Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/34352e3133312e3130362e302f32342d3234203d3e203535313737.roa
File: 34352e3133312e3130362e302f32342d3234203d3e203535313737.roa (raw, json)
Hash identifier: DYJbtSU3alkUpfI+I48//kE/688ba+a7b6zb5ncktVY=
Subject key identifier: F4:41:AB:EC:20:93:65:85:9A:84:3C:81:28:BF:6D:59:BC:D7:65:F3
Certificate issuer: /CN=7fea37fdfe29b34173e97f1b637a44ec41acebb8
Certificate serial: 1D8529E10E941874AFAA5DAF290945E196B32827
Authority key identifier: 7F:EA:37:FD:FE:29:B3:41:73:E9:7F:1B:63:7A:44:EC:41:AC:EB:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f-o3_f4ps0Fz6X8bY3pE7EGs67g.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/34352e3133312e3130362e302f32342d3234203d3e203535313737.roa
Signing time: Fri 10 Apr 2026 07:44:02 +0000
ROA not before: Fri 10 Apr 2026 07:39:02 +0000
ROA not after: Fri 09 Apr 2027 07:44:02 +0000
asID: 55177
IP address blocks: 45.131.106.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/7FEA37FDFE29B34173E97F1B637A44EC41ACEBB8.crl
rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/7FEA37FDFE29B34173E97F1B637A44EC41ACEBB8.mft
rsync://rpki.ripe.net/repository/DEFAULT/f-o3_f4ps0Fz6X8bY3pE7EGs67g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 13 Apr 2026 21:56:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:85:29:e1:0e:94:18:74:af:aa:5d:af:29:09:45:e1:96:b3:28:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7fea37fdfe29b34173e97f1b637a44ec41acebb8
Validity
Not Before: Apr 10 07:39:02 2026 GMT
Not After : Apr 9 07:44:02 2027 GMT
Subject: CN=F441ABEC209365859A843C8128BF6D59BCD765F3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:4f:66:e4:15:c9:d6:a6:63:81:50:96:b3:9b:
c0:eb:1d:c7:f9:ee:dc:1a:53:4f:2a:16:8c:2c:8b:
88:97:bc:ca:9e:b4:97:ea:b2:55:8a:33:97:17:e2:
b4:b9:cf:48:f5:10:86:1c:eb:be:cb:80:9a:65:05:
ab:f5:85:f4:3e:13:df:f3:20:71:fd:ae:14:f0:62:
67:c4:11:af:b2:56:fd:5f:83:34:60:25:60:4f:2d:
39:f7:30:4a:b6:1a:29:af:fc:e7:84:0f:e1:2f:79:
0c:40:7c:95:3d:87:94:7d:29:78:48:a6:c9:32:26:
a8:10:4b:ca:ee:c6:b4:5f:b1:59:96:96:f8:e5:b8:
8e:a3:e7:43:5e:16:91:ce:9e:4f:ab:b6:1d:93:2c:
04:1e:c2:41:2e:79:5b:6d:01:29:91:14:04:32:10:
40:db:ed:eb:e0:b2:ad:99:59:99:bf:e6:50:d0:85:
79:5a:27:79:20:34:05:fa:25:33:3b:63:40:f1:80:
0e:bf:33:b2:6e:51:39:33:eb:64:96:c7:69:37:dc:
12:75:59:0b:57:ef:04:af:fc:cd:7d:f1:d4:fa:47:
ef:2c:d6:a4:c4:19:ed:88:07:f3:a9:1d:7e:a4:c3:
11:77:7b:95:2c:06:19:23:7d:da:d8:bf:a2:96:1c:
ab:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:41:AB:EC:20:93:65:85:9A:84:3C:81:28:BF:6D:59:BC:D7:65:F3
X509v3 Authority Key Identifier:
keyid:7F:EA:37:FD:FE:29:B3:41:73:E9:7F:1B:63:7A:44:EC:41:AC:EB:B8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/7FEA37FDFE29B34173E97F1B637A44EC41ACEBB8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f-o3_f4ps0Fz6X8bY3pE7EGs67g.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/34352e3133312e3130362e302f32342d3234203d3e203535313737.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.131.106.0/24
Signature Algorithm: sha256WithRSAEncryption
47:dc:c7:0e:87:cb:ed:8d:23:a9:bb:b8:f9:3c:ca:55:6f:e2:
11:98:bf:e7:77:f5:28:25:73:97:2a:39:a2:62:e6:28:84:42:
a7:63:0d:42:ee:15:d0:06:bb:dd:5b:98:03:1f:89:4c:51:ed:
bf:30:a0:7b:83:3a:3f:e8:22:17:65:f2:c3:b9:56:e5:6e:d7:
fe:58:9c:44:c9:c7:d7:2b:5a:53:6d:18:b1:62:34:bb:b6:bf:
d0:e0:7f:68:29:c7:b5:ad:b2:20:2e:21:4a:2f:90:1f:df:ab:
50:b8:f9:53:a5:33:b9:6c:8e:20:39:4d:22:2c:9b:ef:d3:b1:
f0:61:cb:d3:20:2d:c4:cb:4f:9a:3a:ef:bb:7a:9f:fd:a3:ff:
18:0e:27:3e:ea:3b:ee:b6:d5:a6:fb:04:b9:c9:60:90:89:76:
4c:74:d5:49:25:97:19:a7:d0:a4:32:86:fa:ec:c5:c1:d6:a4:
9e:c7:da:71:8f:05:83:41:44:3f:d3:0f:45:1a:b7:7f:ae:17:
84:77:2d:17:96:c6:f4:97:41:1e:f9:3b:d3:90:f2:44:2c:4e:
03:2e:9d:4d:b5:a5:f9:3e:c2:4a:26:d8:d5:c1:4a:87:34:4a:
7f:f2:62:ae:4a:73:19:16:9e:ac:57:42:d1:44:c1:86:7e:03:
4d:54:f5:06
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUHYUp4Q6UGHSvql2vKQlF4ZazKCcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2ZlYTM3ZmRmZTI5YjM0MTczZTk3ZjFiNjM3YTQ0ZWM0
MWFjZWJiODAeFw0yNjA0MTAwNzM5MDJaFw0yNzA0MDkwNzQ0MDJaMDMxMTAvBgNV
BAMTKEY0NDFBQkVDMjA5MzY1ODU5QTg0M0M4MTI4QkY2RDU5QkNENzY1RjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCT2bkFcnWpmOBUJazm8DrHcf5
7twaU08qFowsi4iXvMqetJfqslWKM5cX4rS5z0j1EIYc677LgJplBav1hfQ+E9/z
IHH9rhTwYmfEEa+yVv1fgzRgJWBPLTn3MEq2Gimv/OeED+EveQxAfJU9h5R9KXhI
pskyJqgQS8ruxrRfsVmWlvjluI6j50NeFpHOnk+rth2TLAQewkEueVttASmRFAQy
EEDb7evgsq2ZWZm/5lDQhXlaJ3kgNAX6JTM7Y0DxgA6/M7JuUTkz62SWx2k33BJ1
WQtX7wSv/M198dT6R+8s1qTEGe2IB/OpHX6kwxF3e5UsBhkjfdrYv6KWHKvFAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU9EGr7CCTZYWahDyBKL9tWbzXZfMwHwYDVR0j
BBgwFoAUf+o3/f4ps0Fz6X8bY3pE7EGs67gwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDNkZDQ4ZWItZDEzNi00ZjBlLWFmOGEtNTdhNmJkZDkz
YTlkLzAvN0ZFQTM3RkRGRTI5QjM0MTczRTk3RjFCNjM3QTQ0RUM0MUFDRUJCOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2YtbzNfZjRwczBGejZYOGJZM3BFN0VH
czY3Zy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDNkZDQ4ZWIt
ZDEzNi00ZjBlLWFmOGEtNTdhNmJkZDkzYTlkLzAvMzQzNTJlMzEzMzMxMmUzMTMw
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNTM1MzEzNzM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LYNqMA0GCSqGSIb3DQEBCwUAA4IBAQBH3McOh8vtjSOpu7j5PMpVb+IRmL/nd/Uo
JXOXKjmiYuYohEKnYw1C7hXQBrvdW5gDH4lMUe2/MKB7gzo/6CIXZfLDuVblbtf+
WJxEycfXK1pTbRixYjS7tr/Q4H9oKce1rbIgLiFKL5Af36tQuPlTpTO5bI4gOU0i
LJvv07HwYcvTIC3Ey0+aOu+7ep/9o/8YDic+6jvuttWm+wS5yWCQiXZMdNVJJZcZ
p9CkMob67MXB1qSex9pxjwWDQUQ/0w9FGrd/rheEdy0Xlsb0l0Ee+TvTkPJELE4D
Lp1NtaX5PsJKJtjVwUqHNEp/8mKuSnMZFp6sV0LRRMGGfgNNVPUG
-----END CERTIFICATE-----
Generated at Mon Apr 13 12:23:32 2026 by rpki-client