Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3135392e3232302e302f32332d3332203d3e203531313637.roa
File: 34352e3135392e3232302e302f32332d3332203d3e203531313637.roa (raw, json)
Hash identifier: KYGz6bab7O/LhAQIv9slZJyaicev7j0O45uBZxJIGNQ=
Subject key identifier: 8F:E8:03:A4:63:CB:3B:C5:1E:6E:A9:4F:1B:C3:79:10:0F:17:6A:BE
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 04F28E3E1B9B23BDC7D03EC7BB970D32CA7C1CF6
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3135392e3232302e302f32332d3332203d3e203531313637.roa
Signing time: Wed 25 Mar 2026 14:23:31 +0000
ROA not before: Wed 25 Mar 2026 14:18:31 +0000
ROA not after: Wed 24 Mar 2027 14:23:31 +0000
asID: 51167
IP address blocks: 45.159.220.0/23 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 17:01:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:f2:8e:3e:1b:9b:23:bd:c7:d0:3e:c7:bb:97:0d:32:ca:7c:1c:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Mar 25 14:18:31 2026 GMT
Not After : Mar 24 14:23:31 2027 GMT
Subject: CN=8FE803A463CB3BC51E6EA94F1BC379100F176ABE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:20:a0:60:cd:53:4f:ff:84:02:a1:6e:4b:74:
b3:a9:e6:7d:44:9b:0c:4b:ab:b1:d0:72:e0:c7:c0:
4a:10:3d:13:d7:24:13:dc:19:5b:60:ff:90:69:e3:
d7:91:b2:d2:03:d8:80:58:63:d5:e7:93:25:1e:02:
e6:24:ef:81:1f:77:e9:88:62:53:8d:8f:55:68:33:
c5:6e:5b:77:10:85:d4:a3:d1:dd:e1:d9:67:ad:bf:
cc:d4:1c:ca:bc:13:08:bf:3d:7c:55:02:da:47:b3:
35:1a:b3:86:a8:44:71:e3:57:4b:95:30:f0:6a:88:
33:e4:8f:27:1a:e4:e7:f8:c1:79:cc:44:8f:e0:0f:
cf:23:f7:db:eb:00:f2:26:f1:f2:72:09:9d:98:54:
be:a3:73:95:b0:43:cd:13:ce:ed:3c:af:8c:c2:fb:
4e:58:ca:be:59:0e:7d:9c:d6:a7:d6:a9:e1:c1:4b:
b4:06:52:a7:69:a0:eb:3d:ef:5d:23:2a:c3:cd:3b:
60:61:91:f7:87:4f:4c:a7:e5:65:3c:72:68:8c:65:
7d:2c:5c:4c:fa:01:8c:88:a8:3c:cd:6a:99:8b:ac:
3c:b8:2f:33:f9:05:47:92:72:4f:19:50:8c:05:15:
bb:00:47:b2:c5:0d:55:ff:8a:ce:3d:8d:51:24:22:
c0:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:E8:03:A4:63:CB:3B:C5:1E:6E:A9:4F:1B:C3:79:10:0F:17:6A:BE
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3135392e3232302e302f32332d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.220.0/23
Signature Algorithm: sha256WithRSAEncryption
21:f9:29:5d:d4:38:fb:a6:7b:54:86:e7:73:3d:13:9b:0d:cb:
9f:64:46:fe:f9:11:f0:e8:28:44:79:7d:39:bb:76:99:68:be:
d9:e4:96:0f:23:7d:16:2a:9f:6b:d5:ce:cd:27:60:b3:5c:c3:
19:f5:e4:70:86:55:05:f4:1b:ec:be:d1:71:cd:6b:05:09:b8:
37:a4:a3:e9:1d:c3:c2:e2:45:85:44:84:cc:af:62:f5:9b:44:
c8:78:ae:45:76:97:4f:16:42:b1:98:8a:58:e3:8e:1f:5e:e0:
2d:44:ca:ba:8f:93:7a:ee:f1:cc:f6:aa:b6:ef:ef:aa:3f:a7:
bb:59:25:d1:92:11:f9:fd:8b:e0:5a:bb:1c:26:a6:2a:aa:5e:
53:3c:9b:25:5c:5f:f5:f0:ab:84:75:20:cb:fb:af:1b:e2:06:
de:aa:13:20:25:14:b5:f5:14:87:9e:21:e9:a5:d6:32:a4:4a:
3a:e6:a9:08:11:6f:9c:c3:57:09:a8:80:ca:0e:d2:4d:0f:f6:
a3:44:0d:b1:38:70:5c:6e:5f:79:c5:db:32:9a:3d:19:a4:0f:
6d:9f:88:20:52:b3:fb:d3:d5:5e:01:e8:c5:a8:e8:aa:9e:c2:
47:8b:ff:92:ca:21:8e:89:8c:0c:5b:00:76:ad:27:27:03:91:
8a:ba:e6:0a
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUBPKOPhubI73H0D7Hu5cNMsp8HPYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNjAzMjUxNDE4MzFaFw0yNzAzMjQxNDIzMzFaMDMxMTAvBgNV
BAMTKDhGRTgwM0E0NjNDQjNCQzUxRTZFQTk0RjFCQzM3OTEwMEYxNzZBQkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2IKBgzVNP/4QCoW5LdLOp5n1E
mwxLq7HQcuDHwEoQPRPXJBPcGVtg/5Bp49eRstID2IBYY9XnkyUeAuYk74Efd+mI
YlONj1VoM8VuW3cQhdSj0d3h2Wetv8zUHMq8Ewi/PXxVAtpHszUas4aoRHHjV0uV
MPBqiDPkjyca5Of4wXnMRI/gD88j99vrAPIm8fJyCZ2YVL6jc5WwQ80Tzu08r4zC
+05Yyr5ZDn2c1qfWqeHBS7QGUqdpoOs9710jKsPNO2BhkfeHT0yn5WU8cmiMZX0s
XEz6AYyIqDzNapmLrDy4LzP5BUeSck8ZUIwFFbsAR7LFDVX/is49jVEkIsCnAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUj+gDpGPLO8UebqlPG8N5EA8Xar4wHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzQzNTJlMzEzNTM5MmUzMjMy
MzAyZTMwMmYzMjMzMmQzMzMyMjAzZDNlMjAzNTMxMzEzNjM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
LZ/cMA0GCSqGSIb3DQEBCwUAA4IBAQAh+Sld1Dj7pntUhudzPRObDcufZEb++RHw
6ChEeX05u3aZaL7Z5JYPI30WKp9r1c7NJ2CzXMMZ9eRwhlUF9BvsvtFxzWsFCbg3
pKPpHcPC4kWFRITMr2L1m0TIeK5FdpdPFkKxmIpY444fXuAtRMq6j5N67vHM9qq2
7++qP6e7WSXRkhH5/YvgWrscJqYqql5TPJslXF/18KuEdSDL+68b4gbeqhMgJRS1
9RSHniHppdYypEo65qkIEW+cw1cJqIDKDtJND/ajRA2xOHBcbl95xdsymj0ZpA9t
n4ggUrP709VeAejFqOiqnsJHi/+SyiGOiYwMWwB2rScnA5GKuuYK
-----END CERTIFICATE-----
Generated at Thu Mar 26 07:31:44 2026 by rpki-client