Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/35312e3134362e3231302e302f32342d3234203d3e203432363839.roa
File: 35312e3134362e3231302e302f32342d3234203d3e203432363839.roa (raw, json)
Hash identifier: MHQu9zLtPQ5LuMO5j+4YhK4BEIr+6KDGWV55Pj256Pw=
Subject key identifier: B3:5D:AE:2B:BD:AE:F2:37:8B:CF:EA:65:97:00:5C:61:4C:54:1A:33
Certificate issuer: /CN=0e20ccf5083a63b9f5887e3ea39d04e2d62b3da5
Certificate serial: 16B3F0624B78F6C68DCF61A228B58C91243523CF
Authority key identifier: 0E:20:CC:F5:08:3A:63:B9:F5:88:7E:3E:A3:9D:04:E2:D6:2B:3D:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/35312e3134362e3231302e302f32342d3234203d3e203432363839.roa
Signing time: Tue 17 Mar 2026 14:56:15 +0000
ROA not before: Tue 17 Mar 2026 14:51:15 +0000
ROA not after: Tue 16 Mar 2027 14:56:15 +0000
asID: 42689
IP address blocks: 51.146.210.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.crl
rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.mft
rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:b3:f0:62:4b:78:f6:c6:8d:cf:61:a2:28:b5:8c:91:24:35:23:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e20ccf5083a63b9f5887e3ea39d04e2d62b3da5
Validity
Not Before: Mar 17 14:51:15 2026 GMT
Not After : Mar 16 14:56:15 2027 GMT
Subject: CN=B35DAE2BBDAEF2378BCFEA6597005C614C541A33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:99:7f:0a:75:b6:16:87:49:e5:b1:c4:10:67:
0b:95:6a:03:d4:4d:dd:d5:1b:f9:18:71:5c:79:59:
d0:be:2e:52:86:ad:47:1b:60:c4:1d:6c:23:4b:c4:
e8:f4:9e:08:48:02:f8:9f:cd:9e:12:23:62:d4:03:
dc:35:ad:d5:b5:ee:b0:47:53:d0:38:e8:b3:21:72:
7b:f4:80:70:fe:15:da:49:a4:03:8a:bd:9e:bb:d5:
24:49:93:db:66:03:9c:03:89:d0:db:04:1c:d8:2e:
15:af:de:89:32:54:33:8f:f4:90:2d:d0:c1:f5:51:
5e:b8:05:92:62:ae:39:ff:e1:3c:d0:be:89:0a:83:
e4:f8:ae:30:df:1d:a4:80:fb:3a:f2:bd:84:88:01:
ca:22:6e:8f:64:f0:54:47:bd:ca:a0:49:4a:1d:96:
8e:2d:45:4e:9d:f0:88:01:25:9e:6f:29:9b:ba:1f:
d6:bb:30:7c:04:07:30:64:9e:ec:bb:1f:bc:e2:7b:
6d:e5:64:a7:d7:9d:f3:43:8e:08:03:97:a9:98:16:
90:27:00:74:76:e9:58:f8:4a:c2:7c:34:35:38:7a:
25:c6:34:0a:76:ae:32:2c:b4:3e:84:85:6c:bc:f8:
ce:e7:7d:57:fa:bc:29:32:24:8e:be:af:c6:28:ad:
17:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:5D:AE:2B:BD:AE:F2:37:8B:CF:EA:65:97:00:5C:61:4C:54:1A:33
X509v3 Authority Key Identifier:
keyid:0E:20:CC:F5:08:3A:63:B9:F5:88:7E:3E:A3:9D:04:E2:D6:2B:3D:A5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/35312e3134362e3231302e302f32342d3234203d3e203432363839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.146.210.0/24
Signature Algorithm: sha256WithRSAEncryption
42:76:52:4c:24:72:3f:63:a2:be:ad:dd:b2:e7:cf:57:e6:5d:
35:af:3b:a1:2e:49:7a:f3:06:ac:fd:b6:c4:7f:5d:4e:bc:51:
08:8c:01:bf:b7:10:f4:ec:e9:5c:9c:47:7e:c7:47:4c:94:4c:
5e:d3:28:a8:09:6d:74:b6:55:ea:39:c8:51:fb:87:10:4b:f4:
fe:1a:3c:5f:28:c9:40:ad:45:ea:9c:4e:9b:8c:31:65:ed:12:
6d:f2:2f:da:23:da:b6:79:88:c1:21:6c:8e:60:63:33:88:2b:
f9:7b:23:79:78:8d:0f:91:05:67:80:ba:d0:fa:89:07:69:32:
9e:36:ae:36:42:1e:e3:32:f6:c0:cd:bd:9b:45:2c:8f:b4:43:
d4:81:28:7d:e0:9a:51:4d:a8:e7:be:ff:c4:0a:2c:12:73:ef:
3a:6d:21:52:35:b6:31:e5:54:14:df:14:57:b5:4b:be:a0:28:
4c:04:70:fe:74:25:3e:92:fc:ab:b2:ae:57:d5:8e:cd:a4:18:
0f:72:f9:e4:27:c7:17:99:c0:72:de:c5:8a:f8:dc:73:14:f1:
9c:16:05:38:29:dc:a5:4a:a8:c8:a8:ad:58:39:69:ec:2e:bf:
1e:75:2c:c2:d0:44:f8:0a:6a:6b:c9:3f:b3:95:74:7b:5f:38:
8c:82:9a:19
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUFrPwYkt49saNz2GiKLWMkSQ1I88wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGUyMGNjZjUwODNhNjNiOWY1ODg3ZTNlYTM5ZDA0ZTJk
NjJiM2RhNTAeFw0yNjAzMTcxNDUxMTVaFw0yNzAzMTYxNDU2MTVaMDMxMTAvBgNV
BAMTKEIzNURBRTJCQkRBRUYyMzc4QkNGRUE2NTk3MDA1QzYxNEM1NDFBMzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbmX8KdbYWh0nlscQQZwuVagPU
Td3VG/kYcVx5WdC+LlKGrUcbYMQdbCNLxOj0nghIAvifzZ4SI2LUA9w1rdW17rBH
U9A46LMhcnv0gHD+FdpJpAOKvZ671SRJk9tmA5wDidDbBBzYLhWv3okyVDOP9JAt
0MH1UV64BZJirjn/4TzQvokKg+T4rjDfHaSA+zryvYSIAcoibo9k8FRHvcqgSUod
lo4tRU6d8IgBJZ5vKZu6H9a7MHwEBzBknuy7H7zie23lZKfXnfNDjggDl6mYFpAn
AHR26Vj4SsJ8NDU4eiXGNAp2rjIstD6EhWy8+M7nfVf6vCkyJI6+r8YorRevAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUs12uK72u8jeLz+pllwBcYUxUGjMwHwYDVR0j
BBgwFoAUDiDM9Qg6Y7n1iH4+o50E4tYrPaUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTZlNGFjODYtMTgwMy00OTRkLThhN2ItYzA1MWE2MzEw
NzUyLzAvMEUyMENDRjUwODNBNjNCOUY1ODg3RTNFQTM5RDA0RTJENjJCM0RBNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RpRE05UWc2WTduMWlINC1vNTBFNHRZ
clBhVS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOTZlNGFjODYt
MTgwMy00OTRkLThhN2ItYzA1MWE2MzEwNzUyLzAvMzUzMTJlMzEzNDM2MmUzMjMx
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDMyMzYzODM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
M5LSMA0GCSqGSIb3DQEBCwUAA4IBAQBCdlJMJHI/Y6K+rd2y589X5l01rzuhLkl6
8was/bbEf11OvFEIjAG/txD07OlcnEd+x0dMlExe0yioCW10tlXqOchR+4cQS/T+
GjxfKMlArUXqnE6bjDFl7RJt8i/aI9q2eYjBIWyOYGMziCv5eyN5eI0PkQVngLrQ
+okHaTKeNq42Qh7jMvbAzb2bRSyPtEPUgSh94JpRTajnvv/ECiwSc+86bSFSNbYx
5VQU3xRXtUu+oChMBHD+dCU+kvyrsq5X1Y7NpBgPcvnkJ8cXmcBy3sWK+NxzFPGc
FgU4KdylSqjIqK1YOWnsLr8edSzC0ET4CmpryT+zlXR7XziMgpoZ
-----END CERTIFICATE-----
Generated at Thu Mar 26 08:21:39 2026 by rpki-client