Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3134302e3138362e302f32342d3234203d3e20323134343332.roa
File: 34352e3134302e3138362e302f32342d3234203d3e20323134343332.roa (raw, json)
Hash identifier: BbgdJKAa/shb/u1G3+FHckEvKg3+awEk4mxyNzygPAk=
Subject key identifier: 0D:A8:CD:84:5E:AE:06:FC:E1:83:DF:BB:A9:2C:FB:EE:9A:22:94:E4
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 744F97369571B7093820C5546F8AEF99E750B9BB
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3134302e3138362e302f32342d3234203d3e20323134343332.roa
Signing time: Thu 07 May 2026 16:20:36 +0000
ROA not before: Thu 07 May 2026 16:15:36 +0000
ROA not after: Thu 06 May 2027 16:20:36 +0000
asID: 214432
IP address blocks: 45.140.186.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 06:33:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:4f:97:36:95:71:b7:09:38:20:c5:54:6f:8a:ef:99:e7:50:b9:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: May 7 16:15:36 2026 GMT
Not After : May 6 16:20:36 2027 GMT
Subject: CN=0DA8CD845EAE06FCE183DFBBA92CFBEE9A2294E4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:66:4a:23:64:b5:a2:18:ac:07:c6:04:b0:7d:
84:e5:13:f9:a1:00:4f:a1:bc:53:be:25:53:b3:1d:
ac:3f:ad:da:b0:c5:02:7a:98:27:b4:7c:30:bc:9a:
98:7d:41:94:ea:e7:c7:d8:d2:82:89:4e:0d:e4:f0:
9b:21:91:0a:00:fb:d5:1a:a5:78:ae:40:48:e5:b4:
02:42:0a:2e:f4:36:11:0d:5e:4f:eb:76:4a:36:e1:
f5:50:65:95:76:f6:fd:50:a6:e3:e1:fe:1a:db:c4:
bc:10:68:b2:1d:01:cb:18:4c:4a:65:a0:10:d0:32:
e9:ef:bc:ee:c9:43:81:1b:0d:6c:8b:dc:8b:d3:61:
af:5a:a4:a7:a0:34:ae:94:2e:8c:6c:1f:2c:3d:8a:
d8:0f:74:fe:31:c2:b5:a6:f2:e6:85:7f:50:50:80:
47:a6:76:40:7c:aa:d2:97:88:f1:ed:0c:99:a8:6f:
b6:ce:1b:e6:88:a4:f9:33:dc:15:4a:f9:39:8f:54:
7d:15:c5:5c:66:29:d9:2a:25:a2:40:16:8c:f7:b9:
45:07:32:3c:20:ec:54:f4:53:ee:e0:63:b0:e7:a7:
3c:dd:9a:14:87:fd:60:24:a3:eb:be:76:32:25:ab:
c5:0a:76:d6:08:9f:d6:a1:75:3f:f9:54:f7:3f:d1:
d9:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:A8:CD:84:5E:AE:06:FC:E1:83:DF:BB:A9:2C:FB:EE:9A:22:94:E4
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3134302e3138362e302f32342d3234203d3e20323134343332.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.186.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:ce:bd:17:d5:52:c5:65:7f:32:e9:ea:19:10:05:2f:3a:34:
81:a2:48:4e:d9:94:31:6b:7e:1c:d3:a5:1b:3c:c3:c3:68:06:
20:4c:c5:a4:d9:ea:0b:bb:2f:03:de:bb:7d:ec:df:46:64:80:
d2:37:00:5b:b7:7d:51:3b:34:07:50:67:9e:67:5e:ad:44:89:
61:6f:90:c0:a9:e7:6b:b9:38:4b:f8:3e:f3:b1:ac:36:a9:82:
56:53:d4:99:ed:31:60:a2:ad:53:8c:e4:34:e3:65:c7:75:c9:
84:e2:33:54:10:92:22:c9:88:b0:46:41:33:96:6e:91:ff:cb:
c6:5c:bc:5a:f7:d5:10:b4:7c:1c:87:8c:eb:6e:49:29:78:fd:
2f:bc:93:b6:09:2c:4f:db:56:69:49:89:af:04:53:7e:88:93:
05:67:90:0c:13:2c:e1:86:82:96:29:a9:00:f9:5f:ad:32:d4:
c9:95:ee:a5:86:8c:bd:1c:4d:ae:0f:3c:1a:eb:95:85:ac:ab:
e8:95:64:1c:a0:5e:1a:2a:f6:8a:06:7f:b2:a0:ef:9c:15:bc:
aa:b7:da:06:21:7c:a0:0d:dd:61:89:93:9a:01:85:4f:71:fe:
b7:13:4d:85:aa:53:34:b3:48:1b:48:82:04:a1:fb:d2:4e:ef:
da:39:52:c7
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUdE+XNpVxtwk4IMVUb4rvmedQubswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNjA1MDcxNjE1MzZaFw0yNzA1MDYxNjIwMzZaMDMxMTAvBgNV
BAMTKDBEQThDRDg0NUVBRTA2RkNFMTgzREZCQkE5MkNGQkVFOUEyMjk0RTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgZkojZLWiGKwHxgSwfYTlE/mh
AE+hvFO+JVOzHaw/rdqwxQJ6mCe0fDC8mph9QZTq58fY0oKJTg3k8JshkQoA+9Ua
pXiuQEjltAJCCi70NhENXk/rdko24fVQZZV29v1QpuPh/hrbxLwQaLIdAcsYTEpl
oBDQMunvvO7JQ4EbDWyL3IvTYa9apKegNK6ULoxsHyw9itgPdP4xwrWm8uaFf1BQ
gEemdkB8qtKXiPHtDJmob7bOG+aIpPkz3BVK+TmPVH0VxVxmKdkqJaJAFoz3uUUH
Mjwg7FT0U+7gY7DnpzzdmhSH/WAko+u+djIlq8UKdtYIn9ahdT/5VPc/0dl3AgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUDajNhF6uBvzhg9+7qSz77poilOQwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zNDM1MmUzMTM0MzAy
ZTMxMzgzNjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzNDM0MzMzMi5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAC2MujANBgkqhkiG9w0BAQsFAAOCAQEADM69F9VSxWV/MunqGRAFLzo0
gaJITtmUMWt+HNOlGzzDw2gGIEzFpNnqC7svA967fezfRmSA0jcAW7d9UTs0B1Bn
nmderUSJYW+QwKnna7k4S/g+87GsNqmCVlPUme0xYKKtU4zkNONlx3XJhOIzVBCS
IsmIsEZBM5Zukf/Lxly8WvfVELR8HIeM625JKXj9L7yTtgksT9tWaUmJrwRTfoiT
BWeQDBMs4YaClimpAPlfrTLUyZXupYaMvRxNrg88GuuVhayr6JVkHKBeGir2igZ/
sqDvnBW8qrfaBiF8oA3dYYmTmgGFT3H+txNNhapTNLNIG0iCBKH70k7v2jlSxw==
-----END CERTIFICATE-----
Generated at Wed May 13 11:47:08 2026 by rpki-client