Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/35312e3134362e3138342e302f32342d3234203d3e20323135323934.roa
File: 35312e3134362e3138342e302f32342d3234203d3e20323135323934.roa (raw, json)
Hash identifier: /w0t78v/51t9DYwKqkoTpp1FV8q9qp5iTJY/LHzBcx0=
Subject key identifier: 32:55:9A:B4:F0:73:40:23:25:5D:59:DF:5F:43:97:5A:46:13:BD:DF
Certificate issuer: /CN=0e20ccf5083a63b9f5887e3ea39d04e2d62b3da5
Certificate serial: 3B130543A9ECA64640166ACA10491E486DFA3741
Authority key identifier: 0E:20:CC:F5:08:3A:63:B9:F5:88:7E:3E:A3:9D:04:E2:D6:2B:3D:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/35312e3134362e3138342e302f32342d3234203d3e20323135323934.roa
Signing time: Tue 10 Mar 2026 09:07:17 +0000
ROA not before: Tue 10 Mar 2026 09:02:17 +0000
ROA not after: Tue 09 Mar 2027 09:07:17 +0000
asID: 215294
IP address blocks: 51.146.184.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.crl
rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.mft
rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 24 Mar 2026 18:33:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:13:05:43:a9:ec:a6:46:40:16:6a:ca:10:49:1e:48:6d:fa:37:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e20ccf5083a63b9f5887e3ea39d04e2d62b3da5
Validity
Not Before: Mar 10 09:02:17 2026 GMT
Not After : Mar 9 09:07:17 2027 GMT
Subject: CN=32559AB4F0734023255D59DF5F43975A4613BDDF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:8e:ce:a5:46:73:89:56:d5:52:59:ec:91:4d:
67:ca:91:93:fc:83:f5:47:40:ec:d9:b1:f4:16:9d:
a4:0c:51:e7:dc:35:50:95:2a:fc:ab:10:13:72:c5:
b1:f7:38:0f:0d:46:c0:b9:32:63:05:a6:58:39:d5:
4a:75:73:11:f0:d3:68:92:71:11:ca:3d:13:45:21:
0b:b8:fe:30:84:0e:59:f9:c9:7d:28:b8:aa:05:72:
91:ec:c7:70:fd:2c:8f:6d:68:43:ea:e7:c3:91:36:
9e:af:10:8b:a6:24:93:05:e4:37:bc:ad:f3:23:da:
02:f5:6c:7c:99:1a:55:79:d7:60:96:11:a3:4e:e2:
a9:63:12:98:e0:95:d7:8c:79:88:1e:e6:f2:2a:b2:
38:86:3d:f6:a8:d1:7b:77:74:5d:9c:f5:b6:28:c4:
85:ae:04:f7:ac:fb:40:b8:f1:d2:5c:e5:d6:dc:76:
83:c8:14:6c:a5:4a:2e:e6:3c:1e:5c:6a:a7:7c:d4:
be:b8:e1:ff:02:06:ac:4f:c0:0e:dd:42:03:db:db:
e7:e8:70:a7:44:f1:d2:a6:cd:31:59:4a:09:96:0f:
29:39:4f:cf:d6:2b:a5:5f:6d:5a:45:35:85:fc:30:
de:7e:21:45:db:70:11:9e:90:c0:fe:2b:01:9b:9d:
97:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:55:9A:B4:F0:73:40:23:25:5D:59:DF:5F:43:97:5A:46:13:BD:DF
X509v3 Authority Key Identifier:
keyid:0E:20:CC:F5:08:3A:63:B9:F5:88:7E:3E:A3:9D:04:E2:D6:2B:3D:A5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/35312e3134362e3138342e302f32342d3234203d3e20323135323934.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.146.184.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:68:e1:80:79:78:04:de:01:80:69:a0:71:0f:57:6d:93:f2:
71:1c:5a:be:19:31:a6:f8:75:05:10:0a:30:0f:95:59:a3:ab:
b4:94:9c:8a:00:04:a6:aa:cd:fe:fb:0c:a9:c2:d7:f9:60:6d:
98:50:a6:79:b9:6b:e6:0e:9c:a6:7f:74:e4:06:a8:23:4b:26:
0f:b6:3d:d0:eb:30:22:83:d9:19:5c:c6:4b:d4:3a:f2:d2:ea:
c2:4e:c6:b5:0c:bc:d6:db:8e:b5:ab:54:c0:c0:00:2b:32:fd:
40:e9:2e:29:06:e7:62:50:de:a4:7e:1b:9f:7f:bf:5f:51:69:
ca:bc:57:18:f7:c0:eb:de:32:c3:6c:6c:e7:3f:23:dd:0d:9d:
b2:7f:0e:81:56:3b:89:0a:1e:1e:d5:30:b6:64:75:bd:27:77:
71:c6:07:48:96:7a:2c:6b:54:fe:fe:4a:74:3b:61:cb:3c:e2:
a3:16:a5:ad:a9:6c:ea:bb:c8:bb:ab:1f:56:63:4a:48:42:38:
ab:33:8a:e6:9a:bd:22:a9:27:27:c0:42:7b:59:4c:7f:6d:64:
1a:fd:0a:6e:57:13:a1:e1:0b:6a:a7:bc:d4:1b:11:e8:3e:fe:
ea:1d:0f:c8:dc:10:0e:e7:4b:08:d9:35:be:49:07:07:be:be:
46:9e:be:e1
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUOxMFQ6nspkZAFmrKEEkeSG36N0EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGUyMGNjZjUwODNhNjNiOWY1ODg3ZTNlYTM5ZDA0ZTJk
NjJiM2RhNTAeFw0yNjAzMTAwOTAyMTdaFw0yNzAzMDkwOTA3MTdaMDMxMTAvBgNV
BAMTKDMyNTU5QUI0RjA3MzQwMjMyNTVENTlERjVGNDM5NzVBNDYxM0JEREYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCHjs6lRnOJVtVSWeyRTWfKkZP8
g/VHQOzZsfQWnaQMUefcNVCVKvyrEBNyxbH3OA8NRsC5MmMFplg51Up1cxHw02iS
cRHKPRNFIQu4/jCEDln5yX0ouKoFcpHsx3D9LI9taEPq58ORNp6vEIumJJMF5De8
rfMj2gL1bHyZGlV512CWEaNO4qljEpjgldeMeYge5vIqsjiGPfao0Xt3dF2c9bYo
xIWuBPes+0C48dJc5dbcdoPIFGylSi7mPB5caqd81L644f8CBqxPwA7dQgPb2+fo
cKdE8dKmzTFZSgmWDyk5T8/WK6VfbVpFNYX8MN5+IUXbcBGekMD+KwGbnZfvAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUMlWatPBzQCMlXVnfX0OXWkYTvd8wHwYDVR0j
BBgwFoAUDiDM9Qg6Y7n1iH4+o50E4tYrPaUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTZlNGFjODYtMTgwMy00OTRkLThhN2ItYzA1MWE2MzEw
NzUyLzAvMEUyMENDRjUwODNBNjNCOUY1ODg3RTNFQTM5RDA0RTJENjJCM0RBNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RpRE05UWc2WTduMWlINC1vNTBFNHRZ
clBhVS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOTZlNGFjODYt
MTgwMy00OTRkLThhN2ItYzA1MWE2MzEwNzUyLzAvMzUzMTJlMzEzNDM2MmUzMTM4
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzUzMjM5MzQucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAzkrgwDQYJKoZIhvcNAQELBQADggEBAGxo4YB5eATeAYBpoHEPV22T8nEcWr4Z
Mab4dQUQCjAPlVmjq7SUnIoABKaqzf77DKnC1/lgbZhQpnm5a+YOnKZ/dOQGqCNL
Jg+2PdDrMCKD2RlcxkvUOvLS6sJOxrUMvNbbjrWrVMDAACsy/UDpLikG52JQ3qR+
G59/v19Racq8Vxj3wOveMsNsbOc/I90NnbJ/DoFWO4kKHh7VMLZkdb0nd3HGB0iW
eixrVP7+SnQ7Ycs84qMWpa2pbOq7yLurH1ZjSkhCOKsziuaavSKpJyfAQntZTH9t
ZBr9Cm5XE6HhC2qnvNQbEeg+/uodD8jcEA7nSwjZNb5JBwe+vkaevuE=
-----END CERTIFICATE-----
Generated at Tue Mar 24 08:02:00 2026 by rpki-client