Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS0.roa
File: AS0.roa (raw, json)
Hash identifier: Dr44kXFy1wDTgReEzKNwOr3NefIMPW55gGCp65QJ25c=
Subject key identifier: 20:08:58:33:F4:9A:07:B9:03:D9:ED:96:50:1D:61:CF:E5:23:5A:1F
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 2CF38B72D4DB1554FA8ECF6E3D8815FE482E0F21
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS0.roa
Signing time: Thu 21 May 2026 10:42:09 +0000
ROA not before: Thu 21 May 2026 10:37:09 +0000
ROA not after: Thu 20 May 2027 10:42:09 +0000
asID: 0
IP address blocks: 193.150.40.0/24 maxlen: 24
2a14:7580:50::/44 maxlen: 44
2a14:7580:ffef::/48 maxlen: 48
2a14:7581::/40 maxlen: 48
2a14:7581:f00::/44 maxlen: 48
2a14:7581:fe6::/48 maxlen: 48
2a14:7581:fea::/48 maxlen: 48
2a14:7581:fec::/48 maxlen: 48
2a14:7581:fed::/48 maxlen: 48
2a14:7581:fef::/48 maxlen: 48
2a14:7581:ff2::/48 maxlen: 48
2a14:7581:ff6::/48 maxlen: 48
2a14:7581:ff7::/48 maxlen: 48
2a14:7581:ffa::/48 maxlen: 48
2a14:7581:ffc::/48 maxlen: 48
2a14:7581:5000::/36 maxlen: 48
2a14:7581:9ff0::/44 maxlen: 48
2a14:7583:4000::/36 maxlen: 48
2a14:7584:1000::/36 maxlen: 48
2a14:7584:3000::/36 maxlen: 48
2a14:7584:e390::/44 maxlen: 44
2a14:7584:e3a0::/44 maxlen: 44
2a14:7584:e920::/44 maxlen: 44
2a14:7586:7000::/36 maxlen: 48
2a14:7586:9000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 May 2026 16:01:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:f3:8b:72:d4:db:15:54:fa:8e:cf:6e:3d:88:15:fe:48:2e:0f:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: May 21 10:37:09 2026 GMT
Not After : May 20 10:42:09 2027 GMT
Subject: CN=20085833F49A07B903D9ED96501D61CFE5235A1F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:28:ca:c7:29:ce:89:c2:77:75:fa:c7:4e:ff:
be:84:bb:43:11:0c:cc:68:ff:f5:10:a5:fb:27:1c:
d3:7b:42:a4:dc:b5:28:de:6c:ad:84:2a:24:92:4e:
1e:8b:2b:d1:a1:af:5a:06:aa:ea:c9:24:7c:42:cd:
de:de:65:ff:64:9a:f0:90:4c:3b:33:3c:ae:48:82:
80:a2:99:cc:08:f7:7d:79:41:aa:ab:ca:47:21:4f:
66:54:c1:ba:9a:35:57:02:d9:d0:65:b1:4f:ca:8e:
3f:62:c5:f2:6e:38:d7:7f:5f:3c:5a:07:93:86:ab:
c8:76:c2:f0:b0:c2:ae:04:a8:e9:7a:cb:3a:46:c0:
c1:92:b0:e1:7d:63:ff:25:95:68:18:c1:0d:31:fd:
c1:ed:87:1a:5c:98:c6:42:7f:48:78:dd:4c:b5:3f:
29:7a:99:3a:97:d4:c8:ba:14:dc:b6:bf:c0:75:d9:
24:47:84:c5:68:6f:14:b8:ff:95:70:81:07:19:93:
a1:d3:4c:1e:4a:d1:2e:ae:21:22:26:d2:0c:b8:e1:
51:d6:2a:59:57:e4:42:a9:c6:06:86:62:f4:9f:5a:
f6:6b:68:66:a6:5a:89:39:f0:1f:49:3c:0b:84:4f:
0b:b5:f9:a9:1b:15:2e:6e:b6:81:a0:d5:84:8b:bd:
13:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:08:58:33:F4:9A:07:B9:03:D9:ED:96:50:1D:61:CF:E5:23:5A:1F
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS0.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.150.40.0/24
IPv6:
2a14:7580:50::/44
2a14:7580:ffef::/48
2a14:7581::/40
2a14:7581:f00::/44
2a14:7581:fe6::/48
2a14:7581:fea::/48
2a14:7581:fec::/47
2a14:7581:fef::/48
2a14:7581:ff2::/48
2a14:7581:ff6::/47
2a14:7581:ffa::/48
2a14:7581:ffc::/48
2a14:7581:5000::/36
2a14:7581:9ff0::/44
2a14:7583:4000::/36
2a14:7584:1000::/36
2a14:7584:3000::/36
2a14:7584:e390::-2a14:7584:e3af:ffff:ffff:ffff:ffff:ffff
2a14:7584:e920::/44
2a14:7586:7000::/36
2a14:7586:9000::/36
Signature Algorithm: sha256WithRSAEncryption
9a:6a:79:2d:d2:33:59:91:da:46:3f:52:9c:0a:ac:b1:1b:8b:
a1:af:b9:50:7c:ad:86:47:22:79:9a:5b:55:40:a7:d6:8f:2f:
23:ab:48:33:5b:8d:ac:15:de:60:a1:cc:ba:79:3b:2f:92:78:
cb:ea:34:0b:87:cf:8f:b0:b1:ae:e3:42:37:41:8d:51:c3:7e:
8a:56:fa:14:3b:f8:09:62:7e:89:d8:21:e9:04:85:72:b6:ad:
f9:8e:55:8f:5d:fb:9b:13:e7:a5:c7:aa:fe:25:55:d2:b6:9e:
de:02:63:36:96:d2:83:98:53:6a:a8:fc:8a:a5:d8:16:98:d1:
24:8a:80:a3:ab:f1:50:64:59:2a:08:da:f1:e8:64:18:5d:0d:
84:70:52:07:8a:a0:4b:1b:92:5e:a8:39:89:13:94:1f:52:23:
a0:e0:f6:ac:3a:7b:88:92:f7:66:80:91:94:76:24:d9:54:ac:
49:d7:2b:f4:18:4b:48:e7:d3:72:03:ef:69:ac:59:14:80:75:
04:7b:ce:57:95:4a:ee:a4:03:46:ff:c3:1d:52:9c:83:1b:ab:
0c:7f:c4:8f:06:a1:a2:56:af:b2:14:26:2d:80:11:11:3e:dc:
d1:8d:89:ca:f0:46:bc:d2:c2:f3:1f:6e:27:d4:cd:f8:3e:4e:
ae:27:ff:e1
-----BEGIN CERTIFICATE-----
MIIFyTCCBLGgAwIBAgIULPOLctTbFVT6js9uPYgV/kguDyEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNjA1MjExMDM3MDlaFw0yNzA1MjAxMDQyMDlaMDMxMTAvBgNV
BAMTKDIwMDg1ODMzRjQ5QTA3QjkwM0Q5RUQ5NjUwMUQ2MUNGRTUyMzVBMUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrKMrHKc6Jwnd1+sdO/76Eu0MR
DMxo//UQpfsnHNN7QqTctSjebK2EKiSSTh6LK9Ghr1oGqurJJHxCzd7eZf9kmvCQ
TDszPK5IgoCimcwI9315QaqrykchT2ZUwbqaNVcC2dBlsU/Kjj9ixfJuONd/Xzxa
B5OGq8h2wvCwwq4EqOl6yzpGwMGSsOF9Y/8llWgYwQ0x/cHthxpcmMZCf0h43Uy1
Pyl6mTqX1Mi6FNy2v8B12SRHhMVobxS4/5VwgQcZk6HTTB5K0S6uISIm0gy44VHW
KllX5EKpxgaGYvSfWvZraGamWok58B9JPAuETwu1+akbFS5utoGg1YSLvROLAgMB
AAGjggLTMIICzzAdBgNVHQ4EFgQUIAhYM/SaB7kD2e2WUB1hz+UjWh8wHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwdgYIKwYBBQUHAQsEajBoMGYGCCsGAQUFBzALhlpyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjCB7AYIKwYBBQUHAQcBAf8EgdwwgdkwDAQCAAEwBgMEAMGWKDCB
yAQCAAIwgcEDBwQqFHWAAFADBwAqFHWA/+8DBgAqFHWBAAMHBCoUdYEPAAMHACoU
dYEP5gMHACoUdYEP6gMHASoUdYEP7AMHACoUdYEP7wMHACoUdYEP8gMHASoUdYEP
9gMHACoUdYEP+gMHACoUdYEP/AMGBCoUdYFQAwcEKhR1gZ/wAwYEKhR1g0ADBgQq
FHWEEAMGBCoUdYQwMBIDBwQqFHWE45ADBwQqFHWE46ADBwQqFHWE6SADBgQqFHWG
cAMGBCoUdYaQMA0GCSqGSIb3DQEBCwUAA4IBAQCaankt0jNZkdpGP1KcCqyxG4uh
r7lQfK2GRyJ5mltVQKfWjy8jq0gzW42sFd5gocy6eTsvknjL6jQLh8+PsLGu40I3
QY1Rw36KVvoUO/gJYn6J2CHpBIVytq35jlWPXfubE+elx6r+JVXStp7eAmM2ltKD
mFNqqPyKpdgWmNEkioCjq/FQZFkqCNrx6GQYXQ2EcFIHiqBLG5JeqDmJE5QfUiOg
4PasOnuIkvdmgJGUdiTZVKxJ1yv0GEtI59NyA+9prFkUgHUEe85XlUrupANG/8Md
UpyDG6sMf8SPBqGiVq+yFCYtgBERPtzRjYnK8Ea80sLzH24n1M34Pk6uJ//h
-----END CERTIFICATE-----
Generated at Sat May 23 03:04:36 2026 by rpki-client