Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS0.roa
File: AS0.roa (raw, json)
Hash identifier: vWq349O9BX97FyffOkhUCIogqmXwu0DGyb033xoyx14=
Subject key identifier: 88:47:A9:16:04:27:DF:B9:02:9E:6D:DC:AA:B3:A5:E5:4C:88:E5:0E
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 791937EE68CC40568D560D04CE4A96FB5D20A891
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS0.roa
Signing time: Thu 16 Apr 2026 07:00:18 +0000
ROA not before: Thu 16 Apr 2026 06:55:18 +0000
ROA not after: Thu 15 Apr 2027 07:00:18 +0000
asID: 0
IP address blocks: 193.150.40.0/24 maxlen: 24
2a14:7580:50::/44 maxlen: 44
2a14:7580:b00::/40 maxlen: 48
2a14:7580:4000::/36 maxlen: 48
2a14:7580:e700::/40 maxlen: 48
2a14:7580:e800::/40 maxlen: 48
2a14:7580:e900::/40 maxlen: 48
2a14:7580:ea00::/40 maxlen: 48
2a14:7580:eb00::/40 maxlen: 48
2a14:7580:ec00::/40 maxlen: 48
2a14:7580:ffef::/48 maxlen: 48
2a14:7581::/40 maxlen: 48
2a14:7581:fe6::/48 maxlen: 48
2a14:7581:fea::/48 maxlen: 48
2a14:7581:fec::/48 maxlen: 48
2a14:7581:fed::/48 maxlen: 48
2a14:7581:ff2::/48 maxlen: 48
2a14:7581:ff7::/48 maxlen: 48
2a14:7581:ffa::/48 maxlen: 48
2a14:7581:ffc::/48 maxlen: 48
2a14:7581:5000::/36 maxlen: 48
2a14:7581:9f70::/44 maxlen: 48
2a14:7581:9f80::/44 maxlen: 48
2a14:7581:9f90::/44 maxlen: 48
2a14:7583:3000::/36 maxlen: 48
2a14:7583:8000::/36 maxlen: 48
2a14:7583:e800::/40 maxlen: 48
2a14:7584:3000::/36 maxlen: 48
2a14:7586:7000::/36 maxlen: 48
2a14:7586:9000::/36 maxlen: 48
2a14:7586:e000::/36 maxlen: 48
2a14:7587::/32 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 18:07:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:19:37:ee:68:cc:40:56:8d:56:0d:04:ce:4a:96:fb:5d:20:a8:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Apr 16 06:55:18 2026 GMT
Not After : Apr 15 07:00:18 2027 GMT
Subject: CN=8847A9160427DFB9029E6DDCAAB3A5E54C88E50E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:bf:3a:65:63:54:9f:f0:ac:ef:81:f6:b3:b6:
fb:c3:dc:ba:91:a4:46:01:f8:40:d8:39:d4:54:62:
f6:8e:8c:39:81:74:f8:72:c2:39:da:23:20:9e:5a:
38:80:f1:76:13:bb:0f:cf:e8:f6:9b:a4:28:d7:49:
e5:22:8f:38:cb:d0:5c:f8:51:3c:0e:c0:ef:6b:de:
dd:f7:a0:c6:39:fb:6d:97:69:ff:59:31:ea:3f:e7:
c4:db:32:6d:80:90:3f:5a:58:a8:30:1f:6c:99:68:
24:42:1d:7b:2c:6b:26:1e:cb:27:4f:04:55:5c:66:
9d:7c:09:c5:3e:7b:f5:71:7d:43:3d:ba:bb:b3:29:
7e:5f:3c:c0:df:6c:6f:2c:0a:8e:15:e9:06:40:fd:
c7:80:ab:2c:78:17:21:52:0a:bc:46:f2:b6:a6:20:
c2:1c:b9:c1:07:51:d5:34:9c:68:83:e6:0e:71:2b:
80:a8:5d:13:a6:e8:b8:b9:3a:f2:f9:ac:b7:df:7b:
7b:ee:30:1c:93:e2:9d:97:89:b9:cf:06:8d:88:24:
a6:88:71:99:34:53:fd:5a:13:71:94:68:f1:d9:0d:
1e:48:e4:b9:7a:d5:65:4e:86:92:6f:90:1a:26:04:
f0:4e:ce:c8:48:0b:4c:55:74:cc:20:c7:73:1e:ec:
b0:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:47:A9:16:04:27:DF:B9:02:9E:6D:DC:AA:B3:A5:E5:4C:88:E5:0E
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS0.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.150.40.0/24
IPv6:
2a14:7580:50::/44
2a14:7580:b00::/40
2a14:7580:4000::/36
2a14:7580:e700::-2a14:7580:ecff:ffff:ffff:ffff:ffff:ffff
2a14:7580:ffef::/48
2a14:7581::/40
2a14:7581:fe6::/48
2a14:7581:fea::/48
2a14:7581:fec::/47
2a14:7581:ff2::/48
2a14:7581:ff7::/48
2a14:7581:ffa::/48
2a14:7581:ffc::/48
2a14:7581:5000::/36
2a14:7581:9f70::-2a14:7581:9f9f:ffff:ffff:ffff:ffff:ffff
2a14:7583:3000::/36
2a14:7583:8000::/36
2a14:7583:e800::/40
2a14:7584:3000::/36
2a14:7586:7000::/36
2a14:7586:9000::/36
2a14:7586:e000::/36
2a14:7587::/32
Signature Algorithm: sha256WithRSAEncryption
84:b3:eb:60:17:65:d5:f4:61:48:0a:ee:aa:15:3a:af:c8:49:
44:44:69:d4:55:be:14:a4:6e:21:aa:45:81:4c:b1:2b:69:77:
a5:bb:97:cf:25:f6:94:f6:ce:a0:16:ca:b6:ba:c1:c0:a9:aa:
f4:c0:d5:95:1a:6e:d7:0a:40:04:4c:e8:52:8e:86:fe:d6:59:
d0:1a:0e:8a:03:90:58:9b:1e:7c:54:88:0c:4d:37:f2:ae:94:
e2:79:54:ed:29:c4:22:bf:5f:1c:10:53:44:0f:f4:b7:ad:7b:
95:b6:2f:75:f1:14:c7:c4:38:a4:ce:0e:66:9e:56:23:a3:82:
3d:d4:c4:e9:b5:9f:f0:32:b1:4f:de:76:60:5d:d6:a0:fa:a7:
5e:29:28:a4:b1:29:e5:0a:8c:4c:5f:33:fc:4e:08:46:0d:69:
d9:f1:71:c0:7e:f4:44:0e:b5:de:98:d8:33:e0:cb:77:13:0a:
32:d7:21:19:56:2f:dc:54:40:fa:d1:95:28:5e:8d:c9:6d:ef:
44:72:49:22:7a:88:c4:9d:f2:ea:78:ec:19:fb:7d:50:cc:74:
12:76:83:69:7f:b4:cf:72:69:34:56:38:6b:ad:e5:d4:09:68:
eb:e9:e3:46:7f:ec:86:5d:6a:7b:12:02:88:73:a0:da:dd:3d:
a8:4b:98:82
-----BEGIN CERTIFICATE-----
MIIF3zCCBMegAwIBAgIUeRk37mjMQFaNVg0EzkqW+10gqJEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNjA0MTYwNjU1MThaFw0yNzA0MTUwNzAwMThaMDMxMTAvBgNV
BAMTKDg4NDdBOTE2MDQyN0RGQjkwMjlFNkREQ0FBQjNBNUU1NEM4OEU1MEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMvzplY1Sf8KzvgfaztvvD3LqR
pEYB+EDYOdRUYvaOjDmBdPhywjnaIyCeWjiA8XYTuw/P6PabpCjXSeUijzjL0Fz4
UTwOwO9r3t33oMY5+22Xaf9ZMeo/58TbMm2AkD9aWKgwH2yZaCRCHXssayYeyydP
BFVcZp18CcU+e/VxfUM9uruzKX5fPMDfbG8sCo4V6QZA/ceAqyx4FyFSCrxG8ram
IMIcucEHUdU0nGiD5g5xK4CoXROm6Li5OvL5rLffe3vuMByT4p2XibnPBo2IJKaI
cZk0U/1aE3GUaPHZDR5I5Ll61WVOhpJvkBomBPBOzshIC0xVdMwgx3Me7LBvAgMB
AAGjggLpMIIC5TAdBgNVHQ4EFgQUiEepFgQn37kCnm3cqrOl5UyI5Q4wHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwdgYIKwYBBQUHAQsEajBoMGYGCCsGAQUFBzALhlpyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjCCAQEGCCsGAQUFBwEHAQH/BIHxMIHuMAwEAgABMAYDBADBligw
gd0EAgACMIHWAwcEKhR1gABQAwYAKhR1gAsDBgQqFHWAQDAQAwYAKhR1gOcDBgAq
FHWA7AMHACoUdYD/7wMGACoUdYEAAwcAKhR1gQ/mAwcAKhR1gQ/qAwcBKhR1gQ/s
AwcAKhR1gQ/yAwcAKhR1gQ/3AwcAKhR1gQ/6AwcAKhR1gQ/8AwYEKhR1gVAwEgMH
BCoUdYGfcAMHBSoUdYGfgAMGBCoUdYMwAwYEKhR1g4ADBgAqFHWD6AMGBCoUdYQw
AwYEKhR1hnADBgQqFHWGkAMGBCoUdYbgAwUAKhR1hzANBgkqhkiG9w0BAQsFAAOC
AQEAhLPrYBdl1fRhSAruqhU6r8hJRERp1FW+FKRuIapFgUyxK2l3pbuXzyX2lPbO
oBbKtrrBwKmq9MDVlRpu1wpABEzoUo6G/tZZ0BoOigOQWJsefFSIDE038q6U4nlU
7SnEIr9fHBBTRA/0t617lbYvdfEUx8Q4pM4OZp5WI6OCPdTE6bWf8DKxT952YF3W
oPqnXikopLEp5QqMTF8z/E4IRg1p2fFxwH70RA613pjYM+DLdxMKMtchGVYv3FRA
+tGVKF6NyW3vRHJJInqIxJ3y6njsGft9UMx0EnaDaX+0z3JpNFY4a63l1Alo6+nj
Rn/shl1qexICiHOg2t09qEuYgg==
-----END CERTIFICATE-----
Generated at Fri Apr 17 06:07:40 2026 by rpki-client