
Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e382e3231372e302f32342d3234203d3e20383334.roa
File: 34352e382e3231372e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: lxgDM+2IpOwskjSyLj/88e3oNG4qGZLEbcXn/wQBWJ8=
Subject key identifier: 30:28:95:ED:CC:AC:47:E0:D0:84:DB:93:97:A7:3B:2B:39:FC:4B:6E
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: D9365C2F910C9FB869BEB5B30EB9ED43836414
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e382e3231372e302f32342d3234203d3e20383334.roa
Signing time: Mon 29 Jun 2026 13:05:37 +0000
ROA not before: Mon 29 Jun 2026 13:00:37 +0000
ROA not after: Mon 28 Jun 2027 13:05:37 +0000
asID: 834
IP address blocks: 45.8.217.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.mft
rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 Jul 2026 20:13:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
d9:36:5c:2f:91:0c:9f:b8:69:be:b5:b3:0e:b9:ed:43:83:64:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Jun 29 13:00:37 2026 GMT
Not After : Jun 28 13:05:37 2027 GMT
Subject: CN=302895EDCCAC47E0D084DB9397A73B2B39FC4B6E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:3d:3a:81:c5:73:77:17:e4:43:03:6b:88:be:
d4:2e:da:05:e4:2a:29:82:8d:9b:dd:d4:b3:77:15:
af:e5:87:1e:d1:d0:7d:38:fc:eb:eb:22:1e:1d:08:
a4:92:61:37:86:95:bb:98:ee:24:d2:29:99:2d:11:
4a:64:96:dd:56:4a:7d:df:2c:df:08:d8:a7:56:31:
03:4a:ee:45:17:0d:d9:dd:50:81:2a:20:5f:80:43:
94:39:cd:e4:e5:d9:75:86:52:6c:4c:fa:24:00:05:
36:1a:02:e9:48:3f:2b:7e:39:fc:3a:27:d7:bf:25:
27:40:60:5c:c0:29:b5:7f:c7:fb:0b:99:fa:a3:af:
0d:1e:32:b7:1a:4e:22:68:04:5b:83:56:f3:fb:35:
08:3b:0f:f5:11:0d:ae:24:33:24:71:a6:b1:5a:d0:
9a:18:20:a1:2c:f5:54:dc:7f:6e:66:dc:90:60:66:
28:21:97:e0:ec:aa:af:35:b4:e1:e0:7a:50:61:2c:
44:10:6d:23:34:8a:2f:48:93:d4:18:53:b3:5f:87:
1a:89:a0:df:92:77:45:e0:1c:1f:b0:96:1f:18:dc:
fe:ee:2d:ab:12:69:52:4b:27:50:88:35:2a:ea:5d:
ee:c1:bc:dc:46:a3:71:4a:06:6e:a1:07:68:3a:04:
53:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:28:95:ED:CC:AC:47:E0:D0:84:DB:93:97:A7:3B:2B:39:FC:4B:6E
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e382e3231372e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.217.0/24
Signature Algorithm: sha256WithRSAEncryption
93:0a:33:83:c3:87:7f:ee:ec:24:7d:6d:be:52:5c:14:f8:7e:
a8:7c:03:20:81:b0:8c:a6:96:9b:0d:4e:f0:11:c3:69:d5:b7:
d5:62:31:8a:ec:af:ca:37:cd:8b:27:e6:b2:90:9d:dc:f7:dc:
8b:e0:f5:db:ad:c5:f7:ba:9b:7f:96:5c:46:16:2b:61:8f:fa:
2c:c1:98:85:b0:10:0c:1d:77:2b:1e:99:51:0c:85:f0:eb:1d:
a6:0f:e8:52:0b:f3:6c:da:67:f8:e8:86:7f:4d:4c:e5:d2:6c:
fb:fe:e5:86:1d:09:96:82:c1:87:1f:cd:b8:1f:d2:8d:1d:b8:
f8:24:69:de:6f:dd:60:f4:76:e0:57:7e:49:d8:10:42:70:80:
87:20:03:f6:28:d4:7f:77:42:88:92:87:93:02:87:d5:3a:a5:
e8:0b:b3:05:ee:af:9a:4c:30:14:4a:31:a9:d2:4a:b7:e9:06:
62:9f:b5:e0:ac:1a:7d:db:41:09:d0:5c:e2:fd:5d:cf:bc:12:
7c:5e:17:c2:9e:93:81:a8:80:dd:94:e2:8e:34:bd:95:fb:66:
96:24:dc:97:fd:57:0e:26:c4:e5:4c:1f:3a:d3:fe:1a:44:6f:
77:0b:15:ac:e0:5e:ba:a4:f9:f2:0a:dc:47:d5:8f:36:71:ed:
f8:44:e9:0e
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIUANk2XC+RDJ+4ab61sw657UODZBQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yNjA2MjkxMzAwMzdaFw0yNzA2MjgxMzA1MzdaMDMxMTAvBgNV
BAMTKDMwMjg5NUVEQ0NBQzQ3RTBEMDg0REI5Mzk3QTczQjJCMzlGQzRCNkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8PTqBxXN3F+RDA2uIvtQu2gXk
KimCjZvd1LN3Fa/lhx7R0H04/OvrIh4dCKSSYTeGlbuY7iTSKZktEUpklt1WSn3f
LN8I2KdWMQNK7kUXDdndUIEqIF+AQ5Q5zeTl2XWGUmxM+iQABTYaAulIPyt+Ofw6
J9e/JSdAYFzAKbV/x/sLmfqjrw0eMrcaTiJoBFuDVvP7NQg7D/URDa4kMyRxprFa
0JoYIKEs9VTcf25m3JBgZighl+Dsqq81tOHgelBhLEQQbSM0ii9Ik9QYU7NfhxqJ
oN+Sd0XgHB+wlh8Y3P7uLasSaVJLJ1CINSrqXe7BvNxGo3FKBm6hB2g6BFPVAgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQUMCiV7cysR+DQhNuTl6c7Kzn8S24wHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzQzNTJlMzgyZTMyMzEzNzJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM4MzMzNC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC0I2TANBgkq
hkiG9w0BAQsFAAOCAQEAkwozg8OHf+7sJH1tvlJcFPh+qHwDIIGwjKaWmw1O8BHD
adW31WIxiuyvyjfNiyfmspCd3Pfci+D1263F97qbf5ZcRhYrYY/6LMGYhbAQDB13
Kx6ZUQyF8Osdpg/oUgvzbNpn+OiGf01M5dJs+/7lhh0JloLBhx/NuB/SjR24+CRp
3m/dYPR24Fd+SdgQQnCAhyAD9ijUf3dCiJKHkwKH1Tql6AuzBe6vmkwwFEoxqdJK
t+kGYp+14KwafdtBCdBc4v1dz7wSfF4Xwp6TgaiA3ZTijjS9lftmliTcl/1XDibE
5UwfOtP+GkRvdwsVrOBeuqT58grcR9WPNnHt+ETpDg==
-----END CERTIFICATE-----
Generated at Mon Jul 6 04:22:12 2026 by rpki-client