Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/35312e3139342e35352e302f32342d3234203d3e2036303739.roa
File: 35312e3139342e35352e302f32342d3234203d3e2036303739.roa (raw, json)
Hash identifier: gCmBzauI5mAKWjosOsWGrkHTwTJSdDoa+xwpILJnNeI=
Subject key identifier: B1:86:71:93:E1:A3:DC:27:5C:BA:26:17:F2:46:1D:AA:87:66:80:80
Certificate issuer: /CN=0e20ccf5083a63b9f5887e3ea39d04e2d62b3da5
Certificate serial: 37551FEFA34213E8122588FF378D9B0B6593568D
Authority key identifier: 0E:20:CC:F5:08:3A:63:B9:F5:88:7E:3E:A3:9D:04:E2:D6:2B:3D:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/35312e3139342e35352e302f32342d3234203d3e2036303739.roa
Signing time: Wed 25 Mar 2026 07:48:28 +0000
ROA not before: Wed 25 Mar 2026 07:43:28 +0000
ROA not after: Wed 24 Mar 2027 07:48:28 +0000
asID: 6079
IP address blocks: 51.194.55.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.crl
rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.mft
rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:55:1f:ef:a3:42:13:e8:12:25:88:ff:37:8d:9b:0b:65:93:56:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e20ccf5083a63b9f5887e3ea39d04e2d62b3da5
Validity
Not Before: Mar 25 07:43:28 2026 GMT
Not After : Mar 24 07:48:28 2027 GMT
Subject: CN=B1867193E1A3DC275CBA2617F2461DAA87668080
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:ce:22:70:cc:25:0b:cb:f4:e0:07:cc:7f:88:
07:e5:23:31:fc:01:c2:5e:44:d5:3b:88:c6:b1:00:
45:cc:fc:b3:ae:1d:2c:fb:75:dd:82:5d:2b:08:2b:
bc:d0:ea:e1:93:7e:dd:55:28:fc:31:5d:c2:4c:4e:
65:1f:b1:7c:f3:70:4c:ef:5b:29:37:0e:3c:34:5a:
8f:53:0e:0a:4d:d9:ba:20:9a:e2:2f:67:a0:a6:eb:
ae:7d:a0:33:b6:ed:56:f1:6c:aa:ba:3d:4f:e1:50:
6a:3a:60:48:26:ce:8c:6f:44:84:62:6b:65:5d:3c:
00:76:29:da:8d:6c:60:72:63:c5:2a:60:f7:04:b1:
a1:4b:58:29:17:bd:15:d5:2c:40:d6:7f:ff:1d:9d:
45:2d:b3:9f:38:2b:d8:a3:5b:43:d0:8c:59:b9:15:
a4:51:33:67:09:9b:5e:db:9a:49:34:9f:ab:ca:ec:
8a:7a:21:df:00:7d:af:37:1f:c5:d8:6d:0d:a5:99:
ca:77:fe:39:3c:8d:15:37:83:44:4a:14:87:75:5e:
0a:8b:fc:f8:5f:5a:c8:f7:e4:28:92:a2:2b:fe:c7:
42:f0:19:d7:93:cb:8b:f6:84:ff:0f:38:27:f8:6d:
ca:6f:da:c6:bd:08:56:5d:94:ba:0a:43:4b:ba:d9:
3e:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:86:71:93:E1:A3:DC:27:5C:BA:26:17:F2:46:1D:AA:87:66:80:80
X509v3 Authority Key Identifier:
keyid:0E:20:CC:F5:08:3A:63:B9:F5:88:7E:3E:A3:9D:04:E2:D6:2B:3D:A5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/35312e3139342e35352e302f32342d3234203d3e2036303739.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.194.55.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:b0:83:34:a1:99:8f:74:15:21:01:9e:21:eb:1a:eb:7f:c9:
5d:b3:ff:25:d1:a9:03:54:25:c2:09:7d:cb:58:e3:d9:26:8a:
24:84:94:50:f1:3b:50:48:31:40:b5:61:c4:c1:94:aa:a5:1e:
a0:e1:db:bf:d7:43:2b:89:d2:3b:b9:e3:ae:c5:1b:db:14:48:
a4:4d:1d:fa:2a:f3:51:24:86:db:4b:4e:ac:b1:ae:4f:14:41:
49:ac:67:49:1e:a8:40:5a:3f:cc:62:be:8f:1e:17:ff:d2:05:
ad:8f:46:31:37:c3:7c:8e:69:b0:07:56:54:7d:c3:c0:d4:bd:
94:91:ca:73:29:80:9e:24:81:f4:f3:4f:7f:da:7f:99:d5:71:
80:3c:87:91:8c:87:a1:33:12:a1:5b:d5:6c:bd:b8:83:6e:2b:
21:d6:e1:ee:13:73:e4:74:47:16:b7:14:d7:eb:f8:6d:b6:fe:
fd:08:3b:f1:7c:1a:5f:6a:31:2b:45:9e:01:51:31:44:a1:4e:
e8:34:29:52:d2:2c:0b:88:da:94:32:07:1c:26:ca:5c:cb:28:
65:fb:38:b3:e2:a0:2e:e9:15:07:7c:6e:a2:69:b2:ee:bc:b5:
18:4f:7f:2c:ea:5a:53:e3:c0:89:9b:38:ad:0e:3f:f5:38:b2:
2c:d5:32:e6
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUN1Uf76NCE+gSJYj/N42bC2WTVo0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGUyMGNjZjUwODNhNjNiOWY1ODg3ZTNlYTM5ZDA0ZTJk
NjJiM2RhNTAeFw0yNjAzMjUwNzQzMjhaFw0yNzAzMjQwNzQ4MjhaMDMxMTAvBgNV
BAMTKEIxODY3MTkzRTFBM0RDMjc1Q0JBMjYxN0YyNDYxREFBODc2NjgwODAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaziJwzCULy/TgB8x/iAflIzH8
AcJeRNU7iMaxAEXM/LOuHSz7dd2CXSsIK7zQ6uGTft1VKPwxXcJMTmUfsXzzcEzv
Wyk3Djw0Wo9TDgpN2bogmuIvZ6Cm6659oDO27VbxbKq6PU/hUGo6YEgmzoxvRIRi
a2VdPAB2KdqNbGByY8UqYPcEsaFLWCkXvRXVLEDWf/8dnUUts584K9ijW0PQjFm5
FaRRM2cJm17bmkk0n6vK7Ip6Id8Afa83H8XYbQ2lmcp3/jk8jRU3g0RKFId1XgqL
/PhfWsj35CiSoiv+x0LwGdeTy4v2hP8POCf4bcpv2sa9CFZdlLoKQ0u62T5DAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUsYZxk+Gj3CdcuiYX8kYdqodmgIAwHwYDVR0j
BBgwFoAUDiDM9Qg6Y7n1iH4+o50E4tYrPaUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTZlNGFjODYtMTgwMy00OTRkLThhN2ItYzA1MWE2MzEw
NzUyLzAvMEUyMENDRjUwODNBNjNCOUY1ODg3RTNFQTM5RDA0RTJENjJCM0RBNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RpRE05UWc2WTduMWlINC1vNTBFNHRZ
clBhVS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOTZlNGFjODYt
MTgwMy00OTRkLThhN2ItYzA1MWE2MzEwNzUyLzAvMzUzMTJlMzEzOTM0MmUzNTM1
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzYzMDM3Mzkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAzwjcw
DQYJKoZIhvcNAQELBQADggEBAG2wgzShmY90FSEBniHrGut/yV2z/yXRqQNUJcIJ
fctY49kmiiSElFDxO1BIMUC1YcTBlKqlHqDh27/XQyuJ0ju5467FG9sUSKRNHfoq
81EkhttLTqyxrk8UQUmsZ0keqEBaP8xivo8eF//SBa2PRjE3w3yOabAHVlR9w8DU
vZSRynMpgJ4kgfTzT3/af5nVcYA8h5GMh6EzEqFb1Wy9uINuKyHW4e4Tc+R0Rxa3
FNfr+G22/v0IO/F8Gl9qMStFngFRMUShTug0KVLSLAuI2pQyBxwmylzLKGX7OLPi
oC7pFQd8bqJpsu68tRhPfyzqWlPjwImbOK0OP/U4sizVMuY=
-----END CERTIFICATE-----
Generated at Thu Mar 26 11:08:33 2026 by rpki-client