Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3135392e3233302e302f32332d3332203d3e203531313637.roa
File: 34352e3135392e3233302e302f32332d3332203d3e203531313637.roa (raw, json)
Hash identifier: /lIEJT3FDYCo/veMVUnV4yYMIaCPO/f8pFwYFGIc0jM=
Subject key identifier: 36:DE:27:F5:68:BA:F7:96:3E:30:5D:DF:A7:A9:0F:71:5F:11:2B:B4
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 19AF648E6BD18573210EB766E1227D225862A041
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3135392e3233302e302f32332d3332203d3e203531313637.roa
Signing time: Wed 25 Mar 2026 14:23:31 +0000
ROA not before: Wed 25 Mar 2026 14:18:31 +0000
ROA not after: Wed 24 Mar 2027 14:23:31 +0000
asID: 51167
IP address blocks: 45.159.230.0/23 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 17:01:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:af:64:8e:6b:d1:85:73:21:0e:b7:66:e1:22:7d:22:58:62:a0:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Mar 25 14:18:31 2026 GMT
Not After : Mar 24 14:23:31 2027 GMT
Subject: CN=36DE27F568BAF7963E305DDFA7A90F715F112BB4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:e6:eb:96:71:d6:ab:46:9b:87:78:62:32:fd:
9b:b2:8c:81:be:9d:ca:66:b6:d4:43:15:27:02:a9:
48:ea:72:9e:59:c5:63:28:0b:5e:96:50:ad:a5:82:
86:92:c4:0f:76:78:a3:db:c6:93:b7:e6:91:3a:1a:
9a:72:7e:81:a2:e4:75:88:97:17:84:95:9b:e8:93:
e0:e3:32:ff:91:28:99:1d:79:8e:83:14:36:68:93:
74:12:d6:26:73:66:3d:fa:8f:06:92:b9:4c:a3:89:
62:3e:e5:68:37:13:60:06:b3:a0:87:72:b3:5f:67:
56:34:6f:21:9c:87:f0:d8:b4:3c:af:64:df:3e:eb:
a0:ce:0c:15:9d:2e:35:b0:c8:3c:65:66:68:31:e7:
cd:52:73:6b:e1:3c:a2:98:bc:49:33:22:1d:ec:7d:
95:d6:66:d7:31:85:10:43:b9:fa:e1:f7:19:eb:30:
d4:9c:09:d3:f8:0e:95:0f:dd:e1:1a:7d:02:0c:24:
5e:72:50:b9:6b:b0:63:f9:aa:ad:ce:1b:34:14:44:
7b:58:30:05:ad:94:e5:65:b8:82:e1:77:e8:ca:a4:
c6:f6:cc:f6:a2:ac:75:ee:77:0c:9f:12:40:ea:14:
a8:2a:36:58:2c:77:f7:08:e4:0c:5d:5b:26:88:2f:
c2:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:DE:27:F5:68:BA:F7:96:3E:30:5D:DF:A7:A9:0F:71:5F:11:2B:B4
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3135392e3233302e302f32332d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.230.0/23
Signature Algorithm: sha256WithRSAEncryption
32:93:eb:d3:f5:c2:4f:b6:51:b2:19:f5:86:9f:ad:8c:85:b2:
5e:52:eb:45:2d:f7:aa:cd:a4:cd:34:2f:89:17:14:be:fd:38:
62:05:bd:7f:33:84:5e:42:70:60:bf:e0:9a:66:36:bb:51:16:
46:97:ff:7b:61:7f:b8:fb:3a:59:2c:8e:9c:00:7e:7c:74:d8:
56:38:bf:37:43:f6:dd:47:14:b0:ca:1d:32:0d:6c:05:6d:e0:
a9:ff:06:08:83:87:93:20:af:d8:55:aa:31:2d:3a:b8:ba:c3:
fd:18:39:7b:ad:4f:ed:19:b5:52:ab:67:91:7d:5e:28:60:13:
b2:79:85:0b:ca:95:12:43:72:7a:8e:e1:9f:b5:33:d0:58:ab:
40:74:12:fc:03:f8:5c:d9:f5:aa:73:47:39:e8:0d:48:20:d9:
38:30:66:a6:87:01:04:a8:fd:c8:59:2e:3c:0b:42:e6:38:3e:
df:5c:4a:f4:81:f7:5c:ff:53:ae:fb:d0:52:f3:dd:a8:3a:3a:
fe:0a:82:97:0b:f5:99:4e:77:06:a2:fd:de:cb:d7:82:ce:15:
5d:7a:d4:50:d7:95:e4:68:1b:0c:ab:7c:ca:d4:c6:5c:1c:06:
b8:80:06:d9:9b:fb:d3:5f:9f:cd:d2:95:3d:d0:80:31:02:f4:
50:2d:b2:90
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUGa9kjmvRhXMhDrdm4SJ9IlhioEEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNjAzMjUxNDE4MzFaFw0yNzAzMjQxNDIzMzFaMDMxMTAvBgNV
BAMTKDM2REUyN0Y1NjhCQUY3OTYzRTMwNURERkE3QTkwRjcxNUYxMTJCQjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD15uuWcdarRpuHeGIy/ZuyjIG+
ncpmttRDFScCqUjqcp5ZxWMoC16WUK2lgoaSxA92eKPbxpO35pE6GppyfoGi5HWI
lxeElZvok+DjMv+RKJkdeY6DFDZok3QS1iZzZj36jwaSuUyjiWI+5Wg3E2AGs6CH
crNfZ1Y0byGch/DYtDyvZN8+66DODBWdLjWwyDxlZmgx581Sc2vhPKKYvEkzIh3s
fZXWZtcxhRBDufrh9xnrMNScCdP4DpUP3eEafQIMJF5yULlrsGP5qq3OGzQURHtY
MAWtlOVluILhd+jKpMb2zPairHXudwyfEkDqFKgqNlgsd/cI5AxdWyaIL8LbAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUNt4n9Wi695Y+MF3fp6kPcV8RK7QwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzQzNTJlMzEzNTM5MmUzMjMz
MzAyZTMwMmYzMjMzMmQzMzMyMjAzZDNlMjAzNTMxMzEzNjM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
LZ/mMA0GCSqGSIb3DQEBCwUAA4IBAQAyk+vT9cJPtlGyGfWGn62MhbJeUutFLfeq
zaTNNC+JFxS+/ThiBb1/M4ReQnBgv+CaZja7URZGl/97YX+4+zpZLI6cAH58dNhW
OL83Q/bdRxSwyh0yDWwFbeCp/wYIg4eTIK/YVaoxLTq4usP9GDl7rU/tGbVSq2eR
fV4oYBOyeYULypUSQ3J6juGftTPQWKtAdBL8A/hc2fWqc0c56A1IINk4MGamhwEE
qP3IWS48C0LmOD7fXEr0gfdc/1Ou+9BS892oOjr+CoKXC/WZTncGov3ey9eCzhVd
etRQ15XkaBsMq3zK1MZcHAa4gAbZm/vTX5/N0pU90IAxAvRQLbKQ
-----END CERTIFICATE-----
Generated at Thu Mar 26 10:37:50 2026 by rpki-client