Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/881b7f08-dd94-4cd0-aa38-8512f152bd32/0/34352e36362e36332e302f32342d3234203d3e20313530323933.roa
File: 34352e36362e36332e302f32342d3234203d3e20313530323933.roa (raw, json)
Hash identifier: aG9+XQlh145qdADV5P4V+eZUHaIDM09ABAVqUp5GkL4=
Subject key identifier: 62:33:54:39:1D:EC:0E:1D:E7:6B:B0:32:68:F6:AE:2D:AA:E0:70:12
Certificate issuer: /CN=7e51cac1ce2afe1958b1fb6a6237717b0b5d4810
Certificate serial: 10672CE880C4E8028FC08C3928CB052FE81E142B
Authority key identifier: 7E:51:CA:C1:CE:2A:FE:19:58:B1:FB:6A:62:37:71:7B:0B:5D:48:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/flHKwc4q_hlYsftqYjdxewtdSBA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/881b7f08-dd94-4cd0-aa38-8512f152bd32/0/34352e36362e36332e302f32342d3234203d3e20313530323933.roa
Signing time: Thu 19 Mar 2026 08:30:12 +0000
ROA not before: Thu 19 Mar 2026 08:25:12 +0000
ROA not after: Thu 18 Mar 2027 08:30:12 +0000
asID: 150293
IP address blocks: 45.66.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/881b7f08-dd94-4cd0-aa38-8512f152bd32/0/7E51CAC1CE2AFE1958B1FB6A6237717B0B5D4810.crl
rsync://rsync.paas.rpki.ripe.net/repository/881b7f08-dd94-4cd0-aa38-8512f152bd32/0/7E51CAC1CE2AFE1958B1FB6A6237717B0B5D4810.mft
rsync://rpki.ripe.net/repository/DEFAULT/flHKwc4q_hlYsftqYjdxewtdSBA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 08:35:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:67:2c:e8:80:c4:e8:02:8f:c0:8c:39:28:cb:05:2f:e8:1e:14:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e51cac1ce2afe1958b1fb6a6237717b0b5d4810
Validity
Not Before: Mar 19 08:25:12 2026 GMT
Not After : Mar 18 08:30:12 2027 GMT
Subject: CN=623354391DEC0E1DE76BB03268F6AE2DAAE07012
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:84:4f:ce:af:de:b1:c3:87:f7:c4:89:f0:99:
53:49:8c:ff:74:09:76:5f:0c:98:68:ed:4b:0b:f7:
8e:f5:5c:2f:90:51:19:3d:0b:c1:b3:c6:e1:eb:02:
dd:d2:f4:af:f6:9e:6d:3b:0b:a1:ae:cb:81:19:f0:
ea:a5:bb:25:42:e0:b6:1e:cf:cc:ba:b2:18:13:4a:
11:81:40:4b:27:7d:b7:b0:b0:3d:9f:ac:71:09:0a:
40:53:d9:e6:d8:4a:f0:61:d3:1e:97:e3:da:a6:54:
7e:1e:01:1d:f2:0f:a7:07:c1:70:86:8f:6d:e7:08:
af:14:f9:49:67:1d:d4:7d:0f:75:c5:e1:f4:86:27:
b3:de:a3:11:81:43:45:b4:e3:06:8b:5f:9c:4c:b7:
e8:e8:8f:66:0a:4c:5a:db:fd:5a:1b:92:a2:af:1b:
4f:d5:32:36:ca:e1:20:78:eb:1e:0c:09:9c:95:94:
ce:5f:2b:26:4d:4d:d5:ad:14:4e:74:6b:8e:5f:6b:
b3:d4:56:19:d0:b9:ec:d5:6d:2b:5d:a2:55:64:07:
91:9c:83:68:f5:e2:4f:69:9b:cd:ee:10:9a:64:4b:
20:22:49:a9:8e:f1:3f:4c:38:8d:9b:47:71:c9:25:
b5:c7:27:eb:6e:65:f7:4f:3d:a7:2d:f7:5e:a3:9c:
7b:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:33:54:39:1D:EC:0E:1D:E7:6B:B0:32:68:F6:AE:2D:AA:E0:70:12
X509v3 Authority Key Identifier:
keyid:7E:51:CA:C1:CE:2A:FE:19:58:B1:FB:6A:62:37:71:7B:0B:5D:48:10
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/881b7f08-dd94-4cd0-aa38-8512f152bd32/0/7E51CAC1CE2AFE1958B1FB6A6237717B0B5D4810.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/flHKwc4q_hlYsftqYjdxewtdSBA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/881b7f08-dd94-4cd0-aa38-8512f152bd32/0/34352e36362e36332e302f32342d3234203d3e20313530323933.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.63.0/24
Signature Algorithm: sha256WithRSAEncryption
00:d3:2f:f0:94:55:be:d7:a1:5e:db:7a:b0:87:95:cc:f1:eb:
29:8c:db:d5:e8:e6:04:60:5e:18:87:f3:da:4c:fe:de:4e:f2:
11:84:6a:41:c2:51:ae:5f:82:a8:a4:38:a0:40:12:13:be:89:
03:bc:d1:bd:53:8c:ec:03:dc:17:3c:d2:75:0a:47:3f:b1:7c:
8a:a4:6c:44:3f:58:6f:e7:53:d1:d0:9a:11:7f:65:3b:03:d8:
ac:e6:9a:33:69:45:9d:82:14:08:84:6f:24:c1:e2:fa:04:b5:
0c:78:34:48:26:a2:6b:3d:c9:eb:d5:26:2e:57:38:00:a6:ee:
7c:01:90:63:37:82:6f:d7:65:6b:df:2a:1e:aa:79:a1:bf:33:
7a:82:7f:ae:03:0f:db:32:25:7c:e0:74:b8:0a:62:7f:37:f9:
ad:cf:08:dc:7d:15:e7:1b:ed:3d:8d:85:2a:30:d6:06:77:82:
0e:05:5c:ce:d2:e4:df:84:3e:cf:1e:b7:eb:e3:dc:03:4e:b6:
77:ca:77:00:6d:bc:fc:00:51:de:7d:2e:6d:e6:6b:e2:0e:15:
43:87:28:ce:f7:f0:38:84:7d:6b:58:7f:0f:38:66:b3:61:88:
fa:f1:10:fb:57:14:4d:ca:60:c5:6a:cd:45:49:45:30:31:16:
fb:d6:ce:4f
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUEGcs6IDE6AKPwIw5KMsFL+geFCswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2U1MWNhYzFjZTJhZmUxOTU4YjFmYjZhNjIzNzcxN2Iw
YjVkNDgxMDAeFw0yNjAzMTkwODI1MTJaFw0yNzAzMTgwODMwMTJaMDMxMTAvBgNV
BAMTKDYyMzM1NDM5MURFQzBFMURFNzZCQjAzMjY4RjZBRTJEQUFFMDcwMTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClhE/Or96xw4f3xInwmVNJjP90
CXZfDJho7UsL9471XC+QURk9C8GzxuHrAt3S9K/2nm07C6Guy4EZ8OqluyVC4LYe
z8y6shgTShGBQEsnfbewsD2frHEJCkBT2ebYSvBh0x6X49qmVH4eAR3yD6cHwXCG
j23nCK8U+UlnHdR9D3XF4fSGJ7PeoxGBQ0W04waLX5xMt+joj2YKTFrb/VobkqKv
G0/VMjbK4SB46x4MCZyVlM5fKyZNTdWtFE50a45fa7PUVhnQuezVbStdolVkB5Gc
g2j14k9pm83uEJpkSyAiSamO8T9MOI2bR3HJJbXHJ+tuZfdPPact916jnHu5AgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUYjNUOR3sDh3na7AyaPauLargcBIwHwYDVR0j
BBgwFoAUflHKwc4q/hlYsftqYjdxewtdSBAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODgxYjdmMDgtZGQ5NC00Y2QwLWFhMzgtODUxMmYxNTJi
ZDMyLzAvN0U1MUNBQzFDRTJBRkUxOTU4QjFGQjZBNjIzNzcxN0IwQjVENDgxMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2ZsSEt3YzRxX2hsWXNmdHFZamR4ZXd0
ZFNCQS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODgxYjdmMDgt
ZGQ5NC00Y2QwLWFhMzgtODUxMmYxNTJiZDMyLzAvMzQzNTJlMzYzNjJlMzYzMzJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzUzMDMyMzkzMy5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC1C
PzANBgkqhkiG9w0BAQsFAAOCAQEAANMv8JRVvtehXtt6sIeVzPHrKYzb1ejmBGBe
GIfz2kz+3k7yEYRqQcJRrl+CqKQ4oEASE76JA7zRvVOM7APcFzzSdQpHP7F8iqRs
RD9Yb+dT0dCaEX9lOwPYrOaaM2lFnYIUCIRvJMHi+gS1DHg0SCaiaz3J69UmLlc4
AKbufAGQYzeCb9dla98qHqp5ob8zeoJ/rgMP2zIlfOB0uApifzf5rc8I3H0V5xvt
PY2FKjDWBneCDgVcztLk34Q+zx636+PcA062d8p3AG28/ABR3n0ubeZr4g4VQ4co
zvfwOIR9a1h/Dzhms2GI+vEQ+1cUTcpgxWrNRUlFMDEW+9bOTw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 13:15:33 2026 by rpki-client