Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e39352e3231342e302f32342d3234203d3e20343032323134.roa
File: 34352e39352e3231342e302f32342d3234203d3e20343032323134.roa (raw, json)
Hash identifier: IAhhGhhBpF4cl6c96AeOIUO3QUQaMO1YcC9zPWe02Zs=
Subject key identifier: 0B:9A:95:32:92:E6:60:B7:79:ED:EB:DC:8B:94:F6:A1:E6:B0:6F:9F
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 01AD4E35713D5EDB04CBC6D14F87690AF903778C
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e39352e3231342e302f32342d3234203d3e20343032323134.roa
Signing time: Wed 22 Apr 2026 07:37:37 +0000
ROA not before: Wed 22 Apr 2026 07:32:37 +0000
ROA not after: Wed 21 Apr 2027 07:37:37 +0000
asID: 402214
IP address blocks: 45.95.214.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.mft
rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 23 Apr 2026 08:12:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:ad:4e:35:71:3d:5e:db:04:cb:c6:d1:4f:87:69:0a:f9:03:77:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Apr 22 07:32:37 2026 GMT
Not After : Apr 21 07:37:37 2027 GMT
Subject: CN=0B9A953292E660B779EDEBDC8B94F6A1E6B06F9F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:12:85:31:65:ff:d6:be:88:dd:ff:ab:7a:2b:
1f:35:c9:f2:a3:c4:88:e6:28:8a:4c:b9:65:26:84:
91:e8:19:b6:20:f5:cc:05:24:48:9f:db:84:0e:cf:
91:2d:9b:cb:8f:d5:e5:d7:1d:0d:ed:f3:13:25:a8:
16:3e:36:9c:27:f2:95:b4:1c:55:b6:51:4f:18:43:
ab:4f:f7:42:8f:c0:91:82:f0:8b:02:22:e6:0b:82:
3f:f8:7b:23:56:58:40:c0:51:86:11:f8:50:99:e1:
16:df:60:e4:14:ab:e5:26:ad:58:18:6a:75:17:4a:
d5:8d:5c:56:a2:6b:65:e8:55:64:9b:58:3f:02:ce:
b5:21:bf:2e:c8:60:56:7d:6d:ba:02:e1:52:79:07:
0d:61:77:6a:a5:0d:a6:43:59:48:53:aa:6a:aa:3a:
57:ec:78:13:a2:75:85:72:d9:f0:c1:38:1b:10:a4:
fa:26:f4:0c:da:3a:c0:f2:35:03:d5:8c:eb:a5:94:
36:8e:69:9c:64:c8:84:17:57:8a:69:77:e9:89:ae:
4a:0f:fd:82:3b:ed:08:e2:d7:84:49:49:d6:a6:7a:
cb:f7:3b:24:e4:91:2d:67:b7:a0:12:0a:13:2d:35:
3d:4e:c0:4b:5f:b8:ed:5b:e9:7a:28:04:58:c6:1d:
d7:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:9A:95:32:92:E6:60:B7:79:ED:EB:DC:8B:94:F6:A1:E6:B0:6F:9F
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e39352e3231342e302f32342d3234203d3e20343032323134.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.214.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:22:26:1a:54:0d:68:fc:b4:c2:76:ec:b9:1a:55:dc:73:51:
3f:86:8b:6a:18:19:5f:c7:a4:91:f3:5f:f1:67:da:53:bf:4a:
e9:c7:0c:63:46:b0:23:52:11:a5:ea:79:6b:1a:90:c6:e1:69:
c2:77:b7:a7:03:33:1f:34:cb:fb:52:d5:11:0c:c3:31:cd:c6:
3a:fc:88:f8:6a:33:c5:c6:eb:2c:18:68:d1:6e:14:52:3e:6e:
be:a1:44:4a:b2:d9:53:f8:a0:1e:d4:14:55:5e:66:93:61:16:
ab:cd:86:ef:6b:42:f9:13:cc:a0:de:3c:60:53:57:46:91:81:
c2:ec:6c:3a:fc:f0:fa:94:a1:fe:f5:00:d3:17:fe:a2:07:03:
f7:59:c2:91:f9:c4:dd:9a:73:d3:3e:23:ad:89:38:1b:23:aa:
62:e7:22:d1:b8:15:79:55:87:3a:9b:f6:ac:46:5e:1d:60:21:
e2:e9:79:50:61:41:0b:cc:2b:b8:af:5b:3b:c8:42:d1:01:5a:
3a:1d:2c:01:fd:20:b7:c1:c4:8a:ca:81:bb:b7:9f:d1:8f:2f:
6c:8b:16:60:49:d1:08:3f:2a:7a:70:7b:51:a4:d5:b5:ee:ee:
13:73:d8:3d:3f:ac:7f:ed:7a:5f:8c:d8:b6:59:d3:77:60:ef:
12:da:97:25
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUAa1ONXE9XtsEy8bRT4dpCvkDd4wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yNjA0MjIwNzMyMzdaFw0yNzA0MjEwNzM3MzdaMDMxMTAvBgNV
BAMTKDBCOUE5NTMyOTJFNjYwQjc3OUVERUJEQzhCOTRGNkExRTZCMDZGOUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaEoUxZf/Wvojd/6t6Kx81yfKj
xIjmKIpMuWUmhJHoGbYg9cwFJEif24QOz5Etm8uP1eXXHQ3t8xMlqBY+Npwn8pW0
HFW2UU8YQ6tP90KPwJGC8IsCIuYLgj/4eyNWWEDAUYYR+FCZ4RbfYOQUq+UmrVgY
anUXStWNXFaia2XoVWSbWD8CzrUhvy7IYFZ9bboC4VJ5Bw1hd2qlDaZDWUhTqmqq
OlfseBOidYVy2fDBOBsQpPom9AzaOsDyNQPVjOullDaOaZxkyIQXV4ppd+mJrkoP
/YI77Qji14RJSdamesv3OyTkkS1nt6ASChMtNT1OwEtfuO1b6XooBFjGHdcxAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUC5qVMpLmYLd57evci5T2oeawb58wHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzQzNTJlMzkzNTJlMzIzMTM0
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzQzMDMyMzIzMTM0LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LV/WMA0GCSqGSIb3DQEBCwUAA4IBAQAaIiYaVA1o/LTCduy5GlXcc1E/hotqGBlf
x6SR81/xZ9pTv0rpxwxjRrAjUhGl6nlrGpDG4WnCd7enAzMfNMv7UtURDMMxzcY6
/Ij4ajPFxussGGjRbhRSPm6+oURKstlT+KAe1BRVXmaTYRarzYbva0L5E8yg3jxg
U1dGkYHC7Gw6/PD6lKH+9QDTF/6iBwP3WcKR+cTdmnPTPiOtiTgbI6pi5yLRuBV5
VYc6m/asRl4dYCHi6XlQYUELzCu4r1s7yELRAVo6HSwB/SC3wcSKyoG7t5/Rjy9s
ixZgSdEIPyp6cHtRpNW17u4Tc9g9P6x/7XpfjNi2WdN3YO8S2pcl
-----END CERTIFICATE-----
Generated at Wed Apr 22 17:53:57 2026 by rpki-client