Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/AS2856.roa
File: AS2856.roa (raw, json)
Hash identifier: bzi4fBIiC8oZyaFV/XK2JSHPRUDV8oR1+3ILhGGgfDA=
Subject key identifier: F1:D5:95:6E:6A:52:47:2E:EF:17:35:FC:40:11:E5:E5:4B:3E:5A:92
Certificate issuer: /CN=0e20ccf5083a63b9f5887e3ea39d04e2d62b3da5
Certificate serial: 3AF21913E2384DCF70BA4237EE40C801D8C89DCE
Authority key identifier: 0E:20:CC:F5:08:3A:63:B9:F5:88:7E:3E:A3:9D:04:E2:D6:2B:3D:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/AS2856.roa
Signing time: Fri 10 Apr 2026 13:17:21 +0000
ROA not before: Fri 10 Apr 2026 13:12:21 +0000
ROA not after: Fri 09 Apr 2027 13:17:21 +0000
asID: 2856
IP address blocks: 51.146.40.0/22 maxlen: 24
51.146.44.0/22 maxlen: 24
51.146.56.0/22 maxlen: 24
51.146.60.0/22 maxlen: 24
51.146.128.0/22 maxlen: 24
51.146.132.0/22 maxlen: 24
51.146.136.0/22 maxlen: 24
51.146.140.0/22 maxlen: 24
51.146.235.0/24 maxlen: 24
51.146.252.0/22 maxlen: 22
51.194.36.0/23 maxlen: 24
51.194.40.0/21 maxlen: 24
51.194.88.0/21 maxlen: 24
51.194.100.0/22 maxlen: 22
51.194.104.0/21 maxlen: 24
51.194.120.0/21 maxlen: 24
78.105.97.0/24 maxlen: 24
78.105.136.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.crl
rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.mft
rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:f2:19:13:e2:38:4d:cf:70:ba:42:37:ee:40:c8:01:d8:c8:9d:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e20ccf5083a63b9f5887e3ea39d04e2d62b3da5
Validity
Not Before: Apr 10 13:12:21 2026 GMT
Not After : Apr 9 13:17:21 2027 GMT
Subject: CN=F1D5956E6A52472EEF1735FC4011E5E54B3E5A92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:45:ee:a4:91:0e:45:fd:dd:52:cc:ca:07:00:
ed:36:a3:01:38:eb:da:56:e5:c1:57:c5:2e:8c:83:
6c:f4:55:2f:88:4a:ca:08:8a:03:20:1e:06:e9:c9:
11:7d:01:0c:a5:12:29:56:81:5a:90:a5:38:ac:33:
50:9c:fc:6e:92:39:48:17:63:03:99:68:b4:3e:7a:
05:19:5b:49:50:d9:42:fb:eb:c7:6c:92:de:41:be:
6b:bb:87:08:40:e0:da:db:30:1b:da:ae:d9:20:7b:
19:5d:74:b4:ce:a6:bb:70:db:f6:44:8d:21:e4:f5:
77:84:68:79:de:f4:9c:6e:37:75:4b:b7:50:b4:91:
e8:13:23:cb:cb:65:ca:e1:e8:3c:d1:4a:82:51:db:
f6:50:b7:7d:ad:26:1d:1f:63:b1:45:5b:e6:20:2d:
70:0b:02:b4:c2:52:83:18:dd:2f:c2:b0:b8:c4:b3:
18:f6:42:69:ab:c9:3d:25:73:5d:99:38:55:30:3e:
d7:c6:f5:80:94:40:ef:67:75:ac:7a:95:0c:e8:d9:
46:b9:5c:00:fa:bf:a4:8b:ba:0f:e3:ed:55:0e:e9:
c4:50:43:ef:0c:92:df:cf:c1:bd:52:33:13:b5:f5:
f0:27:b8:d9:2e:51:b3:84:f7:46:10:6c:de:fd:57:
24:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:D5:95:6E:6A:52:47:2E:EF:17:35:FC:40:11:E5:E5:4B:3E:5A:92
X509v3 Authority Key Identifier:
keyid:0E:20:CC:F5:08:3A:63:B9:F5:88:7E:3E:A3:9D:04:E2:D6:2B:3D:A5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/AS2856.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.146.40.0/21
51.146.56.0/21
51.146.128.0/20
51.146.235.0/24
51.146.252.0/22
51.194.36.0/23
51.194.40.0/21
51.194.88.0/21
51.194.100.0-51.194.111.255
51.194.120.0/21
78.105.97.0/24
78.105.136.0/22
Signature Algorithm: sha256WithRSAEncryption
58:d5:e1:a0:d4:04:c0:58:31:1f:d8:4e:81:35:92:38:7b:26:
d2:0a:77:b5:35:1d:09:ef:4e:24:15:f6:af:70:6f:91:81:de:
d0:1e:1b:eb:37:35:05:19:20:80:d6:1e:da:48:e4:6b:90:2e:
2a:e7:c7:c5:1e:2e:8b:3a:ca:ef:7b:66:1c:f8:9e:93:ef:cb:
00:51:39:06:d4:14:73:44:bb:e9:d6:ff:95:06:18:7d:75:68:
b8:a3:f7:54:71:8b:af:92:fc:f0:2b:ba:c1:2c:ba:6e:09:83:
c8:5e:7f:d3:eb:b9:4d:0a:c5:a6:8a:5b:80:e8:94:4c:66:eb:
7d:ce:1d:ab:d7:75:bb:69:fd:6a:08:6c:f2:ce:c9:2f:e0:f2:
9a:ef:20:de:40:79:89:11:e5:9e:df:56:2b:b6:e0:d7:5e:a5:
e2:c6:48:ff:bb:8b:67:20:2c:c2:60:cc:e3:a3:93:ff:16:10:
e6:38:00:4d:1a:88:94:6f:d8:34:d5:f6:f2:9f:e7:ca:d3:f5:
39:0b:6e:90:0a:ba:cc:16:29:45:08:e9:0e:e8:e1:09:49:c2:
75:1c:b0:35:c7:95:91:b3:e7:db:26:c7:1a:2f:4f:e8:57:a1:
6a:d0:e1:5f:16:f7:dd:61:e5:87:48:b6:3d:f5:62:16:f6:81:
00:4e:89:d3
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgIUOvIZE+I4Tc9wukI37kDIAdjInc4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGUyMGNjZjUwODNhNjNiOWY1ODg3ZTNlYTM5ZDA0ZTJk
NjJiM2RhNTAeFw0yNjA0MTAxMzEyMjFaFw0yNzA0MDkxMzE3MjFaMDMxMTAvBgNV
BAMTKEYxRDU5NTZFNkE1MjQ3MkVFRjE3MzVGQzQwMTFFNUU1NEIzRTVBOTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9Re6kkQ5F/d1SzMoHAO02owE4
69pW5cFXxS6Mg2z0VS+ISsoIigMgHgbpyRF9AQylEilWgVqQpTisM1Cc/G6SOUgX
YwOZaLQ+egUZW0lQ2UL768dskt5Bvmu7hwhA4NrbMBvartkgexlddLTOprtw2/ZE
jSHk9XeEaHne9JxuN3VLt1C0kegTI8vLZcrh6DzRSoJR2/ZQt32tJh0fY7FFW+Yg
LXALArTCUoMY3S/CsLjEsxj2QmmryT0lc12ZOFUwPtfG9YCUQO9ndax6lQzo2Ua5
XAD6v6SLug/j7VUO6cRQQ+8Mkt/Pwb1SMxO19fAnuNkuUbOE90YQbN79VyQdAgMB
AAGjggJSMIICTjAdBgNVHQ4EFgQU8dWVbmpSRy7vFzX8QBHl5Us+WpIwHwYDVR0j
BBgwFoAUDiDM9Qg6Y7n1iH4+o50E4tYrPaUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTZlNGFjODYtMTgwMy00OTRkLThhN2ItYzA1MWE2MzEw
NzUyLzAvMEUyMENDRjUwODNBNjNCOUY1ODg3RTNFQTM5RDA0RTJENjJCM0RBNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RpRE05UWc2WTduMWlINC1vNTBFNHRZ
clBhVS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzk2ZTRhYzg2LTE4MDMt
NDk0ZC04YTdiLWMwNTFhNjMxMDc1Mi8wL0FTMjg1Ni5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBpBggrBgEFBQcBBwEB/wRaMFgwVgQCAAEwUAMEAzOSKAME
AzOSOAMEBDOSgAMEADOS6wMEAjOS/AMEATPCJAMEAzPCKAMEAzPCWDAMAwQCM8Jk
AwQEM8JgAwQDM8J4AwQATmlhAwQCTmmIMA0GCSqGSIb3DQEBCwUAA4IBAQBY1eGg
1ATAWDEf2E6BNZI4eybSCne1NR0J704kFfavcG+Rgd7QHhvrNzUFGSCA1h7aSORr
kC4q58fFHi6LOsrve2Yc+J6T78sAUTkG1BRzRLvp1v+VBhh9dWi4o/dUcYuvkvzw
K7rBLLpuCYPIXn/T67lNCsWmiluA6JRMZut9zh2r13W7af1qCGzyzskv4PKa7yDe
QHmJEeWe31YrtuDXXqXixkj/u4tnICzCYMzjo5P/FhDmOABNGoiUb9g01fbyn+fK
0/U5C26QCrrMFilFCOkO6OEJScJ1HLA1x5WRs+fbJscaL0/oV6Fq0OFfFvfdYeWH
SLY99WIW9oEATonT
-----END CERTIFICATE-----
Generated at Fri Apr 17 16:02:38 2026 by rpki-client