Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/35312e3134362e3138352e302f32342d3234203d3e20323135323934.roa
File: 35312e3134362e3138352e302f32342d3234203d3e20323135323934.roa (raw, json)
Hash identifier: itt4LeSSn+cxep/LVIzpOrVFtXUIDMqw98V7OtGXYyE=
Subject key identifier: C5:09:30:11:D7:0A:60:C3:AE:FF:97:96:86:0D:E1:96:9C:43:D5:33
Certificate issuer: /CN=0e20ccf5083a63b9f5887e3ea39d04e2d62b3da5
Certificate serial: 393F10F4F914B921C755D760F9451FDBDA373324
Authority key identifier: 0E:20:CC:F5:08:3A:63:B9:F5:88:7E:3E:A3:9D:04:E2:D6:2B:3D:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/35312e3134362e3138352e302f32342d3234203d3e20323135323934.roa
Signing time: Tue 10 Mar 2026 09:07:18 +0000
ROA not before: Tue 10 Mar 2026 09:02:18 +0000
ROA not after: Tue 09 Mar 2027 09:07:18 +0000
asID: 215294
IP address blocks: 51.146.185.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.crl
rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.mft
rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 24 Mar 2026 18:33:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:3f:10:f4:f9:14:b9:21:c7:55:d7:60:f9:45:1f:db:da:37:33:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e20ccf5083a63b9f5887e3ea39d04e2d62b3da5
Validity
Not Before: Mar 10 09:02:18 2026 GMT
Not After : Mar 9 09:07:18 2027 GMT
Subject: CN=C5093011D70A60C3AEFF9796860DE1969C43D533
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:b8:0d:18:75:66:9e:cd:af:53:e5:3f:6f:f0:
3d:c1:29:98:4b:6c:b2:9d:62:26:fd:08:e0:16:e6:
0c:df:7f:26:9f:ab:32:9a:15:61:f5:e1:91:b0:15:
9f:54:c9:14:a7:88:c6:13:2b:f2:fa:67:8c:b8:b7:
aa:0a:33:5b:c0:9b:79:d7:34:81:5f:ca:2b:8e:bd:
d9:87:6e:1c:d2:fd:14:04:3e:1c:67:72:26:d0:77:
b8:8f:fb:a2:be:64:78:d2:f7:b2:41:52:ba:f3:fc:
e4:cb:32:d3:1a:df:76:db:4b:bd:05:e6:40:d5:bf:
e8:5b:66:eb:a1:ad:18:6b:74:78:8a:fd:15:98:a4:
84:83:b1:2d:6d:f0:4c:cf:4a:b4:7e:55:79:28:ff:
4d:87:e1:b0:13:91:0c:3c:8f:d8:2d:2e:c3:d8:f6:
b9:e9:87:3f:c9:95:5d:b7:d3:51:55:91:c5:34:95:
fd:37:be:5d:3d:8b:5c:67:10:b9:71:7b:cc:3f:2c:
82:53:29:f0:59:db:a0:70:7d:2c:f9:1a:9a:7d:a6:
50:53:63:66:5b:a7:14:12:74:6e:32:ed:2c:14:80:
aa:46:ba:42:7c:e7:b9:6d:a3:88:6c:36:ab:95:6b:
80:32:f8:4e:1c:0a:d2:d8:4c:d5:46:81:c7:4a:ab:
75:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:09:30:11:D7:0A:60:C3:AE:FF:97:96:86:0D:E1:96:9C:43:D5:33
X509v3 Authority Key Identifier:
keyid:0E:20:CC:F5:08:3A:63:B9:F5:88:7E:3E:A3:9D:04:E2:D6:2B:3D:A5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/35312e3134362e3138352e302f32342d3234203d3e20323135323934.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.146.185.0/24
Signature Algorithm: sha256WithRSAEncryption
61:59:6a:ad:37:0b:cd:db:5e:73:c1:63:f2:97:e3:91:77:71:
64:64:25:b4:a9:be:4d:ac:71:b2:35:51:b6:81:0c:e6:21:51:
20:1a:a7:fd:8f:be:18:f7:1e:51:6f:f5:a6:ae:2a:9c:eb:6f:
4b:b6:49:ed:79:bd:4a:ec:10:07:43:57:1a:7f:f4:5e:3d:0e:
48:6d:d6:cb:f2:b0:60:e0:41:87:56:01:09:43:24:b7:2f:0a:
88:50:2f:27:29:96:0c:c9:eb:5a:03:d2:07:1a:7a:54:ed:39:
46:e3:c8:04:0b:18:bb:01:f4:c7:07:65:7a:8a:bb:66:d6:3c:
5e:87:5e:b7:de:2d:28:ad:88:74:a1:9d:bf:5e:b7:76:81:46:
fe:6a:54:bc:04:80:21:bc:5e:20:67:04:47:ed:42:97:9b:5d:
68:2d:89:8b:50:35:d0:f7:66:26:68:f3:88:45:80:9b:f7:a2:
33:f2:a7:8b:0e:74:9d:32:67:ea:cf:8a:76:a6:d8:5f:85:06:
65:e8:2c:c3:fe:12:08:59:4c:41:a9:31:ff:ac:e3:dc:36:d7:
04:f2:c9:19:c2:f4:3e:2e:a3:3d:ef:dd:cf:c2:4e:7d:47:b2:
01:ca:96:3c:25:df:ab:64:a4:75:9b:75:05:a8:53:67:2b:41:
d1:5c:a2:94
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUOT8Q9PkUuSHHVddg+UUf29o3MyQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGUyMGNjZjUwODNhNjNiOWY1ODg3ZTNlYTM5ZDA0ZTJk
NjJiM2RhNTAeFw0yNjAzMTAwOTAyMThaFw0yNzAzMDkwOTA3MThaMDMxMTAvBgNV
BAMTKEM1MDkzMDExRDcwQTYwQzNBRUZGOTc5Njg2MERFMTk2OUM0M0Q1MzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDyuA0YdWaeza9T5T9v8D3BKZhL
bLKdYib9COAW5gzffyafqzKaFWH14ZGwFZ9UyRSniMYTK/L6Z4y4t6oKM1vAm3nX
NIFfyiuOvdmHbhzS/RQEPhxncibQd7iP+6K+ZHjS97JBUrrz/OTLMtMa33bbS70F
5kDVv+hbZuuhrRhrdHiK/RWYpISDsS1t8EzPSrR+VXko/02H4bATkQw8j9gtLsPY
9rnphz/JlV2301FVkcU0lf03vl09i1xnELlxe8w/LIJTKfBZ26BwfSz5Gpp9plBT
Y2ZbpxQSdG4y7SwUgKpGukJ857lto4hsNquVa4Ay+E4cCtLYTNVGgcdKq3X9AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUxQkwEdcKYMOu/5eWhg3hlpxD1TMwHwYDVR0j
BBgwFoAUDiDM9Qg6Y7n1iH4+o50E4tYrPaUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTZlNGFjODYtMTgwMy00OTRkLThhN2ItYzA1MWE2MzEw
NzUyLzAvMEUyMENDRjUwODNBNjNCOUY1ODg3RTNFQTM5RDA0RTJENjJCM0RBNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RpRE05UWc2WTduMWlINC1vNTBFNHRZ
clBhVS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOTZlNGFjODYt
MTgwMy00OTRkLThhN2ItYzA1MWE2MzEwNzUyLzAvMzUzMTJlMzEzNDM2MmUzMTM4
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzUzMjM5MzQucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAzkrkwDQYJKoZIhvcNAQELBQADggEBAGFZaq03C83bXnPBY/KX45F3cWRkJbSp
vk2scbI1UbaBDOYhUSAap/2Pvhj3HlFv9aauKpzrb0u2Se15vUrsEAdDVxp/9F49
Dkht1svysGDgQYdWAQlDJLcvCohQLycplgzJ61oD0gcaelTtOUbjyAQLGLsB9McH
ZXqKu2bWPF6HXrfeLSitiHShnb9et3aBRv5qVLwEgCG8XiBnBEftQpebXWgtiYtQ
NdD3ZiZo84hFgJv3ojPyp4sOdJ0yZ+rPinam2F+FBmXoLMP+EghZTEGpMf+s49w2
1wTyyRnC9D4uoz3v3c/CTn1HsgHKljwl36tkpHWbdQWoU2crQdFcopQ=
-----END CERTIFICATE-----
Generated at Tue Mar 24 07:58:57 2026 by rpki-client