Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/34352e3133392e3139392e302f32342d3234203d3e20323134343636.roa
File: 34352e3133392e3139392e302f32342d3234203d3e20323134343636.roa (raw, json)
Hash identifier: jnmt3whqRbI6D2vf6sBU5xOTdVKUeUwqqqV6QhoXPsE=
Subject key identifier: 27:BA:BD:EB:C4:89:75:6F:9F:26:7E:8E:98:0F:7C:C9:A8:BA:CB:E0
Certificate issuer: /CN=92f49de8684f1287f4f6cb185d5cf7de80c90b94
Certificate serial: 39D5BDCF331976BC2C037C75DC805354AC3E8AD3
Authority key identifier: 92:F4:9D:E8:68:4F:12:87:F4:F6:CB:18:5D:5C:F7:DE:80:C9:0B:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kvSd6GhPEof09ssYXVz33oDJC5Q.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/34352e3133392e3139392e302f32342d3234203d3e20323134343636.roa
Signing time: Tue 24 Mar 2026 07:46:53 +0000
ROA not before: Tue 24 Mar 2026 07:41:53 +0000
ROA not after: Tue 23 Mar 2027 07:46:53 +0000
asID: 214466
IP address blocks: 45.139.199.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/92F49DE8684F1287F4F6CB185D5CF7DE80C90B94.crl
rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/92F49DE8684F1287F4F6CB185D5CF7DE80C90B94.mft
rsync://rpki.ripe.net/repository/DEFAULT/kvSd6GhPEof09ssYXVz33oDJC5Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:d5:bd:cf:33:19:76:bc:2c:03:7c:75:dc:80:53:54:ac:3e:8a:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92f49de8684f1287f4f6cb185d5cf7de80c90b94
Validity
Not Before: Mar 24 07:41:53 2026 GMT
Not After : Mar 23 07:46:53 2027 GMT
Subject: CN=27BABDEBC489756F9F267E8E980F7CC9A8BACBE0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:6d:8c:f0:e4:15:70:79:43:bb:a4:35:f2:d8:
28:58:85:f2:21:ca:38:dd:b1:30:ac:30:3c:c8:3e:
aa:55:93:a1:06:ab:96:ff:11:f3:62:65:c1:18:45:
8b:03:02:92:74:e3:2b:bd:65:73:69:1e:83:c7:ea:
c7:0e:c3:4f:0c:18:f7:65:60:af:ba:a8:7a:31:ea:
cf:85:d3:54:b5:2d:44:c7:fa:94:e8:64:7e:27:e3:
90:03:53:b5:27:bf:79:20:33:63:a0:2c:eb:51:f4:
e5:7a:bd:4a:5f:12:63:3f:3c:f2:d1:70:42:05:db:
dc:14:be:8d:c3:03:95:6a:ab:d1:e4:14:17:ff:fb:
dc:54:56:9b:f1:1e:2b:00:22:34:bd:d1:9d:77:30:
a1:4a:48:0b:cf:81:86:51:63:89:f9:c0:2d:19:2a:
7e:37:a8:6a:a4:2f:94:a8:68:c0:38:95:78:6a:e5:
ec:40:05:50:fa:12:67:ff:df:89:13:ec:7a:1e:72:
8f:51:af:b5:13:0e:92:3e:af:19:0a:0a:9b:6f:f4:
6c:68:87:93:69:05:9a:29:d1:6e:c9:ef:67:1f:e4:
94:96:b2:83:d9:bd:3a:4e:23:eb:49:7d:22:48:ee:
23:70:99:30:df:41:17:80:bb:46:13:7e:91:43:cb:
22:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:BA:BD:EB:C4:89:75:6F:9F:26:7E:8E:98:0F:7C:C9:A8:BA:CB:E0
X509v3 Authority Key Identifier:
keyid:92:F4:9D:E8:68:4F:12:87:F4:F6:CB:18:5D:5C:F7:DE:80:C9:0B:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/92F49DE8684F1287F4F6CB185D5CF7DE80C90B94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kvSd6GhPEof09ssYXVz33oDJC5Q.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/34352e3133392e3139392e302f32342d3234203d3e20323134343636.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.199.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:fa:08:85:07:6a:d7:a9:ac:23:11:df:6b:f7:dd:3b:9d:b4:
67:1d:f3:e6:9a:46:5e:82:e8:b8:be:18:5c:bf:30:85:0e:41:
59:3c:02:a9:bf:47:57:1e:f5:44:43:a4:15:e6:9f:e1:22:1b:
fa:01:f5:2e:b1:fc:9c:98:bf:bc:09:e0:92:37:a6:90:2b:4b:
30:23:b2:77:2f:ee:a7:43:42:99:d5:1e:fd:4f:d7:5d:49:92:
70:c4:15:9f:7d:25:37:27:5e:7c:68:3f:dc:94:42:e7:1f:a0:
ac:b0:d4:56:35:53:e0:e1:12:22:4f:25:27:df:13:8e:a7:88:
c5:a4:ec:f8:64:03:da:f4:2f:0e:3c:c4:5a:ca:18:e6:cc:a3:
46:79:f9:2a:97:4a:da:ad:e4:85:58:66:4a:1d:07:bc:57:23:
c0:4e:a7:81:d7:09:75:61:04:85:03:0a:f6:af:64:77:96:e1:
2c:df:ee:52:d5:5f:bb:67:9e:0b:f3:c1:4a:0b:cf:32:dd:63:
ab:ab:08:e4:0e:dc:d5:a8:c2:92:a2:7f:a1:b3:9a:5d:72:6c:
c3:6e:6b:ad:20:17:96:c6:a7:09:ec:12:c6:d8:3c:91:35:85:
b7:8c:a9:49:82:f2:e6:5e:ad:45:26:49:48:05:13:02:65:e7:
f5:2e:6c:9c
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUOdW9zzMZdrwsA3x13IBTVKw+itMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTJmNDlkZTg2ODRmMTI4N2Y0ZjZjYjE4NWQ1Y2Y3ZGU4
MGM5MGI5NDAeFw0yNjAzMjQwNzQxNTNaFw0yNzAzMjMwNzQ2NTNaMDMxMTAvBgNV
BAMTKDI3QkFCREVCQzQ4OTc1NkY5RjI2N0U4RTk4MEY3Q0M5QThCQUNCRTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgbYzw5BVweUO7pDXy2ChYhfIh
yjjdsTCsMDzIPqpVk6EGq5b/EfNiZcEYRYsDApJ04yu9ZXNpHoPH6scOw08MGPdl
YK+6qHox6s+F01S1LUTH+pToZH4n45ADU7Unv3kgM2OgLOtR9OV6vUpfEmM/PPLR
cEIF29wUvo3DA5Vqq9HkFBf/+9xUVpvxHisAIjS90Z13MKFKSAvPgYZRY4n5wC0Z
Kn43qGqkL5SoaMA4lXhq5exABVD6Emf/34kT7Hoeco9Rr7UTDpI+rxkKCptv9Gxo
h5NpBZop0W7J72cf5JSWsoPZvTpOI+tJfSJI7iNwmTDfQReAu0YTfpFDyyKzAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUJ7q968SJdW+fJn6OmA98yai6y+AwHwYDVR0j
BBgwFoAUkvSd6GhPEof09ssYXVz33oDJC5QwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNjA5MjMzODktMmJkZS00M2UwLWIwZDUtZmMyNDRhNjMw
M2QwLzAvOTJGNDlERTg2ODRGMTI4N0Y0RjZDQjE4NUQ1Q0Y3REU4MEM5MEI5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2t2U2Q2R2hQRW9mMDlzc1lYVnozM29E
SkM1US5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNjA5MjMzODkt
MmJkZS00M2UwLWIwZDUtZmMyNDRhNjMwM2QwLzAvMzQzNTJlMzEzMzM5MmUzMTM5
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzQzNDM2MzYucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAti8cwDQYJKoZIhvcNAQELBQADggEBAIr6CIUHateprCMR32v33TudtGcd8+aa
Rl6C6Li+GFy/MIUOQVk8Aqm/R1ce9URDpBXmn+EiG/oB9S6x/JyYv7wJ4JI3ppAr
SzAjsncv7qdDQpnVHv1P111JknDEFZ99JTcnXnxoP9yUQucfoKyw1FY1U+DhEiJP
JSffE46niMWk7PhkA9r0Lw48xFrKGObMo0Z5+SqXStqt5IVYZkodB7xXI8BOp4HX
CXVhBIUDCvavZHeW4Szf7lLVX7tnngvzwUoLzzLdY6urCOQO3NWowpKif6Gzml1y
bMNua60gF5bGpwnsEsbYPJE1hbeMqUmC8uZerUUmSUgFEwJl5/UubJw=
-----END CERTIFICATE-----
Generated at Thu Mar 26 19:16:40 2026 by rpki-client