Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS0.roa
File: AS0.roa (raw, json)
Hash identifier: 1s3Ejg+lKRs2wnbQ0G0QYUmfMLo9RQm92RhpwDdlzNE=
Subject key identifier: 33:4A:79:BB:DA:79:99:AC:E7:C6:6B:E7:C8:53:C6:92:B6:DD:71:12
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 107B6B6B80B5AF20FE2F93825023638A49438718
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS0.roa
Signing time: Mon 15 Jun 2026 15:41:47 +0000
ROA not before: Mon 15 Jun 2026 15:36:47 +0000
ROA not after: Mon 14 Jun 2027 15:41:47 +0000
asID: 0
IP address blocks: 193.150.40.0/24 maxlen: 24
2a14:7580:50::/44 maxlen: 44
2a14:7580:600::/40 maxlen: 48
2a14:7580:ff60::/44 maxlen: 48
2a14:7580:ffef::/48 maxlen: 48
2a14:7580:fff3::/48 maxlen: 48
2a14:7580:fff4::/48 maxlen: 48
2a14:7580:fff5::/48 maxlen: 48
2a14:7581:f00::/44 maxlen: 48
2a14:7581:fe6::/48 maxlen: 48
2a14:7581:fea::/48 maxlen: 48
2a14:7581:fec::/48 maxlen: 48
2a14:7581:fed::/48 maxlen: 48
2a14:7581:fef::/48 maxlen: 48
2a14:7581:ff2::/48 maxlen: 48
2a14:7581:ff6::/48 maxlen: 48
2a14:7581:ff7::/48 maxlen: 48
2a14:7581:ffa::/48 maxlen: 48
2a14:7581:ffc::/48 maxlen: 48
2a14:7581:5000::/36 maxlen: 48
2a14:7581:9000::/40 maxlen: 48
2a14:7581:9100::/40 maxlen: 48
2a14:7581:9200::/40 maxlen: 48
2a14:7581:9300::/40 maxlen: 48
2a14:7581:9ff0::/44 maxlen: 48
2a14:7583:4000::/36 maxlen: 48
2a14:7584:1000::/36 maxlen: 48
2a14:7584:e390::/44 maxlen: 44
2a14:7584:e3a0::/44 maxlen: 44
2a14:7584:e920::/44 maxlen: 44
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 17 Jun 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:7b:6b:6b:80:b5:af:20:fe:2f:93:82:50:23:63:8a:49:43:87:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Jun 15 15:36:47 2026 GMT
Not After : Jun 14 15:41:47 2027 GMT
Subject: CN=334A79BBDA7999ACE7C66BE7C853C692B6DD7112
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:f7:da:11:13:7a:47:c8:db:dc:3c:36:82:bd:
90:00:b5:b5:d1:d0:e4:0a:db:cb:ff:3d:fa:40:7b:
89:c1:8b:a8:b2:2d:b1:5e:01:8d:99:6e:98:84:56:
25:29:ca:67:49:1e:eb:33:1e:24:20:40:38:12:ed:
6f:38:4c:bd:41:8b:6b:6e:80:d0:c5:32:ab:34:8e:
ca:34:d9:a8:0a:c7:30:f9:60:f7:49:ba:40:9e:21:
13:82:3c:67:b3:6b:35:8f:8e:b5:a8:27:d3:a3:5f:
ed:f8:9a:d5:2a:5d:2a:ad:19:21:54:2f:15:3d:80:
5b:dc:a6:7b:ad:5b:f8:03:e2:81:7c:f7:07:f6:36:
78:b8:33:a9:4d:d5:fe:e2:f8:71:ff:fc:b6:8d:fa:
10:50:2e:13:05:7f:b5:1c:fd:9d:5f:54:d2:f0:76:
fe:87:d1:7d:d3:80:cb:00:4c:c8:d8:b4:c8:aa:9b:
9d:74:07:b1:b6:61:be:27:dd:8f:f9:72:14:e3:fc:
75:cd:14:3d:81:ae:a2:05:45:99:50:57:83:81:43:
e2:90:63:75:fc:77:b6:55:e7:35:95:e3:69:0c:27:
02:fe:6b:c8:57:be:86:c2:30:e4:0e:f3:8a:94:b3:
5b:d1:fb:97:7e:cb:0e:98:e7:76:19:20:e3:18:e7:
9a:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:4A:79:BB:DA:79:99:AC:E7:C6:6B:E7:C8:53:C6:92:B6:DD:71:12
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS0.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.150.40.0/24
IPv6:
2a14:7580:50::/44
2a14:7580:600::/40
2a14:7580:ff60::/44
2a14:7580:ffef::/48
2a14:7580:fff3::-2a14:7580:fff5:ffff:ffff:ffff:ffff:ffff
2a14:7581:f00::/44
2a14:7581:fe6::/48
2a14:7581:fea::/48
2a14:7581:fec::/47
2a14:7581:fef::/48
2a14:7581:ff2::/48
2a14:7581:ff6::/47
2a14:7581:ffa::/48
2a14:7581:ffc::/48
2a14:7581:5000::/36
2a14:7581:9000::/38
2a14:7581:9ff0::/44
2a14:7583:4000::/36
2a14:7584:1000::/36
2a14:7584:e390::-2a14:7584:e3af:ffff:ffff:ffff:ffff:ffff
2a14:7584:e920::/44
Signature Algorithm: sha256WithRSAEncryption
31:64:fd:7b:a7:47:3e:3e:a5:56:3a:8e:ba:2d:8a:5a:6e:5c:
31:fa:2c:cc:c9:26:f7:c2:c3:9b:8c:30:8f:34:fd:1c:ed:4a:
41:04:29:03:46:4c:6a:cb:26:7c:ca:e7:80:e2:e6:1c:5a:cd:
1d:6b:4e:da:38:03:a5:34:e7:87:2f:5f:ee:a5:31:ff:26:fe:
02:17:bd:c3:2a:98:c8:79:36:38:61:5c:35:8a:4f:98:02:0b:
46:9d:1e:e7:65:ec:ea:d7:52:16:ff:ff:3d:e0:39:e3:2b:5c:
76:5a:25:52:53:1b:26:29:b4:98:4a:db:23:84:56:56:b7:0e:
2e:37:91:46:f7:98:ef:32:1f:2e:9f:6f:06:23:c6:be:48:cd:
3f:4c:f6:1e:b1:60:cd:83:a8:d4:bd:b8:bb:93:a4:b6:20:e4:
b5:30:5b:50:af:61:db:4d:51:83:5d:0f:9d:05:73:9d:20:c8:
9e:a8:65:b9:00:26:95:20:c2:b6:85:c9:1a:00:24:69:0c:6f:
90:49:87:0c:68:d2:38:ba:96:37:8a:4b:39:72:d7:5e:ec:ab:
56:83:45:00:43:73:7a:ef:b6:45:7a:93:2b:b9:ac:7b:cd:ac:
e0:ad:65:de:61:9a:74:1b:09:91:5d:ac:92:f5:18:82:4b:d1:
9e:d0:e4:30
-----BEGIN CERTIFICATE-----
MIIF1jCCBL6gAwIBAgIUEHtra4C1ryD+L5OCUCNjiklDhxgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNjA2MTUxNTM2NDdaFw0yNzA2MTQxNTQxNDdaMDMxMTAvBgNV
BAMTKDMzNEE3OUJCREE3OTk5QUNFN0M2NkJFN0M4NTNDNjkyQjZERDcxMTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZ99oRE3pHyNvcPDaCvZAAtbXR
0OQK28v/PfpAe4nBi6iyLbFeAY2ZbpiEViUpymdJHuszHiQgQDgS7W84TL1Bi2tu
gNDFMqs0jso02agKxzD5YPdJukCeIROCPGezazWPjrWoJ9OjX+34mtUqXSqtGSFU
LxU9gFvcpnutW/gD4oF89wf2Nni4M6lN1f7i+HH//LaN+hBQLhMFf7Uc/Z1fVNLw
dv6H0X3TgMsATMjYtMiqm510B7G2Yb4n3Y/5chTj/HXNFD2BrqIFRZlQV4OBQ+KQ
Y3X8d7ZV5zWV42kMJwL+a8hXvobCMOQO84qUs1vR+5d+yw6Y53YZIOMY55o5AgMB
AAGjggLgMIIC3DAdBgNVHQ4EFgQUM0p5u9p5maznxmvnyFPGkrbdcRIwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwdgYIKwYBBQUHAQsEajBoMGYGCCsGAQUFBzALhlpyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjCB+QYIKwYBBQUHAQcBAf8EgekwgeYwDAQCAAEwBgMEAMGWKDCB
1QQCAAIwgc4DBwQqFHWAAFADBgAqFHWABgMHBCoUdYD/YAMHACoUdYD/7zASAwcA
KhR1gP/zAwcBKhR1gP/0AwcEKhR1gQ8AAwcAKhR1gQ/mAwcAKhR1gQ/qAwcBKhR1
gQ/sAwcAKhR1gQ/vAwcAKhR1gQ/yAwcBKhR1gQ/2AwcAKhR1gQ/6AwcAKhR1gQ/8
AwYEKhR1gVADBgIqFHWBkAMHBCoUdYGf8AMGBCoUdYNAAwYEKhR1hBAwEgMHBCoU
dYTjkAMHBCoUdYTjoAMHBCoUdYTpIDANBgkqhkiG9w0BAQsFAAOCAQEAMWT9e6dH
Pj6lVjqOui2KWm5cMfoszMkm98LDm4wwjzT9HO1KQQQpA0ZMassmfMrngOLmHFrN
HWtO2jgDpTTnhy9f7qUx/yb+Ahe9wyqYyHk2OGFcNYpPmAILRp0e52Xs6tdSFv//
PeA54ytcdlolUlMbJim0mErbI4RWVrcOLjeRRveY7zIfLp9vBiPGvkjNP0z2HrFg
zYOo1L24u5OktiDktTBbUK9h201Rg10PnQVznSDInqhluQAmlSDCtoXJGgAkaQxv
kEmHDGjSOLqWN4pLOXLXXuyrVoNFAENzeu+2RXqTK7mse82s4K1l3mGadBsJkV2s
kvUYgkvRntDkMA==
-----END CERTIFICATE-----
Generated at Wed Jun 17 08:37:10 2026 by rpki-client