Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e31322e38332e302f32342d3234203d3e20343032323135.roa
File: 34352e31322e38332e302f32342d3234203d3e20343032323135.roa (raw, json)
Hash identifier: lABfqNCpRhLuXdPv/0CKPXY3W3HPEANIju1XtBlnqRg=
Subject key identifier: 82:86:C4:EC:F6:24:4F:CE:8C:6E:E1:5D:CD:6F:0B:FC:02:BB:9C:4A
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 45FA212F8BBEE48AA95998E65276674EDC4FDBBE
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e31322e38332e302f32342d3234203d3e20343032323135.roa
Signing time: Sat 09 May 2026 07:46:10 +0000
ROA not before: Sat 09 May 2026 07:41:10 +0000
ROA not after: Sat 08 May 2027 07:46:10 +0000
asID: 402215
IP address blocks: 45.12.83.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:38:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:fa:21:2f:8b:be:e4:8a:a9:59:98:e6:52:76:67:4e:dc:4f:db:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: May 9 07:41:10 2026 GMT
Not After : May 8 07:46:10 2027 GMT
Subject: CN=8286C4ECF6244FCE8C6EE15DCD6F0BFC02BB9C4A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:64:a0:35:50:2e:db:cf:77:1c:1a:51:5a:eb:
52:7a:e1:22:65:8c:5c:09:22:d7:70:52:40:a2:b1:
74:18:1b:97:ad:40:98:4d:cb:a9:e8:9f:d7:44:e0:
5e:66:24:43:24:56:b3:11:fe:0a:57:3d:06:f2:c1:
31:3d:c7:44:32:04:23:09:fe:04:3a:a4:2a:e9:67:
a8:32:48:59:a2:5b:1c:4b:cc:28:ce:50:7c:91:35:
09:dc:85:4a:27:2e:b6:61:2a:b4:9b:61:76:d4:bc:
06:88:57:3d:58:8d:e0:5e:27:3e:70:49:92:d6:ab:
77:21:ad:48:c5:2f:e4:c9:22:be:8d:b8:d7:69:f5:
57:30:a7:4b:18:57:da:4a:b9:86:89:2b:60:e8:59:
d6:c3:94:fc:58:b8:69:13:0a:77:93:5a:98:b0:53:
6b:7d:df:a5:a7:e1:6f:70:1c:a6:a0:f1:87:37:6d:
19:2e:db:3f:b3:1a:81:40:07:12:56:36:b5:62:1b:
dd:1b:11:db:02:da:fa:01:be:b0:4b:ab:4f:19:ab:
fc:09:50:21:44:6e:ff:13:25:03:01:17:89:2b:b2:
d2:74:84:9c:e1:d6:7e:cd:27:5c:45:ef:b1:85:a4:
c1:ab:42:67:95:5e:1d:21:b0:0a:b8:44:66:4e:a1:
e4:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:86:C4:EC:F6:24:4F:CE:8C:6E:E1:5D:CD:6F:0B:FC:02:BB:9C:4A
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e31322e38332e302f32342d3234203d3e20343032323135.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.83.0/24
Signature Algorithm: sha256WithRSAEncryption
22:f8:03:41:02:c3:12:d1:65:e2:b1:90:6a:53:c4:ff:2c:d7:
7e:30:70:98:f3:b0:f0:47:39:24:50:db:c2:1d:27:61:01:be:
e2:70:46:c7:4d:76:e7:9b:f9:b8:7a:4f:aa:4d:2d:47:11:8a:
bb:f8:eb:d3:cf:fe:d8:48:87:eb:7b:c7:95:d4:c7:d3:8e:38:
fe:85:44:cd:06:12:7f:c2:46:3c:8b:6f:5e:9b:1c:9f:db:51:
53:52:cc:2b:df:dc:f8:2f:ce:b3:35:f6:d1:3f:74:c0:17:6e:
33:de:57:0d:65:9c:e7:77:0c:27:87:a9:e7:98:4e:7b:e8:06:
f2:7f:0b:b5:52:95:85:5a:5f:52:0a:75:a3:65:a2:b9:81:20:
d2:cc:aa:41:2b:0c:b8:70:32:c9:f2:4c:1d:0b:c2:09:18:e0:
42:01:c5:ea:36:af:21:5a:ae:3b:14:20:2c:fe:7d:bf:17:c0:
a8:5f:74:34:d4:b4:be:8c:25:60:fe:6e:2c:34:91:ae:33:8d:
97:68:08:39:7f:6b:4f:58:7c:e0:4b:b0:bc:e0:6c:b3:7c:1d:
d2:ed:ca:e9:62:b9:ef:9d:36:8e:d7:e2:2c:57:d4:27:10:41:
04:20:7c:2d:80:2d:34:6a:7e:a3:09:a5:cf:48:8c:f3:91:41:
26:c2:e3:9a
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIURfohL4u+5IqpWZjmUnZnTtxP274wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNjA1MDkwNzQxMTBaFw0yNzA1MDgwNzQ2MTBaMDMxMTAvBgNV
BAMTKDgyODZDNEVDRjYyNDRGQ0U4QzZFRTE1RENENkYwQkZDMDJCQjlDNEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCoZKA1UC7bz3ccGlFa61J64SJl
jFwJItdwUkCisXQYG5etQJhNy6non9dE4F5mJEMkVrMR/gpXPQbywTE9x0QyBCMJ
/gQ6pCrpZ6gySFmiWxxLzCjOUHyRNQnchUonLrZhKrSbYXbUvAaIVz1YjeBeJz5w
SZLWq3chrUjFL+TJIr6NuNdp9Vcwp0sYV9pKuYaJK2DoWdbDlPxYuGkTCneTWpiw
U2t936Wn4W9wHKag8Yc3bRku2z+zGoFABxJWNrViG90bEdsC2voBvrBLq08Zq/wJ
UCFEbv8TJQMBF4krstJ0hJzh1n7NJ1xF77GFpMGrQmeVXh0hsAq4RGZOoeQXAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUgobE7PYkT86MbuFdzW8L/AK7nEowHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzEzMjJlMzgzMzJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzAzMjMyMzEzNS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC0M
UzANBgkqhkiG9w0BAQsFAAOCAQEAIvgDQQLDEtFl4rGQalPE/yzXfjBwmPOw8Ec5
JFDbwh0nYQG+4nBGx01255v5uHpPqk0tRxGKu/jr08/+2EiH63vHldTH0444/oVE
zQYSf8JGPItvXpscn9tRU1LMK9/c+C/OszX20T90wBduM95XDWWc53cMJ4ep55hO
e+gG8n8LtVKVhVpfUgp1o2WiuYEg0syqQSsMuHAyyfJMHQvCCRjgQgHF6javIVqu
OxQgLP59vxfAqF90NNS0vowlYP5uLDSRrjONl2gIOX9rT1h84EuwvOBss3wd0u3K
6WK57502jtfiLFfUJxBBBCB8LYAtNGp+owmlz0iM85FBJsLjmg==
-----END CERTIFICATE-----
Generated at Wed May 13 06:27:11 2026 by rpki-client