Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS0.roa
File: AS0.roa (raw, json)
Hash identifier: d9WzGzr0HAeEmJW/+AyflN79bvXUk2ML5rXJ/NHk5XM=
Subject key identifier: B2:F3:78:CF:97:B3:3C:B3:B0:92:94:0C:62:0F:EE:88:9D:73:7F:56
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 56090E7C715EF2A9A086807E6C9E66E119E6E062
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS0.roa
Signing time: Tue 07 Apr 2026 07:00:07 +0000
ROA not before: Tue 07 Apr 2026 06:55:07 +0000
ROA not after: Tue 06 Apr 2027 07:00:07 +0000
asID: 0
IP address blocks: 193.150.40.0/24 maxlen: 24
2a14:7580:50::/44 maxlen: 44
2a14:7580:b00::/40 maxlen: 48
2a14:7580:4000::/36 maxlen: 48
2a14:7580:e700::/40 maxlen: 48
2a14:7580:e800::/40 maxlen: 48
2a14:7580:e900::/40 maxlen: 48
2a14:7580:ea00::/40 maxlen: 48
2a14:7580:eb00::/40 maxlen: 48
2a14:7580:ec00::/40 maxlen: 48
2a14:7580:ffef::/48 maxlen: 48
2a14:7581:fe6::/48 maxlen: 48
2a14:7581:fea::/48 maxlen: 48
2a14:7581:fec::/48 maxlen: 48
2a14:7581:ff2::/48 maxlen: 48
2a14:7581:ff7::/48 maxlen: 48
2a14:7581:ffa::/48 maxlen: 48
2a14:7581:ffc::/48 maxlen: 48
2a14:7581:5000::/36 maxlen: 48
2a14:7581:9f60::/44 maxlen: 48
2a14:7581:9f70::/44 maxlen: 48
2a14:7581:9f80::/44 maxlen: 48
2a14:7581:9f90::/44 maxlen: 48
2a14:7583:3000::/36 maxlen: 48
2a14:7583:8000::/36 maxlen: 48
2a14:7583:e800::/40 maxlen: 48
2a14:7584:3000::/36 maxlen: 48
2a14:7586:7000::/36 maxlen: 48
2a14:7586:9000::/36 maxlen: 48
2a14:7586:e000::/36 maxlen: 48
2a14:7587::/32 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 Apr 2026 14:30:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:09:0e:7c:71:5e:f2:a9:a0:86:80:7e:6c:9e:66:e1:19:e6:e0:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Apr 7 06:55:07 2026 GMT
Not After : Apr 6 07:00:07 2027 GMT
Subject: CN=B2F378CF97B33CB3B092940C620FEE889D737F56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:68:93:e6:9a:ae:fa:c5:9a:ed:fc:f0:e2:cc:
94:a4:df:f6:00:ae:5f:09:91:7e:c9:04:fb:61:3d:
4c:5c:93:38:0d:14:67:57:8c:1f:17:15:73:de:92:
fc:fc:c3:15:3d:7d:ab:7b:3f:ce:83:7e:8c:96:ac:
0f:6f:93:c4:51:80:95:13:e0:14:eb:29:d2:5b:3e:
43:46:33:5b:a7:82:bf:fa:69:9d:db:b2:81:18:2e:
b3:17:15:f7:71:7b:fb:4c:78:89:b2:45:a1:9a:1f:
54:e2:a1:8b:f5:b3:a7:58:c3:64:71:92:d1:8f:f2:
5d:3a:65:2d:e5:18:e3:b0:29:66:32:ea:d6:57:69:
f2:c3:e1:5e:dd:73:59:74:7a:5c:b5:c2:c0:00:0d:
78:8c:bf:33:84:15:ba:2a:9b:6e:a7:5d:b6:10:f4:
6f:8e:96:07:0f:46:c5:4b:18:a1:fe:7c:9d:e2:6d:
0a:ee:ae:bb:8c:f1:68:2f:49:27:2c:fc:bd:21:a4:
10:2a:dd:99:91:cb:b3:7e:78:6a:c5:fa:19:0d:b3:
6e:48:a9:cd:51:51:b6:b8:19:75:49:00:db:e0:24:
d3:62:e2:f8:c6:17:7e:40:e4:b8:ab:14:c7:14:88:
38:0b:c5:7d:b9:b2:8a:a1:0e:b7:fe:9f:cb:57:64:
70:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:F3:78:CF:97:B3:3C:B3:B0:92:94:0C:62:0F:EE:88:9D:73:7F:56
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS0.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.150.40.0/24
IPv6:
2a14:7580:50::/44
2a14:7580:b00::/40
2a14:7580:4000::/36
2a14:7580:e700::-2a14:7580:ecff:ffff:ffff:ffff:ffff:ffff
2a14:7580:ffef::/48
2a14:7581:fe6::/48
2a14:7581:fea::/48
2a14:7581:fec::/48
2a14:7581:ff2::/48
2a14:7581:ff7::/48
2a14:7581:ffa::/48
2a14:7581:ffc::/48
2a14:7581:5000::/36
2a14:7581:9f60::-2a14:7581:9f9f:ffff:ffff:ffff:ffff:ffff
2a14:7583:3000::/36
2a14:7583:8000::/36
2a14:7583:e800::/40
2a14:7584:3000::/36
2a14:7586:7000::/36
2a14:7586:9000::/36
2a14:7586:e000::/36
2a14:7587::/32
Signature Algorithm: sha256WithRSAEncryption
92:c4:c9:04:04:f2:e4:f3:f8:15:1f:74:17:03:15:3c:d4:a9:
64:d7:67:44:11:74:0d:0a:b9:88:1d:d8:cc:02:f6:60:c1:4b:
88:b1:1a:a8:e7:de:94:5c:66:2b:b0:51:8b:ae:f7:b6:8a:74:
8b:2e:88:ff:a6:65:72:fe:f0:db:b4:40:ca:49:1c:e6:ba:0e:
e7:b8:9d:9c:85:86:6f:69:82:2e:1b:c2:0b:55:75:36:50:a6:
43:54:26:f2:55:b4:4f:95:99:e7:e3:39:f4:ca:63:9e:ae:c8:
6d:c3:20:0c:0a:7b:16:c8:72:0e:96:19:75:05:a1:a7:01:28:
7b:d0:f1:43:17:79:02:c2:6a:d5:be:f2:8d:e0:27:48:cf:b7:
19:b8:9d:cf:20:72:c0:6e:ba:a3:61:02:be:87:51:cb:a3:bc:
41:a7:1e:40:d4:cc:44:8e:0a:a1:6e:28:05:8e:3e:e3:1e:28:
ce:f3:c8:c0:51:f1:d9:d8:8b:66:97:4d:48:66:a0:aa:e8:05:
ae:e4:e0:d9:17:3e:41:b7:59:32:97:cf:8e:aa:88:7f:c6:d5:
18:f8:60:90:af:36:51:f7:63:cf:ce:4c:b9:75:64:61:81:23:
c8:75:a4:8f:5b:ea:a8:43:c3:4d:ad:fc:0b:e1:87:40:f5:bb:
d2:20:5e:dd
-----BEGIN CERTIFICATE-----
MIIF1jCCBL6gAwIBAgIUVgkOfHFe8qmghoB+bJ5m4Rnm4GIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNjA0MDcwNjU1MDdaFw0yNzA0MDYwNzAwMDdaMDMxMTAvBgNV
BAMTKEIyRjM3OENGOTdCMzNDQjNCMDkyOTQwQzYyMEZFRTg4OUQ3MzdGNTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDlaJPmmq76xZrt/PDizJSk3/YA
rl8JkX7JBPthPUxckzgNFGdXjB8XFXPekvz8wxU9fat7P86DfoyWrA9vk8RRgJUT
4BTrKdJbPkNGM1ungr/6aZ3bsoEYLrMXFfdxe/tMeImyRaGaH1TioYv1s6dYw2Rx
ktGP8l06ZS3lGOOwKWYy6tZXafLD4V7dc1l0ely1wsAADXiMvzOEFboqm26nXbYQ
9G+OlgcPRsVLGKH+fJ3ibQrurruM8WgvSScs/L0hpBAq3ZmRy7N+eGrF+hkNs25I
qc1RUba4GXVJANvgJNNi4vjGF35A5LirFMcUiDgLxX25soqhDrf+n8tXZHAJAgMB
AAGjggLgMIIC3DAdBgNVHQ4EFgQUsvN4z5ezPLOwkpQMYg/uiJ1zf1YwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwdgYIKwYBBQUHAQsEajBoMGYGCCsGAQUFBzALhlpyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjCB+QYIKwYBBQUHAQcBAf8EgekwgeYwDAQCAAEwBgMEAMGWKDCB
1QQCAAIwgc4DBwQqFHWAAFADBgAqFHWACwMGBCoUdYBAMBADBgAqFHWA5wMGACoU
dYDsAwcAKhR1gP/vAwcAKhR1gQ/mAwcAKhR1gQ/qAwcAKhR1gQ/sAwcAKhR1gQ/y
AwcAKhR1gQ/3AwcAKhR1gQ/6AwcAKhR1gQ/8AwYEKhR1gVAwEgMHBSoUdYGfYAMH
BSoUdYGfgAMGBCoUdYMwAwYEKhR1g4ADBgAqFHWD6AMGBCoUdYQwAwYEKhR1hnAD
BgQqFHWGkAMGBCoUdYbgAwUAKhR1hzANBgkqhkiG9w0BAQsFAAOCAQEAksTJBATy
5PP4FR90FwMVPNSpZNdnRBF0DQq5iB3YzAL2YMFLiLEaqOfelFxmK7BRi673top0
iy6I/6Zlcv7w27RAykkc5roO57idnIWGb2mCLhvCC1V1NlCmQ1Qm8lW0T5WZ5+M5
9Mpjnq7IbcMgDAp7FshyDpYZdQWhpwEoe9DxQxd5AsJq1b7yjeAnSM+3GbidzyBy
wG66o2ECvodRy6O8QaceQNTMRI4KoW4oBY4+4x4ozvPIwFHx2diLZpdNSGagqugF
ruTg2Rc+QbdZMpfPjqqIf8bVGPhgkK82Ufdjz85MuXVkYYEjyHWkj1vqqEPDTa38
C+GHQPW70iBe3Q==
-----END CERTIFICATE-----
Generated at Tue Apr 7 19:40:28 2026 by rpki-client