Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e39312e3133382e302f32342d3234203d3e20323135303531.roa
File: 34352e39312e3133382e302f32342d3234203d3e20323135303531.roa (raw, json)
Hash identifier: AlDsymdCxEmA6YN9k9nU36Zhq0YNkOH8dVr3FUYR308=
Subject key identifier: 65:AB:DC:10:DC:CE:07:7B:29:BA:A0:7C:C4:BF:2D:44:E2:7C:2F:DB
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 774754C69592967553B636E61FF6C94014D7E6B8
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e39312e3133382e302f32342d3234203d3e20323135303531.roa
Signing time: Wed 06 May 2026 21:04:53 +0000
ROA not before: Wed 06 May 2026 20:59:53 +0000
ROA not after: Wed 05 May 2027 21:04:53 +0000
asID: 215051
IP address blocks: 45.91.138.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:38:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:47:54:c6:95:92:96:75:53:b6:36:e6:1f:f6:c9:40:14:d7:e6:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: May 6 20:59:53 2026 GMT
Not After : May 5 21:04:53 2027 GMT
Subject: CN=65ABDC10DCCE077B29BAA07CC4BF2D44E27C2FDB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:8b:e4:d0:af:c6:1d:24:ba:f6:d7:4f:82:01:
e2:d1:af:b6:c0:04:c1:4f:8a:07:25:af:78:2f:10:
56:ea:d6:10:d4:4e:b2:0e:5f:57:72:c5:bb:10:ad:
77:96:fa:36:6b:11:1d:fb:ca:02:9f:48:43:52:1b:
94:75:ac:6e:c3:88:e1:57:77:23:4e:4d:f1:1f:57:
9b:a7:df:2b:fd:2b:b1:01:9b:e9:0f:49:27:d0:da:
e3:80:8f:74:15:62:f9:57:1e:30:28:41:5f:a6:4e:
96:45:74:b4:85:fa:c0:ee:c1:a5:0f:dc:ca:ba:70:
3f:5e:8c:59:d8:77:1e:f2:d9:09:bc:ea:b0:aa:b4:
20:44:c7:5c:70:42:ec:6d:89:4b:fc:a4:50:7c:a2:
ea:4f:ce:6c:c7:01:eb:f6:55:dc:63:e1:1f:14:4e:
0e:07:52:9d:26:32:7b:56:67:2f:e8:36:5c:93:bd:
a1:fc:57:27:11:af:92:7d:bf:19:7c:95:a0:c2:2a:
8a:a3:de:86:ab:3f:e7:d0:6f:2c:8d:32:d6:14:30:
b6:52:1c:69:a0:4e:3b:81:97:28:0e:a8:83:dc:0b:
c7:c3:3f:f0:37:c7:5a:81:43:f4:51:3b:32:d4:f8:
49:3d:91:6e:2c:a1:2d:f5:52:2e:e8:cc:43:e0:db:
cc:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:AB:DC:10:DC:CE:07:7B:29:BA:A0:7C:C4:BF:2D:44:E2:7C:2F:DB
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e39312e3133382e302f32342d3234203d3e20323135303531.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.138.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:c4:b7:c9:d2:2e:3e:d7:0c:a3:37:1b:b7:05:48:0e:bf:df:
d6:f0:1e:90:d0:14:1f:d1:6c:81:b6:e3:73:49:e2:e4:c4:94:
e3:b2:1b:43:48:06:d5:03:90:6b:3d:16:b4:7f:b9:d4:8a:f5:
91:dc:fd:92:57:cb:e9:e2:a0:2b:06:e9:e8:3b:5f:dc:4a:23:
28:31:2e:d4:c5:27:64:6c:25:0b:bc:93:ae:ef:f0:0f:d5:d7:
5b:5b:48:b7:13:f5:3f:81:0d:59:05:4e:d2:bc:48:e2:f9:80:
5c:40:5b:a6:17:9e:08:9b:09:de:45:41:25:c4:52:c0:53:db:
6d:71:e8:f7:9d:db:ee:b5:3b:1c:f0:c0:2a:80:0f:26:04:c4:
27:9e:cd:43:b1:d7:b0:f0:db:2f:0d:b1:d7:2a:c7:2f:c1:8a:
96:24:bb:23:20:47:58:c0:2d:b2:ff:e8:d7:e8:95:c2:4e:90:
e7:b8:23:7f:20:c0:f6:04:f2:3f:43:b7:45:b4:bb:80:c6:23:
f8:46:0d:95:c6:72:80:9d:24:2b:b4:96:1e:d1:0c:ac:cc:f3:
1b:b9:be:87:db:3b:8e:16:6d:60:e4:5a:77:57:23:5b:b3:9f:
a4:8a:01:21:b5:5b:e7:65:6b:72:49:d7:86:f0:75:8c:65:d8:
51:c0:89:e4
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUd0dUxpWSlnVTtjbmH/bJQBTX5rgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNjA1MDYyMDU5NTNaFw0yNzA1MDUyMTA0NTNaMDMxMTAvBgNV
BAMTKDY1QUJEQzEwRENDRTA3N0IyOUJBQTA3Q0M0QkYyRDQ0RTI3QzJGREIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPi+TQr8YdJLr210+CAeLRr7bA
BMFPigclr3gvEFbq1hDUTrIOX1dyxbsQrXeW+jZrER37ygKfSENSG5R1rG7DiOFX
dyNOTfEfV5un3yv9K7EBm+kPSSfQ2uOAj3QVYvlXHjAoQV+mTpZFdLSF+sDuwaUP
3Mq6cD9ejFnYdx7y2Qm86rCqtCBEx1xwQuxtiUv8pFB8oupPzmzHAev2Vdxj4R8U
Tg4HUp0mMntWZy/oNlyTvaH8VycRr5J9vxl8laDCKoqj3oarP+fQbyyNMtYUMLZS
HGmgTjuBlygOqIPcC8fDP/A3x1qBQ/RROzLU+Ek9kW4soS31Ui7ozEPg28wZAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUZavcENzOB3spuqB8xL8tROJ8L9swHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzkzMTJlMzEzMzM4
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTM1MzAzNTMxLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LVuKMA0GCSqGSIb3DQEBCwUAA4IBAQA8xLfJ0i4+1wyjNxu3BUgOv9/W8B6Q0BQf
0WyBtuNzSeLkxJTjshtDSAbVA5BrPRa0f7nUivWR3P2SV8vp4qArBunoO1/cSiMo
MS7UxSdkbCULvJOu7/AP1ddbW0i3E/U/gQ1ZBU7SvEji+YBcQFumF54ImwneRUEl
xFLAU9ttcej3ndvutTsc8MAqgA8mBMQnns1Dsdew8NsvDbHXKscvwYqWJLsjIEdY
wC2y/+jX6JXCTpDnuCN/IMD2BPI/Q7dFtLuAxiP4Rg2VxnKAnSQrtJYe0QyszPMb
ub6H2zuOFm1g5Fp3VyNbs5+kigEhtVvnZWtySdeG8HWMZdhRwInk
-----END CERTIFICATE-----
Generated at Wed May 13 03:59:22 2026 by rpki-client