Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/34352e36352e3131322e302f32342d3234203d3e20323133363933.roa
File: 34352e36352e3131322e302f32342d3234203d3e20323133363933.roa (raw, json)
Hash identifier: W49ENuAJyAwAJ4VDiXgjYrVdRwY6KO2LcboSXsAqaWg=
Subject key identifier: BC:1E:66:77:A0:DD:A0:67:C0:E9:6F:27:DD:E4:84:D8:69:35:E1:B0
Certificate issuer: /CN=7374bc6d025135bed9539779a03fdd64abeba11f
Certificate serial: 582B8D4C0AD09DF191E2976FB76675D7CBBA1E82
Authority key identifier: 73:74:BC:6D:02:51:35:BE:D9:53:97:79:A0:3F:DD:64:AB:EB:A1:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c3S8bQJRNb7ZU5d5oD_dZKvroR8.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/34352e36352e3131322e302f32342d3234203d3e20323133363933.roa
Signing time: Thu 26 Mar 2026 09:00:56 +0000
ROA not before: Thu 26 Mar 2026 08:55:56 +0000
ROA not after: Thu 25 Mar 2027 09:00:56 +0000
asID: 213693
IP address blocks: 45.65.112.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/7374BC6D025135BED9539779A03FDD64ABEBA11F.crl
rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/7374BC6D025135BED9539779A03FDD64ABEBA11F.mft
rsync://rpki.ripe.net/repository/DEFAULT/c3S8bQJRNb7ZU5d5oD_dZKvroR8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 12:59:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:2b:8d:4c:0a:d0:9d:f1:91:e2:97:6f:b7:66:75:d7:cb:ba:1e:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7374bc6d025135bed9539779a03fdd64abeba11f
Validity
Not Before: Mar 26 08:55:56 2026 GMT
Not After : Mar 25 09:00:56 2027 GMT
Subject: CN=BC1E6677A0DDA067C0E96F27DDE484D86935E1B0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:d2:31:12:cc:36:db:5e:bb:2b:3f:51:f9:c6:
fb:09:3b:dc:ff:b6:45:3e:41:3e:1b:b2:7e:8f:9f:
79:38:d1:6a:5c:38:51:dc:41:85:ae:4e:9a:9e:54:
08:c0:a9:3b:a6:4b:9f:11:55:d8:ce:4b:9d:0f:ba:
4e:53:55:84:bf:0e:23:78:b3:85:cb:20:5d:7d:37:
88:6f:15:87:64:14:3b:97:ab:93:70:fa:da:14:a9:
69:2c:06:02:5a:a9:22:b8:35:67:2a:16:86:e6:e5:
7f:f5:2c:79:67:37:9f:ee:fa:e3:fe:b0:78:31:01:
8d:b2:1c:d1:1e:0a:fa:03:e5:98:9a:49:bb:2f:a6:
f1:e6:8a:7b:ba:81:23:9f:13:01:0b:8b:61:05:b4:
2a:fe:76:f1:72:51:95:1d:2e:83:22:65:67:c8:eb:
b1:f1:66:b1:1c:41:ab:3c:af:cc:69:a3:80:c9:fd:
39:9a:0d:b6:a0:1e:ef:4f:b0:10:b7:19:31:ce:c2:
d2:52:54:aa:2c:3c:c1:9a:93:00:a8:aa:51:a0:bf:
9c:96:f9:22:1e:23:17:bf:82:5f:67:96:f2:4c:45:
e2:98:d3:1f:12:1d:34:01:01:48:e7:83:e4:7a:e3:
b8:90:8c:1b:06:9d:33:6b:08:c0:9e:d6:15:96:2c:
74:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:1E:66:77:A0:DD:A0:67:C0:E9:6F:27:DD:E4:84:D8:69:35:E1:B0
X509v3 Authority Key Identifier:
keyid:73:74:BC:6D:02:51:35:BE:D9:53:97:79:A0:3F:DD:64:AB:EB:A1:1F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/7374BC6D025135BED9539779A03FDD64ABEBA11F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3S8bQJRNb7ZU5d5oD_dZKvroR8.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/34352e36352e3131322e302f32342d3234203d3e20323133363933.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.65.112.0/24
Signature Algorithm: sha256WithRSAEncryption
06:91:8d:ca:a8:73:d9:f4:9d:86:a2:6d:b1:5b:2a:30:1f:9c:
62:8e:16:f2:32:92:b0:f3:fd:73:b2:ec:0a:35:50:cd:b0:d3:
f1:2e:e8:e5:61:f8:90:57:80:be:74:12:64:b1:18:da:4d:c1:
d5:30:31:99:0c:69:d2:b0:0f:db:d3:34:2e:d0:ef:51:ec:d5:
b6:ba:d2:19:a8:5f:b5:78:89:fc:72:6e:71:36:20:25:87:29:
f1:5b:fd:bf:aa:a9:fd:ab:22:9d:91:13:7f:a2:73:dd:7f:41:
04:35:d7:07:87:cc:26:a8:db:31:af:b5:36:24:95:a4:72:e9:
89:eb:fd:ab:1b:61:b6:c4:a3:5a:bf:79:be:91:70:6b:ca:ea:
ec:98:b4:dc:1f:9a:2d:e6:4a:c2:1b:ee:f2:00:ff:28:ed:5d:
14:c0:73:e2:d8:11:80:1c:49:0d:ee:63:91:5d:ec:df:ec:c4:
fa:fc:f5:c5:4a:e6:ea:6c:d4:85:71:02:15:dd:d2:bf:9e:e9:
b1:e2:d0:13:13:b7:dd:6c:37:fb:63:a0:ca:cf:cb:43:fa:17:
ff:ea:66:c3:ac:35:e6:69:af:59:46:20:f7:41:dd:81:40:ad:
a8:32:fb:83:9f:67:13:6e:97:8c:87:5e:5a:e3:a1:c9:16:e7:
01:a4:5a:dc
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUWCuNTArQnfGR4pdvt2Z118u6HoIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM3NGJjNmQwMjUxMzViZWQ5NTM5Nzc5YTAzZmRkNjRh
YmViYTExZjAeFw0yNjAzMjYwODU1NTZaFw0yNzAzMjUwOTAwNTZaMDMxMTAvBgNV
BAMTKEJDMUU2Njc3QTBEREEwNjdDMEU5NkYyN0RERTQ4NEQ4NjkzNUUxQjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCm0jESzDbbXrsrP1H5xvsJO9z/
tkU+QT4bsn6Pn3k40WpcOFHcQYWuTpqeVAjAqTumS58RVdjOS50Puk5TVYS/DiN4
s4XLIF19N4hvFYdkFDuXq5Nw+toUqWksBgJaqSK4NWcqFobm5X/1LHlnN5/u+uP+
sHgxAY2yHNEeCvoD5ZiaSbsvpvHminu6gSOfEwELi2EFtCr+dvFyUZUdLoMiZWfI
67HxZrEcQas8r8xpo4DJ/TmaDbagHu9PsBC3GTHOwtJSVKosPMGakwCoqlGgv5yW
+SIeIxe/gl9nlvJMReKY0x8SHTQBAUjng+R647iQjBsGnTNrCMCe1hWWLHSVAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUvB5md6DdoGfA6W8n3eSE2Gk14bAwHwYDVR0j
BBgwFoAUc3S8bQJRNb7ZU5d5oD/dZKvroR8wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTQyNTg1ZjctYmMxYi00OTcwLWJkMzQtZGJmZDJiMjE0
N2QyLzAvNzM3NEJDNkQwMjUxMzVCRUQ5NTM5Nzc5QTAzRkRENjRBQkVCQTExRi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MzUzhiUUpSTmI3WlU1ZDVvRF9kWkt2
cm9SOC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTQyNTg1Zjct
YmMxYi00OTcwLWJkMzQtZGJmZDJiMjE0N2QyLzAvMzQzNTJlMzYzNTJlMzEzMTMy
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTMzMzYzOTMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LUFwMA0GCSqGSIb3DQEBCwUAA4IBAQAGkY3KqHPZ9J2Gom2xWyowH5xijhbyMpKw
8/1zsuwKNVDNsNPxLujlYfiQV4C+dBJksRjaTcHVMDGZDGnSsA/b0zQu0O9R7NW2
utIZqF+1eIn8cm5xNiAlhynxW/2/qqn9qyKdkRN/onPdf0EENdcHh8wmqNsxr7U2
JJWkcumJ6/2rG2G2xKNav3m+kXBryursmLTcH5ot5krCG+7yAP8o7V0UwHPi2BGA
HEkN7mORXezf7MT6/PXFSubqbNSFcQIV3dK/numx4tATE7fdbDf7Y6DKz8tD+hf/
6mbDrDXmaa9ZRiD3Qd2BQK2oMvuDn2cTbpeMh15a46HJFucBpFrc
-----END CERTIFICATE-----
Generated at Fri Mar 27 02:09:55 2026 by rpki-client