Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/35312e3134362e33322e302f32322d3232203d3e2035363530.roa
File: 35312e3134362e33322e302f32322d3232203d3e2035363530.roa (raw, json)
Hash identifier: EopTa59mEo3XjhjDzxi8lx3r4ivjlhsqLPVLMSPtel4=
Subject key identifier: 06:4A:2E:B4:85:6F:1E:C2:8C:D4:73:9C:1A:DE:1F:4F:F9:12:E9:0E
Certificate issuer: /CN=0e20ccf5083a63b9f5887e3ea39d04e2d62b3da5
Certificate serial: 5E35B96802C90A3CC89EF36A43D18EFF4CB7E9EA
Authority key identifier: 0E:20:CC:F5:08:3A:63:B9:F5:88:7E:3E:A3:9D:04:E2:D6:2B:3D:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/35312e3134362e33322e302f32322d3232203d3e2035363530.roa
Signing time: Wed 25 Feb 2026 15:09:20 +0000
ROA not before: Wed 25 Feb 2026 15:04:20 +0000
ROA not after: Wed 24 Feb 2027 15:09:20 +0000
asID: 5650
IP address blocks: 51.146.32.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.crl
rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.mft
rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:35:b9:68:02:c9:0a:3c:c8:9e:f3:6a:43:d1:8e:ff:4c:b7:e9:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e20ccf5083a63b9f5887e3ea39d04e2d62b3da5
Validity
Not Before: Feb 25 15:04:20 2026 GMT
Not After : Feb 24 15:09:20 2027 GMT
Subject: CN=064A2EB4856F1EC28CD4739C1ADE1F4FF912E90E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:ec:ad:71:15:7e:d6:28:27:c3:2a:fc:53:08:
f8:29:8b:f1:5f:7b:49:78:8f:fb:0e:c3:9d:0c:e0:
35:c9:35:02:1a:2c:fc:ec:ad:3e:99:54:f2:ff:41:
ea:4a:eb:18:62:20:8e:99:00:14:a9:15:64:1c:48:
e6:fd:3a:3c:5b:10:0c:f1:19:d0:6b:77:85:bf:d3:
73:da:40:3d:62:9a:26:04:bf:d2:05:37:12:57:f8:
bb:77:e9:6b:9b:af:41:e3:30:be:24:3f:60:f8:47:
b7:87:2e:b0:b8:cf:ae:91:41:4e:d8:d2:60:24:22:
a8:53:4e:79:ff:34:eb:f3:f3:02:4c:1a:d5:7b:93:
ef:43:97:e6:16:e1:d1:48:43:6c:d9:e2:f8:bf:e2:
79:2f:31:76:cd:30:69:8e:57:fc:8f:73:14:9e:a5:
27:c6:f3:b9:2d:0a:1c:7b:f1:30:ef:42:f4:ce:d0:
44:d8:5c:61:a1:94:18:f5:08:0a:22:3f:4c:2d:96:
06:7a:2f:e5:a0:c1:aa:53:1c:11:7d:f3:a2:aa:07:
1d:c5:9f:c5:3a:b9:a2:28:2e:87:95:7a:2e:c1:56:
2e:66:94:f9:0a:27:42:59:f4:ca:cf:68:9a:ce:22:
96:f2:c7:53:a4:15:ef:1b:89:49:8b:26:2a:a8:db:
c3:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:4A:2E:B4:85:6F:1E:C2:8C:D4:73:9C:1A:DE:1F:4F:F9:12:E9:0E
X509v3 Authority Key Identifier:
keyid:0E:20:CC:F5:08:3A:63:B9:F5:88:7E:3E:A3:9D:04:E2:D6:2B:3D:A5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/35312e3134362e33322e302f32322d3232203d3e2035363530.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.146.32.0/22
Signature Algorithm: sha256WithRSAEncryption
96:de:ad:81:4d:31:a9:95:d6:69:25:4f:b9:48:3b:81:e2:c9:
db:56:a1:32:47:67:f1:66:f3:43:af:d8:2e:b7:4f:f5:3b:9a:
2a:c5:4c:d8:4c:c9:97:eb:21:f2:9b:1f:c5:60:95:91:b1:f7:
9e:1d:16:91:40:e4:ea:e9:76:44:38:77:01:6d:63:dc:77:3d:
7d:0e:17:d7:8f:a7:8f:c7:b5:3c:c2:7f:20:ff:0f:83:5c:da:
09:91:76:e3:6e:16:d2:dc:6a:b4:21:7f:52:19:35:ed:53:62:
e9:07:59:0b:57:bd:f4:20:e5:7f:08:17:7c:66:7f:4b:52:29:
b7:fe:71:5e:28:ed:d9:e7:e2:34:73:78:1b:d9:90:83:97:18:
ea:ed:a8:05:e2:bb:b5:0c:e4:7e:6e:9b:40:b7:57:57:73:e1:
ca:67:0a:25:9b:af:0c:45:03:44:35:96:f6:13:8f:f4:97:1a:
37:04:46:ef:98:2f:d1:19:fa:64:42:38:0a:aa:53:c2:26:ce:
0b:4c:84:03:19:70:83:98:a0:3a:17:13:4f:93:98:46:49:db:
80:7c:57:eb:53:3d:ad:54:3f:f3:df:75:8c:68:fe:99:8a:e7:
a8:e6:6a:d6:bf:16:fc:76:07:bf:ae:88:6e:56:1e:97:f1:ee:
6d:bd:58:da
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUXjW5aALJCjzInvNqQ9GO/0y36eowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGUyMGNjZjUwODNhNjNiOWY1ODg3ZTNlYTM5ZDA0ZTJk
NjJiM2RhNTAeFw0yNjAyMjUxNTA0MjBaFw0yNzAyMjQxNTA5MjBaMDMxMTAvBgNV
BAMTKDA2NEEyRUI0ODU2RjFFQzI4Q0Q0NzM5QzFBREUxRjRGRjkxMkU5MEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDE7K1xFX7WKCfDKvxTCPgpi/Ff
e0l4j/sOw50M4DXJNQIaLPzsrT6ZVPL/QepK6xhiII6ZABSpFWQcSOb9OjxbEAzx
GdBrd4W/03PaQD1imiYEv9IFNxJX+Lt36Wubr0HjML4kP2D4R7eHLrC4z66RQU7Y
0mAkIqhTTnn/NOvz8wJMGtV7k+9Dl+YW4dFIQ2zZ4vi/4nkvMXbNMGmOV/yPcxSe
pSfG87ktChx78TDvQvTO0ETYXGGhlBj1CAoiP0wtlgZ6L+WgwapTHBF986KqBx3F
n8U6uaIoLoeVei7BVi5mlPkKJ0JZ9MrPaJrOIpbyx1OkFe8biUmLJiqo28N5AgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUBkoutIVvHsKM1HOcGt4fT/kS6Q4wHwYDVR0j
BBgwFoAUDiDM9Qg6Y7n1iH4+o50E4tYrPaUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTZlNGFjODYtMTgwMy00OTRkLThhN2ItYzA1MWE2MzEw
NzUyLzAvMEUyMENDRjUwODNBNjNCOUY1ODg3RTNFQTM5RDA0RTJENjJCM0RBNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RpRE05UWc2WTduMWlINC1vNTBFNHRZ
clBhVS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOTZlNGFjODYt
MTgwMy00OTRkLThhN2ItYzA1MWE2MzEwNzUyLzAvMzUzMTJlMzEzNDM2MmUzMzMy
MmUzMDJmMzIzMjJkMzIzMjIwM2QzZTIwMzUzNjM1MzAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAIzkiAw
DQYJKoZIhvcNAQELBQADggEBAJberYFNMamV1mklT7lIO4HiydtWoTJHZ/Fm80Ov
2C63T/U7mirFTNhMyZfrIfKbH8VglZGx954dFpFA5OrpdkQ4dwFtY9x3PX0OF9eP
p4/HtTzCfyD/D4Nc2gmRduNuFtLcarQhf1IZNe1TYukHWQtXvfQg5X8IF3xmf0tS
Kbf+cV4o7dnn4jRzeBvZkIOXGOrtqAXiu7UM5H5um0C3V1dz4cpnCiWbrwxFA0Q1
lvYTj/SXGjcERu+YL9EZ+mRCOAqqU8ImzgtMhAMZcIOYoDoXE0+TmEZJ24B8V+tT
Pa1UP/PfdYxo/pmK56jmata/Fvx2B7+uiG5WHpfx7m29WNo=
-----END CERTIFICATE-----
Generated at Mon Mar 2 00:10:11 2026 by rpki-client