Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3135302e3235312e3232372e302f32342d3234203d3e20323032373931.roa
File: 3135302e3235312e3232372e302f32342d3234203d3e20323032373931.roa (raw, json)
Hash identifier: AEn8tTs6i3Wn6/AJ3IvF0e3WYXLEjpMG1Qxt5oii3So=
Subject key identifier: 48:1B:30:6E:87:7E:0E:CD:22:50:A1:35:7E:75:9F:6D:3C:57:E5:2E
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 0638AD33FE42D8BAAE4B29674CF6A1227C90DB36
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3135302e3235312e3232372e302f32342d3234203d3e20323032373931.roa
Signing time: Fri 24 Apr 2026 04:18:57 +0000
ROA not before: Fri 24 Apr 2026 04:13:57 +0000
ROA not after: Fri 23 Apr 2027 04:18:57 +0000
asID: 202791
IP address blocks: 150.251.227.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.mft
rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 May 2026 18:48:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:38:ad:33:fe:42:d8:ba:ae:4b:29:67:4c:f6:a1:22:7c:90:db:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: Apr 24 04:13:57 2026 GMT
Not After : Apr 23 04:18:57 2027 GMT
Subject: CN=481B306E877E0ECD2250A1357E759F6D3C57E52E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:55:61:50:d8:c7:e7:63:09:6d:db:bc:45:b5:
88:68:19:ee:06:c6:69:36:c1:17:e2:07:7f:3f:39:
26:60:22:27:a8:4f:f5:c0:59:57:67:16:4a:25:41:
f5:a7:9e:7c:86:0b:d4:74:1f:00:f9:f6:53:f3:e9:
41:e8:fe:95:07:10:60:f1:f3:14:08:1b:67:0b:cf:
d6:88:80:be:cb:35:f0:de:d9:64:07:05:b7:17:b9:
74:a3:10:e0:c7:62:12:40:71:af:4e:99:b6:40:ca:
05:fd:42:55:ad:52:4c:9b:fc:1a:42:33:e6:41:df:
4c:0f:89:be:76:08:a4:8b:90:cf:c2:5c:8d:bb:11:
34:d8:87:fb:0b:60:7d:2e:0e:a4:bc:e6:b3:f9:2e:
09:e9:d8:f7:80:50:61:ad:3e:85:56:14:47:45:73:
08:af:aa:67:7b:42:cf:ee:f4:94:2a:52:0a:cd:46:
7c:a0:41:aa:82:bf:a1:a1:49:64:69:76:a3:e5:54:
3f:d7:42:89:e1:16:0d:d7:8c:af:01:92:04:b7:95:
a1:f3:3f:4f:0f:4b:4b:b5:b2:9c:64:e3:0a:fc:03:
d2:29:7a:43:fd:34:14:91:3b:94:b5:54:ee:fb:eb:
57:fa:fd:86:df:b0:8f:3f:ca:33:69:d5:44:76:1b:
0c:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:1B:30:6E:87:7E:0E:CD:22:50:A1:35:7E:75:9F:6D:3C:57:E5:2E
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3135302e3235312e3232372e302f32342d3234203d3e20323032373931.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
150.251.227.0/24
Signature Algorithm: sha256WithRSAEncryption
96:9d:e3:b8:6c:d0:09:38:1b:cf:b9:00:3b:af:e5:bd:7c:2d:
33:35:a7:f5:36:0d:7e:f6:dd:b0:c8:ff:73:02:eb:89:7a:e3:
53:cb:ae:e7:ef:d5:25:0a:3a:93:63:ad:b6:ed:a8:70:4f:43:
f5:18:96:12:29:90:a0:e9:85:91:be:7c:18:7b:c1:ef:52:db:
27:4d:48:d6:d7:63:76:e1:4f:7a:e8:b5:5a:a9:19:57:0a:b2:
2f:6c:cf:96:de:c1:62:12:12:f7:04:09:19:c1:f6:52:20:aa:
c0:0e:71:f4:55:5c:a1:27:b7:cd:3b:01:87:c1:ae:7e:08:44:
22:3c:db:7f:fe:5c:07:9b:01:58:72:6e:53:65:9a:12:46:d6:
71:52:89:a9:58:4a:bc:8f:3c:f3:0c:85:0a:cb:ef:a7:2c:0d:
56:0e:73:6a:30:6a:de:4c:28:d6:70:dc:9b:10:41:2d:a2:3b:
5d:74:ac:33:8b:98:dd:a3:47:3b:99:43:ea:c4:71:7d:d2:e9:
ad:a2:2f:ff:07:bd:05:77:b9:84:b9:11:14:12:f4:dd:21:0d:
81:a3:80:d8:ec:35:c1:34:be:f4:a6:04:9e:5e:4a:4c:ab:b7:
88:65:79:19:a6:5a:44:54:ac:4c:56:43:7a:37:63:9c:60:d3:
59:a2:f9:ab
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUBjitM/5C2LquSylnTPahInyQ2zYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNjA0MjQwNDEzNTdaFw0yNzA0MjMwNDE4NTdaMDMxMTAvBgNV
BAMTKDQ4MUIzMDZFODc3RTBFQ0QyMjUwQTEzNTdFNzU5RjZEM0M1N0U1MkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmVWFQ2MfnYwlt27xFtYhoGe4G
xmk2wRfiB38/OSZgIieoT/XAWVdnFkolQfWnnnyGC9R0HwD59lPz6UHo/pUHEGDx
8xQIG2cLz9aIgL7LNfDe2WQHBbcXuXSjEODHYhJAca9OmbZAygX9QlWtUkyb/BpC
M+ZB30wPib52CKSLkM/CXI27ETTYh/sLYH0uDqS85rP5Lgnp2PeAUGGtPoVWFEdF
cwivqmd7Qs/u9JQqUgrNRnygQaqCv6GhSWRpdqPlVD/XQonhFg3XjK8BkgS3laHz
P08PS0u1spxk4wr8A9IpekP9NBSRO5S1VO7761f6/YbfsI8/yjNp1UR2GwylAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUSBswbod+Ds0iUKE1fnWfbTxX5S4wHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExM2RkYTYt
N2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4Y2ExLzEvMzEzNTMwMmUzMjM1MzEyZTMy
MzIzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzMjM3MzkzMS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAJb74zANBgkqhkiG9w0BAQsFAAOCAQEAlp3juGzQCTgbz7kAO6/lvXwtMzWn
9TYNfvbdsMj/cwLriXrjU8uu5+/VJQo6k2Ottu2ocE9D9RiWEimQoOmFkb58GHvB
71LbJ01I1tdjduFPeui1WqkZVwqyL2zPlt7BYhIS9wQJGcH2UiCqwA5x9FVcoSe3
zTsBh8GufghEIjzbf/5cB5sBWHJuU2WaEkbWcVKJqVhKvI888wyFCsvvpywNVg5z
ajBq3kwo1nDcmxBBLaI7XXSsM4uY3aNHO5lD6sRxfdLpraIv/we9BXe5hLkRFBL0
3SENgaOA2Ow1wTS+9KYEnl5KTKu3iGV5GaZaRFSsTFZDejdjnGDTWaL5qw==
-----END CERTIFICATE-----
Generated at Wed May 6 01:12:13 2026 by rpki-client