Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3135302e3235312e3232372e302f32342d3234203d3e20323133373334.roa
File: 3135302e3235312e3232372e302f32342d3234203d3e20323133373334.roa (raw, json)
Hash identifier: Fe/5va/u8EIzw3SYKhB486KbEr9PrZMEi8IrwZOE4AM=
Subject key identifier: 80:88:E5:D6:4E:72:E7:06:55:D9:7E:A0:0E:AD:51:B1:68:36:6B:E0
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 179100E70315C79F0FC20D526BEAEF48065E87FF
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3135302e3235312e3232372e302f32342d3234203d3e20323133373334.roa
Signing time: Fri 20 Mar 2026 12:01:31 +0000
ROA not before: Fri 20 Mar 2026 11:56:31 +0000
ROA not after: Fri 19 Mar 2027 12:01:31 +0000
asID: 213734
IP address blocks: 150.251.227.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.mft
rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Mar 2026 07:19:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:91:00:e7:03:15:c7:9f:0f:c2:0d:52:6b:ea:ef:48:06:5e:87:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: Mar 20 11:56:31 2026 GMT
Not After : Mar 19 12:01:31 2027 GMT
Subject: CN=8088E5D64E72E70655D97EA00EAD51B168366BE0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:c8:c7:fc:84:ea:5a:39:96:41:9a:6a:a6:1f:
e4:06:0e:3a:d8:b4:52:16:74:20:6b:18:65:74:aa:
4f:d1:b2:8a:89:4b:e2:55:82:01:3a:04:b8:b9:36:
15:e8:f6:1c:54:1f:18:28:bf:9c:de:e2:d7:dc:27:
cf:36:c4:d2:f2:e6:e3:6c:4b:e9:df:78:e7:b9:8c:
07:14:89:40:7d:3b:e4:b8:91:a6:7c:ea:99:ca:e5:
88:1a:24:23:f6:a8:c5:a8:d8:e5:91:90:75:ad:c4:
cd:cf:98:29:49:25:92:cc:fd:c2:77:74:7e:ee:2b:
c5:c3:81:02:0d:05:42:e8:ad:20:0b:70:98:25:6e:
23:b5:77:b6:a1:78:f6:13:78:4e:b6:f6:a0:12:b6:
90:47:8a:74:df:a3:9b:48:b0:43:d2:ba:76:c7:04:
5f:42:cd:b4:bd:28:ca:f8:4c:ca:66:f8:d1:e7:bc:
48:ed:d8:9d:a7:be:be:df:76:c6:4f:65:ef:85:1e:
6c:66:94:1e:a6:77:be:4d:c4:dd:79:a0:c7:15:e9:
81:67:f0:03:35:85:e3:f9:c2:e6:36:ef:62:42:41:
11:32:c3:4d:12:49:4b:8e:0b:02:d7:37:07:84:28:
60:89:8e:36:5f:48:d6:c1:0e:56:cc:0f:17:ac:87:
f2:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:88:E5:D6:4E:72:E7:06:55:D9:7E:A0:0E:AD:51:B1:68:36:6B:E0
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3135302e3235312e3232372e302f32342d3234203d3e20323133373334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
150.251.227.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:33:67:94:3e:5a:a3:4f:3d:c1:14:b9:1a:2d:62:d1:47:cd:
cb:9f:3d:7f:60:8b:77:05:60:14:64:22:db:d9:c7:f6:b6:0d:
69:61:aa:75:77:a2:40:a2:41:5d:21:04:28:1a:fd:6e:92:ee:
d7:b1:07:92:55:fb:23:e0:c2:05:bd:76:a8:fd:c2:ba:06:7e:
28:d1:e0:5e:ac:98:b7:99:39:92:c0:ab:98:f7:20:38:c6:b3:
1f:d3:fa:f8:32:6c:82:2f:c7:c1:b4:df:bd:84:40:22:0c:16:
47:31:dd:d4:cf:73:de:5b:e9:5b:c5:4a:5c:6a:d3:3b:e5:df:
e7:f8:92:00:a0:33:e0:32:ac:10:3c:ef:09:3c:6d:45:b0:d6:
62:e7:86:7e:c7:e3:75:1c:e3:d0:c8:33:24:d2:15:d4:e8:3e:
86:40:d7:f1:c3:a9:ed:f0:ef:42:0b:a8:6f:7e:14:a0:a5:44:
f8:ee:f3:e8:91:99:2c:ef:06:97:69:75:24:7a:0f:87:16:58:
e0:85:30:36:23:c7:ce:ec:02:29:0b:88:2a:ef:37:7a:e5:84:
db:f3:32:62:54:1d:74:37:16:30:e0:3a:34:69:57:8a:a1:30:
e6:bc:3c:7a:fb:90:7b:ce:0c:ef:20:36:c0:79:54:da:bc:87:
bf:5b:31:ab
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUF5EA5wMVx58Pwg1Sa+rvSAZeh/8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNjAzMjAxMTU2MzFaFw0yNzAzMTkxMjAxMzFaMDMxMTAvBgNV
BAMTKDgwODhFNUQ2NEU3MkU3MDY1NUQ5N0VBMDBFQUQ1MUIxNjgzNjZCRTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3yMf8hOpaOZZBmmqmH+QGDjrY
tFIWdCBrGGV0qk/RsoqJS+JVggE6BLi5NhXo9hxUHxgov5ze4tfcJ882xNLy5uNs
S+nfeOe5jAcUiUB9O+S4kaZ86pnK5YgaJCP2qMWo2OWRkHWtxM3PmClJJZLM/cJ3
dH7uK8XDgQINBULorSALcJglbiO1d7ahePYTeE629qAStpBHinTfo5tIsEPSunbH
BF9CzbS9KMr4TMpm+NHnvEjt2J2nvr7fdsZPZe+FHmxmlB6md75NxN15oMcV6YFn
8AM1heP5wuY272JCQREyw00SSUuOCwLXNweEKGCJjjZfSNbBDlbMDxesh/LTAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUgIjl1k5y5wZV2X6gDq1RsWg2a+AwHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExM2RkYTYt
N2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4Y2ExLzEvMzEzNTMwMmUzMjM1MzEyZTMy
MzIzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMzM3MzMzNC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAJb74zANBgkqhkiG9w0BAQsFAAOCAQEACjNnlD5ao089wRS5Gi1i0UfNy589
f2CLdwVgFGQi29nH9rYNaWGqdXeiQKJBXSEEKBr9bpLu17EHklX7I+DCBb12qP3C
ugZ+KNHgXqyYt5k5ksCrmPcgOMazH9P6+DJsgi/HwbTfvYRAIgwWRzHd1M9z3lvp
W8VKXGrTO+Xf5/iSAKAz4DKsEDzvCTxtRbDWYueGfsfjdRzj0MgzJNIV1Og+hkDX
8cOp7fDvQguob34UoKVE+O7z6JGZLO8Gl2l1JHoPhxZY4IUwNiPHzuwCKQuIKu83
euWE2/MyYlQddDcWMOA6NGlXiqEw5rw8evuQe84M7yA2wHlU2ryHv1sxqw==
-----END CERTIFICATE-----
Generated at Sat Mar 21 20:37:10 2026 by rpki-client