Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/34352e3135342e3135372e302f32342d3234203d3e203136323736.roa
File: 34352e3135342e3135372e302f32342d3234203d3e203136323736.roa (raw, json)
Hash identifier: 5il5ENU5duiw/v+Bh/sIQNppeL8Bwlie5QmStju8MWM=
Subject key identifier: CE:FC:06:7E:A1:AA:DB:47:B6:42:6F:9A:9A:41:10:44:E5:50:D8:AC
Certificate issuer: /CN=7374bc6d025135bed9539779a03fdd64abeba11f
Certificate serial: 3F7D097B6E3C516E7762A6FC0802B4640CDBC9ED
Authority key identifier: 73:74:BC:6D:02:51:35:BE:D9:53:97:79:A0:3F:DD:64:AB:EB:A1:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c3S8bQJRNb7ZU5d5oD_dZKvroR8.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/34352e3135342e3135372e302f32342d3234203d3e203136323736.roa
Signing time: Thu 26 Mar 2026 09:00:56 +0000
ROA not before: Thu 26 Mar 2026 08:55:56 +0000
ROA not after: Thu 25 Mar 2027 09:00:56 +0000
asID: 16276
IP address blocks: 45.154.157.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/7374BC6D025135BED9539779A03FDD64ABEBA11F.crl
rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/7374BC6D025135BED9539779A03FDD64ABEBA11F.mft
rsync://rpki.ripe.net/repository/DEFAULT/c3S8bQJRNb7ZU5d5oD_dZKvroR8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 12:59:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:7d:09:7b:6e:3c:51:6e:77:62:a6:fc:08:02:b4:64:0c:db:c9:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7374bc6d025135bed9539779a03fdd64abeba11f
Validity
Not Before: Mar 26 08:55:56 2026 GMT
Not After : Mar 25 09:00:56 2027 GMT
Subject: CN=CEFC067EA1AADB47B6426F9A9A411044E550D8AC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:1a:d6:9a:08:ce:74:66:bf:8b:00:e3:16:b4:
2a:24:68:f8:e4:32:4b:fa:9d:2b:db:93:a8:1f:16:
76:27:5c:84:5c:80:d0:2e:ad:91:5e:17:3d:62:94:
c6:a0:00:5b:55:6d:e9:72:83:4e:50:21:1b:5a:3d:
81:a6:d7:b2:95:63:9e:a5:77:e9:fa:81:da:5a:ed:
6d:f8:55:fd:9e:b2:e2:1f:29:c3:fb:89:c5:f8:4e:
34:a5:ad:01:88:60:e5:ff:12:f0:e8:eb:23:fa:0a:
d5:f3:fd:5f:74:1e:42:1a:ea:82:30:fd:87:bf:67:
33:c6:2b:11:02:89:5b:cd:c3:6d:15:ce:ab:7d:4f:
0f:76:1e:4a:14:ea:b7:16:be:77:a7:f6:06:c7:ee:
3d:69:51:cd:94:91:eb:d4:1e:c6:da:67:39:c7:8b:
08:51:b0:01:fc:3d:50:49:4e:f2:07:be:4f:11:91:
1e:a3:ab:a0:59:1a:bd:4d:af:06:f1:9b:82:3a:6b:
9f:b4:41:99:c6:4f:00:91:7e:e7:72:95:c6:cb:ec:
e7:d6:e9:2c:e3:6b:13:37:9d:8e:e0:21:32:97:da:
f1:77:98:2d:84:05:f7:6d:9c:69:25:0b:7e:f6:3a:
c3:0a:28:09:ee:b4:11:fa:ab:3c:35:df:af:7d:12:
cb:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:FC:06:7E:A1:AA:DB:47:B6:42:6F:9A:9A:41:10:44:E5:50:D8:AC
X509v3 Authority Key Identifier:
keyid:73:74:BC:6D:02:51:35:BE:D9:53:97:79:A0:3F:DD:64:AB:EB:A1:1F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/7374BC6D025135BED9539779A03FDD64ABEBA11F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3S8bQJRNb7ZU5d5oD_dZKvroR8.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/34352e3135342e3135372e302f32342d3234203d3e203136323736.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.157.0/24
Signature Algorithm: sha256WithRSAEncryption
41:6c:74:14:26:6d:90:39:ee:13:be:ec:7a:06:fb:ab:3e:de:
fb:3c:5c:2a:0b:f0:52:fe:fa:5c:df:31:9e:e6:9b:27:60:8f:
0d:3d:86:04:40:73:59:7f:a5:d9:92:47:76:f8:21:40:4e:ec:
8f:9b:fd:1c:22:6a:17:e0:4a:d8:f7:95:66:8d:39:6e:fd:2d:
bf:2f:72:26:ed:ea:64:b9:2d:3e:14:56:aa:bd:98:ed:d0:a2:
8a:3e:1a:0c:9c:59:48:c8:80:07:72:cc:b5:c2:7a:29:49:fe:
46:cc:8f:66:a8:83:41:c1:83:7e:c4:d6:29:c6:67:cf:bb:9f:
c5:b6:1d:e6:d0:2b:9d:49:d4:78:b7:22:89:88:e3:5e:41:3f:
61:ec:b1:84:bd:f2:d1:30:9b:75:51:db:ff:5a:1b:65:04:74:
e2:23:5f:cb:03:51:34:f2:34:c4:62:df:50:b9:9d:e2:72:e7:
08:6c:bf:c1:25:4c:dc:f2:98:3f:63:0a:51:e7:be:85:fa:12:
a8:21:ed:04:29:07:e4:9f:b2:38:6a:62:6a:c3:cd:fa:a8:b2:
82:e7:bc:83:c0:3f:3e:98:da:bc:f9:8d:18:ad:c5:fe:6b:d9:
aa:b4:0e:6d:a8:69:db:21:e3:cb:f4:45:c1:49:8c:64:e1:41:
fe:76:d7:d8
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUP30Je248UW53Yqb8CAK0ZAzbye0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM3NGJjNmQwMjUxMzViZWQ5NTM5Nzc5YTAzZmRkNjRh
YmViYTExZjAeFw0yNjAzMjYwODU1NTZaFw0yNzAzMjUwOTAwNTZaMDMxMTAvBgNV
BAMTKENFRkMwNjdFQTFBQURCNDdCNjQyNkY5QTlBNDExMDQ0RTU1MEQ4QUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3GtaaCM50Zr+LAOMWtCokaPjk
Mkv6nSvbk6gfFnYnXIRcgNAurZFeFz1ilMagAFtVbelyg05QIRtaPYGm17KVY56l
d+n6gdpa7W34Vf2esuIfKcP7icX4TjSlrQGIYOX/EvDo6yP6CtXz/V90HkIa6oIw
/Ye/ZzPGKxECiVvNw20Vzqt9Tw92HkoU6rcWvnen9gbH7j1pUc2UkevUHsbaZznH
iwhRsAH8PVBJTvIHvk8RkR6jq6BZGr1Nrwbxm4I6a5+0QZnGTwCRfudylcbL7OfW
6SzjaxM3nY7gITKX2vF3mC2EBfdtnGklC372OsMKKAnutBH6qzw13699EsuFAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUzvwGfqGq20e2Qm+amkEQROVQ2KwwHwYDVR0j
BBgwFoAUc3S8bQJRNb7ZU5d5oD/dZKvroR8wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTQyNTg1ZjctYmMxYi00OTcwLWJkMzQtZGJmZDJiMjE0
N2QyLzAvNzM3NEJDNkQwMjUxMzVCRUQ5NTM5Nzc5QTAzRkRENjRBQkVCQTExRi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MzUzhiUUpSTmI3WlU1ZDVvRF9kWkt2
cm9SOC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTQyNTg1Zjct
YmMxYi00OTcwLWJkMzQtZGJmZDJiMjE0N2QyLzAvMzQzNTJlMzEzNTM0MmUzMTM1
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM2MzIzNzM2LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LZqdMA0GCSqGSIb3DQEBCwUAA4IBAQBBbHQUJm2QOe4Tvux6BvurPt77PFwqC/BS
/vpc3zGe5psnYI8NPYYEQHNZf6XZkkd2+CFATuyPm/0cImoX4ErY95VmjTlu/S2/
L3Im7epkuS0+FFaqvZjt0KKKPhoMnFlIyIAHcsy1wnopSf5GzI9mqINBwYN+xNYp
xmfPu5/Fth3m0CudSdR4tyKJiONeQT9h7LGEvfLRMJt1Udv/WhtlBHTiI1/LA1E0
8jTEYt9QuZ3icucIbL/BJUzc8pg/YwpR576F+hKoIe0EKQfkn7I4amJqw836qLKC
57yDwD8+mNq8+Y0YrcX+a9mqtA5tqGnbIePL9EXBSYxk4UH+dtfY
-----END CERTIFICATE-----
Generated at Thu Mar 26 20:33:55 2026 by rpki-client