Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/34352e3134392e3135322e302f32342d3234203d3e20323134313433.roa
File: 34352e3134392e3135322e302f32342d3234203d3e20323134313433.roa (raw, json)
Hash identifier: ZqsnAbwfQsSLAO15y/hQmlAKLget/IE+XAeE4Nr5/8I=
Subject key identifier: 3F:5B:E1:DA:F8:EE:15:F9:9C:64:8C:C6:1F:BE:40:3C:AA:4D:05:90
Certificate issuer: /CN=e1f3512f51dc42bb9eb12abc0bb529668b2edee4
Certificate serial: 71EE3562C56E0A53D8E09AA31B10EB1C945A235D
Authority key identifier: E1:F3:51:2F:51:DC:42:BB:9E:B1:2A:BC:0B:B5:29:66:8B:2E:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4fNRL1HcQruesSq8C7UpZosu3uQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/34352e3134392e3135322e302f32342d3234203d3e20323134313433.roa
Signing time: Sun 14 Sep 2025 12:05:21 +0000
ROA not before: Sun 14 Sep 2025 12:00:21 +0000
ROA not after: Sun 13 Sep 2026 12:05:21 +0000
asID: 214143
IP address blocks: 45.149.152.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/E1F3512F51DC42BB9EB12ABC0BB529668B2EDEE4.crl
rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/E1F3512F51DC42BB9EB12ABC0BB529668B2EDEE4.mft
rsync://rpki.ripe.net/repository/DEFAULT/4fNRL1HcQruesSq8C7UpZosu3uQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 14:26:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:ee:35:62:c5:6e:0a:53:d8:e0:9a:a3:1b:10:eb:1c:94:5a:23:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e1f3512f51dc42bb9eb12abc0bb529668b2edee4
Validity
Not Before: Sep 14 12:00:21 2025 GMT
Not After : Sep 13 12:05:21 2026 GMT
Subject: CN=3F5BE1DAF8EE15F99C648CC61FBE403CAA4D0590
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:a1:a6:b3:e3:43:e2:3d:ce:62:d7:86:3b:db:
65:72:95:58:a2:b5:d6:94:43:78:08:12:67:1c:88:
62:30:99:e8:8d:36:c3:98:26:1d:04:1f:7f:8b:29:
50:34:75:d2:b0:2a:d0:72:86:01:00:8b:26:09:8c:
14:7c:9f:ea:b6:bb:a2:9e:2a:07:0a:86:5b:3e:a5:
d0:c3:e7:47:d9:95:05:c0:e1:af:69:5f:e0:69:93:
1f:28:22:4d:25:88:ec:67:f1:46:34:84:6c:8b:4e:
95:04:24:aa:73:c4:3c:c3:54:17:a8:a1:74:02:7e:
a6:63:03:e5:54:ab:22:72:7f:4f:a0:af:98:68:d0:
ec:ed:28:a5:2e:8e:45:d1:86:e0:d4:c9:4e:db:22:
5a:34:b1:c8:b0:49:d2:ae:93:23:70:43:41:33:17:
55:37:85:c8:f8:ec:e6:01:d2:14:9b:b8:37:03:e8:
06:f9:24:56:7b:52:71:df:bd:56:c9:31:e6:3b:51:
21:31:19:01:45:8b:ae:dd:cc:9c:c6:64:3d:42:1c:
91:fe:ae:a6:7c:19:05:c0:29:02:a5:70:08:b7:74:
f8:a6:23:52:f1:a5:2c:cc:8f:4d:9d:ca:46:8c:91:
68:fc:28:70:87:65:b4:f1:5c:fb:81:1b:03:94:81:
9e:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:5B:E1:DA:F8:EE:15:F9:9C:64:8C:C6:1F:BE:40:3C:AA:4D:05:90
X509v3 Authority Key Identifier:
keyid:E1:F3:51:2F:51:DC:42:BB:9E:B1:2A:BC:0B:B5:29:66:8B:2E:DE:E4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/E1F3512F51DC42BB9EB12ABC0BB529668B2EDEE4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4fNRL1HcQruesSq8C7UpZosu3uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/34352e3134392e3135322e302f32342d3234203d3e20323134313433.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.152.0/24
Signature Algorithm: sha256WithRSAEncryption
00:7e:37:57:17:c7:18:66:98:8e:eb:1c:3a:07:d0:61:25:7d:
39:02:19:d5:27:6c:76:28:ad:7e:93:52:a1:c3:2e:f9:25:74:
85:d5:c7:4a:6b:28:65:42:80:aa:37:a2:12:46:8e:be:5d:df:
3e:33:87:06:d9:e1:40:27:3a:ac:11:ca:ab:d4:47:ab:87:c3:
76:69:88:6d:93:8c:34:9f:47:27:a4:da:55:dd:18:37:3a:12:
02:b3:91:5b:eb:d5:93:24:4e:08:bc:b2:7c:36:84:61:6b:94:
9f:c8:a7:a0:12:bf:b0:6c:41:3c:24:cd:e7:e8:f4:19:69:00:
42:f8:62:75:13:e7:2f:c7:23:ad:11:e1:49:07:36:c7:08:6f:
ac:20:92:e3:6b:9e:96:85:a7:2a:d9:71:bb:b5:57:c5:49:f5:
d7:5f:90:66:d5:bf:a0:d2:b2:b3:96:78:79:b5:d8:13:bb:c6:
2d:37:87:17:12:3a:31:26:53:8b:2e:e9:10:0d:f6:c9:7e:84:
d0:0b:c2:91:5e:90:61:fc:fd:1d:84:b1:84:ac:23:48:b0:88:
70:df:96:78:5e:9b:f2:ac:e7:86:3b:d9:68:da:4f:65:0e:03:
a5:eb:3e:24:a4:5e:e2:90:61:4e:1f:47:2e:a5:7d:43:21:9e:
db:51:f9:7c
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUce41YsVuClPY4JqjGxDrHJRaI10wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTFmMzUxMmY1MWRjNDJiYjllYjEyYWJjMGJiNTI5NjY4
YjJlZGVlNDAeFw0yNTA5MTQxMjAwMjFaFw0yNjA5MTMxMjA1MjFaMDMxMTAvBgNV
BAMTKDNGNUJFMURBRjhFRTE1Rjk5QzY0OENDNjFGQkU0MDNDQUE0RDA1OTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJoaaz40PiPc5i14Y722VylVii
tdaUQ3gIEmcciGIwmeiNNsOYJh0EH3+LKVA0ddKwKtByhgEAiyYJjBR8n+q2u6Ke
KgcKhls+pdDD50fZlQXA4a9pX+Bpkx8oIk0liOxn8UY0hGyLTpUEJKpzxDzDVBeo
oXQCfqZjA+VUqyJyf0+gr5ho0OztKKUujkXRhuDUyU7bIlo0sciwSdKukyNwQ0Ez
F1U3hcj47OYB0hSbuDcD6Ab5JFZ7UnHfvVbJMeY7USExGQFFi67dzJzGZD1CHJH+
rqZ8GQXAKQKlcAi3dPimI1LxpSzMj02dykaMkWj8KHCHZbTxXPuBGwOUgZ4VAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUP1vh2vjuFfmcZIzGH75APKpNBZAwHwYDVR0j
BBgwFoAU4fNRL1HcQruesSq8C7UpZosu3uQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTNjZGM2NDgtZDIwMy00NjJhLWJkMGYtZWMxYjYwZDg3
OWE3LzAvRTFGMzUxMkY1MURDNDJCQjlFQjEyQUJDMEJCNTI5NjY4QjJFREVFNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzRmTlJMMUhjUXJ1ZXNTcThDN1VwWm9z
dTN1US5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTNjZGM2NDgt
ZDIwMy00NjJhLWJkMGYtZWMxYjYwZDg3OWE3LzAvMzQzNTJlMzEzNDM5MmUzMTM1
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzQzMTM0MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAtlZgwDQYJKoZIhvcNAQELBQADggEBAAB+N1cXxxhmmI7rHDoH0GElfTkCGdUn
bHYorX6TUqHDLvkldIXVx0prKGVCgKo3ohJGjr5d3z4zhwbZ4UAnOqwRyqvUR6uH
w3ZpiG2TjDSfRyek2lXdGDc6EgKzkVvr1ZMkTgi8snw2hGFrlJ/Ip6ASv7BsQTwk
zefo9BlpAEL4YnUT5y/HI60R4UkHNscIb6wgkuNrnpaFpyrZcbu1V8VJ9ddfkGbV
v6DSsrOWeHm12BO7xi03hxcSOjEmU4su6RAN9sl+hNALwpFekGH8/R2EsYSsI0iw
iHDflnhem/Ks54Y72WjaT2UOA6XrPiSkXuKQYU4fRy6lfUMhnttR+Xw=
-----END CERTIFICATE-----
Generated at Tue Oct 21 03:31:30 2025 by rpki-client