Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/35312e3134362e3135322e302f32342d3234203d3e20323135323934.roa
File: 35312e3134362e3135322e302f32342d3234203d3e20323135323934.roa (raw, json)
Hash identifier: FbiwqY12zV0iOHJm5LwZDpBPjLXrTD8BnW9uWy5ghgo=
Subject key identifier: 58:20:5D:23:43:F1:85:26:4C:75:8B:48:20:A6:7B:DF:AF:DC:5A:CF
Certificate issuer: /CN=0e20ccf5083a63b9f5887e3ea39d04e2d62b3da5
Certificate serial: 4D986473618140E32A54DBE595885A0EC91586AE
Authority key identifier: 0E:20:CC:F5:08:3A:63:B9:F5:88:7E:3E:A3:9D:04:E2:D6:2B:3D:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/35312e3134362e3135322e302f32342d3234203d3e20323135323934.roa
Signing time: Mon 16 Mar 2026 08:27:44 +0000
ROA not before: Mon 16 Mar 2026 08:22:44 +0000
ROA not after: Mon 15 Mar 2027 08:27:44 +0000
asID: 215294
IP address blocks: 51.146.152.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.crl
rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.mft
rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 24 Mar 2026 18:33:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:98:64:73:61:81:40:e3:2a:54:db:e5:95:88:5a:0e:c9:15:86:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e20ccf5083a63b9f5887e3ea39d04e2d62b3da5
Validity
Not Before: Mar 16 08:22:44 2026 GMT
Not After : Mar 15 08:27:44 2027 GMT
Subject: CN=58205D2343F185264C758B4820A67BDFAFDC5ACF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:ef:d0:98:0d:64:e6:79:2c:94:6a:27:f7:57:
ac:23:fb:70:79:cd:dd:82:a6:e0:83:48:da:49:07:
ba:c4:65:3a:30:cd:86:6c:f4:2c:5c:ae:4a:22:81:
fe:f0:af:21:97:90:9e:c4:1d:bf:3c:fd:12:0d:63:
40:32:38:04:33:a8:b9:27:03:01:9e:08:70:3c:29:
46:e1:54:00:80:75:48:03:e3:bf:78:64:d5:da:4a:
29:d7:56:36:e4:82:eb:89:43:86:fe:ef:cd:7d:1c:
49:5d:b2:79:fb:59:ec:29:41:0b:67:2a:f9:49:55:
b9:c1:ad:27:37:34:dd:1d:1c:78:de:64:bf:21:52:
87:6a:e7:fd:63:7b:ee:77:5e:43:89:ea:42:1f:94:
70:7f:e8:9b:71:0b:49:80:50:90:93:66:4f:cc:00:
90:4c:f2:dd:0b:d7:a0:f9:17:79:f4:30:ce:fc:71:
8a:81:dc:12:0e:83:82:53:64:ba:1b:7a:e4:fa:0a:
e1:93:08:ae:47:c2:d9:f3:f9:7f:ea:c6:5d:04:eb:
92:43:88:7f:07:e2:a5:6a:9d:43:9e:62:c2:3a:53:
c1:34:68:42:cc:05:df:34:d7:76:d8:93:a4:b2:bd:
32:79:6b:36:b5:9b:97:7a:c8:c9:7f:1c:c2:2f:a8:
41:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:20:5D:23:43:F1:85:26:4C:75:8B:48:20:A6:7B:DF:AF:DC:5A:CF
X509v3 Authority Key Identifier:
keyid:0E:20:CC:F5:08:3A:63:B9:F5:88:7E:3E:A3:9D:04:E2:D6:2B:3D:A5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/35312e3134362e3135322e302f32342d3234203d3e20323135323934.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.146.152.0/24
Signature Algorithm: sha256WithRSAEncryption
33:32:19:58:3b:d6:64:b8:c9:fd:d8:30:f6:47:32:99:98:53:
92:4d:5b:dd:c5:b3:db:b5:38:d8:cd:f7:12:00:83:71:8a:3b:
ba:98:f8:0d:44:ba:5c:be:9d:43:2f:11:4f:87:56:cc:ff:b5:
d8:a9:40:d6:83:85:f1:8b:c1:97:f3:b6:b1:6b:42:48:35:f2:
7e:9c:1c:ee:5a:b4:02:45:9c:ce:76:2d:07:6b:a5:2e:90:2c:
a4:9c:ec:7e:2e:d0:27:ca:95:11:ac:e8:8b:13:6a:24:5c:c6:
86:ea:87:03:1d:0f:1b:a1:7d:75:d0:7b:3c:8c:4c:e6:d2:b9:
8e:9f:e4:ab:82:dc:b1:bf:3c:c2:70:9e:64:a5:3d:05:f6:78:
af:11:76:8d:61:dd:6a:43:7c:a9:ff:e0:64:26:fc:eb:a5:9c:
e6:05:89:dc:db:78:8c:39:6a:14:81:c9:d5:fd:f2:56:96:0b:
38:76:77:83:be:2b:2d:7a:e0:e3:65:11:dc:b4:6b:57:d0:84:
26:da:e5:2a:4d:8b:13:30:4e:75:dd:53:b6:d5:09:85:18:be:
3d:61:fa:11:e6:65:4e:c0:3f:4a:49:b7:82:4c:15:08:45:9f:
25:ab:9d:e5:f2:7c:9a:be:29:eb:f0:68:19:35:0e:97:20:d7:
2b:a8:0e:e7
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUTZhkc2GBQOMqVNvllYhaDskVhq4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGUyMGNjZjUwODNhNjNiOWY1ODg3ZTNlYTM5ZDA0ZTJk
NjJiM2RhNTAeFw0yNjAzMTYwODIyNDRaFw0yNzAzMTUwODI3NDRaMDMxMTAvBgNV
BAMTKDU4MjA1RDIzNDNGMTg1MjY0Qzc1OEI0ODIwQTY3QkRGQUZEQzVBQ0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCr79CYDWTmeSyUaif3V6wj+3B5
zd2CpuCDSNpJB7rEZTowzYZs9Cxcrkoigf7wryGXkJ7EHb88/RINY0AyOAQzqLkn
AwGeCHA8KUbhVACAdUgD4794ZNXaSinXVjbkguuJQ4b+7819HEldsnn7WewpQQtn
KvlJVbnBrSc3NN0dHHjeZL8hUodq5/1je+53XkOJ6kIflHB/6JtxC0mAUJCTZk/M
AJBM8t0L16D5F3n0MM78cYqB3BIOg4JTZLobeuT6CuGTCK5Hwtnz+X/qxl0E65JD
iH8H4qVqnUOeYsI6U8E0aELMBd8013bYk6SyvTJ5aza1m5d6yMl/HMIvqEHXAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUWCBdI0PxhSZMdYtIIKZ736/cWs8wHwYDVR0j
BBgwFoAUDiDM9Qg6Y7n1iH4+o50E4tYrPaUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTZlNGFjODYtMTgwMy00OTRkLThhN2ItYzA1MWE2MzEw
NzUyLzAvMEUyMENDRjUwODNBNjNCOUY1ODg3RTNFQTM5RDA0RTJENjJCM0RBNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RpRE05UWc2WTduMWlINC1vNTBFNHRZ
clBhVS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOTZlNGFjODYt
MTgwMy00OTRkLThhN2ItYzA1MWE2MzEwNzUyLzAvMzUzMTJlMzEzNDM2MmUzMTM1
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzUzMjM5MzQucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAzkpgwDQYJKoZIhvcNAQELBQADggEBADMyGVg71mS4yf3YMPZHMpmYU5JNW93F
s9u1ONjN9xIAg3GKO7qY+A1Euly+nUMvEU+HVsz/tdipQNaDhfGLwZfztrFrQkg1
8n6cHO5atAJFnM52LQdrpS6QLKSc7H4u0CfKlRGs6IsTaiRcxobqhwMdDxuhfXXQ
ezyMTObSuY6f5KuC3LG/PMJwnmSlPQX2eK8Rdo1h3WpDfKn/4GQm/OulnOYFidzb
eIw5ahSBydX98laWCzh2d4O+Ky164ONlEdy0a1fQhCba5SpNixMwTnXdU7bVCYUY
vj1h+hHmZU7AP0pJt4JMFQhFnyWrneXyfJq+KevwaBk1Dpcg1yuoDuc=
-----END CERTIFICATE-----
Generated at Tue Mar 24 07:59:09 2026 by rpki-client