Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3135302e3235312e3232382e302f32342d3234203d3e20343032313836.roa
File: 3135302e3235312e3232382e302f32342d3234203d3e20343032313836.roa (raw, json)
Hash identifier: bq5jg07HJ8FOTQ2/zMutzRp2lBLV9j0f+dqxY6EcQ5E=
Subject key identifier: 7A:4A:CA:1B:16:EF:44:EA:C7:BA:9D:DC:C6:A0:52:20:11:8A:28:5B
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 2CC35358C63E7A220E29B098DC1CADD53E1880EB
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3135302e3235312e3232382e302f32342d3234203d3e20343032313836.roa
Signing time: Tue 17 Mar 2026 11:21:04 +0000
ROA not before: Tue 17 Mar 2026 11:16:04 +0000
ROA not after: Tue 16 Mar 2027 11:21:04 +0000
asID: 402186
IP address blocks: 150.251.228.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.mft
rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Mar 2026 07:19:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:c3:53:58:c6:3e:7a:22:0e:29:b0:98:dc:1c:ad:d5:3e:18:80:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: Mar 17 11:16:04 2026 GMT
Not After : Mar 16 11:21:04 2027 GMT
Subject: CN=7A4ACA1B16EF44EAC7BA9DDCC6A05220118A285B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:2a:59:7a:45:6b:c8:25:04:1c:db:1a:0a:da:
a8:ab:4b:24:da:28:d5:bb:d3:bc:d5:db:b0:d3:cd:
ac:a4:8a:2d:26:7e:5a:75:fd:57:65:26:dd:51:a7:
9e:7a:09:d7:15:05:b5:59:39:70:39:0c:10:5c:c9:
6f:70:d2:51:73:1b:d5:b3:81:34:b3:de:a7:78:88:
71:9c:57:ff:e7:4a:31:16:60:58:2e:85:7a:75:4e:
43:ca:97:13:2e:a2:d8:2b:04:f5:ab:bf:b9:3e:f0:
01:48:f6:69:c9:9b:e2:f5:26:76:83:c0:39:c5:73:
e6:33:18:13:b1:25:63:95:40:f0:30:67:f6:0a:8b:
26:95:53:95:9b:da:fa:e3:8f:05:1b:63:2a:29:53:
09:02:33:37:dc:34:21:c3:b1:e8:9d:95:b3:d2:68:
94:d6:90:62:7a:31:9c:82:a0:97:9d:97:ec:af:54:
96:cd:35:e4:ca:49:03:36:84:57:84:ee:76:42:93:
67:d1:c5:ca:38:a0:27:dc:d2:64:ef:36:d8:7f:33:
2f:bd:b3:ec:a4:e8:4a:fd:17:2e:5a:c7:d4:e9:40:
9c:33:5e:ef:86:21:69:8e:0e:0d:83:12:0d:8e:d8:
d1:85:4f:dd:7e:40:b5:7b:4a:b3:cd:13:62:72:df:
23:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:4A:CA:1B:16:EF:44:EA:C7:BA:9D:DC:C6:A0:52:20:11:8A:28:5B
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3135302e3235312e3232382e302f32342d3234203d3e20343032313836.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
150.251.228.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:af:18:45:d5:ef:33:bb:fc:97:da:1e:6e:b1:c6:c3:18:e2:
44:26:eb:e3:f6:34:4e:5d:16:ce:3a:1d:a5:ed:5d:5d:2c:1b:
ec:08:4b:62:df:30:6c:74:3a:e2:5c:c8:59:8c:c5:4b:fb:0c:
ea:4f:5c:3c:14:ef:5d:59:33:ff:b9:a2:4d:24:6e:e9:ca:75:
d9:10:f9:55:5a:81:6c:bb:8d:5b:f6:2a:0f:39:35:72:e4:2d:
59:6a:3b:3f:c0:b2:48:5d:38:06:b5:d7:4a:e1:e1:35:70:50:
28:39:de:08:07:dd:a8:ae:24:80:91:bc:13:60:ff:14:19:f6:
d8:0b:6c:1a:c5:85:05:04:48:db:c0:9a:73:f9:fb:97:4e:c2:
37:22:d3:6f:30:4c:b9:a7:28:2b:b9:06:8e:de:21:f0:a1:3d:
f4:9a:b7:56:e7:03:02:1e:5e:f7:28:ad:17:3d:45:65:9f:d2:
b2:11:f9:ca:96:14:48:b8:85:fe:2f:58:17:ec:8d:0a:5f:57:
47:c7:30:09:d0:9e:f1:55:a8:eb:65:96:b4:04:25:15:e5:34:
bc:a2:ff:f4:40:ba:66:ed:3a:f9:15:4f:f0:07:88:ae:cb:78:
0a:3f:f1:4e:85:ad:d5:22:5e:5f:c9:50:a2:22:e2:b4:79:92:
6b:54:d0:4b
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIULMNTWMY+eiIOKbCY3Byt1T4YgOswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNjAzMTcxMTE2MDRaFw0yNzAzMTYxMTIxMDRaMDMxMTAvBgNV
BAMTKDdBNEFDQTFCMTZFRjQ0RUFDN0JBOUREQ0M2QTA1MjIwMTE4QTI4NUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCTKll6RWvIJQQc2xoK2qirSyTa
KNW707zV27DTzaykii0mflp1/VdlJt1Rp556CdcVBbVZOXA5DBBcyW9w0lFzG9Wz
gTSz3qd4iHGcV//nSjEWYFguhXp1TkPKlxMuotgrBPWrv7k+8AFI9mnJm+L1JnaD
wDnFc+YzGBOxJWOVQPAwZ/YKiyaVU5Wb2vrjjwUbYyopUwkCMzfcNCHDseidlbPS
aJTWkGJ6MZyCoJedl+yvVJbNNeTKSQM2hFeE7nZCk2fRxco4oCfc0mTvNth/My+9
s+yk6Er9Fy5ax9TpQJwzXu+GIWmODg2DEg2O2NGFT91+QLV7SrPNE2Jy3yOHAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUekrKGxbvROrHup3cxqBSIBGKKFswHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExM2RkYTYt
N2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4Y2ExLzEvMzEzNTMwMmUzMjM1MzEyZTMy
MzIzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzAzMjMxMzgzNi5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAJb75DANBgkqhkiG9w0BAQsFAAOCAQEAo68YRdXvM7v8l9oebrHGwxjiRCbr
4/Y0Tl0Wzjodpe1dXSwb7AhLYt8wbHQ64lzIWYzFS/sM6k9cPBTvXVkz/7miTSRu
6cp12RD5VVqBbLuNW/YqDzk1cuQtWWo7P8CySF04BrXXSuHhNXBQKDneCAfdqK4k
gJG8E2D/FBn22AtsGsWFBQRI28Cac/n7l07CNyLTbzBMuacoK7kGjt4h8KE99Jq3
VucDAh5e9yitFz1FZZ/SshH5ypYUSLiF/i9YF+yNCl9XR8cwCdCe8VWo62WWtAQl
FeU0vKL/9EC6Zu06+RVP8AeIrst4Cj/xToWt1SJeX8lQoiLitHmSa1TQSw==
-----END CERTIFICATE-----
Generated at Sat Mar 21 20:35:20 2026 by rpki-client