Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/16acb9a0-6d1e-4ae4-9177-d938e9804395/0/34362e3138332e32352e302f32342d3234203d3e203633303233.roa
File: 34362e3138332e32352e302f32342d3234203d3e203633303233.roa (raw, json)
Hash identifier: xQUOQgb0PWc+/72PSNuNhyH/1WTrTU3f/QF4HqRWRbI=
Subject key identifier: 38:3A:D8:46:F2:01:31:6F:12:51:87:94:EB:0D:A3:CF:D5:2A:B8:CD
Certificate issuer: /CN=24e53788bd4efa23b1a8207b7e74a8e1cc677b00
Certificate serial: 7013559B06703452B736FA40870FC43AFA291A5C
Authority key identifier: 24:E5:37:88:BD:4E:FA:23:B1:A8:20:7B:7E:74:A8:E1:CC:67:7B:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JOU3iL1O-iOxqCB7fnSo4cxnewA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/16acb9a0-6d1e-4ae4-9177-d938e9804395/0/34362e3138332e32352e302f32342d3234203d3e203633303233.roa
Signing time: Mon 23 Mar 2026 11:46:51 +0000
ROA not before: Mon 23 Mar 2026 11:41:51 +0000
ROA not after: Mon 22 Mar 2027 11:46:51 +0000
asID: 63023
IP address blocks: 46.183.25.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/16acb9a0-6d1e-4ae4-9177-d938e9804395/0/24E53788BD4EFA23B1A8207B7E74A8E1CC677B00.crl
rsync://rsync.paas.rpki.ripe.net/repository/16acb9a0-6d1e-4ae4-9177-d938e9804395/0/24E53788BD4EFA23B1A8207B7E74A8E1CC677B00.mft
rsync://rpki.ripe.net/repository/DEFAULT/JOU3iL1O-iOxqCB7fnSo4cxnewA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 21:55:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:13:55:9b:06:70:34:52:b7:36:fa:40:87:0f:c4:3a:fa:29:1a:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24e53788bd4efa23b1a8207b7e74a8e1cc677b00
Validity
Not Before: Mar 23 11:41:51 2026 GMT
Not After : Mar 22 11:46:51 2027 GMT
Subject: CN=383AD846F201316F12518794EB0DA3CFD52AB8CD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:f7:c3:02:f0:06:88:8a:45:b2:07:3d:17:ea:
74:e6:c6:a4:42:63:a7:16:1d:24:a4:3e:6b:8c:7a:
0f:e6:60:40:cf:02:84:13:61:d5:e4:df:57:01:42:
8c:13:6b:95:d8:dc:1d:b8:e1:65:d0:55:bd:de:dd:
98:e8:f9:32:78:fd:18:41:96:76:e0:99:bd:ed:ce:
36:c5:65:c7:1b:9f:d3:b4:d9:39:15:bb:82:1c:15:
6b:ca:fa:6a:e1:99:2d:1e:1d:bc:bb:4b:6d:29:33:
64:f0:b5:bf:b7:e3:02:ca:54:eb:ad:c8:f7:17:1c:
c5:e4:15:b3:24:d4:31:83:e0:cb:f1:0f:74:7d:99:
03:b8:3d:4a:c0:f0:25:df:74:ae:a2:5d:3a:bc:61:
58:cf:a0:98:c0:fa:8c:88:6d:dc:ea:e1:ac:cd:01:
bc:ef:55:40:3c:13:85:48:c4:44:cb:ab:05:97:2e:
10:1b:14:9b:27:98:84:a1:39:14:5a:8b:b2:82:12:
75:ff:f8:c2:e7:e8:81:46:ab:9c:7a:76:48:f8:bc:
f1:0e:e1:43:e6:9a:c7:6f:97:b4:4a:92:e0:71:9f:
1f:9f:ba:e9:79:61:14:e6:d9:d0:5b:40:b1:17:30:
5f:9a:29:7c:68:93:84:85:70:22:00:74:e1:87:26:
2f:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:3A:D8:46:F2:01:31:6F:12:51:87:94:EB:0D:A3:CF:D5:2A:B8:CD
X509v3 Authority Key Identifier:
keyid:24:E5:37:88:BD:4E:FA:23:B1:A8:20:7B:7E:74:A8:E1:CC:67:7B:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/16acb9a0-6d1e-4ae4-9177-d938e9804395/0/24E53788BD4EFA23B1A8207B7E74A8E1CC677B00.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JOU3iL1O-iOxqCB7fnSo4cxnewA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/16acb9a0-6d1e-4ae4-9177-d938e9804395/0/34362e3138332e32352e302f32342d3234203d3e203633303233.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.183.25.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:54:96:b8:26:41:f8:a3:d5:26:bf:15:20:e1:86:58:ea:81:
1e:57:ab:70:6b:aa:1c:f3:05:8e:a1:eb:09:02:c5:d6:37:64:
c2:c0:ed:ba:11:a3:f3:f2:0c:a0:f8:da:b6:14:51:e9:eb:c8:
21:f3:62:c1:3b:d0:ac:4d:ae:f8:28:dd:5e:64:87:77:e8:37:
54:78:e5:42:6a:a3:3f:5d:1c:e4:36:44:82:59:b0:3f:51:ec:
f1:eb:0d:6d:61:60:63:d8:f3:b2:70:3e:6f:09:5e:e5:d4:91:
f2:2a:e4:ee:db:78:01:e7:26:05:8b:77:44:18:f0:bd:e6:d8:
e1:e5:5d:ad:24:ed:1d:ad:87:30:d0:10:fe:93:0e:f2:9f:14:
dd:40:81:45:6d:4e:a4:a4:e1:6a:fb:bf:00:d5:27:51:42:e5:
9d:c3:1a:a8:df:57:4f:d1:c6:bf:31:b9:da:a8:9a:69:5a:90:
9e:bd:41:48:44:93:57:52:2c:cd:38:47:ba:f0:ca:bb:3c:d7:
0e:e5:4b:8e:bc:89:bb:f9:85:bd:11:a8:dc:8e:19:29:52:00:
2a:83:9d:9c:e3:b5:1a:15:2f:4b:c6:e4:62:06:ce:b5:78:1d:
e2:d2:dd:fb:5b:9e:fd:b5:2f:eb:47:43:78:1a:f6:4e:60:7e:
f3:5f:7a:20
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUcBNVmwZwNFK3NvpAhw/EOvopGlwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjRlNTM3ODhiZDRlZmEyM2IxYTgyMDdiN2U3NGE4ZTFj
YzY3N2IwMDAeFw0yNjAzMjMxMTQxNTFaFw0yNzAzMjIxMTQ2NTFaMDMxMTAvBgNV
BAMTKDM4M0FEODQ2RjIwMTMxNkYxMjUxODc5NEVCMERBM0NGRDUyQUI4Q0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCd98MC8AaIikWyBz0X6nTmxqRC
Y6cWHSSkPmuMeg/mYEDPAoQTYdXk31cBQowTa5XY3B244WXQVb3e3Zjo+TJ4/RhB
lnbgmb3tzjbFZccbn9O02TkVu4IcFWvK+mrhmS0eHby7S20pM2Twtb+34wLKVOut
yPcXHMXkFbMk1DGD4MvxD3R9mQO4PUrA8CXfdK6iXTq8YVjPoJjA+oyIbdzq4azN
AbzvVUA8E4VIxETLqwWXLhAbFJsnmIShORRai7KCEnX/+MLn6IFGq5x6dkj4vPEO
4UPmmsdvl7RKkuBxnx+fuul5YRTm2dBbQLEXMF+aKXxok4SFcCIAdOGHJi8NAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUODrYRvIBMW8SUYeU6w2jz9UquM0wHwYDVR0j
BBgwFoAUJOU3iL1O+iOxqCB7fnSo4cxnewAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMTZhY2I5YTAtNmQxZS00YWU0LTkxNzctZDkzOGU5ODA0
Mzk1LzAvMjRFNTM3ODhCRDRFRkEyM0IxQTgyMDdCN0U3NEE4RTFDQzY3N0IwMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0pPVTNpTDFPLWlPeHFDQjdmblNvNGN4
bmV3QS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMTZhY2I5YTAt
NmQxZS00YWU0LTkxNzctZDkzOGU5ODA0Mzk1LzAvMzQzNjJlMzEzODMzMmUzMjM1
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzYzMzMwMzIzMy5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC63
GTANBgkqhkiG9w0BAQsFAAOCAQEAqFSWuCZB+KPVJr8VIOGGWOqBHlercGuqHPMF
jqHrCQLF1jdkwsDtuhGj8/IMoPjathRR6evIIfNiwTvQrE2u+CjdXmSHd+g3VHjl
QmqjP10c5DZEglmwP1Hs8esNbWFgY9jzsnA+bwle5dSR8irk7tt4AecmBYt3RBjw
vebY4eVdrSTtHa2HMNAQ/pMO8p8U3UCBRW1OpKThavu/ANUnUULlncMaqN9XT9HG
vzG52qiaaVqQnr1BSESTV1IszThHuvDKuzzXDuVLjryJu/mFvRGo3I4ZKVIAKoOd
nOO1GhUvS8bkYgbOtXgd4tLd+1ue/bUv60dDeBr2TmB+8196IA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 15:23:57 2026 by rpki-client