Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2fe2b27a-1ec5-4ab7-978e-6da9cf9f3790/0/34352e3134362e3136332e302f32342d3234203d3e20323136313833.roa
File: 34352e3134362e3136332e302f32342d3234203d3e20323136313833.roa (raw, json)
Hash identifier: dEyrefnnKSg66lfx459XJ2SroTggGi4go9Zp+DRZdvU=
Subject key identifier: 32:84:BA:49:F8:AD:B6:ED:3C:DD:9F:B4:1E:F6:97:FE:7F:33:E3:45
Certificate issuer: /CN=5defe0922f4f55270dcd5c08f04f1c7bf26073c3
Certificate serial: 725F30273B38EFCE8F4E0E33D70D2B2AE05FDA7D
Authority key identifier: 5D:EF:E0:92:2F:4F:55:27:0D:CD:5C:08:F0:4F:1C:7B:F2:60:73:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xe_gki9PVScNzVwI8E8ce_Jgc8M.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2fe2b27a-1ec5-4ab7-978e-6da9cf9f3790/0/34352e3134362e3136332e302f32342d3234203d3e20323136313833.roa
Signing time: Mon 15 Sep 2025 08:55:07 +0000
ROA not before: Mon 15 Sep 2025 08:50:07 +0000
ROA not after: Mon 14 Sep 2026 08:55:07 +0000
asID: 216183
IP address blocks: 45.146.163.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2fe2b27a-1ec5-4ab7-978e-6da9cf9f3790/0/5DEFE0922F4F55270DCD5C08F04F1C7BF26073C3.crl
rsync://rsync.paas.rpki.ripe.net/repository/2fe2b27a-1ec5-4ab7-978e-6da9cf9f3790/0/5DEFE0922F4F55270DCD5C08F04F1C7BF26073C3.mft
rsync://rpki.ripe.net/repository/DEFAULT/Xe_gki9PVScNzVwI8E8ce_Jgc8M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:5f:30:27:3b:38:ef:ce:8f:4e:0e:33:d7:0d:2b:2a:e0:5f:da:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5defe0922f4f55270dcd5c08f04f1c7bf26073c3
Validity
Not Before: Sep 15 08:50:07 2025 GMT
Not After : Sep 14 08:55:07 2026 GMT
Subject: CN=3284BA49F8ADB6ED3CDD9FB41EF697FE7F33E345
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:67:01:ae:49:95:a6:5f:25:ce:6e:bb:93:ed:
f3:b8:bc:e2:1a:44:c2:5a:eb:7c:5e:e8:fc:3d:93:
48:a5:9e:38:fc:db:92:a9:ab:04:54:ff:47:69:bb:
07:be:35:6e:ef:c3:e4:2b:30:6f:75:af:40:4d:bd:
5a:21:1e:fa:20:6f:48:5c:b8:b9:c8:8a:26:c6:21:
44:e1:4e:26:5f:99:c5:6b:ce:0e:9b:a0:6d:77:15:
b7:de:d2:af:68:8f:e0:8d:ed:92:90:8c:9b:d1:89:
8a:bc:70:0f:56:89:53:a4:0b:54:3d:48:7a:23:98:
f6:47:d3:ef:fe:09:c4:b6:e9:8f:25:19:1c:b5:74:
64:a6:db:fa:2f:a6:53:50:82:0b:47:13:52:2a:ba:
f7:a5:42:29:eb:26:e7:01:e6:ec:9d:2f:24:f2:d1:
87:8d:a9:ca:9b:60:10:56:65:86:e8:42:35:23:d4:
cf:cb:ec:18:04:e3:30:6f:52:c5:d1:ee:2a:c5:08:
2f:fd:83:69:d4:46:e5:5d:69:40:e9:24:12:9c:99:
cd:81:97:b3:72:ab:a5:f9:96:52:e1:d3:c9:09:d9:
cf:76:33:f5:3b:e0:ad:ea:cd:91:9f:03:c5:7a:ff:
cd:52:23:61:ea:74:d9:5c:e3:46:96:2e:96:72:64:
71:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:84:BA:49:F8:AD:B6:ED:3C:DD:9F:B4:1E:F6:97:FE:7F:33:E3:45
X509v3 Authority Key Identifier:
keyid:5D:EF:E0:92:2F:4F:55:27:0D:CD:5C:08:F0:4F:1C:7B:F2:60:73:C3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2fe2b27a-1ec5-4ab7-978e-6da9cf9f3790/0/5DEFE0922F4F55270DCD5C08F04F1C7BF26073C3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xe_gki9PVScNzVwI8E8ce_Jgc8M.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2fe2b27a-1ec5-4ab7-978e-6da9cf9f3790/0/34352e3134362e3136332e302f32342d3234203d3e20323136313833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.163.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:3b:8d:73:93:5d:8d:f2:4b:e6:5b:26:9e:72:81:5c:e4:1b:
3d:bb:6d:ca:ca:74:95:60:b8:fa:d7:19:47:bb:f2:bf:b5:3d:
14:13:dc:d5:50:12:06:45:bc:21:b4:2b:e1:4e:e1:4b:5b:bf:
c1:3f:bb:16:fc:e0:5f:f9:83:b6:23:7d:b9:6d:f0:7d:d0:48:
90:49:b5:8e:02:4b:7b:06:1b:9a:a8:9f:30:3f:a9:d1:e7:66:
36:a6:94:e8:76:d5:1c:4a:5c:64:c6:c6:78:7b:36:44:3b:3c:
4f:c2:77:f2:08:40:07:8b:be:cd:91:4f:d7:fb:01:53:62:f6:
c5:53:7c:be:db:f2:ec:f1:22:c5:9c:5e:0f:b8:b5:aa:24:90:
e8:77:e2:8a:c3:51:8c:dd:18:09:7d:42:18:48:2a:1b:4a:b8:
45:91:de:39:a5:f7:b7:b3:94:37:ad:a7:b6:04:81:d4:7d:08:
60:22:01:28:0c:83:2f:01:6a:ef:65:43:f4:6a:08:da:13:5c:
c9:85:56:eb:d2:0d:80:86:09:45:ba:b8:f2:bf:d1:1e:79:d3:
17:1d:11:bb:26:de:31:59:a9:eb:c7:fa:8f:4c:de:46:46:3b:
45:f3:7d:eb:1f:44:29:bc:71:d6:3f:25:ad:1c:73:89:2b:85:
d7:38:39:23
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUcl8wJzs4786PTg4z1w0rKuBf2n0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWRlZmUwOTIyZjRmNTUyNzBkY2Q1YzA4ZjA0ZjFjN2Jm
MjYwNzNjMzAeFw0yNTA5MTUwODUwMDdaFw0yNjA5MTQwODU1MDdaMDMxMTAvBgNV
BAMTKDMyODRCQTQ5RjhBREI2RUQzQ0REOUZCNDFFRjY5N0ZFN0YzM0UzNDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGZwGuSZWmXyXObruT7fO4vOIa
RMJa63xe6Pw9k0ilnjj825KpqwRU/0dpuwe+NW7vw+QrMG91r0BNvVohHvogb0hc
uLnIiibGIUThTiZfmcVrzg6boG13Fbfe0q9oj+CN7ZKQjJvRiYq8cA9WiVOkC1Q9
SHojmPZH0+/+CcS26Y8lGRy1dGSm2/ovplNQggtHE1IquvelQinrJucB5uydLyTy
0YeNqcqbYBBWZYboQjUj1M/L7BgE4zBvUsXR7irFCC/9g2nURuVdaUDpJBKcmc2B
l7Nyq6X5llLh08kJ2c92M/U74K3qzZGfA8V6/81SI2HqdNlc40aWLpZyZHHLAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUMoS6Sfittu083Z+0HvaX/n8z40UwHwYDVR0j
BBgwFoAUXe/gki9PVScNzVwI8E8ce/Jgc8MwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmZlMmIyN2EtMWVjNS00YWI3LTk3OGUtNmRhOWNmOWYz
NzkwLzAvNURFRkUwOTIyRjRGNTUyNzBEQ0Q1QzA4RjA0RjFDN0JGMjYwNzNDMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hlX2draTlQVlNjTnpWd0k4RThjZV9K
Z2M4TS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmZlMmIyN2Et
MWVjNS00YWI3LTk3OGUtNmRhOWNmOWYzNzkwLzAvMzQzNTJlMzEzNDM2MmUzMTM2
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzYzMTM4MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAtkqMwDQYJKoZIhvcNAQELBQADggEBAGs7jXOTXY3yS+ZbJp5ygVzkGz27bcrK
dJVguPrXGUe78r+1PRQT3NVQEgZFvCG0K+FO4Utbv8E/uxb84F/5g7Yjfblt8H3Q
SJBJtY4CS3sGG5qonzA/qdHnZjamlOh21RxKXGTGxnh7NkQ7PE/Cd/IIQAeLvs2R
T9f7AVNi9sVTfL7b8uzxIsWcXg+4taokkOh34orDUYzdGAl9QhhIKhtKuEWR3jml
97ezlDetp7YEgdR9CGAiASgMgy8Bau9lQ/RqCNoTXMmFVuvSDYCGCUW6uPK/0R55
0xcdEbsm3jFZqevH+o9M3kZGO0XzfesfRCm8cdY/Ja0cc4krhdc4OSM=
-----END CERTIFICATE-----
Generated at Sun Oct 19 23:15:10 2025 by rpki-client