Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/35312e3134362e3137362e302f32322d3234203d3e2035363530.roa
File: 35312e3134362e3137362e302f32322d3234203d3e2035363530.roa (raw, json)
Hash identifier: HvGMHkc7sEwJtnTQpAlnIQlSIgJ7pnaRdb6IOo2+pR0=
Subject key identifier: 91:40:FF:2A:DC:06:C3:0A:CF:0F:7D:74:8A:DC:29:83:F5:58:1A:2A
Certificate issuer: /CN=0e20ccf5083a63b9f5887e3ea39d04e2d62b3da5
Certificate serial: 10A504C0463E743EB27EA5076C906E46A235F575
Authority key identifier: 0E:20:CC:F5:08:3A:63:B9:F5:88:7E:3E:A3:9D:04:E2:D6:2B:3D:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/35312e3134362e3137362e302f32322d3234203d3e2035363530.roa
Signing time: Mon 09 Mar 2026 16:25:00 +0000
ROA not before: Mon 09 Mar 2026 16:20:00 +0000
ROA not after: Mon 08 Mar 2027 16:25:00 +0000
asID: 5650
IP address blocks: 51.146.176.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.crl
rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.mft
rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:a5:04:c0:46:3e:74:3e:b2:7e:a5:07:6c:90:6e:46:a2:35:f5:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e20ccf5083a63b9f5887e3ea39d04e2d62b3da5
Validity
Not Before: Mar 9 16:20:00 2026 GMT
Not After : Mar 8 16:25:00 2027 GMT
Subject: CN=9140FF2ADC06C30ACF0F7D748ADC2983F5581A2A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:d8:f9:74:dd:55:01:a2:c6:f5:0c:31:5b:b9:
5d:25:9d:3f:64:08:57:65:16:4e:48:da:1c:11:6b:
eb:3e:3c:50:c1:6e:a3:12:94:5e:52:5a:c8:ed:89:
99:19:a8:a8:41:03:3c:7f:e1:d4:2f:8e:c9:84:52:
4a:33:e1:14:e5:6e:e2:50:b8:60:a7:28:4a:68:70:
2a:bd:7f:9a:24:e4:d3:7b:b2:64:85:07:62:9c:4f:
5c:8b:3d:1f:18:6f:ac:5b:79:89:e1:c8:19:e8:a5:
7d:46:5b:51:54:23:d4:c9:6b:03:28:c6:37:ad:76:
d7:a7:ac:1f:1f:d1:f5:06:15:4e:2c:b5:bd:7a:e4:
2b:dc:b3:23:61:fc:af:6a:32:9c:ba:aa:c2:63:a9:
7a:e8:f2:f8:bb:08:71:ed:20:21:90:33:20:b7:c3:
46:2e:3d:53:b7:74:ee:62:5b:55:f3:fa:f3:bc:16:
9f:af:5c:27:49:75:75:48:31:47:39:d4:fd:bc:2f:
9f:bc:0f:8c:b1:69:87:62:ef:0f:48:ba:11:c8:b1:
0b:11:25:4f:3d:68:f5:a9:76:b2:59:9b:64:31:06:
28:04:bc:b2:6e:5e:dc:ac:ab:26:31:f9:1a:d1:c8:
f7:cc:45:01:c3:ac:8d:f3:88:bf:9a:86:87:c7:7a:
ba:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:40:FF:2A:DC:06:C3:0A:CF:0F:7D:74:8A:DC:29:83:F5:58:1A:2A
X509v3 Authority Key Identifier:
keyid:0E:20:CC:F5:08:3A:63:B9:F5:88:7E:3E:A3:9D:04:E2:D6:2B:3D:A5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/35312e3134362e3137362e302f32322d3234203d3e2035363530.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.146.176.0/22
Signature Algorithm: sha256WithRSAEncryption
69:6b:37:ba:4d:91:33:dd:39:29:e0:a8:2f:bf:54:95:92:9c:
d7:3a:4f:99:03:16:54:bd:fd:ae:48:39:ed:20:f0:43:f5:60:
97:6f:7d:48:e8:54:17:83:38:02:75:ce:91:0f:9f:fb:28:33:
6d:fb:74:60:ca:88:0d:f2:24:5d:d3:3d:74:c5:0d:55:ec:6f:
23:cb:df:1a:7f:5d:64:0e:32:48:5d:bd:a3:7e:fa:92:99:ca:
78:4d:f0:d6:5d:45:91:2e:82:4f:4e:16:03:97:fe:b3:3f:dd:
b5:0e:40:80:7b:de:97:8e:0b:87:4b:33:8f:ad:20:32:8b:42:
54:e6:d2:ab:57:ec:53:af:cb:ae:f4:7d:e2:a5:3a:07:94:dd:
f7:81:81:6d:49:04:4d:ad:d8:9f:84:62:01:a1:5c:54:a5:37:
f2:c8:6f:1e:b7:3e:0c:4e:65:4e:22:12:ea:57:9b:43:3c:9a:
7d:9a:f2:2f:4a:13:8a:0a:03:21:1a:52:82:74:57:ab:fe:8f:
de:21:50:9e:a9:e5:ee:74:50:d1:77:9c:4a:0e:c9:a7:61:f9:
df:de:b6:d4:aa:fe:31:56:d8:14:32:64:63:4d:b1:ec:1f:67:
8f:c8:18:2f:92:ec:bf:a5:85:a6:24:50:c8:18:fa:50:68:d9:
d7:f7:71:d0
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUEKUEwEY+dD6yfqUHbJBuRqI19XUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGUyMGNjZjUwODNhNjNiOWY1ODg3ZTNlYTM5ZDA0ZTJk
NjJiM2RhNTAeFw0yNjAzMDkxNjIwMDBaFw0yNzAzMDgxNjI1MDBaMDMxMTAvBgNV
BAMTKDkxNDBGRjJBREMwNkMzMEFDRjBGN0Q3NDhBREMyOTgzRjU1ODFBMkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCr2Pl03VUBosb1DDFbuV0lnT9k
CFdlFk5I2hwRa+s+PFDBbqMSlF5SWsjtiZkZqKhBAzx/4dQvjsmEUkoz4RTlbuJQ
uGCnKEpocCq9f5ok5NN7smSFB2KcT1yLPR8Yb6xbeYnhyBnopX1GW1FUI9TJawMo
xjetdtenrB8f0fUGFU4stb165CvcsyNh/K9qMpy6qsJjqXro8vi7CHHtICGQMyC3
w0YuPVO3dO5iW1Xz+vO8Fp+vXCdJdXVIMUc51P28L5+8D4yxaYdi7w9IuhHIsQsR
JU89aPWpdrJZm2QxBigEvLJuXtysqyYx+RrRyPfMRQHDrI3ziL+ahofHerpNAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUkUD/KtwGwwrPD310itwpg/VYGiowHwYDVR0j
BBgwFoAUDiDM9Qg6Y7n1iH4+o50E4tYrPaUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTZlNGFjODYtMTgwMy00OTRkLThhN2ItYzA1MWE2MzEw
NzUyLzAvMEUyMENDRjUwODNBNjNCOUY1ODg3RTNFQTM5RDA0RTJENjJCM0RBNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RpRE05UWc2WTduMWlINC1vNTBFNHRZ
clBhVS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOTZlNGFjODYt
MTgwMy00OTRkLThhN2ItYzA1MWE2MzEwNzUyLzAvMzUzMTJlMzEzNDM2MmUzMTM3
MzYyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzNTM2MzUzMC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAjOS
sDANBgkqhkiG9w0BAQsFAAOCAQEAaWs3uk2RM905KeCoL79UlZKc1zpPmQMWVL39
rkg57SDwQ/Vgl299SOhUF4M4AnXOkQ+f+ygzbft0YMqIDfIkXdM9dMUNVexvI8vf
Gn9dZA4ySF29o376kpnKeE3w1l1FkS6CT04WA5f+sz/dtQ5AgHvel44Lh0szj60g
MotCVObSq1fsU6/LrvR94qU6B5Td94GBbUkETa3Yn4RiAaFcVKU38shvHrc+DE5l
TiIS6lebQzyafZryL0oTigoDIRpSgnRXq/6P3iFQnqnl7nRQ0XecSg7Jp2H53962
1Kr+MVbYFDJkY02x7B9nj8gYL5Lsv6WFpiRQyBj6UGjZ1/dx0A==
-----END CERTIFICATE-----
Generated at Thu Mar 26 09:36:31 2026 by rpki-client