Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3134302e3138362e302f32342d3234203d3e20383334.roa
File: 34352e3134302e3138362e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: dMWYhO5JGSyQgdCy4eHz7UsJoCsh6idyjjzubZaAVFY=
Subject key identifier: B4:7E:E6:CC:1E:C3:C9:7C:3A:96:BF:25:EE:8C:31:24:56:22:A2:DE
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 42C0BF96C52F2D838FD91FDA1BE249CA455B67B9
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3134302e3138362e302f32342d3234203d3e20383334.roa
Signing time: Tue 19 Aug 2025 07:11:18 +0000
ROA not before: Tue 19 Aug 2025 07:06:18 +0000
ROA not after: Tue 18 Aug 2026 07:11:18 +0000
asID: 834
IP address blocks: 45.140.186.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Aug 2025 16:45:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:c0:bf:96:c5:2f:2d:83:8f:d9:1f:da:1b:e2:49:ca:45:5b:67:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Aug 19 07:06:18 2025 GMT
Not After : Aug 18 07:11:18 2026 GMT
Subject: CN=B47EE6CC1EC3C97C3A96BF25EE8C31245622A2DE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:e2:4b:f5:38:9c:5f:ae:bd:ef:e3:01:e4:b6:
65:ff:a5:81:cb:4c:e5:68:70:a9:d5:c0:8c:22:21:
9e:72:22:90:0b:1a:e6:28:c5:13:74:d6:0d:df:73:
dd:b1:18:80:97:75:dc:b8:e5:78:ec:c4:1e:f2:b2:
20:78:c9:e2:d7:40:1a:3d:84:02:e8:bb:39:2a:f3:
f2:d5:d4:99:fe:b4:61:ca:18:2f:cf:06:d6:db:7b:
58:d3:d6:53:f4:91:a6:03:47:7a:f6:4c:80:8e:76:
1f:aa:ba:57:3d:b5:31:ee:50:ed:af:15:ea:ea:fb:
d3:80:13:45:a4:b2:1f:4c:8a:2e:35:ea:61:0a:74:
b4:7d:5a:1e:02:96:c4:57:39:48:39:bb:ae:01:55:
36:96:f4:86:3f:5f:72:66:b9:e4:ac:69:6f:df:69:
bd:66:6a:60:4e:4a:4b:b1:80:1e:6a:0d:50:16:13:
fc:fe:22:d9:91:4e:0b:c9:d5:ea:44:0f:6f:bc:ae:
a3:01:c0:a5:60:91:d6:d1:63:8c:2b:10:10:1a:47:
5a:b0:6a:39:ea:5b:d6:04:c8:d3:33:3d:12:2e:57:
9d:12:ac:80:10:41:e5:60:c1:a0:84:c7:04:36:82:
40:6e:22:23:a6:74:47:0b:5d:24:e2:be:44:21:cf:
c8:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:7E:E6:CC:1E:C3:C9:7C:3A:96:BF:25:EE:8C:31:24:56:22:A2:DE
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3134302e3138362e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.186.0/24
Signature Algorithm: sha256WithRSAEncryption
75:99:0b:50:93:d0:d5:d5:87:7c:81:1d:be:b9:3b:fd:c7:e9:
56:2e:cb:28:28:d1:1f:ac:f2:60:29:5d:89:ca:b9:76:c5:f5:
f1:81:4b:85:c2:75:65:b0:c6:24:91:39:83:c8:c6:58:00:14:
8e:89:9c:22:5e:ae:a8:0b:d5:0d:f6:5d:1e:11:75:34:18:2d:
0d:98:4e:4c:80:ea:9e:7f:16:ed:42:b1:e5:41:c3:e6:67:b3:
8a:d8:49:96:51:cd:33:07:00:c6:f6:6c:62:51:fa:f4:a1:89:
f5:f5:0e:d5:60:ce:3e:33:48:41:15:3c:d2:b0:50:c0:f1:cd:
95:e6:cb:49:18:19:a0:73:e0:7b:a9:5c:62:5b:72:09:c3:e2:
3f:9d:c3:4c:ef:c3:a4:35:53:b7:fd:e7:37:2f:88:03:b4:06:
d4:3b:1d:f5:f4:2b:e3:d6:ea:63:b7:bd:eb:6c:fb:64:ea:80:
45:af:a4:3f:2b:6e:05:a0:36:d9:a2:fb:35:92:09:77:8c:da:
0c:74:6b:ad:c1:cc:e7:5d:0d:92:d4:e0:94:35:1c:a3:aa:b1:
bb:9d:17:83:c9:76:3e:2d:3e:cf:7c:3e:b0:cf:c0:4e:17:9c:
db:e2:6a:ad:1b:ba:0d:79:bd:1b:42:da:09:fc:77:e0:3f:3e:
d3:36:49:01
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIUQsC/lsUvLYOP2R/aG+JJykVbZ7kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNTA4MTkwNzA2MThaFw0yNjA4MTgwNzExMThaMDMxMTAvBgNV
BAMTKEI0N0VFNkNDMUVDM0M5N0MzQTk2QkYyNUVFOEMzMTI0NTYyMkEyREUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC64kv1OJxfrr3v4wHktmX/pYHL
TOVocKnVwIwiIZ5yIpALGuYoxRN01g3fc92xGICXddy45XjsxB7ysiB4yeLXQBo9
hALouzkq8/LV1Jn+tGHKGC/PBtbbe1jT1lP0kaYDR3r2TICOdh+qulc9tTHuUO2v
Ferq+9OAE0Wksh9Mii416mEKdLR9Wh4ClsRXOUg5u64BVTaW9IY/X3JmueSsaW/f
ab1mamBOSkuxgB5qDVAWE/z+ItmRTgvJ1epED2+8rqMBwKVgkdbRY4wrEBAaR1qw
ajnqW9YEyNMzPRIuV50SrIAQQeVgwaCExwQ2gkBuIiOmdEcLXSTivkQhz8jPAgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQUtH7mzB7DyXw6lr8l7owxJFYiot4wHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zNDM1MmUzMTM0MzAy
ZTMxMzgzNjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM4MzMzNC5yb2EwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
AC2MujANBgkqhkiG9w0BAQsFAAOCAQEAdZkLUJPQ1dWHfIEdvrk7/cfpVi7LKCjR
H6zyYCldicq5dsX18YFLhcJ1ZbDGJJE5g8jGWAAUjomcIl6uqAvVDfZdHhF1NBgt
DZhOTIDqnn8W7UKx5UHD5mezithJllHNMwcAxvZsYlH69KGJ9fUO1WDOPjNIQRU8
0rBQwPHNlebLSRgZoHPge6lcYltyCcPiP53DTO/DpDVTt/3nNy+IA7QG1Dsd9fQr
49bqY7e962z7ZOqARa+kPytuBaA22aL7NZIJd4zaDHRrrcHM510NktTglDUco6qx
u50Xg8l2Pi0+z3w+sM/AThec2+JqrRu6DXm9G0LaCfx34D8+0zZJAQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:12:23 2025 by rpki-client