Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/34352e3135342e3135392e302f32342d3234203d3e20323130393430.roa
File: 34352e3135342e3135392e302f32342d3234203d3e20323130393430.roa (raw, json)
Hash identifier: tSh08zX3Eo/n+55YFLpFS0oN655mgY9Y1QehG3qwmI0=
Subject key identifier: 3A:37:51:0C:2B:A6:01:4A:CB:5E:BE:DD:93:E9:D5:CD:68:4C:04:1F
Certificate issuer: /CN=7374bc6d025135bed9539779a03fdd64abeba11f
Certificate serial: 31F7F4AAB5781692D74223AB0C6303D04C6B1A52
Authority key identifier: 73:74:BC:6D:02:51:35:BE:D9:53:97:79:A0:3F:DD:64:AB:EB:A1:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c3S8bQJRNb7ZU5d5oD_dZKvroR8.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/34352e3135342e3135392e302f32342d3234203d3e20323130393430.roa
Signing time: Thu 26 Mar 2026 09:00:55 +0000
ROA not before: Thu 26 Mar 2026 08:55:55 +0000
ROA not after: Thu 25 Mar 2027 09:00:55 +0000
asID: 210940
IP address blocks: 45.154.159.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/7374BC6D025135BED9539779A03FDD64ABEBA11F.crl
rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/7374BC6D025135BED9539779A03FDD64ABEBA11F.mft
rsync://rpki.ripe.net/repository/DEFAULT/c3S8bQJRNb7ZU5d5oD_dZKvroR8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 12:59:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:f7:f4:aa:b5:78:16:92:d7:42:23:ab:0c:63:03:d0:4c:6b:1a:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7374bc6d025135bed9539779a03fdd64abeba11f
Validity
Not Before: Mar 26 08:55:55 2026 GMT
Not After : Mar 25 09:00:55 2027 GMT
Subject: CN=3A37510C2BA6014ACB5EBEDD93E9D5CD684C041F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:ef:32:55:b5:6e:9e:74:6b:51:f7:b0:11:04:
64:a9:4f:03:bb:81:6d:92:8f:75:aa:7f:15:a1:83:
2c:70:52:be:55:50:ec:e5:ff:bd:dd:0c:4c:0d:d1:
49:0e:36:48:67:a9:68:0c:46:e7:6c:e1:7e:c1:bb:
53:b3:9b:9c:62:cf:5a:48:94:73:93:b0:53:b2:91:
af:ba:b9:2d:a5:14:1b:ff:0c:3c:7e:35:a5:82:97:
94:b0:aa:e1:02:2b:17:09:4d:f2:b9:68:3e:8b:77:
72:bb:40:fa:de:f1:1d:61:8b:ff:61:7a:c5:05:1a:
1e:a8:8c:e4:90:fb:35:af:36:75:ca:44:7b:fb:75:
e4:fc:cf:96:45:a9:e8:ad:53:5a:b1:49:52:de:81:
94:16:00:43:65:15:4b:db:88:f3:a8:46:42:14:ee:
20:de:63:3c:d7:2b:10:3f:6c:15:3b:74:ee:99:cd:
54:b4:8c:5e:e6:51:7f:d7:c4:d4:4d:a5:d0:f5:df:
86:a2:09:ee:8c:e1:81:93:44:4b:80:76:58:c4:5e:
79:f4:03:7e:0a:d7:58:9e:f4:80:87:95:19:b6:ca:
30:e6:0b:25:c3:fe:fa:e4:ee:cb:43:9e:02:dd:26:
40:cb:31:47:30:36:6b:3f:78:cc:76:17:5e:43:3f:
6b:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:37:51:0C:2B:A6:01:4A:CB:5E:BE:DD:93:E9:D5:CD:68:4C:04:1F
X509v3 Authority Key Identifier:
keyid:73:74:BC:6D:02:51:35:BE:D9:53:97:79:A0:3F:DD:64:AB:EB:A1:1F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/7374BC6D025135BED9539779A03FDD64ABEBA11F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3S8bQJRNb7ZU5d5oD_dZKvroR8.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/34352e3135342e3135392e302f32342d3234203d3e20323130393430.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.159.0/24
Signature Algorithm: sha256WithRSAEncryption
27:78:2a:d2:c0:db:d4:0c:47:ce:fe:49:5e:a0:58:56:79:e1:
33:ef:7e:94:87:0c:17:86:67:92:34:f1:dd:b2:1c:a3:a8:f8:
ae:7c:7f:4c:2e:ac:ee:36:b1:6d:6d:b7:a8:71:9b:8b:26:3f:
08:a6:1c:ba:b0:29:56:cf:d4:b1:71:c4:fa:48:e0:23:ec:48:
f4:32:4f:6f:ab:17:99:9b:b5:73:27:c4:b0:a3:c9:84:e5:c9:
e9:97:c4:e5:58:dc:83:89:7d:ff:10:05:2f:98:da:74:82:1a:
eb:69:9e:80:64:4f:9b:97:d2:0e:15:7c:0c:ea:ab:ee:e7:dd:
d6:cd:13:f4:82:fd:a5:cc:9e:ab:c8:12:90:4b:be:7d:5c:0c:
e6:b2:a5:7c:1e:3d:d8:38:d8:f3:39:ef:4e:24:ef:83:bf:0c:
50:20:c4:dd:36:71:12:26:b5:70:c1:1c:01:36:14:9d:4f:1b:
f7:ba:2e:67:81:22:47:ae:a8:02:09:ae:42:c5:b9:0e:f9:4b:
3b:54:7e:44:e9:4f:97:7b:87:cd:9d:e9:d3:5a:bc:5e:f9:8a:
4f:45:af:8f:05:22:34:74:08:80:cd:49:81:f6:d1:d7:32:7c:
b4:1f:9d:bf:93:f8:68:df:96:89:ff:42:b1:0d:e0:0b:fb:b9:
44:af:fc:d6
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUMff0qrV4FpLXQiOrDGMD0ExrGlIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM3NGJjNmQwMjUxMzViZWQ5NTM5Nzc5YTAzZmRkNjRh
YmViYTExZjAeFw0yNjAzMjYwODU1NTVaFw0yNzAzMjUwOTAwNTVaMDMxMTAvBgNV
BAMTKDNBMzc1MTBDMkJBNjAxNEFDQjVFQkVERDkzRTlENUNENjg0QzA0MUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDG7zJVtW6edGtR97ARBGSpTwO7
gW2Sj3WqfxWhgyxwUr5VUOzl/73dDEwN0UkONkhnqWgMRuds4X7Bu1Ozm5xiz1pI
lHOTsFOyka+6uS2lFBv/DDx+NaWCl5SwquECKxcJTfK5aD6Ld3K7QPre8R1hi/9h
esUFGh6ojOSQ+zWvNnXKRHv7deT8z5ZFqeitU1qxSVLegZQWAENlFUvbiPOoRkIU
7iDeYzzXKxA/bBU7dO6ZzVS0jF7mUX/XxNRNpdD134aiCe6M4YGTREuAdljEXnn0
A34K11ie9ICHlRm2yjDmCyXD/vrk7stDngLdJkDLMUcwNms/eMx2F15DP2ujAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUOjdRDCumAUrLXr7dk+nVzWhMBB8wHwYDVR0j
BBgwFoAUc3S8bQJRNb7ZU5d5oD/dZKvroR8wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTQyNTg1ZjctYmMxYi00OTcwLWJkMzQtZGJmZDJiMjE0
N2QyLzAvNzM3NEJDNkQwMjUxMzVCRUQ5NTM5Nzc5QTAzRkRENjRBQkVCQTExRi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MzUzhiUUpSTmI3WlU1ZDVvRF9kWkt2
cm9SOC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTQyNTg1Zjct
YmMxYi00OTcwLWJkMzQtZGJmZDJiMjE0N2QyLzAvMzQzNTJlMzEzNTM0MmUzMTM1
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzAzOTM0MzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAtmp8wDQYJKoZIhvcNAQELBQADggEBACd4KtLA29QMR87+SV6gWFZ54TPvfpSH
DBeGZ5I08d2yHKOo+K58f0wurO42sW1tt6hxm4smPwimHLqwKVbP1LFxxPpI4CPs
SPQyT2+rF5mbtXMnxLCjyYTlyemXxOVY3IOJff8QBS+Y2nSCGutpnoBkT5uX0g4V
fAzqq+7n3dbNE/SC/aXMnqvIEpBLvn1cDOaypXwePdg42PM5704k74O/DFAgxN02
cRImtXDBHAE2FJ1PG/e6LmeBIkeuqAIJrkLFuQ75SztUfkTpT5d7h82d6dNavF75
ik9Fr48FIjR0CIDNSYH20dcyfLQfnb+T+Gjflon/QrEN4Av7uUSv/NY=
-----END CERTIFICATE-----
Generated at Thu Mar 26 23:16:12 2026 by rpki-client