Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS150249.roa
File: AS150249.roa (raw, json)
Hash identifier: YNEdTOUPMCDPu5cISWFO+xMVBlY+RuRvVafUUcJP0sc=
Subject key identifier: 7B:28:42:57:A3:4C:8F:F9:86:73:F0:97:74:70:C1:BF:6B:4B:86:0F
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 16DCED3E4E190D3C667E6F5D997D8E8A39F1E050
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS150249.roa
Signing time: Wed 18 Feb 2026 03:53:17 +0000
ROA not before: Wed 18 Feb 2026 03:48:17 +0000
ROA not after: Wed 17 Feb 2027 03:53:17 +0000
asID: 150249
IP address blocks: 2a14:7580:ff00::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:dc:ed:3e:4e:19:0d:3c:66:7e:6f:5d:99:7d:8e:8a:39:f1:e0:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Feb 18 03:48:17 2026 GMT
Not After : Feb 17 03:53:17 2027 GMT
Subject: CN=7B284257A34C8FF98673F0977470C1BF6B4B860F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:55:ea:6a:7b:05:cd:00:54:e0:82:84:52:94:
2e:64:7e:0d:cd:37:91:1a:aa:21:56:06:00:d2:d9:
14:be:dd:d4:bc:ba:d1:16:11:c3:f6:7c:49:99:09:
d3:00:45:70:07:af:97:e9:f7:60:63:37:6b:ac:bc:
27:48:ce:29:f5:11:60:bc:dd:2c:79:f9:86:19:a3:
f9:6d:30:7f:34:d5:aa:28:e6:0c:fe:63:4e:c0:d8:
57:59:dd:8e:e8:4b:f5:45:0a:42:b9:56:5d:19:d2:
dd:c8:d7:12:7a:e4:b7:7b:32:90:fb:64:86:8e:d0:
7f:00:4c:8e:da:81:a9:65:ce:50:6d:2a:aa:ae:81:
04:7a:5c:6d:7e:4c:56:25:ec:c8:cd:09:0b:fd:bd:
92:2f:12:7d:76:02:5d:d4:59:aa:bc:63:39:c6:29:
1c:e8:8d:0a:7f:69:ae:80:39:73:a5:79:c5:31:f7:
b3:fe:ce:2f:c8:04:3a:f6:14:22:96:90:70:9c:bb:
a2:b6:08:f7:43:b7:f6:da:6e:fa:52:4b:35:19:03:
d5:e1:54:c2:c0:3f:42:82:f6:2e:62:4b:75:ef:fb:
20:3f:04:b6:8f:0e:2a:57:23:54:46:8e:ba:a0:c6:
1a:97:97:0f:6b:60:8e:05:43:92:e3:7c:6f:91:a4:
63:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:28:42:57:A3:4C:8F:F9:86:73:F0:97:74:70:C1:BF:6B:4B:86:0F
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS150249.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7580:ff00::/48
Signature Algorithm: sha256WithRSAEncryption
01:62:60:f1:81:da:ad:56:86:2e:1d:ce:f1:49:c6:a6:c6:53:
d5:1f:24:6e:a0:64:9f:d4:07:c5:99:52:cb:bb:5d:84:a7:9c:
c1:32:1b:4c:ef:2e:89:5e:25:98:f0:93:a9:62:d2:cc:fe:a5:
03:e4:53:55:b9:f3:cb:95:33:84:4e:f9:bc:27:2a:28:16:90:
17:4f:b1:9c:1a:d8:ea:3a:b5:96:d6:9b:f4:35:78:95:d8:7f:
99:1e:71:8a:9d:52:af:6f:a0:10:0a:ae:4b:99:0a:a7:94:52:
4e:20:99:e8:85:7c:84:50:8d:72:aa:2b:52:d6:62:e0:e7:73:
8f:79:d0:d7:3f:93:2d:bc:f6:f5:d9:08:a2:e4:c5:17:36:21:
10:7e:3f:91:dc:83:54:62:2e:20:cb:d5:dc:be:a2:d1:f9:d1:
c6:31:2c:2a:2d:7f:3e:8a:30:b5:56:ce:5f:73:27:4b:4a:a9:
3f:6c:cd:53:f1:dc:13:6a:7e:57:0d:48:55:52:62:cc:d9:7b:
5c:7e:47:57:c0:b7:82:5a:45:e5:41:df:cb:fe:c1:a9:7c:f1:
83:6c:22:a6:23:e1:9f:87:8a:bd:df:59:a2:16:20:81:3f:98:
35:18:52:2c:03:7d:5c:18:4d:f7:80:35:c2:57:df:8a:ea:b8:
83:44:ce:15
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUFtztPk4ZDTxmfm9dmX2Oijnx4FAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNjAyMTgwMzQ4MTdaFw0yNzAyMTcwMzUzMTdaMDMxMTAvBgNV
BAMTKDdCMjg0MjU3QTM0QzhGRjk4NjczRjA5Nzc0NzBDMUJGNkI0Qjg2MEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsVepqewXNAFTggoRSlC5kfg3N
N5EaqiFWBgDS2RS+3dS8utEWEcP2fEmZCdMARXAHr5fp92BjN2usvCdIzin1EWC8
3Sx5+YYZo/ltMH801aoo5gz+Y07A2FdZ3Y7oS/VFCkK5Vl0Z0t3I1xJ65Ld7MpD7
ZIaO0H8ATI7agallzlBtKqqugQR6XG1+TFYl7MjNCQv9vZIvEn12Al3UWaq8YznG
KRzojQp/aa6AOXOlecUx97P+zi/IBDr2FCKWkHCcu6K2CPdDt/babvpSSzUZA9Xh
VMLAP0KC9i5iS3Xv+yA/BLaPDipXI1RGjrqgxhqXlw9rYI4FQ5LjfG+RpGNJAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUeyhCV6NMj/mGc/CXdHDBv2tLhg8wHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMTUwMjQ5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1
gP8AMA0GCSqGSIb3DQEBCwUAA4IBAQABYmDxgdqtVoYuHc7xScamxlPVHyRuoGSf
1AfFmVLLu12Ep5zBMhtM7y6JXiWY8JOpYtLM/qUD5FNVufPLlTOETvm8JyooFpAX
T7GcGtjqOrWW1pv0NXiV2H+ZHnGKnVKvb6AQCq5LmQqnlFJOIJnohXyEUI1yqitS
1mLg53OPedDXP5MtvPb12Qii5MUXNiEQfj+R3INUYi4gy9XcvqLR+dHGMSwqLX8+
ijC1Vs5fcydLSqk/bM1T8dwTan5XDUhVUmLM2XtcfkdXwLeCWkXlQd/L/sGpfPGD
bCKmI+Gfh4q931miFiCBP5g1GFIsA31cGE33gDXCV9+K6riDRM4V
-----END CERTIFICATE-----
Generated at Mon Mar 2 08:06:49 2026 by rpki-client