Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e39352e3231342e302f32342d3234203d3e20313938323530.roa
File: 34352e39352e3231342e302f32342d3234203d3e20313938323530.roa (raw, json)
Hash identifier: cWZ4izllTaa4CjT3fbEMgCbmIhf6LWTGafANc9j4YVM=
Subject key identifier: 71:12:E6:EE:DD:2F:69:CE:7D:2A:77:BF:5E:38:5F:EA:1C:85:C5:65
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 0CC446BFB22939CCAA679CC039E4C68A27CECDDE
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e39352e3231342e302f32342d3234203d3e20313938323530.roa
Signing time: Fri 10 Apr 2026 07:33:21 +0000
ROA not before: Fri 10 Apr 2026 07:28:21 +0000
ROA not after: Fri 09 Apr 2027 07:33:21 +0000
asID: 198250
IP address blocks: 45.95.214.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.mft
rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 12 Apr 2026 02:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:c4:46:bf:b2:29:39:cc:aa:67:9c:c0:39:e4:c6:8a:27:ce:cd:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Apr 10 07:28:21 2026 GMT
Not After : Apr 9 07:33:21 2027 GMT
Subject: CN=7112E6EEDD2F69CE7D2A77BF5E385FEA1C85C565
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:0c:60:64:33:d0:44:83:1e:e6:14:e4:83:51:
86:a3:04:58:04:32:4d:2b:98:f1:bf:fc:4b:83:01:
36:47:57:b7:c2:7d:a4:3c:15:5a:40:e3:62:ee:b8:
9b:75:e6:dd:cd:18:67:8f:0a:02:7d:f6:f7:6e:ac:
fd:0c:e2:fe:b4:87:b7:87:78:f0:5b:f4:f6:e0:8f:
47:14:3e:73:0f:e9:ea:35:db:83:ce:00:5a:07:60:
b6:e3:05:aa:d6:2a:1f:cd:3d:f7:6f:db:08:4e:49:
dd:39:d0:2d:c0:4a:29:fe:43:bb:c3:30:83:74:ff:
d9:f2:53:66:58:3b:d7:bb:f2:4f:9b:70:54:7f:a4:
b0:1c:83:2c:f7:f6:77:bf:17:eb:a3:93:1b:1e:9a:
13:47:da:ce:d1:ec:9b:ef:ae:89:33:7e:a5:43:b1:
7e:ee:9e:c9:28:02:9f:b8:9a:2d:6b:a6:1c:1d:f5:
aa:00:7d:fa:fd:2c:76:e6:8d:aa:aa:6f:89:ed:ce:
d6:60:91:2d:16:bd:75:01:22:9d:b4:03:df:6e:f0:
c7:d8:c8:19:20:bc:51:39:9b:f4:79:00:77:a1:c3:
9c:d4:35:59:dd:81:7a:a0:db:c8:26:83:e2:45:80:
7e:e9:47:b0:d9:da:95:1b:a2:8f:0e:f4:dc:63:ab:
68:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:12:E6:EE:DD:2F:69:CE:7D:2A:77:BF:5E:38:5F:EA:1C:85:C5:65
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e39352e3231342e302f32342d3234203d3e20313938323530.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.214.0/24
Signature Algorithm: sha256WithRSAEncryption
bd:57:5a:c5:2a:32:2f:e0:53:55:39:a1:d7:f5:07:54:87:cf:
0f:0f:5c:62:13:31:3a:25:74:50:23:40:a6:68:f8:11:d4:10:
90:10:21:8e:86:a8:5c:5d:94:d5:aa:49:f4:dd:91:47:a4:31:
55:47:a9:2c:9c:e3:aa:5c:60:b3:7a:6b:89:fa:63:8d:f8:eb:
c0:83:80:d1:bb:86:ea:7a:63:f8:d4:22:0e:2b:53:d4:08:bb:
0c:93:f4:67:66:ad:d2:35:68:85:a9:42:04:4c:34:35:8b:f4:
21:f1:42:53:e6:13:49:c3:ad:fe:7e:8d:3a:3b:86:b4:e0:1c:
db:f6:50:77:4b:d8:61:b0:75:6a:04:37:3d:db:74:42:10:94:
c6:63:4d:ef:b5:a7:8e:43:98:33:c3:e8:6f:e7:1e:dd:3f:57:
de:da:dd:50:b7:c6:2e:bb:27:aa:ad:29:64:72:e8:bc:bf:13:
14:83:88:c3:2f:fb:a4:e8:1a:6f:2d:d6:d2:67:3e:80:97:b2:
e5:41:89:a8:e0:a4:64:12:fb:0c:a1:6b:da:73:17:9b:9a:ae:
7b:5e:87:88:bc:9c:57:55:81:bd:b5:9d:f9:7c:a2:41:bc:33:
99:10:b8:67:5c:31:ff:7f:f2:c2:40:fa:2a:37:34:3b:45:00:
f3:ed:a3:2f
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUDMRGv7IpOcyqZ5zAOeTGiifOzd4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yNjA0MTAwNzI4MjFaFw0yNzA0MDkwNzMzMjFaMDMxMTAvBgNV
BAMTKDcxMTJFNkVFREQyRjY5Q0U3RDJBNzdCRjVFMzg1RkVBMUM4NUM1NjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCoDGBkM9BEgx7mFOSDUYajBFgE
Mk0rmPG//EuDATZHV7fCfaQ8FVpA42LuuJt15t3NGGePCgJ99vdurP0M4v60h7eH
ePBb9Pbgj0cUPnMP6eo124POAFoHYLbjBarWKh/NPfdv2whOSd050C3ASin+Q7vD
MIN0/9nyU2ZYO9e78k+bcFR/pLAcgyz39ne/F+ujkxsemhNH2s7R7JvvrokzfqVD
sX7unskoAp+4mi1rphwd9aoAffr9LHbmjaqqb4ntztZgkS0WvXUBIp20A99u8MfY
yBkgvFE5m/R5AHehw5zUNVndgXqg28gmg+JFgH7pR7DZ2pUboo8O9Nxjq2inAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUcRLm7t0vac59Kne/Xjhf6hyFxWUwHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzQzNTJlMzkzNTJlMzIzMTM0
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzOTM4MzIzNTMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LV/WMA0GCSqGSIb3DQEBCwUAA4IBAQC9V1rFKjIv4FNVOaHX9QdUh88PD1xiEzE6
JXRQI0CmaPgR1BCQECGOhqhcXZTVqkn03ZFHpDFVR6ksnOOqXGCzemuJ+mON+OvA
g4DRu4bqemP41CIOK1PUCLsMk/RnZq3SNWiFqUIETDQ1i/Qh8UJT5hNJw63+fo06
O4a04Bzb9lB3S9hhsHVqBDc923RCEJTGY03vtaeOQ5gzw+hv5x7dP1fe2t1Qt8Yu
uyeqrSlkcui8vxMUg4jDL/uk6BpvLdbSZz6Al7LlQYmo4KRkEvsMoWvacxebmq57
XoeIvJxXVYG9tZ35fKJBvDOZELhnXDH/f/LCQPoqNzQ7RQDz7aMv
-----END CERTIFICATE-----
Generated at Sat Apr 11 08:41:47 2026 by rpki-client