Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e382e3231372e302f32342d3234203d3e20343032323938.roa
File: 34352e382e3231372e302f32342d3234203d3e20343032323938.roa (raw, json)
Hash identifier: kelqIGWqA6A5CmDeq94bFFXh8OyDYHhPA+ITnx16dp4=
Subject key identifier: 08:1C:CE:7E:DB:8E:9D:D7:02:F6:FD:0C:79:91:72:46:2B:D9:9B:3C
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 025A8AF14492CFE0BF90599E98E0113804B63CC3
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e382e3231372e302f32342d3234203d3e20343032323938.roa
Signing time: Wed 29 Apr 2026 17:10:15 +0000
ROA not before: Wed 29 Apr 2026 17:05:15 +0000
ROA not after: Wed 28 Apr 2027 17:10:15 +0000
asID: 402298
IP address blocks: 45.8.217.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.mft
rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 30 Apr 2026 17:37:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:5a:8a:f1:44:92:cf:e0:bf:90:59:9e:98:e0:11:38:04:b6:3c:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Apr 29 17:05:15 2026 GMT
Not After : Apr 28 17:10:15 2027 GMT
Subject: CN=081CCE7EDB8E9DD702F6FD0C799172462BD99B3C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:8f:a5:5e:e0:ac:f3:c8:7c:74:6a:0f:f8:05:
8a:5d:91:92:81:fd:c9:ad:b1:6e:09:82:33:37:8d:
fb:bd:c2:85:fe:dc:ae:30:06:63:75:bf:7b:ce:79:
e2:7a:12:c7:77:cd:e3:fa:51:31:70:c7:40:2b:a8:
ef:e7:84:5e:11:2f:0b:3e:ee:7a:01:dc:32:93:a4:
3b:da:92:00:66:b0:88:8f:65:f6:aa:30:07:00:3b:
f0:28:4b:0e:e7:34:e3:78:c1:bd:b5:1a:37:a2:60:
ba:11:82:6d:21:14:3e:d5:60:5b:a4:e8:1c:68:d4:
3a:33:79:60:84:05:2d:7f:90:e5:4a:f0:65:22:4a:
ad:bd:15:9b:90:8a:c4:ea:55:c2:45:b3:d0:d0:d8:
ba:df:cc:23:7b:53:8e:13:b4:84:06:ec:8c:d7:a6:
ec:a7:aa:c9:3a:8f:f3:99:19:41:b6:5c:21:32:3d:
b1:f1:68:37:5f:da:33:ec:41:ad:4d:a9:41:f2:a1:
73:da:7f:1a:a5:93:05:85:eb:fb:a4:07:25:0b:5b:
fe:8d:e8:27:ca:ab:07:7c:4b:b6:86:e0:eb:6e:c8:
dd:d0:ae:e0:47:9c:99:b2:a9:fb:e3:3d:11:ee:34:
ea:a4:da:71:a7:2e:af:97:6f:28:df:fe:7e:8f:63:
95:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:1C:CE:7E:DB:8E:9D:D7:02:F6:FD:0C:79:91:72:46:2B:D9:9B:3C
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e382e3231372e302f32342d3234203d3e20343032323938.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.217.0/24
Signature Algorithm: sha256WithRSAEncryption
30:0d:1e:80:13:7c:0a:b0:3d:32:05:f0:51:c3:c5:93:2a:b7:
1f:c6:54:ca:ed:49:8c:55:74:87:6a:31:be:9b:89:a9:52:e4:
5c:0f:fd:b6:61:e3:92:d0:d2:d4:db:a4:3d:8d:dd:91:a4:0a:
a6:72:4a:66:8a:15:b9:9d:05:34:31:a7:4c:43:12:27:4c:0d:
26:a5:b9:1b:81:b3:f7:ee:f9:03:63:7c:40:3d:a2:6e:05:12:
8e:cf:87:5a:ee:7d:55:eb:87:93:37:3b:d1:1f:a8:39:37:aa:
f6:95:8b:f5:a5:0d:bc:a9:0e:a5:93:39:c1:e9:ae:ca:bf:bd:
79:61:1a:05:44:fb:dd:bf:43:19:dc:7f:9b:70:3d:59:ec:04:
fe:de:87:a3:76:5f:7d:b0:31:fe:ea:30:2e:50:6d:ba:91:f0:
e6:a2:ac:ab:a6:ad:76:0c:55:55:59:0b:ed:57:d2:7b:2c:4e:
26:28:22:80:d1:97:98:04:8d:ac:7e:bf:a9:6f:9f:6e:38:47:
5b:f1:d1:6d:ed:8c:ab:a6:b6:aa:f8:2d:b9:17:c5:92:8e:1e:
77:42:3d:b3:5d:41:03:5d:62:31:9d:bc:8e:f7:ee:47:97:84:
ac:0f:d4:12:61:2a:cf:88:d2:0c:1b:9f:25:97:24:ba:1d:63:
73:18:88:10
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUAlqK8USSz+C/kFmemOAROAS2PMMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yNjA0MjkxNzA1MTVaFw0yNzA0MjgxNzEwMTVaMDMxMTAvBgNV
BAMTKDA4MUNDRTdFREI4RTlERDcwMkY2RkQwQzc5OTE3MjQ2MkJEOTlCM0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfj6Ve4KzzyHx0ag/4BYpdkZKB
/cmtsW4JgjM3jfu9woX+3K4wBmN1v3vOeeJ6Esd3zeP6UTFwx0ArqO/nhF4RLws+
7noB3DKTpDvakgBmsIiPZfaqMAcAO/AoSw7nNON4wb21GjeiYLoRgm0hFD7VYFuk
6Bxo1DozeWCEBS1/kOVK8GUiSq29FZuQisTqVcJFs9DQ2LrfzCN7U44TtIQG7IzX
puynqsk6j/OZGUG2XCEyPbHxaDdf2jPsQa1NqUHyoXPafxqlkwWF6/ukByULW/6N
6CfKqwd8S7aG4OtuyN3QruBHnJmyqfvjPRHuNOqk2nGnLq+Xbyjf/n6PY5UPAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUCBzOftuOndcC9v0MeZFyRivZmzwwHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzQzNTJlMzgyZTMyMzEzNzJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzAzMjMyMzkzOC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC0I
2TANBgkqhkiG9w0BAQsFAAOCAQEAMA0egBN8CrA9MgXwUcPFkyq3H8ZUyu1JjFV0
h2oxvpuJqVLkXA/9tmHjktDS1NukPY3dkaQKpnJKZooVuZ0FNDGnTEMSJ0wNJqW5
G4Gz9+75A2N8QD2ibgUSjs+HWu59VeuHkzc70R+oOTeq9pWL9aUNvKkOpZM5wemu
yr+9eWEaBUT73b9DGdx/m3A9WewE/t6Ho3ZffbAx/uowLlBtupHw5qKsq6atdgxV
VVkL7VfSeyxOJigigNGXmASNrH6/qW+fbjhHW/HRbe2Mq6a2qvgtuRfFko4ed0I9
s11BA11iMZ28jvfuR5eErA/UEmEqz4jSDBufJZckuh1jcxiIEA==
-----END CERTIFICATE-----
Generated at Thu Apr 30 01:04:22 2026 by rpki-client