Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3134392e3230362e302f32332d3332203d3e203531313637.roa
File: 34352e3134392e3230362e302f32332d3332203d3e203531313637.roa (raw, json)
Hash identifier: bDfAUD1jDSWg6VSwSQoYnKDEmGUw9Zbc8DR57o1eu6s=
Subject key identifier: A9:03:0F:86:C3:1D:1E:6D:39:7B:9D:5F:8F:99:D2:82:0B:8E:E8:E1
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 39A719B63AF7F336418688BB29E8757E541D2F67
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3134392e3230362e302f32332d3332203d3e203531313637.roa
Signing time: Wed 25 Mar 2026 14:23:31 +0000
ROA not before: Wed 25 Mar 2026 14:18:31 +0000
ROA not after: Wed 24 Mar 2027 14:23:31 +0000
asID: 51167
IP address blocks: 45.149.206.0/23 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:a7:19:b6:3a:f7:f3:36:41:86:88:bb:29:e8:75:7e:54:1d:2f:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Mar 25 14:18:31 2026 GMT
Not After : Mar 24 14:23:31 2027 GMT
Subject: CN=A9030F86C31D1E6D397B9D5F8F99D2820B8EE8E1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:68:81:88:17:c4:d2:de:ca:5d:01:eb:3b:b8:
c0:a0:d4:a3:45:18:2d:6d:88:bf:f0:2d:cb:37:f8:
8f:6d:ae:3b:43:f5:c7:39:27:59:23:67:aa:fa:a4:
0b:b3:29:07:91:d8:51:bf:bc:da:2e:bc:33:0a:32:
80:2b:1f:7a:5c:6d:bd:ff:34:ef:05:c2:6e:47:ec:
66:d6:21:a5:d8:54:44:a7:0b:f1:5c:d2:8b:1c:63:
38:02:cc:c8:b0:22:b7:8a:24:a0:fc:cd:d4:4a:fe:
d3:2e:db:e7:a1:90:9d:dd:d1:17:65:07:c4:20:72:
f5:86:3d:13:48:6a:56:1c:5c:ac:e8:c1:fd:52:55:
39:49:42:c0:10:9f:e6:2f:1a:f0:f1:a3:36:76:c8:
03:64:ea:a3:5f:2e:e3:67:81:52:bc:2d:63:59:ce:
42:1a:fd:c2:4b:c0:6b:02:a2:32:22:57:98:d5:4c:
77:78:c9:a3:79:46:02:46:8c:d0:c7:f6:84:49:2b:
91:36:e4:3b:22:45:24:bd:ab:f5:3d:06:13:be:a9:
3b:ec:d0:78:fd:dd:f7:f4:51:d6:a7:25:76:e0:47:
12:eb:a6:f0:48:43:e0:64:cd:1e:ad:81:1f:43:6d:
00:73:81:92:00:e2:14:ff:76:e7:ef:65:e0:55:b9:
6a:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:03:0F:86:C3:1D:1E:6D:39:7B:9D:5F:8F:99:D2:82:0B:8E:E8:E1
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3134392e3230362e302f32332d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.206.0/23
Signature Algorithm: sha256WithRSAEncryption
35:83:e3:36:db:dc:4c:90:af:08:db:ac:a6:34:90:a1:12:22:
2f:c6:0b:42:1f:a6:d0:88:2d:98:53:30:ed:3e:d0:97:ec:7f:
5f:82:5b:3d:5a:f3:7b:0f:c3:f3:48:78:6e:69:f9:db:72:6a:
75:b3:62:33:31:31:76:d1:98:c6:79:4c:43:37:c4:41:91:67:
bf:3f:f8:71:ac:bf:12:b3:82:16:9e:32:92:f0:4f:ff:ae:11:
7e:a9:f2:bd:cd:a5:2c:09:96:20:5d:80:2c:e7:29:f9:74:84:
79:b6:ca:44:2a:de:18:74:4d:14:56:41:c5:4a:cd:9d:5f:78:
61:49:70:46:f3:1c:cc:49:4a:58:a9:5d:fb:be:f2:97:e4:09:
17:d2:da:b0:98:2c:06:1e:a5:12:26:4a:74:cb:40:d3:2c:ed:
e9:16:ca:87:00:5a:6e:2b:f3:93:7b:98:27:7a:45:7c:43:2e:
e3:40:36:7d:f8:4a:46:d4:d6:ae:03:de:cb:d6:83:66:6a:cd:
d3:bf:48:81:66:32:2a:9f:fa:f1:c6:97:39:28:8c:17:fe:1e:
d1:b5:2d:db:c1:20:93:a0:96:3e:c5:2e:63:a2:be:b8:e1:e6:
d0:60:bc:b6:61:45:20:10:7b:ca:af:57:22:28:0e:c2:a3:58:
6c:d1:2b:51
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUOacZtjr38zZBhoi7Keh1flQdL2cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNjAzMjUxNDE4MzFaFw0yNzAzMjQxNDIzMzFaMDMxMTAvBgNV
BAMTKEE5MDMwRjg2QzMxRDFFNkQzOTdCOUQ1RjhGOTlEMjgyMEI4RUU4RTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDiaIGIF8TS3spdAes7uMCg1KNF
GC1tiL/wLcs3+I9trjtD9cc5J1kjZ6r6pAuzKQeR2FG/vNouvDMKMoArH3pcbb3/
NO8Fwm5H7GbWIaXYVESnC/Fc0oscYzgCzMiwIreKJKD8zdRK/tMu2+ehkJ3d0Rdl
B8QgcvWGPRNIalYcXKzowf1SVTlJQsAQn+YvGvDxozZ2yANk6qNfLuNngVK8LWNZ
zkIa/cJLwGsCojIiV5jVTHd4yaN5RgJGjNDH9oRJK5E25DsiRSS9q/U9BhO+qTvs
0Hj93ff0UdanJXbgRxLrpvBIQ+BkzR6tgR9DbQBzgZIA4hT/dufvZeBVuWpBAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUqQMPhsMdHm05e51fj5nSgguO6OEwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzQzNTJlMzEzNDM5MmUzMjMw
MzYyZTMwMmYzMjMzMmQzMzMyMjAzZDNlMjAzNTMxMzEzNjM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
LZXOMA0GCSqGSIb3DQEBCwUAA4IBAQA1g+M229xMkK8I26ymNJChEiIvxgtCH6bQ
iC2YUzDtPtCX7H9fgls9WvN7D8PzSHhuafnbcmp1s2IzMTF20ZjGeUxDN8RBkWe/
P/hxrL8Ss4IWnjKS8E//rhF+qfK9zaUsCZYgXYAs5yn5dIR5tspEKt4YdE0UVkHF
Ss2dX3hhSXBG8xzMSUpYqV37vvKX5AkX0tqwmCwGHqUSJkp0y0DTLO3pFsqHAFpu
K/OTe5gnekV8Qy7jQDZ9+EpG1NauA97L1oNmas3Tv0iBZjIqn/rxxpc5KIwX/h7R
tS3bwSCToJY+xS5jor644ebQYLy2YUUgEHvKr1ciKA7Co1hs0StR
-----END CERTIFICATE-----
Generated at Thu Mar 26 02:37:22 2026 by rpki-client