Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3134302e3138362e302f32342d3234203d3e20383334.roa
File: 34352e3134302e3138362e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: k1KIOiMkLXfAfZHnuOvXcUXFwhZYKprtBUBH/04Ez0c=
Subject key identifier: 25:1B:23:79:EA:8C:CC:CA:23:1E:A6:E9:8A:54:B9:02:9C:C1:DB:CC
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 3522E8928EDC7E3CFA5695CC8E9AC6A04D76FEBB
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3134302e3138362e302f32342d3234203d3e20383334.roa
Signing time: Fri 27 Mar 2026 13:49:12 +0000
ROA not before: Fri 27 Mar 2026 13:44:12 +0000
ROA not after: Fri 26 Mar 2027 13:49:12 +0000
asID: 834
IP address blocks: 45.140.186.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Mar 2026 20:58:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:22:e8:92:8e:dc:7e:3c:fa:56:95:cc:8e:9a:c6:a0:4d:76:fe:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Mar 27 13:44:12 2026 GMT
Not After : Mar 26 13:49:12 2027 GMT
Subject: CN=251B2379EA8CCCCA231EA6E98A54B9029CC1DBCC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:29:7c:1c:21:32:4b:e7:fe:9c:1d:d7:81:a7:
3c:18:45:5c:7a:07:45:cf:d9:7b:8f:6b:6d:2a:12:
cf:04:38:14:b0:2b:c6:f3:0c:32:72:d1:a6:4f:fb:
c3:cb:53:6c:06:ca:f8:47:13:4c:e0:73:46:5c:10:
21:8c:a4:33:07:c5:02:56:39:f5:ea:73:0d:78:ea:
f3:ea:e6:be:46:18:7b:23:aa:52:fc:bb:00:41:27:
02:69:da:dd:d7:ba:d5:b6:e7:6b:97:81:4b:1a:86:
5f:20:b2:0d:0c:8e:57:1b:61:ea:53:69:b5:9f:00:
a7:d9:4d:67:bf:ee:2f:91:93:1d:f5:c7:f7:d4:f2:
34:57:54:fb:80:85:15:9f:28:0e:78:b6:84:a5:97:
63:29:93:b2:9b:26:67:8f:51:ef:b7:79:7c:3d:fb:
74:19:42:a6:2f:25:81:7b:f8:cd:e2:1c:4c:d9:67:
bb:6b:3c:2e:11:d4:21:24:69:02:46:33:f0:82:d3:
c2:21:08:8e:ee:7f:93:f0:79:9d:e1:d3:ea:93:ff:
40:37:da:34:e5:91:12:99:20:e3:6c:c9:f0:ff:d2:
53:84:f4:2f:33:02:74:83:cf:94:25:a8:bd:f9:29:
d9:9e:d7:c3:d7:22:fe:c2:6b:11:9b:99:64:22:59:
c7:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:1B:23:79:EA:8C:CC:CA:23:1E:A6:E9:8A:54:B9:02:9C:C1:DB:CC
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3134302e3138362e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.186.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:8b:4f:a9:d9:dd:a8:70:86:df:d1:aa:ad:ee:b8:08:a4:87:
0c:f8:68:d4:1b:26:6b:04:e5:7c:bd:52:2c:6d:b9:2b:8b:93:
2c:3a:3d:66:bf:7e:d5:2f:95:2d:cb:0e:0f:48:2d:5e:20:f0:
3b:de:0d:0f:45:ac:ac:c8:34:84:7d:a6:0d:e0:21:da:e5:e1:
68:79:db:ff:b8:84:c4:bc:48:4b:c7:a9:85:d5:a0:fc:d0:b3:
e3:3a:d0:b4:11:19:bc:be:03:5e:1a:e3:3c:04:df:31:44:99:
9a:3b:f0:72:e2:6f:f4:a6:5e:a3:b0:31:25:c5:ee:24:21:80:
ea:b4:9f:31:1f:81:a8:3c:42:9c:99:6b:ca:6a:d5:31:5e:3e:
5a:60:52:d8:aa:ff:50:8c:98:04:24:b1:0b:c4:42:c1:4f:52:
6b:f6:97:75:68:fa:d0:08:af:4f:2a:ab:a8:59:f6:3b:af:d0:
72:c7:96:bd:d1:9b:e3:2f:63:a8:a7:52:68:f7:a6:3d:9c:4d:
f8:f7:56:99:cc:cf:b2:67:97:d0:7d:24:f1:ab:31:de:b3:89:
c8:fa:67:ef:8e:4a:5c:d8:03:bc:42:3a:53:0b:50:2c:d9:0a:
40:ef:e5:49:c7:67:0d:11:13:3b:bf:d8:81:df:61:32:20:ba:
f2:ed:5f:e9
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIUNSLoko7cfjz6VpXMjprGoE12/rswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNjAzMjcxMzQ0MTJaFw0yNzAzMjYxMzQ5MTJaMDMxMTAvBgNV
BAMTKDI1MUIyMzc5RUE4Q0NDQ0EyMzFFQTZFOThBNTRCOTAyOUNDMURCQ0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3KXwcITJL5/6cHdeBpzwYRVx6
B0XP2XuPa20qEs8EOBSwK8bzDDJy0aZP+8PLU2wGyvhHE0zgc0ZcECGMpDMHxQJW
OfXqcw146vPq5r5GGHsjqlL8uwBBJwJp2t3XutW252uXgUsahl8gsg0MjlcbYepT
abWfAKfZTWe/7i+Rkx31x/fU8jRXVPuAhRWfKA54toSll2Mpk7KbJmePUe+3eXw9
+3QZQqYvJYF7+M3iHEzZZ7trPC4R1CEkaQJGM/CC08IhCI7uf5PweZ3h0+qT/0A3
2jTlkRKZIONsyfD/0lOE9C8zAnSDz5QlqL35Kdme18PXIv7CaxGbmWQiWcf3AgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQUJRsjeeqMzMojHqbpilS5ApzB28wwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zNDM1MmUzMTM0MzAy
ZTMxMzgzNjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM4MzMzNC5yb2EwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
AC2MujANBgkqhkiG9w0BAQsFAAOCAQEAXotPqdndqHCG39Gqre64CKSHDPho1Bsm
awTlfL1SLG25K4uTLDo9Zr9+1S+VLcsOD0gtXiDwO94ND0WsrMg0hH2mDeAh2uXh
aHnb/7iExLxIS8ephdWg/NCz4zrQtBEZvL4DXhrjPATfMUSZmjvwcuJv9KZeo7Ax
JcXuJCGA6rSfMR+BqDxCnJlrymrVMV4+WmBS2Kr/UIyYBCSxC8RCwU9Sa/aXdWj6
0AivTyqrqFn2O6/QcseWvdGb4y9jqKdSaPemPZxN+PdWmczPsmeX0H0k8asx3rOJ
yPpn745KXNgDvEI6UwtQLNkKQO/lScdnDRETO7/Ygd9hMiC68u1f6Q==
-----END CERTIFICATE-----
Generated at Sat Mar 28 12:14:33 2026 by rpki-client