Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/34352e3135342e3135362e302f32342d3234203d3e203235313938.roa
File: 34352e3135342e3135362e302f32342d3234203d3e203235313938.roa (raw, json)
Hash identifier: +n/7FFGCbJFLeTBMK+bf0uN3TVtpnkHKpVze49312Dg=
Subject key identifier: 00:59:4C:8E:28:B7:0E:B2:2D:0F:57:AF:4C:C0:29:0B:F7:1D:92:A6
Certificate issuer: /CN=7374bc6d025135bed9539779a03fdd64abeba11f
Certificate serial: 731A72ACB93E6D9F9E7E9076A445D8CFBECB6B4C
Authority key identifier: 73:74:BC:6D:02:51:35:BE:D9:53:97:79:A0:3F:DD:64:AB:EB:A1:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c3S8bQJRNb7ZU5d5oD_dZKvroR8.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/34352e3135342e3135362e302f32342d3234203d3e203235313938.roa
Signing time: Thu 26 Mar 2026 09:00:56 +0000
ROA not before: Thu 26 Mar 2026 08:55:56 +0000
ROA not after: Thu 25 Mar 2027 09:00:56 +0000
asID: 25198
IP address blocks: 45.154.156.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/7374BC6D025135BED9539779A03FDD64ABEBA11F.crl
rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/7374BC6D025135BED9539779A03FDD64ABEBA11F.mft
rsync://rpki.ripe.net/repository/DEFAULT/c3S8bQJRNb7ZU5d5oD_dZKvroR8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 12:59:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:1a:72:ac:b9:3e:6d:9f:9e:7e:90:76:a4:45:d8:cf:be:cb:6b:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7374bc6d025135bed9539779a03fdd64abeba11f
Validity
Not Before: Mar 26 08:55:56 2026 GMT
Not After : Mar 25 09:00:56 2027 GMT
Subject: CN=00594C8E28B70EB22D0F57AF4CC0290BF71D92A6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:e1:98:ca:e5:27:58:43:46:51:4b:5f:f1:1f:
34:5d:3d:88:be:d4:60:22:9b:6a:ac:76:b0:29:2b:
47:4d:3f:a1:d5:0f:42:4e:6c:d6:0c:d4:dc:6d:17:
a2:fc:20:42:ea:b6:92:0c:12:71:ca:38:3d:ff:56:
d7:7f:c7:9e:09:d4:6b:30:79:dd:0b:b0:ee:54:f8:
b1:c0:47:5a:be:5f:35:a6:b8:6c:d8:b1:a2:c1:24:
24:3b:8e:69:c4:3c:93:7f:df:04:16:98:8b:fd:0e:
c8:ab:c8:43:5d:da:fa:8b:00:26:4a:22:e9:61:f2:
7e:7b:89:75:9a:52:e7:d7:cb:c4:09:d2:98:97:07:
b1:a5:99:ab:38:5b:61:e8:06:60:17:fa:5d:fa:f3:
68:a9:62:a8:f2:22:b3:b5:bd:ab:5f:fd:55:53:ee:
7f:03:25:7d:37:a9:2b:45:60:4f:ad:6e:04:97:e8:
4c:85:13:00:ce:fb:54:38:6d:d6:26:79:e4:fe:9f:
b9:04:70:d3:64:e1:8e:20:52:0c:5c:cc:0e:c6:a7:
7f:fd:74:d7:21:b1:e1:c4:4f:b4:d9:f9:03:1b:5e:
2f:06:9f:3c:40:5d:cb:73:52:8d:a8:f2:b7:30:a8:
c2:91:00:96:c9:2a:ff:84:f4:72:54:6e:3e:7f:13:
f5:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:59:4C:8E:28:B7:0E:B2:2D:0F:57:AF:4C:C0:29:0B:F7:1D:92:A6
X509v3 Authority Key Identifier:
keyid:73:74:BC:6D:02:51:35:BE:D9:53:97:79:A0:3F:DD:64:AB:EB:A1:1F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/7374BC6D025135BED9539779A03FDD64ABEBA11F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3S8bQJRNb7ZU5d5oD_dZKvroR8.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/34352e3135342e3135362e302f32342d3234203d3e203235313938.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.156.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:3f:45:41:34:44:75:a9:d3:d7:f4:d7:40:b2:b8:29:35:78:
f4:91:15:40:6a:bf:7a:14:f9:35:a7:f8:4d:79:7b:9a:7a:d3:
62:e1:ff:66:82:fa:d4:cf:d2:9b:14:c9:23:de:88:8c:44:1c:
71:49:79:72:42:c1:8c:c3:9e:f8:6d:ea:fc:2c:bb:4f:62:24:
f2:77:d4:66:f4:a8:13:a4:29:ec:88:23:c0:72:8a:4f:4b:b2:
49:37:9b:7c:9a:88:24:3e:3c:96:72:2a:d9:96:d8:1d:93:69:
d2:e1:c0:13:5f:ea:8a:1e:2e:55:a0:ba:a8:86:fa:03:5d:79:
be:40:3c:de:3e:1e:af:23:d0:4e:53:4d:fb:ae:6c:a9:ec:46:
2a:e2:48:43:e1:59:e2:d0:58:c1:94:6c:7c:8a:ac:bd:00:92:
a2:a8:e2:33:ca:ec:d3:64:b6:6f:cb:f8:88:78:75:b4:0e:8b:
8d:45:ed:fb:5d:d8:4f:7a:67:fd:3d:33:41:67:8a:07:0c:05:
44:26:2c:a9:d5:c5:7b:3d:cb:c2:96:a2:e8:76:29:ee:26:5c:
1d:e5:f5:ca:ea:0c:87:35:25:d7:bf:ac:6f:89:4a:64:ff:7f:
07:59:24:5f:ce:09:8b:91:13:41:21:7c:8b:4e:84:f1:4f:8e:
98:a9:a2:28
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUcxpyrLk+bZ+efpB2pEXYz77La0wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM3NGJjNmQwMjUxMzViZWQ5NTM5Nzc5YTAzZmRkNjRh
YmViYTExZjAeFw0yNjAzMjYwODU1NTZaFw0yNzAzMjUwOTAwNTZaMDMxMTAvBgNV
BAMTKDAwNTk0QzhFMjhCNzBFQjIyRDBGNTdBRjRDQzAyOTBCRjcxRDkyQTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC44ZjK5SdYQ0ZRS1/xHzRdPYi+
1GAim2qsdrApK0dNP6HVD0JObNYM1NxtF6L8IELqtpIMEnHKOD3/Vtd/x54J1Gsw
ed0LsO5U+LHAR1q+XzWmuGzYsaLBJCQ7jmnEPJN/3wQWmIv9DsiryENd2vqLACZK
Iulh8n57iXWaUufXy8QJ0piXB7Glmas4W2HoBmAX+l3682ipYqjyIrO1vatf/VVT
7n8DJX03qStFYE+tbgSX6EyFEwDO+1Q4bdYmeeT+n7kEcNNk4Y4gUgxczA7Gp3/9
dNchseHET7TZ+QMbXi8GnzxAXctzUo2o8rcwqMKRAJbJKv+E9HJUbj5/E/VrAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUAFlMjii3DrItD1evTMApC/cdkqYwHwYDVR0j
BBgwFoAUc3S8bQJRNb7ZU5d5oD/dZKvroR8wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTQyNTg1ZjctYmMxYi00OTcwLWJkMzQtZGJmZDJiMjE0
N2QyLzAvNzM3NEJDNkQwMjUxMzVCRUQ5NTM5Nzc5QTAzRkRENjRBQkVCQTExRi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MzUzhiUUpSTmI3WlU1ZDVvRF9kWkt2
cm9SOC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTQyNTg1Zjct
YmMxYi00OTcwLWJkMzQtZGJmZDJiMjE0N2QyLzAvMzQzNTJlMzEzNTM0MmUzMTM1
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM1MzEzOTM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LZqcMA0GCSqGSIb3DQEBCwUAA4IBAQA8P0VBNER1qdPX9NdAsrgpNXj0kRVAar96
FPk1p/hNeXuaetNi4f9mgvrUz9KbFMkj3oiMRBxxSXlyQsGMw574ber8LLtPYiTy
d9Rm9KgTpCnsiCPAcopPS7JJN5t8mogkPjyWcirZltgdk2nS4cATX+qKHi5VoLqo
hvoDXXm+QDzePh6vI9BOU037rmyp7EYq4khD4Vni0FjBlGx8iqy9AJKiqOIzyuzT
ZLZvy/iIeHW0DouNRe37XdhPemf9PTNBZ4oHDAVEJiyp1cV7PcvClqLodinuJlwd
5fXK6gyHNSXXv6xviUpk/38HWSRfzgmLkRNBIXyLToTxT46YqaIo
-----END CERTIFICATE-----
Generated at Thu Mar 26 20:33:49 2026 by rpki-client