Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2fe2b27a-1ec5-4ab7-978e-6da9cf9f3790/0/34352e3134362e3136332e302f32342d3234203d3e20343031373736.roa
File: 34352e3134362e3136332e302f32342d3234203d3e20343031373736.roa (raw, json)
Hash identifier: vOmOz2BugVIPRfW7G2v3UGhcWNCUu83kIhIIM2fnK0w=
Subject key identifier: 87:DD:66:60:E1:8C:D0:4B:49:EE:CA:24:13:43:7E:0B:A4:9A:55:C3
Certificate issuer: /CN=5defe0922f4f55270dcd5c08f04f1c7bf26073c3
Certificate serial: 0312923FF177B1EC6F3CA5DB08159B4A62824D41
Authority key identifier: 5D:EF:E0:92:2F:4F:55:27:0D:CD:5C:08:F0:4F:1C:7B:F2:60:73:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xe_gki9PVScNzVwI8E8ce_Jgc8M.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2fe2b27a-1ec5-4ab7-978e-6da9cf9f3790/0/34352e3134362e3136332e302f32342d3234203d3e20343031373736.roa
Signing time: Wed 13 May 2026 07:44:52 +0000
ROA not before: Wed 13 May 2026 07:39:52 +0000
ROA not after: Wed 12 May 2027 07:44:52 +0000
asID: 401776
IP address blocks: 45.146.163.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2fe2b27a-1ec5-4ab7-978e-6da9cf9f3790/0/5DEFE0922F4F55270DCD5C08F04F1C7BF26073C3.crl
rsync://rsync.paas.rpki.ripe.net/repository/2fe2b27a-1ec5-4ab7-978e-6da9cf9f3790/0/5DEFE0922F4F55270DCD5C08F04F1C7BF26073C3.mft
rsync://rpki.ripe.net/repository/DEFAULT/Xe_gki9PVScNzVwI8E8ce_Jgc8M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 05 Jun 2026 07:00:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:12:92:3f:f1:77:b1:ec:6f:3c:a5:db:08:15:9b:4a:62:82:4d:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5defe0922f4f55270dcd5c08f04f1c7bf26073c3
Validity
Not Before: May 13 07:39:52 2026 GMT
Not After : May 12 07:44:52 2027 GMT
Subject: CN=87DD6660E18CD04B49EECA2413437E0BA49A55C3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:fb:66:31:db:cf:ab:40:5e:a9:fb:17:5c:1e:
d1:9f:5a:49:73:68:a3:54:5f:8e:fe:7c:d2:a4:1a:
73:8d:7a:8f:c4:b1:cd:d0:51:0d:e6:50:a2:0d:dc:
6d:2b:ff:56:c3:4b:ae:ed:04:a5:22:d1:5e:36:01:
6d:96:f7:0d:01:ab:19:cf:52:ca:e0:f6:81:9b:78:
99:0d:88:09:48:df:14:75:3a:de:48:cc:0c:f4:ca:
ff:ff:41:2d:bb:0b:f2:b7:e7:6d:13:68:c2:43:82:
13:72:dc:c5:68:3d:96:c9:23:c6:04:d8:ff:99:72:
ea:0d:9b:b8:28:89:61:aa:6a:0e:58:35:12:8f:e8:
b4:80:12:39:6c:42:1c:23:e0:c9:de:0a:94:23:31:
7a:80:f2:b8:44:b0:5d:b9:5e:a8:7a:f4:6d:51:57:
b2:6a:96:26:ac:e7:c7:8c:85:31:30:57:9f:fb:63:
7f:52:c0:b4:cd:e0:a3:c0:a8:49:42:f2:2f:8a:62:
4d:e5:20:9f:2e:de:7d:1f:ab:48:7d:92:49:70:bd:
7e:f9:5f:aa:f1:20:c4:fb:70:1c:f8:05:c5:db:ac:
b8:4b:3f:68:17:39:dd:c7:58:5c:a0:d9:e2:9f:8d:
01:d9:00:d2:8a:8c:ef:e4:2a:f3:82:2c:03:8a:19:
f2:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:DD:66:60:E1:8C:D0:4B:49:EE:CA:24:13:43:7E:0B:A4:9A:55:C3
X509v3 Authority Key Identifier:
keyid:5D:EF:E0:92:2F:4F:55:27:0D:CD:5C:08:F0:4F:1C:7B:F2:60:73:C3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2fe2b27a-1ec5-4ab7-978e-6da9cf9f3790/0/5DEFE0922F4F55270DCD5C08F04F1C7BF26073C3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xe_gki9PVScNzVwI8E8ce_Jgc8M.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2fe2b27a-1ec5-4ab7-978e-6da9cf9f3790/0/34352e3134362e3136332e302f32342d3234203d3e20343031373736.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.163.0/24
Signature Algorithm: sha256WithRSAEncryption
07:af:f2:c2:6d:8d:6a:be:4d:b4:f2:88:52:3b:13:f8:01:50:
e6:15:08:07:39:42:d7:ec:36:b9:3a:c0:4f:91:57:b6:a6:dd:
1e:c0:13:bd:cc:2b:09:b3:4b:b3:c6:78:00:02:ff:17:33:c0:
8e:51:f8:05:90:cf:20:d6:3c:18:7e:8a:57:46:e6:fd:1d:c2:
df:b6:3d:f7:5b:98:bf:54:7f:25:10:8f:60:fc:21:1e:99:7f:
14:69:6a:98:ae:d2:51:7f:2d:5b:2a:11:4c:30:ae:ef:ab:5c:
0d:a7:95:59:b6:2d:39:48:b1:b2:c0:95:e5:5a:fd:cd:96:c9:
2d:4a:3f:26:9c:16:29:0f:75:37:eb:ab:5b:13:68:21:60:08:
2f:2c:02:c6:bf:99:48:2c:0a:7b:67:ce:aa:4e:85:5e:25:7b:
4c:32:70:95:fe:aa:05:98:1b:83:bf:a9:81:62:4c:3e:6e:05:
f9:ba:5a:bd:98:f0:3f:ba:70:fa:a8:da:24:db:e3:3c:42:1f:
ee:5b:00:e2:53:06:b1:51:89:5a:ce:f5:d4:85:c8:61:7c:42:
8f:cd:4d:8d:d0:00:9e:ec:a5:6e:e2:30:99:3d:c3:ae:2d:9c:
6b:57:37:b0:0f:c0:b8:0f:9f:da:f5:47:73:f3:61:d2:8c:60:
87:d1:89:76
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUAxKSP/F3sexvPKXbCBWbSmKCTUEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWRlZmUwOTIyZjRmNTUyNzBkY2Q1YzA4ZjA0ZjFjN2Jm
MjYwNzNjMzAeFw0yNjA1MTMwNzM5NTJaFw0yNzA1MTIwNzQ0NTJaMDMxMTAvBgNV
BAMTKDg3REQ2NjYwRTE4Q0QwNEI0OUVFQ0EyNDEzNDM3RTBCQTQ5QTU1QzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCt+2Yx28+rQF6p+xdcHtGfWklz
aKNUX47+fNKkGnONeo/Esc3QUQ3mUKIN3G0r/1bDS67tBKUi0V42AW2W9w0BqxnP
Usrg9oGbeJkNiAlI3xR1Ot5IzAz0yv//QS27C/K3520TaMJDghNy3MVoPZbJI8YE
2P+ZcuoNm7goiWGqag5YNRKP6LSAEjlsQhwj4MneCpQjMXqA8rhEsF25Xqh69G1R
V7Jqlias58eMhTEwV5/7Y39SwLTN4KPAqElC8i+KYk3lIJ8u3n0fq0h9kklwvX75
X6rxIMT7cBz4BcXbrLhLP2gXOd3HWFyg2eKfjQHZANKKjO/kKvOCLAOKGfLjAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUh91mYOGM0EtJ7sokE0N+C6SaVcMwHwYDVR0j
BBgwFoAUXe/gki9PVScNzVwI8E8ce/Jgc8MwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmZlMmIyN2EtMWVjNS00YWI3LTk3OGUtNmRhOWNmOWYz
NzkwLzAvNURFRkUwOTIyRjRGNTUyNzBEQ0Q1QzA4RjA0RjFDN0JGMjYwNzNDMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hlX2draTlQVlNjTnpWd0k4RThjZV9K
Z2M4TS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmZlMmIyN2Et
MWVjNS00YWI3LTk3OGUtNmRhOWNmOWYzNzkwLzAvMzQzNTJlMzEzNDM2MmUzMTM2
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDMwMzEzNzM3MzYucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAtkqMwDQYJKoZIhvcNAQELBQADggEBAAev8sJtjWq+TbTyiFI7E/gBUOYVCAc5
QtfsNrk6wE+RV7am3R7AE73MKwmzS7PGeAAC/xczwI5R+AWQzyDWPBh+ildG5v0d
wt+2PfdbmL9UfyUQj2D8IR6ZfxRpapiu0lF/LVsqEUwwru+rXA2nlVm2LTlIsbLA
leVa/c2WyS1KPyacFikPdTfrq1sTaCFgCC8sAsa/mUgsCntnzqpOhV4le0wycJX+
qgWYG4O/qYFiTD5uBfm6Wr2Y8D+6cPqo2iTb4zxCH+5bAOJTBrFRiVrO9dSFyGF8
Qo/NTY3QAJ7spW7iMJk9w64tnGtXN7APwLgPn9r1R3PzYdKMYIfRiXY=
-----END CERTIFICATE-----
Generated at Thu Jun 4 18:13:17 2026 by rpki-client