Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3135392e3232382e302f32332d3332203d3e203531313637.roa
File: 34352e3135392e3232382e302f32332d3332203d3e203531313637.roa (raw, json)
Hash identifier: jhFQ50Mkg9n0j9KgxTdvix3QNTvf/21QNdQnO7uGv2Y=
Subject key identifier: 9B:07:4D:C8:CA:8F:8E:7A:A2:63:2D:78:CE:4D:60:E3:B7:C3:EB:DB
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 4D3E8819B4A1D9E520F982702C015FC8C2EDD968
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3135392e3232382e302f32332d3332203d3e203531313637.roa
Signing time: Wed 25 Mar 2026 14:23:31 +0000
ROA not before: Wed 25 Mar 2026 14:18:31 +0000
ROA not after: Wed 24 Mar 2027 14:23:31 +0000
asID: 51167
IP address blocks: 45.159.228.0/23 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:3e:88:19:b4:a1:d9:e5:20:f9:82:70:2c:01:5f:c8:c2:ed:d9:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Mar 25 14:18:31 2026 GMT
Not After : Mar 24 14:23:31 2027 GMT
Subject: CN=9B074DC8CA8F8E7AA2632D78CE4D60E3B7C3EBDB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:6a:19:0f:12:3a:77:fe:a1:86:38:9c:78:bf:
b3:af:10:06:6e:96:60:1c:a6:72:09:c9:b7:f6:f1:
6d:f0:36:97:34:6b:97:a7:dc:68:31:f8:9b:7a:d1:
b7:33:62:69:94:54:89:87:c4:eb:ef:13:1f:e8:85:
aa:5f:87:25:b0:47:77:4e:ba:43:be:45:cf:39:fb:
69:14:50:5c:5f:76:5e:80:a2:4c:20:a4:ac:0e:3c:
4a:bc:08:42:84:fb:50:1a:57:94:26:28:a5:08:9e:
ba:49:63:5f:04:24:9a:a9:e9:cb:5f:91:07:14:03:
2b:d7:58:76:09:b8:79:f8:f8:d2:c5:73:a0:33:e0:
83:12:5e:ad:03:f6:da:57:1c:be:4e:cf:dd:b7:06:
b6:95:4b:d7:af:66:25:78:e8:ea:ea:1e:cd:a3:8d:
d1:31:e8:d8:44:76:91:97:b8:59:6f:36:ac:0a:21:
80:9a:93:08:5d:14:dc:e3:e5:0f:61:ee:5d:12:c4:
b9:1c:d4:25:5d:2b:08:e5:ae:c2:ff:a0:3d:de:ea:
e6:75:10:66:cd:e0:d3:e5:98:e2:f2:b1:00:ec:65:
d9:25:03:44:9a:c5:83:df:ec:9e:6f:c7:42:5e:fc:
e4:dc:1b:8c:fa:64:fd:71:6d:a1:ff:d3:a9:10:2f:
18:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:07:4D:C8:CA:8F:8E:7A:A2:63:2D:78:CE:4D:60:E3:B7:C3:EB:DB
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3135392e3232382e302f32332d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.228.0/23
Signature Algorithm: sha256WithRSAEncryption
77:a3:dc:a3:ca:e8:75:ec:16:43:11:aa:a9:ac:f9:b5:ea:6b:
f7:84:ef:81:75:b1:90:3f:e3:76:1e:e5:53:9e:31:0e:6f:d1:
8d:e5:67:92:61:6e:f4:f6:78:35:42:87:9b:13:6b:03:c5:70:
50:eb:4b:56:eb:ae:80:82:ce:ac:11:3d:58:32:e0:d5:6e:00:
84:1a:e3:45:83:e6:72:4b:33:16:64:cf:bc:b2:7f:98:57:e9:
77:dd:f2:ff:ac:c9:b6:4f:2c:eb:58:fa:1f:fe:ba:f2:de:55:
07:ff:17:4d:e7:6f:4a:eb:10:41:ef:55:31:c5:d0:96:15:2a:
b6:dc:7e:7c:45:19:fc:65:81:67:be:e3:23:14:3d:69:4d:f6:
58:dc:32:51:60:a4:bd:89:e3:c5:9b:4f:41:ee:de:5b:1d:7e:
b9:ea:bb:5b:df:ed:d2:72:d9:04:38:50:72:a1:5a:6b:87:e9:
45:84:9a:e7:7a:f5:27:5a:f5:03:e3:14:ad:f5:be:81:2d:cc:
60:3d:1f:0c:58:c3:3d:e3:ee:d8:36:93:de:36:d0:1d:76:fb:
4c:e5:dd:1c:87:83:76:08:76:38:ed:9e:55:57:da:91:8c:49:
ff:ad:ec:63:90:69:a8:8b:5d:d2:cb:6b:05:98:c6:c2:92:10:
20:ce:e3:23
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUTT6IGbSh2eUg+YJwLAFfyMLt2WgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNjAzMjUxNDE4MzFaFw0yNzAzMjQxNDIzMzFaMDMxMTAvBgNV
BAMTKDlCMDc0REM4Q0E4RjhFN0FBMjYzMkQ3OENFNEQ2MEUzQjdDM0VCREIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9ahkPEjp3/qGGOJx4v7OvEAZu
lmAcpnIJybf28W3wNpc0a5en3Ggx+Jt60bczYmmUVImHxOvvEx/ohapfhyWwR3dO
ukO+Rc85+2kUUFxfdl6AokwgpKwOPEq8CEKE+1AaV5QmKKUInrpJY18EJJqp6ctf
kQcUAyvXWHYJuHn4+NLFc6Az4IMSXq0D9tpXHL5Oz923BraVS9evZiV46OrqHs2j
jdEx6NhEdpGXuFlvNqwKIYCakwhdFNzj5Q9h7l0SxLkc1CVdKwjlrsL/oD3e6uZ1
EGbN4NPlmOLysQDsZdklA0SaxYPf7J5vx0Je/OTcG4z6ZP1xbaH/06kQLxiFAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUmwdNyMqPjnqiYy14zk1g47fD69swHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzQzNTJlMzEzNTM5MmUzMjMy
MzgyZTMwMmYzMjMzMmQzMzMyMjAzZDNlMjAzNTMxMzEzNjM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
LZ/kMA0GCSqGSIb3DQEBCwUAA4IBAQB3o9yjyuh17BZDEaqprPm16mv3hO+BdbGQ
P+N2HuVTnjEOb9GN5WeSYW709ng1QoebE2sDxXBQ60tW666Ags6sET1YMuDVbgCE
GuNFg+ZySzMWZM+8sn+YV+l33fL/rMm2TyzrWPof/rry3lUH/xdN529K6xBB71Ux
xdCWFSq23H58RRn8ZYFnvuMjFD1pTfZY3DJRYKS9iePFm09B7t5bHX656rtb3+3S
ctkEOFByoVprh+lFhJrnevUnWvUD4xSt9b6BLcxgPR8MWMM94+7YNpPeNtAddvtM
5d0ch4N2CHY47Z5VV9qRjEn/rexjkGmoi13Sy2sFmMbCkhAgzuMj
-----END CERTIFICATE-----
Generated at Thu Mar 26 00:53:14 2026 by rpki-client