Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3135302e3235312e3232362e302f32342d3234203d3e20323135313532.roa
File: 3135302e3235312e3232362e302f32342d3234203d3e20323135313532.roa (raw, json)
Hash identifier: l88xld5hN+Vt1T/nwJ0n59xsdfmhHbKR2AdJBNoWlgw=
Subject key identifier: 5C:17:28:0D:89:A9:ED:3D:89:12:12:D9:89:4D:2E:BA:F2:D2:2F:0C
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 2DDC593174B36AFE4896C4D954A83108A52F3EA3
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3135302e3235312e3232362e302f32342d3234203d3e20323135313532.roa
Signing time: Tue 17 Mar 2026 08:30:45 +0000
ROA not before: Tue 17 Mar 2026 08:25:45 +0000
ROA not after: Tue 16 Mar 2027 08:30:45 +0000
asID: 215152
IP address blocks: 150.251.226.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.mft
rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Mar 2026 07:19:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:dc:59:31:74:b3:6a:fe:48:96:c4:d9:54:a8:31:08:a5:2f:3e:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: Mar 17 08:25:45 2026 GMT
Not After : Mar 16 08:30:45 2027 GMT
Subject: CN=5C17280D89A9ED3D891212D9894D2EBAF2D22F0C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:35:ad:81:0c:38:5f:3f:2e:7c:95:df:28:76:
5f:22:09:f1:0b:27:27:d0:39:20:d2:7a:f0:17:a0:
59:5d:a9:4b:6d:6a:04:e0:f7:7d:a6:2a:46:74:8d:
72:4b:e0:b6:30:3c:ff:0b:8b:c1:9d:de:da:a2:86:
7f:54:41:a9:d4:d9:c2:93:82:87:2c:bb:37:dd:54:
33:3f:5c:b7:3d:59:6f:12:32:83:18:4c:26:a1:8f:
f3:ae:62:c0:95:64:f6:01:15:4e:b0:98:f0:cd:50:
99:6f:38:a8:d5:8b:45:01:68:81:3b:fe:d4:5e:95:
69:e1:a4:7d:51:5c:a8:2f:38:e0:42:d7:c0:e3:7d:
13:3c:61:bd:38:b2:c1:c1:1e:8d:d1:d0:be:b7:25:
c2:a2:71:00:a1:59:df:2c:34:da:73:92:a2:96:33:
ef:30:3f:22:69:30:d0:ea:df:0d:54:a2:fe:ba:f2:
59:af:c1:c9:fb:76:dc:29:c9:64:36:b8:83:d7:8c:
ee:e2:7b:af:cd:a8:2c:3d:f9:cd:2d:fe:86:66:17:
a7:ac:f7:39:5d:ae:b8:99:b7:8d:ed:e2:b1:81:d6:
55:c7:5f:ef:f2:a6:62:d6:c0:02:96:8c:f8:cc:94:
9c:f5:7b:5e:4f:9c:44:55:4d:16:d3:4e:d6:0f:87:
a8:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:17:28:0D:89:A9:ED:3D:89:12:12:D9:89:4D:2E:BA:F2:D2:2F:0C
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3135302e3235312e3232362e302f32342d3234203d3e20323135313532.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
150.251.226.0/24
Signature Algorithm: sha256WithRSAEncryption
91:85:77:99:8e:a8:f0:18:61:72:f0:f9:4a:6e:4e:e1:1c:0a:
a3:b6:06:25:77:c7:50:bc:f9:61:05:cb:88:c4:4e:fa:1d:a9:
98:5c:73:24:40:5b:74:52:19:11:cb:77:46:3b:98:30:09:c3:
36:95:8b:41:8b:a1:e7:ac:da:d6:1c:e6:86:8c:ec:07:6c:5a:
ba:b0:5d:39:15:2d:88:36:37:77:12:71:84:9e:9a:5e:a2:6b:
26:e7:69:76:34:f3:e1:58:cb:fa:ac:a7:ea:76:d6:de:d8:6c:
81:48:d5:fd:14:9b:16:2c:54:41:53:a3:33:97:31:0c:b7:d7:
54:56:17:69:85:ba:d2:39:e7:c2:e6:82:87:47:1a:db:e3:04:
f2:38:bd:6a:5b:ff:05:50:e1:b8:06:05:3d:e4:6d:0c:d8:0e:
6e:a3:2c:43:bf:34:0a:d5:f0:a0:58:ad:eb:d3:0b:5c:a7:40:
5d:ca:c5:aa:2b:13:d4:b3:b3:15:7a:7f:ff:a7:4f:57:f0:03:
b3:eb:44:85:fc:a3:91:f1:89:74:7d:48:35:f7:8e:35:22:e5:
c0:ea:25:1c:14:a0:ff:eb:44:08:e1:14:df:a8:75:4c:eb:6b:
45:3e:0e:36:b5:56:56:84:93:d4:f1:96:6f:17:39:dc:02:30:
5b:72:a1:39
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIULdxZMXSzav5IlsTZVKgxCKUvPqMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNjAzMTcwODI1NDVaFw0yNzAzMTYwODMwNDVaMDMxMTAvBgNV
BAMTKDVDMTcyODBEODlBOUVEM0Q4OTEyMTJEOTg5NEQyRUJBRjJEMjJGMEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCVNa2BDDhfPy58ld8odl8iCfEL
JyfQOSDSevAXoFldqUttagTg932mKkZ0jXJL4LYwPP8Li8Gd3tqihn9UQanU2cKT
gocsuzfdVDM/XLc9WW8SMoMYTCahj/OuYsCVZPYBFU6wmPDNUJlvOKjVi0UBaIE7
/tRelWnhpH1RXKgvOOBC18DjfRM8Yb04ssHBHo3R0L63JcKicQChWd8sNNpzkqKW
M+8wPyJpMNDq3w1Uov668lmvwcn7dtwpyWQ2uIPXjO7ie6/NqCw9+c0t/oZmF6es
9zldrriZt43t4rGB1lXHX+/ypmLWwAKWjPjMlJz1e15PnERVTRbTTtYPh6hPAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUXBcoDYmp7T2JEhLZiU0uuvLSLwwwHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExM2RkYTYt
N2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4Y2ExLzEvMzEzNTMwMmUzMjM1MzEyZTMy
MzIzNjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzNTMxMzUzMi5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAJb74jANBgkqhkiG9w0BAQsFAAOCAQEAkYV3mY6o8BhhcvD5Sm5O4RwKo7YG
JXfHULz5YQXLiMRO+h2pmFxzJEBbdFIZEct3RjuYMAnDNpWLQYuh56za1hzmhozs
B2xaurBdORUtiDY3dxJxhJ6aXqJrJudpdjTz4VjL+qyn6nbW3thsgUjV/RSbFixU
QVOjM5cxDLfXVFYXaYW60jnnwuaCh0ca2+ME8ji9alv/BVDhuAYFPeRtDNgObqMs
Q780CtXwoFit69MLXKdAXcrFqisT1LOzFXp//6dPV/ADs+tEhfyjkfGJdH1INfeO
NSLlwOolHBSg/+tECOEU36h1TOtrRT4ONrVWVoST1PGWbxc53AIwW3KhOQ==
-----END CERTIFICATE-----
Generated at Sat Mar 21 20:34:02 2026 by rpki-client