Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/35312e3139342e32342e302f32312d3234203d3e2035363530.roa
File: 35312e3139342e32342e302f32312d3234203d3e2035363530.roa (raw, json)
Hash identifier: RO3ZpjWovEWuZqAFgu5U277xgQeXg5G9HMUuaAaBc0E=
Subject key identifier: EE:67:6A:08:93:94:03:D4:20:DC:63:5F:D1:E5:B9:62:67:36:98:40
Certificate issuer: /CN=0e20ccf5083a63b9f5887e3ea39d04e2d62b3da5
Certificate serial: 65DEEE66F08FF0DB0BB599CBAE111B239C7AC108
Authority key identifier: 0E:20:CC:F5:08:3A:63:B9:F5:88:7E:3E:A3:9D:04:E2:D6:2B:3D:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/35312e3139342e32342e302f32312d3234203d3e2035363530.roa
Signing time: Tue 24 Mar 2026 12:59:02 +0000
ROA not before: Tue 24 Mar 2026 12:54:02 +0000
ROA not after: Tue 23 Mar 2027 12:59:02 +0000
asID: 5650
IP address blocks: 51.194.24.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.crl
rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.mft
rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 11:13:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:de:ee:66:f0:8f:f0:db:0b:b5:99:cb:ae:11:1b:23:9c:7a:c1:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e20ccf5083a63b9f5887e3ea39d04e2d62b3da5
Validity
Not Before: Mar 24 12:54:02 2026 GMT
Not After : Mar 23 12:59:02 2027 GMT
Subject: CN=EE676A08939403D420DC635FD1E5B96267369840
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:78:e5:c3:31:d2:ca:d0:3b:0a:eb:24:0e:df:
5a:32:d4:2e:4b:ad:eb:20:77:ef:05:d8:65:c0:a8:
4d:3d:8a:43:3a:b5:71:16:5c:ba:bb:e2:16:45:dc:
41:2b:f0:f1:52:43:d0:59:5e:0a:c7:24:f2:28:13:
88:1c:ab:7c:b8:35:ac:56:9b:a0:88:74:18:f4:64:
6d:7c:1e:e0:95:30:c4:ff:32:61:ae:f5:90:6b:4a:
61:9a:2e:a9:4f:04:da:cb:34:ed:23:0c:fc:f9:c3:
9f:ed:06:17:fa:12:5e:64:5c:bd:43:33:3d:bc:ba:
d0:fd:8d:38:32:86:1e:ff:5e:b4:c6:d4:49:9d:12:
9c:8b:86:58:cc:2e:3d:a0:55:f2:55:2f:56:7a:20:
5c:01:2d:44:d9:5f:3c:1f:5f:6e:63:f1:a3:fd:8a:
6d:52:78:bf:94:d3:06:41:e0:25:21:70:02:13:56:
a7:76:e5:27:8f:fe:71:67:ba:df:04:d4:da:8d:72:
e7:4e:94:fa:15:46:16:8b:22:f2:3c:e5:fe:5f:b6:
00:4f:26:a8:04:de:50:5a:1e:d5:4b:61:24:42:63:
d1:10:c5:34:b9:20:a5:5c:00:7c:e4:f7:59:3a:31:
5e:63:20:79:53:4f:54:c0:6a:fb:11:00:d3:3a:b4:
52:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:67:6A:08:93:94:03:D4:20:DC:63:5F:D1:E5:B9:62:67:36:98:40
X509v3 Authority Key Identifier:
keyid:0E:20:CC:F5:08:3A:63:B9:F5:88:7E:3E:A3:9D:04:E2:D6:2B:3D:A5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/35312e3139342e32342e302f32312d3234203d3e2035363530.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.194.24.0/21
Signature Algorithm: sha256WithRSAEncryption
69:08:c9:57:bf:de:27:a8:84:50:ea:e8:8d:6f:06:1f:6c:e1:
21:3e:ed:32:0f:c4:ec:79:f2:a5:72:6c:a8:e1:75:16:d6:0f:
69:12:01:98:b4:a8:d5:60:b6:e6:e5:b9:23:f4:fc:47:ee:ec:
a3:1c:ca:37:ef:d4:3b:ea:36:62:58:35:ae:a3:23:14:35:34:
ee:18:ee:f9:cf:4d:63:23:6a:c4:94:3f:c7:94:c0:be:c0:5a:
6a:24:0f:ff:a4:78:85:09:1c:7a:7f:60:cf:15:d3:ba:03:62:
66:7c:35:10:3e:9c:f3:da:29:f6:10:45:6d:d4:b0:35:ac:a4:
18:ae:c3:01:61:1e:e3:b5:79:6d:d1:bc:4a:ca:9e:19:87:b5:
46:b1:0b:d0:bc:19:2d:89:67:bc:66:b8:d2:60:c3:0e:c0:34:
1a:84:a0:c3:0a:27:ee:5b:a8:ab:32:5d:95:2e:08:b5:b3:61:
80:35:59:f3:aa:e8:a7:d6:ee:7a:c3:76:46:a8:de:2e:c4:8a:
9a:1d:42:66:56:28:0c:29:79:f5:78:29:37:f9:90:de:bd:54:
6c:13:9f:ac:a3:62:9d:ca:e2:9b:8a:a5:38:d5:4a:09:29:0b:
d4:21:1d:26:49:34:06:6f:8c:91:77:c3:00:e4:b1:90:ab:c2:
66:92:9c:1f
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUZd7uZvCP8NsLtZnLrhEbI5x6wQgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGUyMGNjZjUwODNhNjNiOWY1ODg3ZTNlYTM5ZDA0ZTJk
NjJiM2RhNTAeFw0yNjAzMjQxMjU0MDJaFw0yNzAzMjMxMjU5MDJaMDMxMTAvBgNV
BAMTKEVFNjc2QTA4OTM5NDAzRDQyMERDNjM1RkQxRTVCOTYyNjczNjk4NDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCseOXDMdLK0DsK6yQO31oy1C5L
resgd+8F2GXAqE09ikM6tXEWXLq74hZF3EEr8PFSQ9BZXgrHJPIoE4gcq3y4NaxW
m6CIdBj0ZG18HuCVMMT/MmGu9ZBrSmGaLqlPBNrLNO0jDPz5w5/tBhf6El5kXL1D
Mz28utD9jTgyhh7/XrTG1EmdEpyLhljMLj2gVfJVL1Z6IFwBLUTZXzwfX25j8aP9
im1SeL+U0wZB4CUhcAITVqd25SeP/nFnut8E1NqNcudOlPoVRhaLIvI85f5ftgBP
JqgE3lBaHtVLYSRCY9EQxTS5IKVcAHzk91k6MV5jIHlTT1TAavsRANM6tFKJAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQU7mdqCJOUA9Qg3GNf0eW5Ymc2mEAwHwYDVR0j
BBgwFoAUDiDM9Qg6Y7n1iH4+o50E4tYrPaUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTZlNGFjODYtMTgwMy00OTRkLThhN2ItYzA1MWE2MzEw
NzUyLzAvMEUyMENDRjUwODNBNjNCOUY1ODg3RTNFQTM5RDA0RTJENjJCM0RBNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RpRE05UWc2WTduMWlINC1vNTBFNHRZ
clBhVS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOTZlNGFjODYt
MTgwMy00OTRkLThhN2ItYzA1MWE2MzEwNzUyLzAvMzUzMTJlMzEzOTM0MmUzMjM0
MmUzMDJmMzIzMTJkMzIzNDIwM2QzZTIwMzUzNjM1MzAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAMzwhgw
DQYJKoZIhvcNAQELBQADggEBAGkIyVe/3ieohFDq6I1vBh9s4SE+7TIPxOx58qVy
bKjhdRbWD2kSAZi0qNVgtubluSP0/Efu7KMcyjfv1DvqNmJYNa6jIxQ1NO4Y7vnP
TWMjasSUP8eUwL7AWmokD/+keIUJHHp/YM8V07oDYmZ8NRA+nPPaKfYQRW3UsDWs
pBiuwwFhHuO1eW3RvErKnhmHtUaxC9C8GS2JZ7xmuNJgww7ANBqEoMMKJ+5bqKsy
XZUuCLWzYYA1WfOq6KfW7nrDdkao3i7EipodQmZWKAwpefV4KTf5kN69VGwTn6yj
Yp3K4puKpTjVSgkpC9QhHSZJNAZvjJF3wwDksZCrwmaSnB8=
-----END CERTIFICATE-----
Generated at Thu Mar 26 01:48:22 2026 by rpki-client