Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/35312e3139342e34382e302f32322d3234203d3e2035353131.roa
File: 35312e3139342e34382e302f32322d3234203d3e2035353131.roa (raw, json)
Hash identifier: oOlhZoWUxVaGJnMrsF9/u5YPbY3D9Epu9GPlfGrrCmk=
Subject key identifier: 7A:39:48:FC:30:DD:59:4D:06:27:A5:71:89:8A:2D:12:50:10:BC:B3
Certificate issuer: /CN=0e20ccf5083a63b9f5887e3ea39d04e2d62b3da5
Certificate serial: 0239615C834FFBF660E5DFEAE8B15B84103807F7
Authority key identifier: 0E:20:CC:F5:08:3A:63:B9:F5:88:7E:3E:A3:9D:04:E2:D6:2B:3D:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/35312e3139342e34382e302f32322d3234203d3e2035353131.roa
Signing time: Wed 25 Mar 2026 06:39:45 +0000
ROA not before: Wed 25 Mar 2026 06:34:45 +0000
ROA not after: Wed 24 Mar 2027 06:39:45 +0000
asID: 5511
IP address blocks: 51.194.48.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.crl
rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.mft
rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:39:61:5c:83:4f:fb:f6:60:e5:df:ea:e8:b1:5b:84:10:38:07:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e20ccf5083a63b9f5887e3ea39d04e2d62b3da5
Validity
Not Before: Mar 25 06:34:45 2026 GMT
Not After : Mar 24 06:39:45 2027 GMT
Subject: CN=7A3948FC30DD594D0627A571898A2D125010BCB3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:19:3b:6e:4f:40:9a:e5:d7:c0:e6:5a:79:64:
f2:1b:0b:38:d4:57:82:00:bd:44:75:6b:69:21:36:
09:21:19:a9:99:0e:ce:3a:b6:00:a9:f9:e6:64:e7:
7d:a6:1b:75:16:89:44:e0:03:68:ff:d0:93:bf:2f:
c3:59:4b:98:b7:8d:26:36:c5:bb:19:34:b5:0f:8b:
a0:4f:54:79:c4:55:07:65:41:8e:b3:a5:af:5b:15:
7b:3c:a9:02:34:0b:1f:f3:da:46:19:8e:2d:07:88:
f4:a8:fd:ee:16:fd:79:2b:a7:e4:cc:ee:24:dc:b5:
f3:21:f1:d6:0d:bb:11:ca:35:8a:e7:a4:9e:87:d9:
d1:43:49:59:d8:4e:14:d9:03:ed:88:34:a4:0c:99:
66:d6:3d:4d:22:bf:7c:c0:e6:03:66:bf:7a:ea:53:
9c:7f:4e:10:d2:6d:74:8f:64:01:a9:73:e5:74:ea:
ed:82:29:f8:7f:67:98:55:28:94:5a:34:9b:f1:26:
0f:9f:09:45:f0:82:69:c1:33:04:73:ae:36:9d:e7:
10:14:be:4d:f5:66:46:7d:ad:14:ab:2c:30:8d:42:
a9:f7:66:35:25:a3:a2:cf:c1:99:32:e5:72:31:e9:
bb:53:0a:99:1c:5d:a2:3e:c0:24:9a:80:e7:ea:49:
92:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:39:48:FC:30:DD:59:4D:06:27:A5:71:89:8A:2D:12:50:10:BC:B3
X509v3 Authority Key Identifier:
keyid:0E:20:CC:F5:08:3A:63:B9:F5:88:7E:3E:A3:9D:04:E2:D6:2B:3D:A5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/35312e3139342e34382e302f32322d3234203d3e2035353131.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.194.48.0/22
Signature Algorithm: sha256WithRSAEncryption
1c:49:34:10:24:cd:21:96:b6:0e:be:c4:f9:4c:53:21:71:a9:
8f:4a:f0:89:e8:4d:81:7f:23:c5:43:5d:f1:7c:b8:b1:9c:ca:
24:51:30:96:88:2e:7e:ff:8c:84:36:73:46:98:18:dc:82:85:
02:32:94:2a:88:dc:87:f1:fc:96:84:35:c5:a9:74:19:38:63:
60:e3:59:66:e8:3b:7e:dc:e9:1e:5b:f4:9a:9f:24:b9:33:1c:
66:26:65:d4:f5:72:04:31:21:60:67:ee:17:50:f3:2b:8e:02:
2c:d9:a1:b6:de:f1:82:72:8f:ff:77:1c:7f:3d:fd:08:22:74:
55:af:81:76:2c:e9:54:ef:30:64:21:db:6a:9e:57:0a:15:1e:
b1:61:16:aa:e9:da:fa:62:a7:15:77:49:4d:0a:89:6e:6e:5c:
cf:40:a5:28:ae:c8:e6:3f:13:b8:23:a3:1e:70:ba:28:da:2a:
ac:14:c9:ca:de:ac:30:e3:c8:c5:8b:4b:af:d7:0f:3f:0e:68:
55:9f:fa:3b:eb:95:74:62:dc:02:fc:ae:68:47:84:5c:08:40:
d9:56:55:6f:5d:53:82:a1:01:86:6d:0e:9c:c7:56:3e:09:7a:
d8:03:62:16:d0:a0:53:98:92:11:53:27:ec:a6:c1:0b:f2:be:
0b:6d:9a:01
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUAjlhXINP+/Zg5d/q6LFbhBA4B/cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGUyMGNjZjUwODNhNjNiOWY1ODg3ZTNlYTM5ZDA0ZTJk
NjJiM2RhNTAeFw0yNjAzMjUwNjM0NDVaFw0yNzAzMjQwNjM5NDVaMDMxMTAvBgNV
BAMTKDdBMzk0OEZDMzBERDU5NEQwNjI3QTU3MTg5OEEyRDEyNTAxMEJDQjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqGTtuT0Ca5dfA5lp5ZPIbCzjU
V4IAvUR1a2khNgkhGamZDs46tgCp+eZk532mG3UWiUTgA2j/0JO/L8NZS5i3jSY2
xbsZNLUPi6BPVHnEVQdlQY6zpa9bFXs8qQI0Cx/z2kYZji0HiPSo/e4W/Xkrp+TM
7iTctfMh8dYNuxHKNYrnpJ6H2dFDSVnYThTZA+2INKQMmWbWPU0iv3zA5gNmv3rq
U5x/ThDSbXSPZAGpc+V06u2CKfh/Z5hVKJRaNJvxJg+fCUXwgmnBMwRzrjad5xAU
vk31ZkZ9rRSrLDCNQqn3ZjUlo6LPwZky5XIx6btTCpkcXaI+wCSagOfqSZL3AgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUejlI/DDdWU0GJ6VxiYotElAQvLMwHwYDVR0j
BBgwFoAUDiDM9Qg6Y7n1iH4+o50E4tYrPaUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTZlNGFjODYtMTgwMy00OTRkLThhN2ItYzA1MWE2MzEw
NzUyLzAvMEUyMENDRjUwODNBNjNCOUY1ODg3RTNFQTM5RDA0RTJENjJCM0RBNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RpRE05UWc2WTduMWlINC1vNTBFNHRZ
clBhVS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOTZlNGFjODYt
MTgwMy00OTRkLThhN2ItYzA1MWE2MzEwNzUyLzAvMzUzMTJlMzEzOTM0MmUzNDM4
MmUzMDJmMzIzMjJkMzIzNDIwM2QzZTIwMzUzNTMxMzEucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAIzwjAw
DQYJKoZIhvcNAQELBQADggEBABxJNBAkzSGWtg6+xPlMUyFxqY9K8InoTYF/I8VD
XfF8uLGcyiRRMJaILn7/jIQ2c0aYGNyChQIylCqI3Ifx/JaENcWpdBk4Y2DjWWbo
O37c6R5b9JqfJLkzHGYmZdT1cgQxIWBn7hdQ8yuOAizZobbe8YJyj/93HH89/Qgi
dFWvgXYs6VTvMGQh22qeVwoVHrFhFqrp2vpipxV3SU0KiW5uXM9ApSiuyOY/E7gj
ox5wuijaKqwUycrerDDjyMWLS6/XDz8OaFWf+jvrlXRi3AL8rmhHhFwIQNlWVW9d
U4KhAYZtDpzHVj4JetgDYhbQoFOYkhFTJ+ymwQvyvgttmgE=
-----END CERTIFICATE-----
Generated at Thu Mar 26 12:14:01 2026 by rpki-client