Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3135302e3235312e3232382e302f32342d3234203d3e20323133363333.roa
File: 3135302e3235312e3232382e302f32342d3234203d3e20323133363333.roa (raw, json)
Hash identifier: ROaf9i9qlnTtNQQ7nOSRheGwdev6uhKsv8csITkotSE=
Subject key identifier: 44:BB:8B:C3:BD:76:23:8D:04:CD:BF:12:69:9A:52:7A:D4:CC:14:A5
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 7E0691E9D285AECF2C249061EEBDF7BC9637ED36
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3135302e3235312e3232382e302f32342d3234203d3e20323133363333.roa
Signing time: Tue 19 May 2026 16:36:28 +0000
ROA not before: Tue 19 May 2026 16:31:28 +0000
ROA not after: Tue 18 May 2027 16:36:28 +0000
asID: 213633
IP address blocks: 150.251.228.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.mft
rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 May 2026 05:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:06:91:e9:d2:85:ae:cf:2c:24:90:61:ee:bd:f7:bc:96:37:ed:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: May 19 16:31:28 2026 GMT
Not After : May 18 16:36:28 2027 GMT
Subject: CN=44BB8BC3BD76238D04CDBF12699A527AD4CC14A5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:58:39:68:fc:31:1a:9d:57:e4:e5:79:9c:a1:
87:65:5f:9a:11:b9:12:0c:9f:cf:b0:59:28:b7:28:
16:14:67:52:47:8e:6f:90:7e:23:ba:a8:07:0f:07:
66:5f:52:cc:cb:dd:2c:38:52:9d:f2:4f:6e:3d:43:
1c:e1:c1:5f:af:61:4d:aa:18:c7:b9:8c:3a:a9:83:
3e:96:73:d9:f7:1f:bf:50:c6:4d:37:c9:e4:1f:c5:
19:d0:90:06:12:2f:61:d9:30:2c:6a:14:3a:34:e2:
e1:03:84:6a:2f:65:e1:ed:ea:d2:16:7a:05:36:01:
57:17:6e:df:17:0d:34:b8:e7:d2:8c:0f:e4:56:c2:
df:f9:f1:bf:96:d1:af:1b:c9:a6:fa:ef:56:2c:c5:
8e:69:52:4c:bb:34:31:7f:40:37:51:ca:7a:d8:68:
47:7f:08:32:d5:2c:8f:e4:06:9b:0d:fd:de:a0:37:
e7:5b:94:79:17:84:c7:49:63:8e:5f:b9:fd:81:23:
e6:7c:57:1c:e4:66:81:39:23:ba:7d:77:c5:7e:06:
09:6f:4c:89:fc:76:92:84:cb:f3:c0:48:84:9c:a8:
2c:12:fa:30:98:03:e0:57:a0:43:21:20:d5:38:4f:
dc:b5:6c:ab:80:11:58:80:1d:3b:19:d0:93:da:d3:
97:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:BB:8B:C3:BD:76:23:8D:04:CD:BF:12:69:9A:52:7A:D4:CC:14:A5
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3135302e3235312e3232382e302f32342d3234203d3e20323133363333.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
150.251.228.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:b3:9b:5d:48:b5:10:93:b5:7c:77:63:6a:7b:82:1b:28:d6:
df:98:6c:08:e5:c3:34:8c:2e:35:d2:66:34:66:3a:52:9c:5e:
9f:37:0b:c5:ca:13:fd:66:ac:bf:f8:53:66:5a:1e:5e:3c:dd:
07:31:d6:f0:14:fb:45:c9:6f:39:e2:87:00:cc:e2:de:a1:94:
4f:43:40:82:d0:53:90:48:21:a1:b2:be:fb:5c:0d:7b:a8:5d:
0b:72:e0:23:ca:60:9c:ca:43:e5:61:aa:06:a7:26:6a:f1:84:
d1:43:11:9f:10:c8:77:05:51:ad:37:16:c7:62:3c:af:dc:04:
cc:48:ad:8f:64:2f:e8:13:8a:4b:72:36:11:6a:1f:e7:76:d7:
33:c8:65:98:2a:8d:4a:7b:a2:cd:7f:3f:25:fe:59:df:af:71:
3a:57:a0:c3:32:ee:b8:76:cb:6b:88:d3:4e:a4:7a:c1:bb:a4:
e1:b2:2b:3f:40:66:68:98:8d:a5:f0:d2:dc:03:c7:e6:2b:a4:
a3:c5:6f:40:88:5c:a9:2b:e0:78:67:16:03:2c:ef:c3:c0:39:
67:f1:af:0e:1f:ee:0b:ad:ec:a4:6f:b6:c9:6d:a5:4a:b0:3b:
43:24:81:52:0f:f5:57:66:80:fd:e9:95:4a:12:70:00:d4:80:
10:ac:bf:82
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUfgaR6dKFrs8sJJBh7r33vJY37TYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNjA1MTkxNjMxMjhaFw0yNzA1MTgxNjM2MjhaMDMxMTAvBgNV
BAMTKDQ0QkI4QkMzQkQ3NjIzOEQwNENEQkYxMjY5OUE1MjdBRDRDQzE0QTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3WDlo/DEanVfk5XmcoYdlX5oR
uRIMn8+wWSi3KBYUZ1JHjm+QfiO6qAcPB2ZfUszL3Sw4Up3yT249QxzhwV+vYU2q
GMe5jDqpgz6Wc9n3H79Qxk03yeQfxRnQkAYSL2HZMCxqFDo04uEDhGovZeHt6tIW
egU2AVcXbt8XDTS459KMD+RWwt/58b+W0a8byab671YsxY5pUky7NDF/QDdRynrY
aEd/CDLVLI/kBpsN/d6gN+dblHkXhMdJY45fuf2BI+Z8VxzkZoE5I7p9d8V+Bglv
TIn8dpKEy/PASIScqCwS+jCYA+BXoEMhINU4T9y1bKuAEViAHTsZ0JPa05djAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQURLuLw712I40Ezb8SaZpSetTMFKUwHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExM2RkYTYt
N2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4Y2ExLzEvMzEzNTMwMmUzMjM1MzEyZTMy
MzIzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMzM2MzMzMy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAJb75DANBgkqhkiG9w0BAQsFAAOCAQEASrObXUi1EJO1fHdjanuCGyjW35hs
COXDNIwuNdJmNGY6UpxenzcLxcoT/Wasv/hTZloeXjzdBzHW8BT7RclvOeKHAMzi
3qGUT0NAgtBTkEghobK++1wNe6hdC3LgI8pgnMpD5WGqBqcmavGE0UMRnxDIdwVR
rTcWx2I8r9wEzEitj2Qv6BOKS3I2EWof53bXM8hlmCqNSnuizX8/Jf5Z369xOleg
wzLuuHbLa4jTTqR6wbuk4bIrP0BmaJiNpfDS3APH5iuko8VvQIhcqSvgeGcWAyzv
w8A5Z/GvDh/uC63spG+2yW2lSrA7QySBUg/1V2aA/emVShJwANSAEKy/gg==
-----END CERTIFICATE-----
Generated at Sun May 24 13:09:21 2026 by rpki-client