Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/34352e3135342e3135362e302f32342d3234203d3e20343030393039.roa
File: 34352e3135342e3135362e302f32342d3234203d3e20343030393039.roa (raw, json)
Hash identifier: Of9C80QSauZ6AiGj1q9DeHnamBDcSMPZ5GbU1eRgWqw=
Subject key identifier: 4D:81:FE:51:E8:B7:40:58:1C:82:87:37:59:F8:D8:D5:53:39:DA:CD
Certificate issuer: /CN=7374bc6d025135bed9539779a03fdd64abeba11f
Certificate serial: 2909DA0081B2BB9E14AD667BBBC6974629527923
Authority key identifier: 73:74:BC:6D:02:51:35:BE:D9:53:97:79:A0:3F:DD:64:AB:EB:A1:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c3S8bQJRNb7ZU5d5oD_dZKvroR8.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/34352e3135342e3135362e302f32342d3234203d3e20343030393039.roa
Signing time: Thu 26 Mar 2026 09:00:56 +0000
ROA not before: Thu 26 Mar 2026 08:55:56 +0000
ROA not after: Thu 25 Mar 2027 09:00:56 +0000
asID: 400909
IP address blocks: 45.154.156.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/7374BC6D025135BED9539779A03FDD64ABEBA11F.crl
rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/7374BC6D025135BED9539779A03FDD64ABEBA11F.mft
rsync://rpki.ripe.net/repository/DEFAULT/c3S8bQJRNb7ZU5d5oD_dZKvroR8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:09:da:00:81:b2:bb:9e:14:ad:66:7b:bb:c6:97:46:29:52:79:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7374bc6d025135bed9539779a03fdd64abeba11f
Validity
Not Before: Mar 26 08:55:56 2026 GMT
Not After : Mar 25 09:00:56 2027 GMT
Subject: CN=4D81FE51E8B740581C82873759F8D8D55339DACD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:6b:30:87:49:6d:79:6d:ef:5d:80:61:17:25:
94:26:79:54:1a:87:9d:3e:e5:0e:ae:dc:28:ba:cd:
b9:5d:87:58:01:b7:3a:20:3b:5d:b8:15:89:56:e3:
64:b3:a0:34:fa:c4:fd:13:0e:bf:9b:57:f6:dc:a8:
0c:b6:05:85:94:2a:e5:36:c7:db:44:6e:33:dc:64:
84:63:da:ef:23:a0:57:47:4d:a0:f0:6e:72:ae:83:
79:65:d0:db:c9:fd:ae:b0:e0:7c:27:d9:29:80:1e:
ae:65:89:1f:b6:19:17:98:12:b3:fe:16:91:6a:6d:
e1:be:04:e4:e2:40:5d:db:9f:52:7f:94:1c:a4:67:
76:59:68:f9:37:7b:09:53:c8:d6:88:e3:24:46:12:
d1:02:4c:5f:59:bb:ba:b0:83:71:37:03:49:75:c5:
1d:c7:ce:3d:ed:a9:6d:40:74:b3:98:13:2e:ad:03:
be:55:0b:15:11:0f:27:42:e9:74:66:3a:f9:44:55:
94:72:01:ed:a6:e0:8a:45:d6:46:4c:65:d1:37:11:
79:81:d2:d2:f7:f0:79:d9:87:c3:8d:cb:02:fe:04:
a5:b2:2d:27:d2:13:9a:1d:ba:4b:06:20:78:5e:ea:
95:8c:8f:ed:e8:07:b3:cd:2a:1f:f9:21:48:dd:2f:
43:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:81:FE:51:E8:B7:40:58:1C:82:87:37:59:F8:D8:D5:53:39:DA:CD
X509v3 Authority Key Identifier:
keyid:73:74:BC:6D:02:51:35:BE:D9:53:97:79:A0:3F:DD:64:AB:EB:A1:1F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/7374BC6D025135BED9539779A03FDD64ABEBA11F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3S8bQJRNb7ZU5d5oD_dZKvroR8.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/34352e3135342e3135362e302f32342d3234203d3e20343030393039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.156.0/24
Signature Algorithm: sha256WithRSAEncryption
53:4d:03:a0:75:0f:d7:b5:73:98:9e:6a:94:95:c3:3d:22:9d:
ad:ef:b6:7d:70:1b:49:8b:76:9b:f5:ed:79:bb:cd:ed:44:f2:
15:b9:e3:85:f3:4b:ca:ef:6e:12:13:e6:2f:53:34:8d:5f:16:
fc:e3:83:fb:81:c2:2a:63:33:c7:d7:06:f7:ea:92:e9:02:13:
58:5a:fe:9b:e8:82:24:1f:7f:f1:d5:6d:be:98:ac:0d:c0:11:
ab:34:d6:e9:94:bf:19:6f:7e:a0:9f:91:5e:25:ee:33:20:1f:
c9:b5:fd:ee:8f:06:54:cd:16:ad:87:67:81:d7:cc:e2:3d:99:
57:77:ed:c2:f8:4c:68:c4:a1:82:51:0f:41:72:31:fe:8c:21:
36:06:9d:37:9d:0c:2b:01:b9:d9:bb:96:64:b4:9a:68:a5:e5:
94:b6:30:c0:4e:8a:e2:ad:ff:63:b7:1f:ab:90:c0:0b:64:33:
88:a3:9b:f4:12:e6:00:f0:be:dd:5d:18:a7:8d:57:5d:47:84:
6b:48:0d:88:24:45:8b:99:fe:6a:ad:0a:f1:13:ce:4d:cc:54:
76:04:4e:32:7c:34:2b:ea:cc:3d:e7:c2:c7:63:2e:5b:5c:9d:
d2:51:e1:7b:de:fd:67:eb:a6:df:da:63:3e:79:f5:b6:a3:e1:
28:9f:62:4c
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUKQnaAIGyu54UrWZ7u8aXRilSeSMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM3NGJjNmQwMjUxMzViZWQ5NTM5Nzc5YTAzZmRkNjRh
YmViYTExZjAeFw0yNjAzMjYwODU1NTZaFw0yNzAzMjUwOTAwNTZaMDMxMTAvBgNV
BAMTKDREODFGRTUxRThCNzQwNTgxQzgyODczNzU5RjhEOEQ1NTMzOURBQ0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYazCHSW15be9dgGEXJZQmeVQa
h50+5Q6u3Ci6zbldh1gBtzogO124FYlW42SzoDT6xP0TDr+bV/bcqAy2BYWUKuU2
x9tEbjPcZIRj2u8joFdHTaDwbnKug3ll0NvJ/a6w4Hwn2SmAHq5liR+2GReYErP+
FpFqbeG+BOTiQF3bn1J/lBykZ3ZZaPk3ewlTyNaI4yRGEtECTF9Zu7qwg3E3A0l1
xR3Hzj3tqW1AdLOYEy6tA75VCxURDydC6XRmOvlEVZRyAe2m4IpF1kZMZdE3EXmB
0tL38HnZh8ONywL+BKWyLSfSE5oduksGIHhe6pWMj+3oB7PNKh/5IUjdL0MfAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUTYH+Uei3QFgcgoc3WfjY1VM52s0wHwYDVR0j
BBgwFoAUc3S8bQJRNb7ZU5d5oD/dZKvroR8wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTQyNTg1ZjctYmMxYi00OTcwLWJkMzQtZGJmZDJiMjE0
N2QyLzAvNzM3NEJDNkQwMjUxMzVCRUQ5NTM5Nzc5QTAzRkRENjRBQkVCQTExRi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MzUzhiUUpSTmI3WlU1ZDVvRF9kWkt2
cm9SOC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTQyNTg1Zjct
YmMxYi00OTcwLWJkMzQtZGJmZDJiMjE0N2QyLzAvMzQzNTJlMzEzNTM0MmUzMTM1
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDMwMzAzOTMwMzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAtmpwwDQYJKoZIhvcNAQELBQADggEBAFNNA6B1D9e1c5ieapSVwz0ina3vtn1w
G0mLdpv17Xm7ze1E8hW544XzS8rvbhIT5i9TNI1fFvzjg/uBwipjM8fXBvfqkukC
E1ha/pvogiQff/HVbb6YrA3AEas01umUvxlvfqCfkV4l7jMgH8m1/e6PBlTNFq2H
Z4HXzOI9mVd37cL4TGjEoYJRD0FyMf6MITYGnTedDCsBudm7lmS0mmil5ZS2MMBO
iuKt/2O3H6uQwAtkM4ijm/QS5gDwvt1dGKeNV11HhGtIDYgkRYuZ/mqtCvETzk3M
VHYETjJ8NCvqzD3nwsdjLltcndJR4Xve/Wfrpt/aYz559baj4SifYkw=
-----END CERTIFICATE-----
Generated at Thu Mar 26 16:16:19 2026 by rpki-client