Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3134392e3230342e302f32332d3332203d3e203531313637.roa
File: 34352e3134392e3230342e302f32332d3332203d3e203531313637.roa (raw, json)
Hash identifier: +MJu7UmHpMP7MNBTVTyznCw45xKq//62GHLC/J+0flk=
Subject key identifier: 78:2F:30:1A:28:26:16:2E:25:1B:42:69:01:EA:3A:27:55:63:7C:FA
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 44C7EC9FC98AD5D36AE4E18EDEB871D291E0CA1C
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3134392e3230342e302f32332d3332203d3e203531313637.roa
Signing time: Wed 25 Mar 2026 14:23:31 +0000
ROA not before: Wed 25 Mar 2026 14:18:31 +0000
ROA not after: Wed 24 Mar 2027 14:23:31 +0000
asID: 51167
IP address blocks: 45.149.204.0/23 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:c7:ec:9f:c9:8a:d5:d3:6a:e4:e1:8e:de:b8:71:d2:91:e0:ca:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Mar 25 14:18:31 2026 GMT
Not After : Mar 24 14:23:31 2027 GMT
Subject: CN=782F301A2826162E251B426901EA3A2755637CFA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:37:ca:dd:ed:98:1c:75:80:6b:57:0f:be:84:
aa:5b:40:ba:5f:08:15:13:58:80:f5:d1:45:43:c1:
e9:6f:72:90:0d:ae:f9:0c:dc:fd:89:65:01:24:85:
e8:51:db:4f:5b:3e:74:c0:34:0c:d0:e6:d7:c8:11:
77:c7:f2:d6:60:12:b8:21:f8:72:83:2d:58:6d:47:
62:07:1e:83:5e:e8:1e:60:f8:f7:0f:84:95:10:79:
09:27:e4:98:39:22:a8:1e:52:f4:9f:6c:f8:5d:70:
07:87:4f:f9:a6:2d:64:12:0c:fc:f8:fe:71:42:ce:
81:60:92:93:31:dd:98:53:0f:8b:99:2c:8d:3f:4a:
53:92:81:bd:2d:bd:b2:2a:21:0f:1e:dd:ca:17:57:
9f:fa:05:b9:6a:0d:d6:f6:0d:ae:50:43:02:50:14:
8d:ba:50:69:bf:87:82:62:23:e9:a9:73:e9:1c:aa:
b4:a4:0d:44:71:75:7d:03:41:a8:fb:be:08:80:71:
6d:04:34:f1:04:2e:02:f3:1b:b1:9b:ed:4a:9f:02:
c0:d7:3a:ff:2d:48:67:6e:55:03:a2:9b:13:6e:36:
54:c8:05:32:73:73:59:c5:7d:11:ea:ae:f0:b9:2c:
9d:87:9e:dd:c6:53:17:a3:b8:ef:98:c2:36:e6:43:
03:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:2F:30:1A:28:26:16:2E:25:1B:42:69:01:EA:3A:27:55:63:7C:FA
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3134392e3230342e302f32332d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.204.0/23
Signature Algorithm: sha256WithRSAEncryption
a2:a8:18:1a:1d:3a:db:de:93:8f:51:7a:35:3e:0a:0f:04:ce:
36:f6:ca:f0:9e:30:0e:b8:97:bd:a5:88:63:d1:b8:07:fe:32:
b0:4c:88:e6:c2:3f:29:fa:59:d2:e7:da:29:49:2e:ba:2e:82:
99:85:86:b2:e3:f9:eb:13:21:fe:ed:cf:a6:5a:18:50:8c:08:
fa:7f:60:b3:13:1e:ae:63:92:6e:9e:4e:1c:0e:5b:2f:25:a4:
68:28:59:24:df:c2:c6:79:ce:3e:3c:44:39:c2:e0:9c:95:af:
47:f7:40:c7:e2:d6:e0:45:69:e3:23:84:da:6c:b3:5d:f4:5f:
46:4d:eb:f3:0b:77:fc:ca:cf:e2:26:39:dd:70:b7:b3:0f:f7:
5a:2c:16:3b:e3:25:a9:98:27:63:b6:8c:45:ef:4f:62:88:66:
bb:cd:43:5c:97:d7:8b:5c:9a:f3:6e:a0:f5:d3:58:a1:77:13:
ef:61:35:57:9a:b7:d6:e1:50:af:ac:31:2b:14:f2:35:59:74:
65:42:b8:8b:bd:80:80:a0:23:53:98:28:f4:d8:99:e3:1e:06:
37:1e:fe:96:9a:10:05:53:b3:fc:02:4e:c4:33:bc:a9:91:7b:
91:3a:8a:c9:3c:7c:42:e0:55:51:ac:73:10:f6:75:2f:ee:f9:
94:7c:e1:ff
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIURMfsn8mK1dNq5OGO3rhx0pHgyhwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNjAzMjUxNDE4MzFaFw0yNzAzMjQxNDIzMzFaMDMxMTAvBgNV
BAMTKDc4MkYzMDFBMjgyNjE2MkUyNTFCNDI2OTAxRUEzQTI3NTU2MzdDRkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXN8rd7ZgcdYBrVw++hKpbQLpf
CBUTWID10UVDwelvcpANrvkM3P2JZQEkhehR209bPnTANAzQ5tfIEXfH8tZgErgh
+HKDLVhtR2IHHoNe6B5g+PcPhJUQeQkn5Jg5IqgeUvSfbPhdcAeHT/mmLWQSDPz4
/nFCzoFgkpMx3ZhTD4uZLI0/SlOSgb0tvbIqIQ8e3coXV5/6BblqDdb2Da5QQwJQ
FI26UGm/h4JiI+mpc+kcqrSkDURxdX0DQaj7vgiAcW0ENPEELgLzG7Gb7UqfAsDX
Ov8tSGduVQOimxNuNlTIBTJzc1nFfRHqrvC5LJ2Hnt3GUxejuO+YwjbmQwOtAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUeC8wGigmFi4lG0JpAeo6J1VjfPowHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzQzNTJlMzEzNDM5MmUzMjMw
MzQyZTMwMmYzMjMzMmQzMzMyMjAzZDNlMjAzNTMxMzEzNjM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
LZXMMA0GCSqGSIb3DQEBCwUAA4IBAQCiqBgaHTrb3pOPUXo1PgoPBM429srwnjAO
uJe9pYhj0bgH/jKwTIjmwj8p+lnS59opSS66LoKZhYay4/nrEyH+7c+mWhhQjAj6
f2CzEx6uY5Junk4cDlsvJaRoKFkk38LGec4+PEQ5wuCcla9H90DH4tbgRWnjI4Ta
bLNd9F9GTevzC3f8ys/iJjndcLezD/daLBY74yWpmCdjtoxF709iiGa7zUNcl9eL
XJrzbqD101ihdxPvYTVXmrfW4VCvrDErFPI1WXRlQriLvYCAoCNTmCj02JnjHgY3
Hv6WmhAFU7P8Ak7EM7ypkXuROorJPHxC4FVRrHMQ9nUv7vmUfOH/
-----END CERTIFICATE-----
Generated at Thu Mar 26 02:38:11 2026 by rpki-client