Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS0.roa
File: AS0.roa (raw, json)
Hash identifier: 5+F59kgT80wEGNPvXYrOf3L59s1Q9Sqi2nyattD0w7c=
Subject key identifier: F0:A8:5E:5C:0B:CB:98:E0:27:09:FD:AA:12:8E:E4:6D:3D:E1:11:17
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 69F9D976E83A183A08AD03AA1489B2CB1AD519BD
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS0.roa
Signing time: Sat 28 Feb 2026 00:02:25 +0000
ROA not before: Fri 27 Feb 2026 23:57:25 +0000
ROA not after: Sat 27 Feb 2027 00:02:25 +0000
asID: 0
IP address blocks: 193.150.40.0/24 maxlen: 24
2a14:7580:50::/44 maxlen: 44
2a14:7580:b000::/36 maxlen: 48
2a14:7580:e700::/40 maxlen: 48
2a14:7580:e800::/40 maxlen: 48
2a14:7580:e900::/40 maxlen: 48
2a14:7580:ea00::/40 maxlen: 48
2a14:7580:eb00::/40 maxlen: 48
2a14:7580:ec00::/40 maxlen: 48
2a14:7580:ff90::/44 maxlen: 48
2a14:7580:ffef::/48 maxlen: 48
2a14:7581:fe6::/48 maxlen: 48
2a14:7581:ff2::/48 maxlen: 48
2a14:7581:ff7::/48 maxlen: 48
2a14:7581:ffa::/48 maxlen: 48
2a14:7581:ffc::/48 maxlen: 48
2a14:7581:9f60::/44 maxlen: 48
2a14:7581:9f70::/44 maxlen: 48
2a14:7581:9f80::/44 maxlen: 48
2a14:7581:9f90::/44 maxlen: 48
2a14:7582::/32 maxlen: 48
2a14:7583:3000::/36 maxlen: 48
2a14:7584:8000::/36 maxlen: 48
2a14:7584:c000::/36 maxlen: 48
2a14:7585::/32 maxlen: 48
2a14:7586::/32 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:f9:d9:76:e8:3a:18:3a:08:ad:03:aa:14:89:b2:cb:1a:d5:19:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Feb 27 23:57:25 2026 GMT
Not After : Feb 27 00:02:25 2027 GMT
Subject: CN=F0A85E5C0BCB98E02709FDAA128EE46D3DE11117
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:e8:8a:65:66:91:5d:a2:27:b6:c6:8f:00:29:
c3:cb:73:8d:00:57:25:b8:2c:cf:41:c2:3d:fe:72:
35:d1:1f:eb:ea:59:c6:24:5e:5c:69:e2:cf:52:9e:
46:de:80:16:36:3e:69:84:f0:55:43:fe:ca:5a:eb:
b6:07:22:82:86:5e:07:55:49:f7:04:0d:eb:76:90:
aa:a4:8e:00:16:da:8a:68:76:33:78:1d:86:a2:20:
b6:69:e9:e6:dd:56:3a:24:07:34:6b:fa:59:be:6f:
d2:ee:f9:24:b3:7e:ce:52:87:69:b5:a6:ac:94:1f:
44:27:d6:09:6f:61:6b:12:44:a8:84:0b:0a:02:1f:
71:a9:5a:a8:fb:2e:01:24:76:d4:e9:23:f5:b6:51:
7a:20:89:29:20:57:ef:05:c7:b9:fc:66:f7:79:bb:
6d:8e:09:be:3c:b4:00:b7:2c:f8:98:ef:a3:d1:93:
0a:bd:22:3c:4d:95:2b:00:a9:78:79:89:4a:cf:a2:
05:87:60:42:6d:0d:7c:dd:2e:da:3e:fa:b4:c1:2b:
b2:2f:fd:7b:ca:aa:cc:ed:71:dd:ad:a8:29:2c:b8:
f7:b6:dc:42:48:eb:5d:c1:a0:25:87:4c:30:d3:33:
e6:7c:34:90:c1:e6:95:b4:24:c2:41:e5:f5:0f:3c:
4b:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:A8:5E:5C:0B:CB:98:E0:27:09:FD:AA:12:8E:E4:6D:3D:E1:11:17
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS0.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.150.40.0/24
IPv6:
2a14:7580:50::/44
2a14:7580:b000::/36
2a14:7580:e700::-2a14:7580:ecff:ffff:ffff:ffff:ffff:ffff
2a14:7580:ff90::/44
2a14:7580:ffef::/48
2a14:7581:fe6::/48
2a14:7581:ff2::/48
2a14:7581:ff7::/48
2a14:7581:ffa::/48
2a14:7581:ffc::/48
2a14:7581:9f60::-2a14:7581:9f9f:ffff:ffff:ffff:ffff:ffff
2a14:7582::/32
2a14:7583:3000::/36
2a14:7584:8000::/36
2a14:7584:c000::/36
2a14:7585::-2a14:7586:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
62:25:17:13:39:ad:32:6d:36:50:9a:34:6d:e1:78:22:ea:d2:
84:a4:58:00:61:a9:52:eb:b1:81:f6:c8:6b:e4:db:5b:2d:f6:
7d:ce:0a:17:1f:4e:2c:04:14:12:0c:cb:49:4e:52:12:1d:5c:
71:2a:07:be:c5:be:8f:88:37:d5:22:1c:a6:61:a4:a3:fa:37:
f8:0d:37:27:a4:82:d2:dc:5a:11:62:12:d1:f1:7c:3f:ca:a3:
0f:b3:a0:c6:93:a8:4a:b3:71:f1:bd:b4:ab:a4:be:c7:d0:7f:
6a:ae:cb:1d:68:e2:d0:fd:ef:82:7d:94:1f:fc:d6:3e:bc:a8:
f2:74:4c:a6:22:1b:8f:12:c3:83:5d:80:bf:c2:e3:cf:11:68:
0e:ff:01:c1:43:48:39:4e:8d:e7:1b:dc:72:c5:a1:6d:2a:fe:
50:b8:12:f3:49:1a:80:26:ff:49:3e:6e:58:cd:72:a5:1d:54:
ab:2a:3c:70:70:f6:70:35:fe:39:2b:24:fc:4c:2c:ff:01:65:
8b:b6:2f:93:1d:f5:9b:28:1e:e5:62:a1:08:41:d7:8e:4a:6a:
68:d5:2b:40:33:b6:c0:95:df:e3:0e:50:da:69:50:37:f9:23:
ce:25:ce:1b:82:a0:58:4c:6d:3c:05:17:9f:60:5b:30:49:49:
d3:1f:a5:9a
-----BEGIN CERTIFICATE-----
MIIFrTCCBJWgAwIBAgIUafnZdug6GDoIrQOqFImyyxrVGb0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNjAyMjcyMzU3MjVaFw0yNzAyMjcwMDAyMjVaMDMxMTAvBgNV
BAMTKEYwQTg1RTVDMEJDQjk4RTAyNzA5RkRBQTEyOEVFNDZEM0RFMTExMTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC36IplZpFdoie2xo8AKcPLc40A
VyW4LM9Bwj3+cjXRH+vqWcYkXlxp4s9SnkbegBY2PmmE8FVD/spa67YHIoKGXgdV
SfcEDet2kKqkjgAW2opodjN4HYaiILZp6ebdVjokBzRr+lm+b9Lu+SSzfs5Sh2m1
pqyUH0Qn1glvYWsSRKiECwoCH3GpWqj7LgEkdtTpI/W2UXogiSkgV+8Fx7n8Zvd5
u22OCb48tAC3LPiY76PRkwq9IjxNlSsAqXh5iUrPogWHYEJtDXzdLto++rTBK7Iv
/XvKqsztcd2tqCksuPe23EJI613BoCWHTDDTM+Z8NJDB5pW0JMJB5fUPPEt/AgMB
AAGjggK3MIICszAdBgNVHQ4EFgQU8KheXAvLmOAnCf2qEo7kbT3hERcwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwdgYIKwYBBQUHAQsEajBoMGYGCCsGAQUFBzALhlpyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjCB0AYIKwYBBQUHAQcBAf8EgcAwgb0wDAQCAAEwBgMEAMGWKDCB
rAQCAAIwgaUDBwQqFHWAAFADBgQqFHWAsDAQAwYAKhR1gOcDBgAqFHWA7AMHBCoU
dYD/kAMHACoUdYD/7wMHACoUdYEP5gMHACoUdYEP8gMHACoUdYEP9wMHACoUdYEP
+gMHACoUdYEP/DASAwcFKhR1gZ9gAwcFKhR1gZ+AAwUAKhR1ggMGBCoUdYMwAwYE
KhR1hIADBgQqFHWEwDAOAwUAKhR1hQMFACoUdYYwDQYJKoZIhvcNAQELBQADggEB
AGIlFxM5rTJtNlCaNG3heCLq0oSkWABhqVLrsYH2yGvk21st9n3OChcfTiwEFBIM
y0lOUhIdXHEqB77Fvo+IN9UiHKZhpKP6N/gNNyekgtLcWhFiEtHxfD/Kow+zoMaT
qEqzcfG9tKukvsfQf2quyx1o4tD974J9lB/81j68qPJ0TKYiG48Sw4NdgL/C488R
aA7/AcFDSDlOjecb3HLFoW0q/lC4EvNJGoAm/0k+bljNcqUdVKsqPHBw9nA1/jkr
JPxMLP8BZYu2L5Md9ZsoHuVioQhB145KamjVK0AztsCV3+MOUNppUDf5I84lzhuC
oFhMbTwFF59gWzBJSdMfpZo=
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:39:29 2026 by rpki-client