Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e3135322e34352e302f32342d3234203d3e20323034313730.roa
File: 34352e3135322e34352e302f32342d3234203d3e20323034313730.roa (raw, json)
Hash identifier: qjBSrEb5SfoSRb/YqtDyfCoSEInsIsoG+zx2Be44nwo=
Subject key identifier: 48:F8:76:EF:CF:7E:A7:62:32:F3:69:AA:D6:D7:AD:7B:DF:6B:A0:EA
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 4F19F73BC44A961F982F8225AAD7624179D08345
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e3135322e34352e302f32342d3234203d3e20323034313730.roa
Signing time: Tue 28 Apr 2026 23:23:56 +0000
ROA not before: Tue 28 Apr 2026 23:18:56 +0000
ROA not after: Tue 27 Apr 2027 23:23:56 +0000
asID: 204170
IP address blocks: 45.152.45.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 12:12:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:19:f7:3b:c4:4a:96:1f:98:2f:82:25:aa:d7:62:41:79:d0:83:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Apr 28 23:18:56 2026 GMT
Not After : Apr 27 23:23:56 2027 GMT
Subject: CN=48F876EFCF7EA76232F369AAD6D7AD7BDF6BA0EA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:8e:2d:7a:0c:04:13:74:68:d9:6c:88:aa:ba:
4f:06:58:40:a6:20:5a:dd:db:24:f9:e4:c3:5b:4c:
6e:be:43:99:5b:9b:34:2f:e9:50:e4:0e:21:0f:69:
64:5f:0d:80:22:e5:88:f7:4c:74:21:f2:c0:31:f6:
20:d0:fb:13:77:7d:76:7e:e5:88:9d:19:b5:b2:c4:
23:09:b1:d3:90:2a:40:27:7d:52:3c:70:45:16:8a:
14:d7:a1:f1:6e:25:dd:90:e6:72:93:e1:46:4a:14:
65:50:33:ea:7a:0e:3b:6a:13:ec:d5:20:77:97:8a:
b1:5d:e6:c2:69:ef:19:38:bc:55:1a:de:87:b8:57:
58:38:fa:15:14:3b:5a:c7:67:8c:8f:c8:86:74:4a:
2a:04:76:24:5d:a8:c5:30:2d:53:ca:6e:fc:c4:50:
3d:3a:5a:25:4f:ff:50:18:e8:e8:74:86:d1:64:61:
be:59:7d:de:b5:7f:33:6b:a9:90:51:bb:f3:96:a9:
b0:89:bd:0a:0b:0d:84:ad:ba:f8:e7:a3:57:e2:ea:
ff:f3:b4:07:d2:f4:61:cf:c5:6a:01:e5:3b:e4:cd:
ef:ec:0a:26:b2:c7:df:c6:d9:b1:46:85:b6:04:35:
a0:3e:5b:ee:8f:ef:68:31:33:bd:9a:aa:ae:4e:a9:
cf:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:F8:76:EF:CF:7E:A7:62:32:F3:69:AA:D6:D7:AD:7B:DF:6B:A0:EA
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e3135322e34352e302f32342d3234203d3e20323034313730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.45.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:2c:96:31:9c:d1:e5:1f:c9:77:86:e2:2f:18:7f:7e:51:14:
4d:92:4c:8a:3d:6d:17:9f:13:f1:d6:c6:51:6d:c4:a1:10:b5:
3e:ee:a0:56:8a:af:8e:6e:02:57:22:fe:fc:71:1c:0c:07:73:
11:c6:53:d0:b3:83:89:96:87:13:cf:cc:fe:39:48:40:b6:02:
76:20:82:23:12:25:76:14:47:10:15:35:f6:ca:ad:5e:af:d2:
2e:81:c0:9f:39:0b:9d:ec:c4:e2:ee:4c:84:b4:db:a4:97:07:
f0:ce:35:46:4b:50:3a:5d:53:4c:39:ae:86:18:9f:c4:fc:e3:
fb:7a:b7:06:29:34:a3:6c:d2:85:75:c5:a7:ed:0b:57:8c:82:
25:6a:a2:23:15:52:60:23:ab:0c:c5:60:03:92:2a:6c:b3:f4:
8b:3b:6a:ea:76:6b:89:7a:40:ca:9c:03:04:db:b9:36:fc:c2:
00:62:b4:c7:25:6e:85:11:2b:8c:c2:6a:88:7c:42:2b:de:2e:
b8:ce:30:c2:25:59:3a:aa:eb:20:90:79:f6:c5:31:68:9d:3e:
fa:65:d9:2a:f1:7a:e4:63:c5:f6:bb:b9:d7:06:b3:21:0c:23:
f8:be:da:f6:37:cc:99:35:c2:75:19:51:14:7b:b0:15:65:fa:
a0:54:61:8c
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUTxn3O8RKlh+YL4IlqtdiQXnQg0UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjA0MjgyMzE4NTZaFw0yNzA0MjcyMzIzNTZaMDMxMTAvBgNV
BAMTKDQ4Rjg3NkVGQ0Y3RUE3NjIzMkYzNjlBQUQ2RDdBRDdCREY2QkEwRUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDwji16DAQTdGjZbIiquk8GWECm
IFrd2yT55MNbTG6+Q5lbmzQv6VDkDiEPaWRfDYAi5Yj3THQh8sAx9iDQ+xN3fXZ+
5YidGbWyxCMJsdOQKkAnfVI8cEUWihTXofFuJd2Q5nKT4UZKFGVQM+p6DjtqE+zV
IHeXirFd5sJp7xk4vFUa3oe4V1g4+hUUO1rHZ4yPyIZ0SioEdiRdqMUwLVPKbvzE
UD06WiVP/1AY6Oh0htFkYb5Zfd61fzNrqZBRu/OWqbCJvQoLDYStuvjno1fi6v/z
tAfS9GHPxWoB5Tvkze/sCiayx9/G2bFGhbYENaA+W+6P72gxM72aqq5Oqc+lAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUSPh2789+p2Iy82mq1tete99roOowHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzQzNTJlMzEzNTMyMmUzNDM1
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDM0MzEzNzMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LZgtMA0GCSqGSIb3DQEBCwUAA4IBAQBLLJYxnNHlH8l3huIvGH9+URRNkkyKPW0X
nxPx1sZRbcShELU+7qBWiq+ObgJXIv78cRwMB3MRxlPQs4OJlocTz8z+OUhAtgJ2
IIIjEiV2FEcQFTX2yq1er9IugcCfOQud7MTi7kyEtNuklwfwzjVGS1A6XVNMOa6G
GJ/E/OP7ercGKTSjbNKFdcWn7QtXjIIlaqIjFVJgI6sMxWADkipss/SLO2rqdmuJ
ekDKnAME27k2/MIAYrTHJW6FESuMwmqIfEIr3i64zjDCJVk6qusgkHn2xTFonT76
Zdkq8XrkY8X2u7nXBrMhDCP4vtr2N8yZNcJ1GVEUe7AVZfqgVGGM
-----END CERTIFICATE-----
Generated at Wed May 13 04:14:29 2026 by rpki-client