Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/352e3232362e3138382e302f32342d3234203d3e20313532313739.roa
File: 352e3232362e3138382e302f32342d3234203d3e20313532313739.roa (raw, json)
Hash identifier: uJEDxZm1l0+YcyFuGRmcGjOe89y2pFVQh//OE0DuSL8=
Subject key identifier: 11:A7:BC:55:E0:DE:A6:AD:41:E8:98:CE:31:77:0F:49:7B:3A:61:23
Certificate issuer: /CN=f768ff6e681858c0ec19f3a93fa1792cd16ceed3
Certificate serial: 508BF96EA37087FF65960C9F6629D1014D92B86E
Authority key identifier: F7:68:FF:6E:68:18:58:C0:EC:19:F3:A9:3F:A1:79:2C:D1:6C:EE:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/352e3232362e3138382e302f32342d3234203d3e20313532313739.roa
Signing time: Tue 03 Feb 2026 09:55:36 +0000
ROA not before: Tue 03 Feb 2026 09:50:36 +0000
ROA not after: Tue 02 Feb 2027 09:55:36 +0000
asID: 152179
IP address blocks: 5.226.188.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/F768FF6E681858C0EC19F3A93FA1792CD16CEED3.crl
rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/F768FF6E681858C0EC19F3A93FA1792CD16CEED3.mft
rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:21:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:8b:f9:6e:a3:70:87:ff:65:96:0c:9f:66:29:d1:01:4d:92:b8:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f768ff6e681858c0ec19f3a93fa1792cd16ceed3
Validity
Not Before: Feb 3 09:50:36 2026 GMT
Not After : Feb 2 09:55:36 2027 GMT
Subject: CN=11A7BC55E0DEA6AD41E898CE31770F497B3A6123
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:4f:42:a1:21:2c:e1:e6:56:33:ae:ea:d5:29:
d0:26:07:d1:77:56:92:59:36:b9:b1:2e:50:14:37:
05:6c:b8:ef:e5:86:4b:12:ca:ba:49:bd:70:31:8a:
1e:c4:52:2d:16:04:1d:86:71:1f:92:f3:99:91:a2:
5d:49:a4:4a:1d:4e:c1:6c:b3:0e:85:84:db:66:ac:
eb:1c:92:a0:f5:cd:06:79:90:2b:53:a9:e4:1a:ca:
82:45:cd:65:ba:aa:11:81:0c:1b:9a:fb:fa:42:0f:
13:de:60:eb:8e:85:63:3a:63:fd:30:26:99:4f:e0:
f2:6b:84:ec:36:1a:56:a7:a9:98:8f:f8:78:e3:96:
14:43:5d:2b:62:15:a2:26:d3:39:60:11:09:ed:35:
a4:90:bc:6b:26:1c:c2:0f:2c:eb:11:a2:08:35:6d:
1e:ce:70:25:94:0a:a5:ae:1a:92:8a:69:9c:e9:0a:
fd:03:76:93:a6:bf:a7:d0:19:2f:ca:71:99:68:49:
72:7e:5d:88:1e:da:18:9a:f9:7c:5e:ce:6e:64:22:
a4:da:ff:08:ca:a7:ac:d6:ec:d8:e3:9c:8b:a8:fd:
87:43:80:70:19:ac:4f:96:20:34:1a:c1:e8:60:e6:
06:59:ab:53:b7:53:24:32:24:ef:50:54:a5:95:01:
0a:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:A7:BC:55:E0:DE:A6:AD:41:E8:98:CE:31:77:0F:49:7B:3A:61:23
X509v3 Authority Key Identifier:
keyid:F7:68:FF:6E:68:18:58:C0:EC:19:F3:A9:3F:A1:79:2C:D1:6C:EE:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/F768FF6E681858C0EC19F3A93FA1792CD16CEED3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/352e3232362e3138382e302f32342d3234203d3e20313532313739.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.226.188.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:04:d8:81:a8:04:49:10:88:53:bb:51:91:bf:bf:a9:c5:ee:
ff:27:ef:6b:d7:4c:cc:25:fe:4a:d2:d5:fc:5f:de:86:a6:2b:
db:d3:d7:a9:ef:64:c9:88:db:d6:12:75:39:f1:cb:a1:6f:b1:
46:fe:a1:a2:30:cb:7d:ae:e5:99:1f:90:e5:ab:37:08:7d:e6:
6f:69:15:31:7d:77:a9:eb:3f:b0:a8:b7:09:fa:83:59:11:95:
74:06:a1:a6:47:e4:c3:6b:c1:53:1a:c8:fb:28:6c:d3:df:42:
6b:df:ba:a3:40:5f:d4:df:2c:ff:0f:00:5d:3f:da:94:4c:fd:
2d:54:83:11:41:3f:f8:c0:a0:8c:dd:ce:aa:1a:7a:11:88:87:
ed:77:be:1a:ad:59:cc:85:a9:cc:ea:c4:b2:ad:b1:15:63:43:
64:b4:60:6a:3d:72:e4:fc:fb:c9:c4:91:56:fa:29:97:49:94:
31:8b:55:af:af:d4:99:03:ac:cd:75:55:51:e4:83:51:63:7f:
c0:3d:0c:28:7f:cf:22:c9:f4:c9:b5:73:1a:69:43:c2:93:3e:
00:fb:55:51:b2:ab:d2:5a:4a:2f:67:92:dc:29:70:3e:96:ec:
56:b3:78:1a:ad:90:d6:73:ce:e2:35:e9:d1:fb:b6:27:12:7b:
25:b1:14:ba
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUUIv5bqNwh/9llgyfZinRAU2SuG4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZjc2OGZmNmU2ODE4NThjMGVjMTlmM2E5M2ZhMTc5MmNk
MTZjZWVkMzAeFw0yNjAyMDMwOTUwMzZaFw0yNzAyMDIwOTU1MzZaMDMxMTAvBgNV
BAMTKDExQTdCQzU1RTBERUE2QUQ0MUU4OThDRTMxNzcwRjQ5N0IzQTYxMjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwT0KhISzh5lYzrurVKdAmB9F3
VpJZNrmxLlAUNwVsuO/lhksSyrpJvXAxih7EUi0WBB2GcR+S85mRol1JpEodTsFs
sw6FhNtmrOsckqD1zQZ5kCtTqeQayoJFzWW6qhGBDBua+/pCDxPeYOuOhWM6Y/0w
JplP4PJrhOw2GlanqZiP+HjjlhRDXStiFaIm0zlgEQntNaSQvGsmHMIPLOsRogg1
bR7OcCWUCqWuGpKKaZzpCv0DdpOmv6fQGS/KcZloSXJ+XYge2hia+Xxezm5kIqTa
/wjKp6zW7NjjnIuo/YdDgHAZrE+WIDQawehg5gZZq1O3UyQyJO9QVKWVAQqDAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUEae8VeDepq1B6JjOMXcPSXs6YSMwHwYDVR0j
BBgwFoAU92j/bmgYWMDsGfOpP6F5LNFs7tMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMGNjMDg3MzctOTI2Ny00MDJhLTk5ZDQtN2FhYWZlYTQ0
NGVkLzAvRjc2OEZGNkU2ODE4NThDMEVDMTlGM0E5M0ZBMTc5MkNEMTZDRUVEMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzkyal9ibWdZV01Ec0dmT3BQNkY1TE5G
czd0TS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMGNjMDg3Mzct
OTI2Ny00MDJhLTk5ZDQtN2FhYWZlYTQ0NGVkLzAvMzUyZTMyMzIzNjJlMzEzODM4
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzNTMyMzEzNzM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
BeK8MA0GCSqGSIb3DQEBCwUAA4IBAQAOBNiBqARJEIhTu1GRv7+pxe7/J+9r10zM
Jf5K0tX8X96Gpivb09ep72TJiNvWEnU58cuhb7FG/qGiMMt9ruWZH5DlqzcIfeZv
aRUxfXep6z+wqLcJ+oNZEZV0BqGmR+TDa8FTGsj7KGzT30Jr37qjQF/U3yz/DwBd
P9qUTP0tVIMRQT/4wKCM3c6qGnoRiIftd74arVnMhanM6sSyrbEVY0NktGBqPXLk
/PvJxJFW+imXSZQxi1Wvr9SZA6zNdVVR5INRY3/APQwof88iyfTJtXMaaUPCkz4A
+1VRsqvSWkovZ5LcKXA+luxWs3garZDWc87iNenR+7YnEnslsRS6
-----END CERTIFICATE-----
Generated at Mon Mar 2 12:28:48 2026 by rpki-client