RaJ0hghCEP8TQzFyTDV9NRSAkAJbRCuAIkt3XoyUvXAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUaSekD2ZCn1yDLFobMezkErG/wgYwHwYDVR0j
BBgwFoAUDiDM9Qg6Y7n1iH4+o50E4tYrPaUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTZlNGFjODYtMTgwMy00OTRkLThhN2ItYzA1MWE2MzEw
NzUyLzAvMEUyMENDRjUwODNBNjNCOUY1ODg3RTNFQTM5RDA0RTJENjJCM0RBNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RpRE05UWc2WTduMWlINC1vNTBFNHRZ
clBhVS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOTZlNGFjODYt
MTgwMy00OTRkLThhN2ItYzA1MWE2MzEwNzUyLzAvMzUzMTJlMzEzNDM2MmUzMTM2
MzAyZTMwMmYzMjMwMmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAQzkqAw
DQYJKoZIhvcNAQELBQADggEBAFb6jnWf36xifYT7t0IXmZcmyb0g/3JzWe6qBJnT
fKeZoaguoIVzV7jgcrvMwc8yeDvR88rmvwk8oB836mVQ2S8E8zrH8dS/fWRb7u25
4pmNisfp/SNXiU91WhN/Fx6q16aqufN2h5WUOuAA498hDGxQBpawOHNGYKlPNBb2
Jrzf/qzid+YpKmIk+6rIrPt2a5/OmOSCkJP5xT4UJs+LSI+JVa4MmuGOEB6yA7eu
LPdtWkwpn2wWigKOHPi55QoDhaA2bwYGG3ZwmveHPAYYT3DmpBLFz40M3fbt9ZSx
n/oQsdkrGXgyUkTh4ze4ALv/SLN+pB6y1SEQ6cx8QzOP92Y=
-----END CERTIFICATE-----
Generated at Thu Mar 26 01:47:30 2026 by rpki-client