Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/35312e3134362e35362e302f32322d3234203d3e2032383536.roa
File: 35312e3134362e35362e302f32322d3234203d3e2032383536.roa (raw, json)
Hash identifier: ymWdKV48+k/3teW3fXiZiwqHV6TDZkNPL0x6bNg5op8=
Subject key identifier: 62:24:3A:39:EB:F9:E5:59:E9:2E:9A:E2:D0:C0:B4:48:26:C2:66:7E
Certificate issuer: /CN=0e20ccf5083a63b9f5887e3ea39d04e2d62b3da5
Certificate serial: 3B411DDDB50F40B9AF072A5845400F54A4BC7AFF
Authority key identifier: 0E:20:CC:F5:08:3A:63:B9:F5:88:7E:3E:A3:9D:04:E2:D6:2B:3D:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/35312e3134362e35362e302f32322d3234203d3e2032383536.roa
Signing time: Fri 27 Feb 2026 13:11:47 +0000
ROA not before: Fri 27 Feb 2026 13:06:47 +0000
ROA not after: Fri 26 Feb 2027 13:11:47 +0000
asID: 2856
IP address blocks: 51.146.56.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.crl
rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.mft
rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:41:1d:dd:b5:0f:40:b9:af:07:2a:58:45:40:0f:54:a4:bc:7a:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e20ccf5083a63b9f5887e3ea39d04e2d62b3da5
Validity
Not Before: Feb 27 13:06:47 2026 GMT
Not After : Feb 26 13:11:47 2027 GMT
Subject: CN=62243A39EBF9E559E92E9AE2D0C0B44826C2667E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:e8:12:cf:5a:bb:f8:f3:a2:e9:d1:d6:10:15:
25:0a:d5:e5:45:59:2e:96:48:bf:93:27:c8:10:cb:
45:36:0a:14:eb:c1:db:e9:cc:ac:51:4e:f5:8c:21:
72:cb:80:c5:23:49:f9:d4:d2:4a:e4:d2:3c:71:e1:
a5:8b:0d:c2:66:ed:44:e4:f6:5b:f7:8f:ca:ce:c4:
82:f6:ca:d3:74:82:02:2c:4e:86:9d:cd:c6:2b:fe:
95:96:a6:17:cd:5d:02:68:6a:3c:fe:60:45:8e:a9:
fe:8b:88:01:0a:44:3b:89:ce:23:b4:54:55:8a:f7:
8a:22:21:84:4f:bc:b7:c0:8b:d2:22:1a:73:9b:bc:
3d:20:a0:e9:29:41:8e:17:64:53:6f:3d:74:59:a8:
27:f3:8e:6b:5b:4a:c8:e7:47:3e:29:5a:30:67:2f:
de:e0:6e:47:2f:c1:e1:39:96:4f:d1:e8:0a:11:72:
b6:0e:d4:97:a8:65:a3:78:76:95:b7:a5:bc:e5:00:
56:bc:f9:39:ce:a4:33:ac:38:c3:13:46:5c:e9:4d:
a7:bc:79:0e:82:4e:42:62:03:86:47:55:4e:be:11:
36:61:ca:38:03:30:03:1c:8d:02:03:dc:56:85:54:
e4:7e:73:a4:c6:8b:3f:2e:d8:08:98:2e:69:2d:dc:
2a:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:24:3A:39:EB:F9:E5:59:E9:2E:9A:E2:D0:C0:B4:48:26:C2:66:7E
X509v3 Authority Key Identifier:
keyid:0E:20:CC:F5:08:3A:63:B9:F5:88:7E:3E:A3:9D:04:E2:D6:2B:3D:A5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/35312e3134362e35362e302f32322d3234203d3e2032383536.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.146.56.0/22
Signature Algorithm: sha256WithRSAEncryption
50:b6:56:2f:33:62:cc:f1:9f:c9:52:d3:c2:65:f7:39:d2:ea:
60:d0:19:7d:26:59:56:09:aa:d5:66:06:b3:93:c5:c6:c3:bd:
3e:eb:05:03:7c:8c:55:81:d2:59:a9:0a:eb:7a:10:9f:d1:41:
9b:d7:38:63:ff:2e:e8:78:57:a5:07:47:a3:8e:0b:d0:25:b2:
3d:6f:1e:d0:e4:ed:da:10:cc:72:56:18:e7:5e:b6:48:75:d5:
bf:2f:95:e6:83:05:02:47:08:4e:b4:82:fd:95:f1:21:a3:38:
e9:84:db:54:a5:73:a6:fb:03:d8:92:cc:7c:1b:29:b1:00:7a:
f3:15:f1:5a:1f:34:85:79:2f:4d:65:60:c0:1d:8b:7a:bb:46:
7c:d0:96:5c:57:58:b8:2c:d1:30:a2:75:a4:7e:bb:9e:92:41:
71:44:ea:28:f6:f9:6a:cc:ba:f5:cc:a7:52:65:fc:91:77:3a:
57:18:84:d4:b6:8e:c5:54:be:18:2b:f9:4e:b8:09:05:a5:5f:
e0:fd:6d:40:83:76:9e:b1:8f:dc:ea:8b:f1:4b:c0:8e:c0:12:
d6:cf:5c:44:ad:d4:c4:8c:9c:e7:91:56:de:44:63:8e:bb:35:
f8:6a:f2:6c:ff:3b:1d:db:f0:62:d2:2f:cd:c4:e3:e7:d9:90:
ea:ca:8a:a3
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUO0Ed3bUPQLmvBypYRUAPVKS8ev8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGUyMGNjZjUwODNhNjNiOWY1ODg3ZTNlYTM5ZDA0ZTJk
NjJiM2RhNTAeFw0yNjAyMjcxMzA2NDdaFw0yNzAyMjYxMzExNDdaMDMxMTAvBgNV
BAMTKDYyMjQzQTM5RUJGOUU1NTlFOTJFOUFFMkQwQzBCNDQ4MjZDMjY2N0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC46BLPWrv486Lp0dYQFSUK1eVF
WS6WSL+TJ8gQy0U2ChTrwdvpzKxRTvWMIXLLgMUjSfnU0krk0jxx4aWLDcJm7UTk
9lv3j8rOxIL2ytN0ggIsToadzcYr/pWWphfNXQJoajz+YEWOqf6LiAEKRDuJziO0
VFWK94oiIYRPvLfAi9IiGnObvD0goOkpQY4XZFNvPXRZqCfzjmtbSsjnRz4pWjBn
L97gbkcvweE5lk/R6AoRcrYO1JeoZaN4dpW3pbzlAFa8+TnOpDOsOMMTRlzpTae8
eQ6CTkJiA4ZHVU6+ETZhyjgDMAMcjQID3FaFVOR+c6TGiz8u2AiYLmkt3Cr1AgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUYiQ6Oev55VnpLpri0MC0SCbCZn4wHwYDVR0j
BBgwFoAUDiDM9Qg6Y7n1iH4+o50E4tYrPaUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTZlNGFjODYtMTgwMy00OTRkLThhN2ItYzA1MWE2MzEw
NzUyLzAvMEUyMENDRjUwODNBNjNCOUY1ODg3RTNFQTM5RDA0RTJENjJCM0RBNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RpRE05UWc2WTduMWlINC1vNTBFNHRZ
clBhVS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOTZlNGFjODYt
MTgwMy00OTRkLThhN2ItYzA1MWE2MzEwNzUyLzAvMzUzMTJlMzEzNDM2MmUzNTM2
MmUzMDJmMzIzMjJkMzIzNDIwM2QzZTIwMzIzODM1MzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAIzkjgw
DQYJKoZIhvcNAQELBQADggEBAFC2Vi8zYszxn8lS08Jl9znS6mDQGX0mWVYJqtVm
BrOTxcbDvT7rBQN8jFWB0lmpCut6EJ/RQZvXOGP/Luh4V6UHR6OOC9Alsj1vHtDk
7doQzHJWGOdetkh11b8vleaDBQJHCE60gv2V8SGjOOmE21Slc6b7A9iSzHwbKbEA
evMV8VofNIV5L01lYMAdi3q7RnzQllxXWLgs0TCidaR+u56SQXFE6ij2+WrMuvXM
p1Jl/JF3OlcYhNS2jsVUvhgr+U64CQWlX+D9bUCDdp6xj9zqi/FLwI7AEtbPXESt
1MSMnOeRVt5EY467Nfhq8mz/Ox3b8GLSL83E4+fZkOrKiqM=
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:26:45 2026 by rpki-client