Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/35312e3134362e33362e302f32322d3234203d3e20383334.roa
File: 35312e3134362e33362e302f32322d3234203d3e20383334.roa (raw, json)
Hash identifier: EdE6niYL2CAkD0ZWI6TeifgrdWOjWD6HOymbOtQ5sNE=
Subject key identifier: 76:CE:1C:B4:F4:CD:D9:8F:71:71:51:B6:82:3A:62:94:DB:3E:82:5E
Certificate issuer: /CN=0e20ccf5083a63b9f5887e3ea39d04e2d62b3da5
Certificate serial: 6F27F5213FE92A342E2A9E7B6C1A00BAE55DED48
Authority key identifier: 0E:20:CC:F5:08:3A:63:B9:F5:88:7E:3E:A3:9D:04:E2:D6:2B:3D:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/35312e3134362e33362e302f32322d3234203d3e20383334.roa
Signing time: Wed 25 Feb 2026 15:11:32 +0000
ROA not before: Wed 25 Feb 2026 15:06:32 +0000
ROA not after: Wed 24 Feb 2027 15:11:32 +0000
asID: 834
IP address blocks: 51.146.36.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.crl
rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.mft
rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:27:f5:21:3f:e9:2a:34:2e:2a:9e:7b:6c:1a:00:ba:e5:5d:ed:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e20ccf5083a63b9f5887e3ea39d04e2d62b3da5
Validity
Not Before: Feb 25 15:06:32 2026 GMT
Not After : Feb 24 15:11:32 2027 GMT
Subject: CN=76CE1CB4F4CDD98F717151B6823A6294DB3E825E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:98:da:d8:15:39:54:97:6d:1a:11:a4:a6:ee:
42:21:9b:eb:b2:25:17:86:f2:87:a3:21:4a:69:f8:
f1:58:62:15:a8:0d:c8:fa:ee:7e:f2:51:7f:5c:c3:
0a:38:7d:c2:e3:8f:98:39:0d:53:43:cb:b5:a2:c0:
12:44:30:64:fa:2c:05:cd:f1:45:7a:83:f7:9e:20:
03:59:93:ea:f8:82:40:c0:0c:9a:09:a1:6a:f8:90:
fc:59:d2:b6:91:af:ff:7e:8b:8f:30:07:84:21:f8:
8c:96:55:fe:3b:cb:93:df:c9:20:a4:28:d0:b7:5a:
12:0e:0e:78:be:c8:41:2d:75:a3:d4:74:f6:96:47:
af:9f:39:3a:ac:26:16:7d:6f:79:85:45:08:00:53:
f2:48:9c:72:9a:bd:04:d0:b8:74:0b:cf:82:5a:2c:
b8:2a:46:1c:f5:26:18:8b:b0:11:58:32:b7:d2:be:
02:db:ba:fb:85:bf:ae:fe:74:c1:78:94:05:26:94:
04:7f:bb:77:0d:36:4b:aa:eb:a4:bd:b9:00:41:ab:
14:df:23:98:30:b4:98:cb:56:0e:38:7e:c5:0c:97:
1f:55:77:07:6c:c1:50:8b:43:a2:25:49:e4:a3:34:
cd:90:54:a2:48:68:a9:d3:2a:59:b0:80:30:7d:12:
20:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:CE:1C:B4:F4:CD:D9:8F:71:71:51:B6:82:3A:62:94:DB:3E:82:5E
X509v3 Authority Key Identifier:
keyid:0E:20:CC:F5:08:3A:63:B9:F5:88:7E:3E:A3:9D:04:E2:D6:2B:3D:A5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/35312e3134362e33362e302f32322d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.146.36.0/22
Signature Algorithm: sha256WithRSAEncryption
21:8f:c1:4e:94:18:86:03:04:83:3f:10:14:8b:e6:8f:29:25:
01:fc:eb:29:1a:62:0c:63:e9:31:26:75:81:f8:af:42:9a:0b:
18:63:20:e4:0f:14:02:a3:6a:30:ed:77:17:a1:c1:14:64:fb:
ee:08:7a:4b:c1:82:27:03:87:4c:7a:55:8b:b1:ed:67:74:4d:
73:09:f7:31:d4:e5:a1:b9:17:36:46:a4:21:77:56:a3:ea:79:
46:04:16:d5:c0:bd:82:99:9d:71:65:d9:f1:9c:86:97:c4:ad:
c1:a1:43:fe:26:b9:60:a8:87:d7:16:00:42:c1:d1:4c:79:7c:
a1:93:88:48:8d:ab:ec:30:16:5f:42:51:6e:d0:04:06:58:e3:
7b:33:f7:63:2a:20:3b:f4:f1:c7:6f:2e:6d:f1:f9:fc:ba:16:
83:18:8f:e5:fb:d8:e0:02:f4:b9:7d:95:a9:24:b7:64:fb:93:
52:43:f0:1f:e8:cd:33:6f:4c:1f:78:2c:13:b7:ce:b7:38:e6:
87:0c:d2:2f:7a:ee:f8:5e:2a:ca:ee:e7:23:b2:c9:92:3e:87:
88:7a:95:c7:1b:66:b9:46:31:d6:34:b2:7e:80:91:3b:66:ee:
5c:6e:af:0b:8d:90:c9:a2:f2:7a:dc:d9:ed:05:99:5e:84:9e:
c0:66:1f:89
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUbyf1IT/pKjQuKp57bBoAuuVd7UgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGUyMGNjZjUwODNhNjNiOWY1ODg3ZTNlYTM5ZDA0ZTJk
NjJiM2RhNTAeFw0yNjAyMjUxNTA2MzJaFw0yNzAyMjQxNTExMzJaMDMxMTAvBgNV
BAMTKDc2Q0UxQ0I0RjRDREQ5OEY3MTcxNTFCNjgyM0E2Mjk0REIzRTgyNUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHmNrYFTlUl20aEaSm7kIhm+uy
JReG8oejIUpp+PFYYhWoDcj67n7yUX9cwwo4fcLjj5g5DVNDy7WiwBJEMGT6LAXN
8UV6g/eeIANZk+r4gkDADJoJoWr4kPxZ0raRr/9+i48wB4Qh+IyWVf47y5PfySCk
KNC3WhIODni+yEEtdaPUdPaWR6+fOTqsJhZ9b3mFRQgAU/JInHKavQTQuHQLz4Ja
LLgqRhz1JhiLsBFYMrfSvgLbuvuFv67+dMF4lAUmlAR/u3cNNkuq66S9uQBBqxTf
I5gwtJjLVg44fsUMlx9VdwdswVCLQ6IlSeSjNM2QVKJIaKnTKlmwgDB9EiAPAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUds4ctPTN2Y9xcVG2gjpilNs+gl4wHwYDVR0j
BBgwFoAUDiDM9Qg6Y7n1iH4+o50E4tYrPaUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTZlNGFjODYtMTgwMy00OTRkLThhN2ItYzA1MWE2MzEw
NzUyLzAvMEUyMENDRjUwODNBNjNCOUY1ODg3RTNFQTM5RDA0RTJENjJCM0RBNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RpRE05UWc2WTduMWlINC1vNTBFNHRZ
clBhVS5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOTZlNGFjODYt
MTgwMy00OTRkLThhN2ItYzA1MWE2MzEwNzUyLzAvMzUzMTJlMzEzNDM2MmUzMzM2
MmUzMDJmMzIzMjJkMzIzNDIwM2QzZTIwMzgzMzM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCM5IkMA0G
CSqGSIb3DQEBCwUAA4IBAQAhj8FOlBiGAwSDPxAUi+aPKSUB/OspGmIMY+kxJnWB
+K9CmgsYYyDkDxQCo2ow7XcXocEUZPvuCHpLwYInA4dMelWLse1ndE1zCfcx1OWh
uRc2RqQhd1aj6nlGBBbVwL2CmZ1xZdnxnIaXxK3BoUP+JrlgqIfXFgBCwdFMeXyh
k4hIjavsMBZfQlFu0AQGWON7M/djKiA79PHHby5t8fn8uhaDGI/l+9jgAvS5fZWp
JLdk+5NSQ/Af6M0zb0wfeCwTt863OOaHDNIveu74XirK7ucjssmSPoeIepXHG2a5
RjHWNLJ+gJE7Zu5cbq8LjZDJovJ63NntBZlehJ7AZh+J
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:44:01 2026 by rpki-client