Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS0.roa
File: AS0.roa (raw, json)
Hash identifier: cE1k/mSs1yxSfgjwBiV30JchSySNiMowDx+52So/8F8=
Subject key identifier: C7:CF:91:EC:A5:E6:E2:15:4E:89:EE:71:1B:AD:16:D1:76:B0:86:20
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 075469F1455370BCFFDECCF2CF0095451D38BB96
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS0.roa
Signing time: Fri 20 Feb 2026 08:00:11 +0000
ROA not before: Fri 20 Feb 2026 07:55:11 +0000
ROA not after: Fri 19 Feb 2027 08:00:11 +0000
asID: 0
IP address blocks: 193.150.40.0/24 maxlen: 24
2a14:7580:50::/44 maxlen: 44
2a14:7580:b000::/36 maxlen: 48
2a14:7580:e700::/40 maxlen: 48
2a14:7580:e800::/40 maxlen: 48
2a14:7580:e900::/40 maxlen: 48
2a14:7580:ea00::/40 maxlen: 48
2a14:7580:eb00::/40 maxlen: 48
2a14:7580:ec00::/40 maxlen: 48
2a14:7580:ff90::/44 maxlen: 48
2a14:7580:ffef::/48 maxlen: 48
2a14:7581:fe6::/48 maxlen: 48
2a14:7581:ff2::/48 maxlen: 48
2a14:7581:ff7::/48 maxlen: 48
2a14:7581:ffa::/48 maxlen: 48
2a14:7581:ffc::/48 maxlen: 48
2a14:7581:9f60::/44 maxlen: 48
2a14:7581:9f70::/44 maxlen: 48
2a14:7581:9f80::/44 maxlen: 48
2a14:7581:9f90::/44 maxlen: 48
2a14:7582::/32 maxlen: 48
2a14:7583:3000::/36 maxlen: 48
2a14:7584:8000::/36 maxlen: 48
2a14:7584:a000::/36 maxlen: 48
2a14:7584:b000::/36 maxlen: 48
2a14:7584:c000::/36 maxlen: 48
2a14:7585::/32 maxlen: 48
2a14:7586::/32 maxlen: 48
2a14:7587::/32 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 21 Feb 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:54:69:f1:45:53:70:bc:ff:de:cc:f2:cf:00:95:45:1d:38:bb:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Feb 20 07:55:11 2026 GMT
Not After : Feb 19 08:00:11 2027 GMT
Subject: CN=C7CF91ECA5E6E2154E89EE711BAD16D176B08620
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:af:4a:87:ab:ca:77:46:34:c4:0d:4d:8d:1d:
40:5a:37:b6:77:ce:a2:a1:e9:f9:2e:b0:f0:78:7c:
df:e8:60:80:0a:33:88:e8:83:9d:51:97:b9:1d:59:
0e:82:eb:b9:ff:7b:63:0b:f6:0e:88:be:6b:dd:ee:
10:3c:25:4a:69:8d:5f:d3:b7:c3:21:76:3a:c6:a8:
80:c1:a4:c7:3d:a9:ef:fd:34:b5:80:c1:9b:9c:b4:
45:2a:92:ab:b8:64:38:43:e8:aa:39:80:1a:1e:f7:
42:3e:d1:84:13:0a:36:65:a1:ad:e8:8c:bc:2f:05:
1b:7c:4c:09:45:79:52:bc:d0:3a:31:16:46:36:bd:
05:9e:82:a8:7e:11:41:82:3f:bb:66:0a:92:97:fd:
0a:ca:89:ed:d4:c5:3a:63:e0:a7:67:40:a2:2a:31:
f4:d3:fc:1f:e3:24:88:39:18:0b:90:fa:cc:1c:f8:
96:d3:18:d5:24:6d:78:f2:d2:85:50:16:35:49:f5:
d4:1c:5c:c4:bb:cb:10:f6:53:16:92:a3:02:14:37:
72:07:06:f9:8b:de:2f:64:ff:f3:94:08:3d:4e:d2:
ff:d5:23:d2:b4:e5:81:be:fb:e3:13:9f:87:f1:15:
f4:7d:1f:5f:75:87:cb:4b:66:e1:af:ac:3f:da:d5:
ee:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:CF:91:EC:A5:E6:E2:15:4E:89:EE:71:1B:AD:16:D1:76:B0:86:20
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS0.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.150.40.0/24
IPv6:
2a14:7580:50::/44
2a14:7580:b000::/36
2a14:7580:e700::-2a14:7580:ecff:ffff:ffff:ffff:ffff:ffff
2a14:7580:ff90::/44
2a14:7580:ffef::/48
2a14:7581:fe6::/48
2a14:7581:ff2::/48
2a14:7581:ff7::/48
2a14:7581:ffa::/48
2a14:7581:ffc::/48
2a14:7581:9f60::-2a14:7581:9f9f:ffff:ffff:ffff:ffff:ffff
2a14:7582::/32
2a14:7583:3000::/36
2a14:7584:8000::/36
2a14:7584:a000::-2a14:7584:cfff:ffff:ffff:ffff:ffff:ffff
2a14:7585::-2a14:7587:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
65:8c:6c:b9:f1:ff:f6:e9:12:8a:8c:bd:d6:12:f6:a0:53:44:
98:c4:19:2c:79:4f:cf:4b:2c:09:90:c5:44:3c:90:3e:ab:a5:
dc:46:af:10:92:39:a7:11:f1:db:f7:97:a6:ae:3b:4c:a0:06:
00:9d:af:0e:55:ae:0e:a0:d7:e8:9e:a4:ea:17:a2:5e:6c:ca:
08:b6:74:db:42:d7:51:93:9f:f7:0b:6a:14:77:29:ef:d4:df:
99:46:4a:aa:14:d8:f9:18:9f:13:3d:c8:e8:86:0c:76:e6:47:
5d:11:5c:b0:61:9f:84:18:24:76:09:01:53:5a:2a:46:aa:da:
78:dc:44:ff:55:e3:cc:f2:77:b8:cd:64:8b:9b:41:24:6a:63:
e8:ac:f1:a9:7c:64:44:93:c8:51:c8:d8:92:ac:32:e5:f0:41:
01:a4:57:f9:19:ab:d0:12:ef:3c:dd:95:d3:cd:33:f3:73:53:
c6:94:cf:1f:b3:8c:b8:f8:e6:47:3a:0c:4e:fd:7d:48:fa:61:
53:ec:24:ff:47:2b:f9:cf:e4:5d:f7:83:4e:4e:46:22:45:18:
34:84:83:96:3d:84:6d:69:d9:5c:ba:40:8b:e4:26:eb:86:27:
69:20:24:26:cf:e7:92:aa:f7:bb:65:f3:6d:b5:b3:89:a8:c8:
43:d6:59:5b
-----BEGIN CERTIFICATE-----
MIIFtzCCBJ+gAwIBAgIUB1Rp8UVTcLz/3szyzwCVRR04u5YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNjAyMjAwNzU1MTFaFw0yNzAyMTkwODAwMTFaMDMxMTAvBgNV
BAMTKEM3Q0Y5MUVDQTVFNkUyMTU0RTg5RUU3MTFCQUQxNkQxNzZCMDg2MjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD1r0qHq8p3RjTEDU2NHUBaN7Z3
zqKh6fkusPB4fN/oYIAKM4jog51Rl7kdWQ6C67n/e2ML9g6Ivmvd7hA8JUppjV/T
t8MhdjrGqIDBpMc9qe/9NLWAwZuctEUqkqu4ZDhD6Ko5gBoe90I+0YQTCjZloa3o
jLwvBRt8TAlFeVK80DoxFkY2vQWegqh+EUGCP7tmCpKX/QrKie3UxTpj4KdnQKIq
MfTT/B/jJIg5GAuQ+swc+JbTGNUkbXjy0oVQFjVJ9dQcXMS7yxD2UxaSowIUN3IH
BvmL3i9k//OUCD1O0v/VI9K05YG+++MTn4fxFfR9H191h8tLZuGvrD/a1e45AgMB
AAGjggLBMIICvTAdBgNVHQ4EFgQUx8+R7KXm4hVOie5xG60W0XawhiAwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwdgYIKwYBBQUHAQsEajBoMGYGCCsGAQUFBzALhlpyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjCB2gYIKwYBBQUHAQcBAf8EgcowgccwDAQCAAEwBgMEAMGWKDCB
tgQCAAIwga8DBwQqFHWAAFADBgQqFHWAsDAQAwYAKhR1gOcDBgAqFHWA7AMHBCoU
dYD/kAMHACoUdYD/7wMHACoUdYEP5gMHACoUdYEP8gMHACoUdYEP9wMHACoUdYEP
+gMHACoUdYEP/DASAwcFKhR1gZ9gAwcFKhR1gZ+AAwUAKhR1ggMGBCoUdYMwAwYE
KhR1hIAwEAMGBSoUdYSgAwYEKhR1hMAwDgMFACoUdYUDBQMqFHWAMA0GCSqGSIb3
DQEBCwUAA4IBAQBljGy58f/26RKKjL3WEvagU0SYxBkseU/PSywJkMVEPJA+q6Xc
Rq8QkjmnEfHb95emrjtMoAYAna8OVa4OoNfonqTqF6JebMoItnTbQtdRk5/3C2oU
dynv1N+ZRkqqFNj5GJ8TPcjohgx25kddEVywYZ+EGCR2CQFTWipGqtp43ET/VePM
8ne4zWSLm0EkamPorPGpfGREk8hRyNiSrDLl8EEBpFf5GavQEu883ZXTzTPzc1PG
lM8fs4y4+OZHOgxO/X1I+mFT7CT/Ryv5z+Rd94NOTkYiRRg0hIOWPYRtadlcukCL
5CbrhidpICQmz+eSqve7ZfNttbOJqMhD1llb
-----END CERTIFICATE-----
Generated at Sat Feb 21 03:42:28 2026 by rpki-client