Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/35312e3134362e3230382e302f32332d3234203d3e203432363839.roa
File: 35312e3134362e3230382e302f32332d3234203d3e203432363839.roa (raw, json)
Hash identifier: Je2BXR2nvwBAr489UPmk0+xbPmpTDLvFqn9cW7SfY68=
Subject key identifier: E5:1D:0E:5A:3E:D4:72:F8:0B:31:B7:7E:DB:2B:33:04:BD:50:44:B3
Certificate issuer: /CN=0e20ccf5083a63b9f5887e3ea39d04e2d62b3da5
Certificate serial: 7A05AC1AD72F4F61673AC3852C36E222839CFE33
Authority key identifier: 0E:20:CC:F5:08:3A:63:B9:F5:88:7E:3E:A3:9D:04:E2:D6:2B:3D:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/35312e3134362e3230382e302f32332d3234203d3e203432363839.roa
Signing time: Tue 17 Mar 2026 14:56:16 +0000
ROA not before: Tue 17 Mar 2026 14:51:16 +0000
ROA not after: Tue 16 Mar 2027 14:56:16 +0000
asID: 42689
IP address blocks: 51.146.208.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.crl
rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.mft
rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:05:ac:1a:d7:2f:4f:61:67:3a:c3:85:2c:36:e2:22:83:9c:fe:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e20ccf5083a63b9f5887e3ea39d04e2d62b3da5
Validity
Not Before: Mar 17 14:51:16 2026 GMT
Not After : Mar 16 14:56:16 2027 GMT
Subject: CN=E51D0E5A3ED472F80B31B77EDB2B3304BD5044B3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:8e:3d:18:8e:5e:aa:e2:c4:27:4a:b0:2c:54:
ce:11:07:1d:ba:52:7a:e2:d6:bd:5d:73:f0:8f:c1:
ce:76:d5:be:68:12:02:f3:db:ca:1b:6f:7e:64:2f:
ca:b4:72:f8:7b:55:c0:e6:a5:4e:3e:ae:f6:91:b8:
b0:7d:cf:e1:8f:20:9f:13:f0:66:3e:1a:af:8e:8b:
09:76:c5:91:c7:f7:d5:3d:be:7f:d3:ae:22:48:c1:
df:a6:39:89:43:e1:63:4e:98:78:75:c7:dc:98:b5:
e5:02:7e:63:c1:63:bd:53:62:dd:a7:95:1c:5a:70:
8a:78:43:90:e0:8f:04:13:32:72:98:bf:15:64:f9:
bd:b1:73:28:34:49:d9:0f:78:21:ce:60:d9:94:f4:
7f:31:eb:ae:3f:6b:f8:3b:5d:3d:79:f4:65:45:ad:
56:ca:79:a9:7f:ba:0c:9c:97:81:04:f4:ff:82:ce:
d6:96:bf:18:ca:2b:f7:99:48:97:f9:b3:9c:1e:53:
f1:c8:b8:82:e9:e0:b7:7a:fd:fa:da:d3:8a:df:71:
c9:8e:39:2b:eb:85:ef:7d:e5:88:2c:2d:f3:e1:02:
65:f6:0d:ee:05:1b:17:6f:47:58:bc:3a:ef:c1:db:
8d:16:9d:5e:c8:83:80:08:a5:f4:a4:4a:47:a4:74:
04:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:1D:0E:5A:3E:D4:72:F8:0B:31:B7:7E:DB:2B:33:04:BD:50:44:B3
X509v3 Authority Key Identifier:
keyid:0E:20:CC:F5:08:3A:63:B9:F5:88:7E:3E:A3:9D:04:E2:D6:2B:3D:A5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/35312e3134362e3230382e302f32332d3234203d3e203432363839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.146.208.0/23
Signature Algorithm: sha256WithRSAEncryption
56:53:f9:41:29:3d:95:1e:1f:87:2a:d8:3f:98:cd:e8:09:75:
22:49:c3:8b:e9:76:4d:8b:c7:3f:36:d0:7a:32:45:43:a6:f2:
e4:9d:45:2f:05:24:11:47:e4:7b:14:06:35:8c:e3:d3:14:f9:
f3:74:91:5f:d5:c3:a7:02:64:74:40:c8:5a:3d:99:2c:8e:f6:
0d:4b:79:70:4d:25:3a:ad:fc:f9:1e:8f:58:d1:ee:d2:05:68:
29:45:6c:ac:bc:81:54:cf:8d:3e:fd:0c:ee:ff:bd:cc:2d:94:
9b:a2:9a:21:c0:70:08:a1:9f:a0:5a:a2:72:f5:58:d3:66:51:
2a:5e:64:7e:c6:56:ec:ba:9c:fd:75:3a:07:01:e3:40:33:c5:
84:40:4d:bd:42:bd:4a:ee:da:8c:e8:f1:9f:7b:5a:21:bd:7b:
68:7c:6b:56:47:f7:bb:ef:49:c0:1c:ca:95:4c:9e:43:b3:66:
21:ff:cd:2e:e6:e2:d4:d8:ce:17:bb:84:b3:36:c5:a6:06:51:
3e:f2:b7:b5:8b:bf:dd:d6:60:d9:8d:8d:a1:78:ac:b0:20:f8:
d0:b4:3b:11:86:7e:c4:f7:f0:d1:1d:1f:c6:c1:e9:3e:49:4c:
cc:2c:8c:6f:23:52:97:8b:90:28:d4:cd:7e:6a:0a:a7:dc:ab:
ab:8f:f0:48
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUegWsGtcvT2FnOsOFLDbiIoOc/jMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGUyMGNjZjUwODNhNjNiOWY1ODg3ZTNlYTM5ZDA0ZTJk
NjJiM2RhNTAeFw0yNjAzMTcxNDUxMTZaFw0yNzAzMTYxNDU2MTZaMDMxMTAvBgNV
BAMTKEU1MUQwRTVBM0VENDcyRjgwQjMxQjc3RURCMkIzMzA0QkQ1MDQ0QjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDjj0Yjl6q4sQnSrAsVM4RBx26
Unri1r1dc/CPwc521b5oEgLz28obb35kL8q0cvh7VcDmpU4+rvaRuLB9z+GPIJ8T
8GY+Gq+Oiwl2xZHH99U9vn/TriJIwd+mOYlD4WNOmHh1x9yYteUCfmPBY71TYt2n
lRxacIp4Q5DgjwQTMnKYvxVk+b2xcyg0SdkPeCHOYNmU9H8x664/a/g7XT159GVF
rVbKeal/ugycl4EE9P+CztaWvxjKK/eZSJf5s5weU/HIuILp4Ld6/fra04rfccmO
OSvrhe995YgsLfPhAmX2De4FGxdvR1i8Ou/B240WnV7Ig4AIpfSkSkekdASrAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU5R0OWj7UcvgLMbd+2yszBL1QRLMwHwYDVR0j
BBgwFoAUDiDM9Qg6Y7n1iH4+o50E4tYrPaUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTZlNGFjODYtMTgwMy00OTRkLThhN2ItYzA1MWE2MzEw
NzUyLzAvMEUyMENDRjUwODNBNjNCOUY1ODg3RTNFQTM5RDA0RTJENjJCM0RBNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RpRE05UWc2WTduMWlINC1vNTBFNHRZ
clBhVS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOTZlNGFjODYt
MTgwMy00OTRkLThhN2ItYzA1MWE2MzEwNzUyLzAvMzUzMTJlMzEzNDM2MmUzMjMw
MzgyZTMwMmYzMjMzMmQzMjM0MjAzZDNlMjAzNDMyMzYzODM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
M5LQMA0GCSqGSIb3DQEBCwUAA4IBAQBWU/lBKT2VHh+HKtg/mM3oCXUiScOL6XZN
i8c/NtB6MkVDpvLknUUvBSQRR+R7FAY1jOPTFPnzdJFf1cOnAmR0QMhaPZksjvYN
S3lwTSU6rfz5Ho9Y0e7SBWgpRWysvIFUz40+/Qzu/73MLZSbopohwHAIoZ+gWqJy
9VjTZlEqXmR+xlbsupz9dToHAeNAM8WEQE29Qr1K7tqM6PGfe1ohvXtofGtWR/e7
70nAHMqVTJ5Ds2Yh/80u5uLU2M4Xu4SzNsWmBlE+8re1i7/d1mDZjY2heKywIPjQ
tDsRhn7E9/DRHR/Gwek+SUzMLIxvI1KXi5Ao1M1+agqn3Kurj/BI
-----END CERTIFICATE-----
Generated at Thu Mar 26 08:22:12 2026 by rpki-client