Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/34352e3135342e3135382e302f32342d3234203d3e20323132363639.roa
File: 34352e3135342e3135382e302f32342d3234203d3e20323132363639.roa (raw, json)
Hash identifier: TCOPzNogBaDbr/F2dYguK9DWZ3otwATKVT54vSzxchU=
Subject key identifier: 95:9D:24:34:79:9C:B0:72:B8:E3:8F:86:FA:A6:0B:91:91:7C:EE:6B
Certificate issuer: /CN=7374bc6d025135bed9539779a03fdd64abeba11f
Certificate serial: 4CF828A32D9D5E3270DFEEE09A3398A4B73B58DE
Authority key identifier: 73:74:BC:6D:02:51:35:BE:D9:53:97:79:A0:3F:DD:64:AB:EB:A1:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c3S8bQJRNb7ZU5d5oD_dZKvroR8.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/34352e3135342e3135382e302f32342d3234203d3e20323132363639.roa
Signing time: Thu 26 Mar 2026 09:00:57 +0000
ROA not before: Thu 26 Mar 2026 08:55:57 +0000
ROA not after: Thu 25 Mar 2027 09:00:57 +0000
asID: 212669
IP address blocks: 45.154.158.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/7374BC6D025135BED9539779A03FDD64ABEBA11F.crl
rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/7374BC6D025135BED9539779A03FDD64ABEBA11F.mft
rsync://rpki.ripe.net/repository/DEFAULT/c3S8bQJRNb7ZU5d5oD_dZKvroR8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 12:59:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:f8:28:a3:2d:9d:5e:32:70:df:ee:e0:9a:33:98:a4:b7:3b:58:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7374bc6d025135bed9539779a03fdd64abeba11f
Validity
Not Before: Mar 26 08:55:57 2026 GMT
Not After : Mar 25 09:00:57 2027 GMT
Subject: CN=959D2434799CB072B8E38F86FAA60B91917CEE6B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:a4:7f:b4:23:15:0d:51:db:f8:61:08:c3:69:
4e:be:93:83:a8:79:28:e3:f4:08:51:16:47:60:4e:
a3:e5:9e:82:e9:da:25:e2:86:96:20:0d:f1:27:0e:
72:71:dc:c8:1d:6d:e3:cb:11:d8:12:7b:17:af:f4:
af:7d:45:2e:d0:b0:d2:2c:de:d8:9b:b9:59:7c:05:
f4:47:ea:e8:ac:71:2a:ad:88:18:bf:d2:9c:57:93:
92:9f:55:aa:56:c2:c7:c7:d4:bc:e9:b0:2d:34:01:
a3:4c:31:5b:cf:a4:b8:90:5b:85:ff:7d:1c:50:55:
f5:40:3f:58:f0:73:b4:11:fb:d9:b2:13:c4:84:8a:
5c:d3:89:97:ac:d8:be:53:d9:43:69:5c:64:f3:af:
2b:1f:01:6e:f2:72:76:e3:a9:7d:af:d9:90:b8:3e:
b8:60:15:4e:8b:47:d5:59:c1:39:7b:7e:f6:dd:37:
df:e8:7b:cc:11:b3:0d:bc:2a:8a:31:10:60:69:77:
e2:1f:be:fe:e1:c7:04:3e:b4:12:80:42:d4:29:b4:
6e:f5:ce:58:23:2a:ff:51:63:90:1a:88:3d:76:ad:
63:45:89:22:db:7a:07:6d:b7:58:8b:cd:02:af:45:
10:19:aa:e1:c8:35:0a:f2:7b:41:e6:66:11:bc:7f:
b1:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:9D:24:34:79:9C:B0:72:B8:E3:8F:86:FA:A6:0B:91:91:7C:EE:6B
X509v3 Authority Key Identifier:
keyid:73:74:BC:6D:02:51:35:BE:D9:53:97:79:A0:3F:DD:64:AB:EB:A1:1F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/7374BC6D025135BED9539779A03FDD64ABEBA11F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3S8bQJRNb7ZU5d5oD_dZKvroR8.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/34352e3135342e3135382e302f32342d3234203d3e20323132363639.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.158.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:f6:62:1b:f3:17:f6:b9:18:0c:82:ae:e6:3a:66:3c:9c:ed:
be:2b:3f:c4:f8:2b:92:f0:5f:8d:d6:78:66:3f:b7:98:d6:26:
54:b5:64:98:24:60:e6:79:e3:87:95:68:e5:88:49:83:d8:38:
26:2f:d6:f4:e4:be:ad:29:fe:7b:90:7c:17:63:c0:9e:01:8a:
4e:29:9c:31:25:b7:4f:f9:30:f3:43:e1:9e:7f:7a:a5:63:45:
21:2f:ac:ef:e9:95:27:bd:10:d0:6b:e3:4f:99:e5:69:72:37:
69:dd:e7:cc:e6:f6:80:c2:c3:8f:eb:e9:36:ea:a6:16:e6:21:
16:95:fb:67:37:ca:7b:9e:66:ec:58:7f:20:ef:b7:ef:ba:1f:
6f:7b:b5:8c:14:62:b7:71:df:32:53:ff:67:92:4a:eb:9e:f7:
19:20:c1:6b:e6:ad:d9:f3:6d:67:a5:c6:75:d2:9c:3b:7c:e5:
2f:7b:05:55:32:d4:60:2c:40:c5:55:84:68:0b:38:da:67:cf:
f7:71:c3:0d:87:7c:ff:66:77:07:a6:07:20:99:a6:62:e1:f3:
a2:35:e3:49:e1:31:06:96:93:76:d5:8f:4d:86:1c:0d:72:af:
96:92:eb:08:43:c6:86:e5:a4:fc:48:cb:64:06:43:c2:45:00:
0c:f6:db:8b
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUTPgooy2dXjJw3+7gmjOYpLc7WN4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM3NGJjNmQwMjUxMzViZWQ5NTM5Nzc5YTAzZmRkNjRh
YmViYTExZjAeFw0yNjAzMjYwODU1NTdaFw0yNzAzMjUwOTAwNTdaMDMxMTAvBgNV
BAMTKDk1OUQyNDM0Nzk5Q0IwNzJCOEUzOEY4NkZBQTYwQjkxOTE3Q0VFNkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRpH+0IxUNUdv4YQjDaU6+k4Oo
eSjj9AhRFkdgTqPlnoLp2iXihpYgDfEnDnJx3MgdbePLEdgSexev9K99RS7QsNIs
3tibuVl8BfRH6uiscSqtiBi/0pxXk5KfVapWwsfH1LzpsC00AaNMMVvPpLiQW4X/
fRxQVfVAP1jwc7QR+9myE8SEilzTiZes2L5T2UNpXGTzrysfAW7ycnbjqX2v2ZC4
PrhgFU6LR9VZwTl7fvbdN9/oe8wRsw28KooxEGBpd+Ifvv7hxwQ+tBKAQtQptG71
zlgjKv9RY5AaiD12rWNFiSLbegdtt1iLzQKvRRAZquHINQrye0HmZhG8f7HdAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUlZ0kNHmcsHK444+G+qYLkZF87mswHwYDVR0j
BBgwFoAUc3S8bQJRNb7ZU5d5oD/dZKvroR8wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTQyNTg1ZjctYmMxYi00OTcwLWJkMzQtZGJmZDJiMjE0
N2QyLzAvNzM3NEJDNkQwMjUxMzVCRUQ5NTM5Nzc5QTAzRkRENjRBQkVCQTExRi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MzUzhiUUpSTmI3WlU1ZDVvRF9kWkt2
cm9SOC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTQyNTg1Zjct
YmMxYi00OTcwLWJkMzQtZGJmZDJiMjE0N2QyLzAvMzQzNTJlMzEzNTM0MmUzMTM1
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzIzNjM2Mzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAtmp4wDQYJKoZIhvcNAQELBQADggEBAJ72YhvzF/a5GAyCruY6Zjyc7b4rP8T4
K5LwX43WeGY/t5jWJlS1ZJgkYOZ544eVaOWISYPYOCYv1vTkvq0p/nuQfBdjwJ4B
ik4pnDElt0/5MPND4Z5/eqVjRSEvrO/plSe9ENBr40+Z5WlyN2nd58zm9oDCw4/r
6TbqphbmIRaV+2c3ynueZuxYfyDvt++6H297tYwUYrdx3zJT/2eSSuue9xkgwWvm
rdnzbWelxnXSnDt85S97BVUy1GAsQMVVhGgLONpnz/dxww2HfP9mdwemByCZpmLh
86I140nhMQaWk3bVj02GHA1yr5aS6whDxoblpPxIy2QGQ8JFAAz224s=
-----END CERTIFICATE-----
Generated at Thu Mar 26 20:33:29 2026 by rpki-client