Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/34352e3133392e3139382e302f32342d3234203d3e20323134343636.roa
File: 34352e3133392e3139382e302f32342d3234203d3e20323134343636.roa (raw, json)
Hash identifier: 0kzSFbUQv3IPSe44pUr9DkaCNbLJS/E0eVH3iom57gk=
Subject key identifier: 09:C4:57:86:E4:23:F5:2B:E4:98:11:EB:98:F9:E8:37:22:EB:F1:95
Certificate issuer: /CN=92f49de8684f1287f4f6cb185d5cf7de80c90b94
Certificate serial: 0F2EF9942E3085CAFE7AA0E09B5C01D1D933C7F7
Authority key identifier: 92:F4:9D:E8:68:4F:12:87:F4:F6:CB:18:5D:5C:F7:DE:80:C9:0B:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kvSd6GhPEof09ssYXVz33oDJC5Q.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/34352e3133392e3139382e302f32342d3234203d3e20323134343636.roa
Signing time: Tue 24 Mar 2026 07:46:53 +0000
ROA not before: Tue 24 Mar 2026 07:41:53 +0000
ROA not after: Tue 23 Mar 2027 07:46:53 +0000
asID: 214466
IP address blocks: 45.139.198.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/92F49DE8684F1287F4F6CB185D5CF7DE80C90B94.crl
rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/92F49DE8684F1287F4F6CB185D5CF7DE80C90B94.mft
rsync://rpki.ripe.net/repository/DEFAULT/kvSd6GhPEof09ssYXVz33oDJC5Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 13:33:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:2e:f9:94:2e:30:85:ca:fe:7a:a0:e0:9b:5c:01:d1:d9:33:c7:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92f49de8684f1287f4f6cb185d5cf7de80c90b94
Validity
Not Before: Mar 24 07:41:53 2026 GMT
Not After : Mar 23 07:46:53 2027 GMT
Subject: CN=09C45786E423F52BE49811EB98F9E83722EBF195
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:ad:3b:10:1e:b3:80:85:9c:20:17:0f:2f:e1:
d5:83:e2:f1:b6:17:8d:15:9b:d1:54:a4:e3:a6:37:
36:da:bf:a5:05:4a:33:43:b9:6e:10:60:ec:08:4d:
8c:a7:41:f2:18:92:ea:7e:cf:79:83:04:09:dd:80:
98:a9:7e:24:76:4b:33:8c:a5:17:49:20:76:41:05:
48:2c:70:fc:d9:df:90:80:f1:4f:d5:ec:98:3a:0f:
6c:12:a4:39:f1:56:50:8d:f6:83:74:11:da:b5:5f:
89:d7:c7:89:56:d6:26:f7:df:2a:d8:7b:0d:c8:11:
8a:16:6c:1c:31:8a:82:07:1f:ac:52:81:d4:5a:a8:
0c:ee:17:b4:8e:85:24:a8:9b:71:4d:b4:2f:0c:e4:
cb:ee:3c:90:7b:28:82:5f:9f:3c:b9:56:93:ce:c5:
61:09:8d:d2:52:59:5e:6f:f0:36:e9:d9:c9:7f:23:
51:92:1e:97:9b:7c:e0:0f:ca:cd:7f:69:10:17:37:
45:62:59:8e:58:8f:4d:0b:d2:c2:4b:08:b9:c1:29:
60:1f:60:4e:9a:5b:34:93:bd:dd:80:4b:f6:1e:7d:
10:81:2e:79:48:43:7c:00:0c:6a:4f:e2:8a:a3:17:
5c:e4:d5:24:c9:f2:a8:f5:36:0f:62:ab:59:67:95:
f9:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:C4:57:86:E4:23:F5:2B:E4:98:11:EB:98:F9:E8:37:22:EB:F1:95
X509v3 Authority Key Identifier:
keyid:92:F4:9D:E8:68:4F:12:87:F4:F6:CB:18:5D:5C:F7:DE:80:C9:0B:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/92F49DE8684F1287F4F6CB185D5CF7DE80C90B94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kvSd6GhPEof09ssYXVz33oDJC5Q.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/34352e3133392e3139382e302f32342d3234203d3e20323134343636.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.198.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:84:12:56:93:89:06:0e:80:ee:5c:79:13:7c:a1:00:d8:7c:
18:30:38:fe:04:51:9f:24:9d:6d:2a:1b:7d:48:de:83:e0:14:
42:d5:9f:5d:d3:7e:ac:00:74:2f:3b:e0:51:40:44:3b:c0:59:
71:18:7e:b5:4e:e4:80:b3:8e:ad:1f:54:74:fa:63:05:69:e4:
ab:73:7b:f1:b4:49:ae:3d:1f:93:82:5c:0e:1e:70:ad:db:df:
1f:6b:2b:00:a1:aa:3b:f3:e2:62:71:92:cf:0d:58:5e:60:ff:
e2:3e:f3:89:23:26:11:33:bc:00:66:72:df:f1:7b:1b:a7:a9:
ff:5b:56:66:bd:a9:76:5d:d9:00:5c:8c:d8:f1:10:85:cd:ee:
6e:76:b8:86:dc:f1:10:52:1f:16:b5:9e:70:ce:4d:e1:cd:ab:
b0:de:85:c6:f1:79:b7:eb:d4:99:b7:73:57:35:71:60:03:9f:
c1:0c:3c:13:2f:00:c0:38:ba:03:33:09:13:92:cb:21:aa:5d:
a8:a2:db:70:20:cf:15:a6:73:86:9e:1c:d6:c9:0d:86:df:6d:
92:bb:ec:cc:23:34:68:67:01:06:c0:a9:a6:43:a4:9b:10:7e:
c8:76:6d:51:49:34:d9:f8:d3:ce:b4:b3:85:ad:a8:ed:fe:02:
d7:cd:20:04
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUDy75lC4whcr+eqDgm1wB0dkzx/cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTJmNDlkZTg2ODRmMTI4N2Y0ZjZjYjE4NWQ1Y2Y3ZGU4
MGM5MGI5NDAeFw0yNjAzMjQwNzQxNTNaFw0yNzAzMjMwNzQ2NTNaMDMxMTAvBgNV
BAMTKDA5QzQ1Nzg2RTQyM0Y1MkJFNDk4MTFFQjk4RjlFODM3MjJFQkYxOTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9rTsQHrOAhZwgFw8v4dWD4vG2
F40Vm9FUpOOmNzbav6UFSjNDuW4QYOwITYynQfIYkup+z3mDBAndgJipfiR2SzOM
pRdJIHZBBUgscPzZ35CA8U/V7Jg6D2wSpDnxVlCN9oN0Edq1X4nXx4lW1ib33yrY
ew3IEYoWbBwxioIHH6xSgdRaqAzuF7SOhSSom3FNtC8M5MvuPJB7KIJfnzy5VpPO
xWEJjdJSWV5v8Dbp2cl/I1GSHpebfOAPys1/aRAXN0ViWY5Yj00L0sJLCLnBKWAf
YE6aWzSTvd2AS/YefRCBLnlIQ3wADGpP4oqjF1zk1STJ8qj1Ng9iq1lnlfk9AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUCcRXhuQj9SvkmBHrmPnoNyLr8ZUwHwYDVR0j
BBgwFoAUkvSd6GhPEof09ssYXVz33oDJC5QwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNjA5MjMzODktMmJkZS00M2UwLWIwZDUtZmMyNDRhNjMw
M2QwLzAvOTJGNDlERTg2ODRGMTI4N0Y0RjZDQjE4NUQ1Q0Y3REU4MEM5MEI5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2t2U2Q2R2hQRW9mMDlzc1lYVnozM29E
SkM1US5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNjA5MjMzODkt
MmJkZS00M2UwLWIwZDUtZmMyNDRhNjMwM2QwLzAvMzQzNTJlMzEzMzM5MmUzMTM5
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzQzNDM2MzYucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAti8YwDQYJKoZIhvcNAQELBQADggEBABuEElaTiQYOgO5ceRN8oQDYfBgwOP4E
UZ8knW0qG31I3oPgFELVn13TfqwAdC874FFARDvAWXEYfrVO5ICzjq0fVHT6YwVp
5Ktze/G0Sa49H5OCXA4ecK3b3x9rKwChqjvz4mJxks8NWF5g/+I+84kjJhEzvABm
ct/xexunqf9bVma9qXZd2QBcjNjxEIXN7m52uIbc8RBSHxa1nnDOTeHNq7Dehcbx
ebfr1Jm3c1c1cWADn8EMPBMvAMA4ugMzCROSyyGqXaii23AgzxWmc4aeHNbJDYbf
bZK77MwjNGhnAQbAqaZDpJsQfsh2bVFJNNn40860s4WtqO3+AtfNIAQ=
-----END CERTIFICATE-----
Generated at Thu Mar 26 23:08:53 2026 by rpki-client