Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/16acb9a0-6d1e-4ae4-9177-d938e9804395/0/34362e3138332e32392e302f32342d3234203d3e20383334.roa
File: 34362e3138332e32392e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: 0Syl2RFUWkkZiRGY1Pwqb1zrgJevSvKDh9Tp1/7uXXA=
Subject key identifier: 81:12:A9:E5:B0:63:3A:0B:AF:21:2A:DE:25:39:0D:89:E2:2E:A1:64
Certificate issuer: /CN=24e53788bd4efa23b1a8207b7e74a8e1cc677b00
Certificate serial: 4744C907AD7168840267DF8CA8B2A0BDA48EE1EE
Authority key identifier: 24:E5:37:88:BD:4E:FA:23:B1:A8:20:7B:7E:74:A8:E1:CC:67:7B:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JOU3iL1O-iOxqCB7fnSo4cxnewA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/16acb9a0-6d1e-4ae4-9177-d938e9804395/0/34362e3138332e32392e302f32342d3234203d3e20383334.roa
Signing time: Sat 11 Oct 2025 14:41:59 +0000
ROA not before: Sat 11 Oct 2025 14:36:59 +0000
ROA not after: Sat 10 Oct 2026 14:41:59 +0000
asID: 834
IP address blocks: 46.183.29.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/16acb9a0-6d1e-4ae4-9177-d938e9804395/0/24E53788BD4EFA23B1A8207B7E74A8E1CC677B00.crl
rsync://rsync.paas.rpki.ripe.net/repository/16acb9a0-6d1e-4ae4-9177-d938e9804395/0/24E53788BD4EFA23B1A8207B7E74A8E1CC677B00.mft
rsync://rpki.ripe.net/repository/DEFAULT/JOU3iL1O-iOxqCB7fnSo4cxnewA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 02:40:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:44:c9:07:ad:71:68:84:02:67:df:8c:a8:b2:a0:bd:a4:8e:e1:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24e53788bd4efa23b1a8207b7e74a8e1cc677b00
Validity
Not Before: Oct 11 14:36:59 2025 GMT
Not After : Oct 10 14:41:59 2026 GMT
Subject: CN=8112A9E5B0633A0BAF212ADE25390D89E22EA164
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:4e:1d:83:d4:fe:a3:81:13:c7:f1:ac:02:ba:
66:e3:e1:20:7f:52:4b:70:c6:cb:13:00:82:f3:53:
e8:33:a2:31:83:6c:f2:4f:b4:f8:50:e8:9f:66:d1:
5b:7d:d9:98:02:cb:43:00:63:fa:e4:14:4f:46:db:
14:cf:c3:e7:06:7a:57:8f:d0:42:03:21:b7:64:38:
77:71:6c:88:07:0f:22:e2:08:8e:ca:5c:db:ef:9c:
65:60:40:e8:07:0e:d9:86:13:14:5a:18:3e:f4:e9:
45:fb:9e:35:b5:55:45:5b:37:44:8b:c7:f9:1a:a3:
5f:0d:dd:f6:88:98:0f:38:ba:d2:91:cf:18:00:12:
b0:6a:82:b8:7e:dd:b0:e9:07:28:04:a8:90:fb:b3:
19:df:f4:22:fa:18:6e:d8:82:66:78:e8:c2:70:85:
a7:76:8f:7b:2a:35:64:15:32:c9:0f:a8:61:3c:65:
f1:13:8d:6d:03:40:f1:23:f8:02:16:fd:ed:ad:d4:
62:02:0a:a1:0e:74:27:3e:5f:29:43:84:d1:1d:ab:
f6:1f:58:f7:08:47:56:b3:06:48:7a:9a:48:2e:d3:
ce:20:d1:ea:e6:00:8d:f9:d3:6d:0b:07:cd:97:56:
54:1f:43:61:6d:2e:9a:5f:95:bf:e3:5a:83:08:e7:
56:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:12:A9:E5:B0:63:3A:0B:AF:21:2A:DE:25:39:0D:89:E2:2E:A1:64
X509v3 Authority Key Identifier:
keyid:24:E5:37:88:BD:4E:FA:23:B1:A8:20:7B:7E:74:A8:E1:CC:67:7B:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/16acb9a0-6d1e-4ae4-9177-d938e9804395/0/24E53788BD4EFA23B1A8207B7E74A8E1CC677B00.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JOU3iL1O-iOxqCB7fnSo4cxnewA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/16acb9a0-6d1e-4ae4-9177-d938e9804395/0/34362e3138332e32392e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.183.29.0/24
Signature Algorithm: sha256WithRSAEncryption
41:fc:60:55:87:e9:d2:f6:aa:e9:f8:d7:dd:9a:96:f2:d6:0e:
95:34:1a:12:89:26:1c:1a:ea:38:5d:13:cb:cf:c8:7f:c2:d9:
33:7f:43:33:29:ef:7c:7a:b0:dd:aa:fe:c3:30:44:10:29:7e:
82:3a:5a:75:91:3f:09:4d:ab:a4:08:1c:d9:2b:b2:d3:7e:80:
90:69:22:93:8e:e7:54:39:d3:0f:f1:9d:60:c7:f0:1c:ff:db:
53:b8:00:63:6b:88:fc:73:56:21:db:af:f7:dc:07:45:6e:ca:
37:9c:86:6f:91:a2:e2:14:d1:06:ec:ea:42:82:b6:0d:1e:3e:
cd:a9:46:c6:46:1e:a0:99:d3:31:db:ab:c2:ea:80:6a:cc:01:
2c:5b:26:37:22:3c:77:86:bf:23:14:9f:60:5c:d7:96:0e:1e:
4e:44:2a:50:9d:9f:1e:c0:2e:5a:a9:4d:56:7a:35:0c:9e:34:
5c:7b:bd:3c:f1:99:0c:89:30:41:4c:6f:95:c2:47:a8:a6:7d:
3c:64:2e:d0:9f:c8:81:77:45:40:4c:ee:ee:80:a2:aa:d1:57:
91:4f:ed:b4:96:af:bf:aa:3a:94:d7:c2:bd:4c:30:13:f3:df:
27:1d:87:b4:5a:b2:ad:47:97:20:a7:e5:e7:fe:84:82:77:24:
39:46:69:09
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUR0TJB61xaIQCZ9+MqLKgvaSO4e4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjRlNTM3ODhiZDRlZmEyM2IxYTgyMDdiN2U3NGE4ZTFj
YzY3N2IwMDAeFw0yNTEwMTExNDM2NTlaFw0yNjEwMTAxNDQxNTlaMDMxMTAvBgNV
BAMTKDgxMTJBOUU1QjA2MzNBMEJBRjIxMkFERTI1MzkwRDg5RTIyRUExNjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCNTh2D1P6jgRPH8awCumbj4SB/
UktwxssTAILzU+gzojGDbPJPtPhQ6J9m0Vt92ZgCy0MAY/rkFE9G2xTPw+cGeleP
0EIDIbdkOHdxbIgHDyLiCI7KXNvvnGVgQOgHDtmGExRaGD706UX7njW1VUVbN0SL
x/kao18N3faImA84utKRzxgAErBqgrh+3bDpBygEqJD7sxnf9CL6GG7YgmZ46MJw
had2j3sqNWQVMskPqGE8ZfETjW0DQPEj+AIW/e2t1GICCqEOdCc+XylDhNEdq/Yf
WPcIR1azBkh6mkgu084g0ermAI35020LB82XVlQfQ2FtLppflb/jWoMI51b1AgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUgRKp5bBjOguvISreJTkNieIuoWQwHwYDVR0j
BBgwFoAUJOU3iL1O+iOxqCB7fnSo4cxnewAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMTZhY2I5YTAtNmQxZS00YWU0LTkxNzctZDkzOGU5ODA0
Mzk1LzAvMjRFNTM3ODhCRDRFRkEyM0IxQTgyMDdCN0U3NEE4RTFDQzY3N0IwMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0pPVTNpTDFPLWlPeHFDQjdmblNvNGN4
bmV3QS5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMTZhY2I5YTAt
NmQxZS00YWU0LTkxNzctZDkzOGU5ODA0Mzk1LzAvMzQzNjJlMzEzODMzMmUzMjM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzgzMzM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALrcdMA0G
CSqGSIb3DQEBCwUAA4IBAQBB/GBVh+nS9qrp+Nfdmpby1g6VNBoSiSYcGuo4XRPL
z8h/wtkzf0MzKe98erDdqv7DMEQQKX6COlp1kT8JTaukCBzZK7LTfoCQaSKTjudU
OdMP8Z1gx/Ac/9tTuABja4j8c1Yh26/33AdFbso3nIZvkaLiFNEG7OpCgrYNHj7N
qUbGRh6gmdMx26vC6oBqzAEsWyY3Ijx3hr8jFJ9gXNeWDh5ORCpQnZ8ewC5aqU1W
ejUMnjRce7088ZkMiTBBTG+Vwkeopn08ZC7Qn8iBd0VATO7ugKKq0VeRT+20lq+/
qjqU18K9TDAT898nHYe0WrKtR5cgp+Xn/oSCdyQ5RmkJ
-----END CERTIFICATE-----
Generated at Sun Oct 19 14:41:18 2025 by rpki-client