Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS150289.roa
File: AS150289.roa (raw, json)
Hash identifier: zid1HIO9TE3QJ0Xp2hz4BQY5+7m16iWDMNVtBKCqzVA=
Subject key identifier: 22:E3:57:6C:49:03:A7:7D:85:96:CD:0F:B8:6D:5B:5F:BD:81:EF:B5
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 522848DAD60A836AF8D4200636655B4E26BC1AC3
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS150289.roa
Signing time: Tue 06 Jan 2026 01:00:49 +0000
ROA not before: Tue 06 Jan 2026 00:55:49 +0000
ROA not after: Tue 05 Jan 2027 01:00:49 +0000
asID: 150289
IP address blocks: 2a14:7580:e600::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Feb 2026 21:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:28:48:da:d6:0a:83:6a:f8:d4:20:06:36:65:5b:4e:26:bc:1a:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Jan 6 00:55:49 2026 GMT
Not After : Jan 5 01:00:49 2027 GMT
Subject: CN=22E3576C4903A77D8596CD0FB86D5B5FBD81EFB5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:80:ff:e2:d6:bc:b7:4f:d3:25:1a:a4:b7:d3:
3d:b9:1c:45:1a:cd:86:33:e0:16:c0:84:82:4f:2c:
4c:87:3f:30:65:a4:7b:c9:b1:33:e0:54:76:cc:2e:
a4:3a:e4:54:0f:c4:80:d9:c1:78:a1:b3:d2:07:ab:
42:86:39:4a:5f:08:05:d5:bd:42:82:ff:6a:6d:2f:
44:4d:49:73:b9:63:2e:f7:e4:49:a5:11:87:1b:53:
6d:5a:d3:be:e1:b6:cb:7a:f8:03:86:0b:f8:b4:e1:
2f:f9:a0:53:29:f5:af:1b:0e:ac:16:23:8d:e8:54:
b5:ad:a4:89:83:79:b8:b3:69:6c:a3:a7:de:af:b3:
90:7c:90:76:3b:b6:3d:a4:c1:35:f9:19:98:43:50:
b0:07:c2:1b:ef:21:e4:3e:f7:e8:8c:34:95:4d:8d:
76:33:14:ee:1f:aa:cc:05:5b:2b:98:3f:37:c4:82:
09:aa:2c:d5:a1:b9:bb:4e:65:da:04:b4:8e:03:75:
e9:8d:9b:32:9c:39:97:37:73:4c:63:11:aa:12:cf:
10:c4:e7:39:79:75:b6:4c:bd:c2:c9:05:b4:e0:aa:
37:71:fd:aa:b7:03:80:86:90:50:b9:e5:bf:a0:98:
6e:6f:55:6f:5a:fe:2c:f2:1b:51:27:db:7c:ab:b0:
ba:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:E3:57:6C:49:03:A7:7D:85:96:CD:0F:B8:6D:5B:5F:BD:81:EF:B5
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS150289.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7580:e600::/40
Signature Algorithm: sha256WithRSAEncryption
2e:b8:89:92:f1:c8:cf:e7:b4:03:c3:dd:fe:5d:a5:86:e5:a6:
98:d3:a9:76:9e:35:f7:85:4b:75:43:23:90:2e:bd:a6:67:f4:
42:24:52:64:9f:39:5f:01:91:a6:38:b8:0c:ce:0e:57:44:89:
9a:ba:5d:9f:d9:c9:ba:59:60:26:5a:8b:3a:21:40:b0:5e:7a:
c1:53:c2:eb:8f:1d:db:5c:5c:39:db:1d:e0:9c:95:87:8f:cd:
52:83:37:f1:fc:52:ad:38:79:7c:9a:3a:07:ee:10:2d:2a:4a:
6a:38:22:04:0a:52:b8:db:5f:67:43:3f:1e:39:f4:10:29:50:
30:73:62:f9:81:31:ce:cf:8f:23:ac:55:17:45:d5:02:ed:46:
10:50:d4:28:48:e8:4a:13:18:18:4a:43:4f:aa:74:8b:83:fe:
f5:0a:86:33:bf:e5:75:3f:e2:b8:a8:7b:f0:bd:bf:b2:31:7a:
ae:90:37:c1:32:f3:e1:ab:33:2d:c2:3c:e9:73:ca:dc:92:8e:
62:d6:9d:6b:68:6e:54:7d:82:ec:34:df:82:c9:cf:bc:41:5c:
79:97:26:86:38:60:f4:c0:94:fe:c7:fa:89:b7:61:02:e9:65:
66:1e:a3:63:59:f8:e3:fe:0a:89:9f:00:a9:f8:f3:88:f8:05:
86:0b:a0:5b
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgIUUihI2tYKg2r41CAGNmVbTia8GsMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNjAxMDYwMDU1NDlaFw0yNzAxMDUwMTAwNDlaMDMxMTAvBgNV
BAMTKDIyRTM1NzZDNDkwM0E3N0Q4NTk2Q0QwRkI4NkQ1QjVGQkQ4MUVGQjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCgP/i1ry3T9MlGqS30z25HEUa
zYYz4BbAhIJPLEyHPzBlpHvJsTPgVHbMLqQ65FQPxIDZwXihs9IHq0KGOUpfCAXV
vUKC/2ptL0RNSXO5Yy735EmlEYcbU21a077htst6+AOGC/i04S/5oFMp9a8bDqwW
I43oVLWtpImDebizaWyjp96vs5B8kHY7tj2kwTX5GZhDULAHwhvvIeQ+9+iMNJVN
jXYzFO4fqswFWyuYPzfEggmqLNWhubtOZdoEtI4DdemNmzKcOZc3c0xjEaoSzxDE
5zl5dbZMvcLJBbTgqjdx/aq3A4CGkFC55b+gmG5vVW9a/izyG1En23yrsLrHAgMB
AAGjggIMMIICCDAdBgNVHQ4EFgQUIuNXbEkDp32Fls0PuG1bX72B77UwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMTUwMjg5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhR1
gOYwDQYJKoZIhvcNAQELBQADggEBAC64iZLxyM/ntAPD3f5dpYblppjTqXaeNfeF
S3VDI5AuvaZn9EIkUmSfOV8BkaY4uAzODldEiZq6XZ/ZybpZYCZaizohQLBeesFT
wuuPHdtcXDnbHeCclYePzVKDN/H8Uq04eXyaOgfuEC0qSmo4IgQKUrjbX2dDPx45
9BApUDBzYvmBMc7PjyOsVRdF1QLtRhBQ1ChI6EoTGBhKQ0+qdIuD/vUKhjO/5XU/
4rioe/C9v7Ixeq6QN8Ey8+GrMy3CPOlzytySjmLWnWtoblR9guw034LJz7xBXHmX
JoY4YPTAlP7H+om3YQLpZWYeo2NZ+OP+ComfAKn484j4BYYLoFs=
-----END CERTIFICATE-----
Generated at Sun Feb 22 03:21:24 2026 by rpki-client