Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/34352e3133322e3231372e302f32342d3234203d3e20333935333734.roa
File: 34352e3133322e3231372e302f32342d3234203d3e20333935333734.roa (raw, json)
Hash identifier: oXlBrnAMzFWf+W56N3iIWsG6l/669zkryUP2PWy9Sn4=
Subject key identifier: 13:3E:D7:62:32:77:DE:55:77:1E:2A:CF:FE:6F:1F:74:72:9A:D0:4D
Certificate issuer: /CN=830e06419fc46a2802f6f03b71368ac7baaf64ce
Certificate serial: 410EA20E27CD052D620CC31A464D7F2DD66C2BB2
Authority key identifier: 83:0E:06:41:9F:C4:6A:28:02:F6:F0:3B:71:36:8A:C7:BA:AF:64:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gw4GQZ_EaigC9vA7cTaKx7qvZM4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/34352e3133322e3231372e302f32342d3234203d3e20333935333734.roa
Signing time: Thu 23 Apr 2026 09:47:05 +0000
ROA not before: Thu 23 Apr 2026 09:42:05 +0000
ROA not after: Thu 22 Apr 2027 09:47:05 +0000
asID: 395374
IP address blocks: 45.132.217.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/830E06419FC46A2802F6F03B71368AC7BAAF64CE.crl
rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/830E06419FC46A2802F6F03B71368AC7BAAF64CE.mft
rsync://rpki.ripe.net/repository/DEFAULT/gw4GQZ_EaigC9vA7cTaKx7qvZM4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 Apr 2026 12:57:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:0e:a2:0e:27:cd:05:2d:62:0c:c3:1a:46:4d:7f:2d:d6:6c:2b:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=830e06419fc46a2802f6f03b71368ac7baaf64ce
Validity
Not Before: Apr 23 09:42:05 2026 GMT
Not After : Apr 22 09:47:05 2027 GMT
Subject: CN=133ED7623277DE55771E2ACFFE6F1F74729AD04D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:42:fd:87:82:c2:9e:41:66:a5:f0:fc:11:eb:
19:e8:b8:26:22:e9:12:25:8a:a7:22:71:f1:5b:40:
30:b4:87:6e:e7:b4:29:4e:c9:fd:e7:da:54:18:da:
46:0d:da:d3:0f:33:e1:43:0d:7b:ac:4f:8d:e5:db:
1c:f6:9d:9b:56:c4:06:58:da:34:ef:16:83:d7:68:
6a:e3:61:7e:b1:d7:7c:7d:fb:df:2d:eb:a7:5d:12:
94:62:16:44:3b:b7:e4:08:ce:a8:91:99:ce:c3:2b:
bd:f0:a1:2a:60:1b:7f:1b:d0:22:b6:92:06:52:2a:
db:38:f6:9b:96:83:d6:19:6a:6d:59:99:f4:68:ba:
85:7d:0c:db:37:f8:f8:3a:6c:07:04:36:12:22:5d:
5a:15:27:30:ec:b5:2b:4c:90:11:36:28:50:bf:75:
81:9c:57:57:23:ff:6f:fc:5e:43:52:76:cb:f4:ac:
72:da:e0:02:7d:fc:67:72:a2:80:67:78:d1:45:a9:
79:fa:37:a9:49:e5:17:d5:88:38:ed:d9:77:4e:58:
53:81:86:7c:9e:e0:aa:3a:9a:27:af:28:a6:54:1e:
fe:d0:16:e7:70:63:a2:d4:19:43:5f:43:2a:7b:13:
f6:96:ef:2a:7d:e4:37:d4:06:50:a1:64:6f:e0:aa:
61:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:3E:D7:62:32:77:DE:55:77:1E:2A:CF:FE:6F:1F:74:72:9A:D0:4D
X509v3 Authority Key Identifier:
keyid:83:0E:06:41:9F:C4:6A:28:02:F6:F0:3B:71:36:8A:C7:BA:AF:64:CE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/830E06419FC46A2802F6F03B71368AC7BAAF64CE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gw4GQZ_EaigC9vA7cTaKx7qvZM4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/34352e3133322e3231372e302f32342d3234203d3e20333935333734.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.217.0/24
Signature Algorithm: sha256WithRSAEncryption
20:51:af:f5:4b:b8:20:e6:f5:cc:74:18:01:02:53:fb:15:f0:
7c:b0:69:ae:ed:63:64:18:0a:f3:80:b8:52:15:8f:26:3f:20:
a7:ae:c0:00:11:8a:cd:06:4d:78:97:1c:c9:87:e6:ae:ba:3f:
94:f4:f6:a4:bb:67:c5:02:75:9d:2d:de:84:bf:fd:44:c7:26:
b1:65:c1:53:3d:87:a0:f6:20:88:45:74:74:e2:fc:66:98:ca:
26:40:3c:71:42:6a:b1:f3:42:0a:8d:31:16:c7:de:70:6c:f6:
56:ad:40:b1:ae:75:47:86:32:ff:9a:88:6b:af:44:91:af:21:
2d:7e:2d:0c:f3:b8:4b:15:df:86:ee:c0:fe:04:7f:53:3b:18:
c9:96:dd:d6:87:e9:9d:0f:1d:5e:19:ed:07:ee:9a:af:1d:7e:
ed:19:8b:95:7d:3e:a7:0f:a5:9f:ba:18:98:b8:c0:9a:78:27:
e1:3d:9b:0c:07:5a:5e:94:c9:58:aa:22:e8:e6:d0:2b:b7:cc:
36:31:7a:cf:aa:d1:b9:59:ac:9f:2a:05:38:fc:7a:ac:0e:6e:
96:75:32:f5:99:b3:35:da:cc:e2:2d:47:76:84:da:47:6e:03:
7d:10:c0:18:e3:04:c2:b7:74:6a:90:c1:c2:5c:53:69:b1:2e:
e0:2a:8b:33
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUQQ6iDifNBS1iDMMaRk1/LdZsK7IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODMwZTA2NDE5ZmM0NmEyODAyZjZmMDNiNzEzNjhhYzdi
YWFmNjRjZTAeFw0yNjA0MjMwOTQyMDVaFw0yNzA0MjIwOTQ3MDVaMDMxMTAvBgNV
BAMTKDEzM0VENzYyMzI3N0RFNTU3NzFFMkFDRkZFNkYxRjc0NzI5QUQwNEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnQv2HgsKeQWal8PwR6xnouCYi
6RIliqcicfFbQDC0h27ntClOyf3n2lQY2kYN2tMPM+FDDXusT43l2xz2nZtWxAZY
2jTvFoPXaGrjYX6x13x9+98t66ddEpRiFkQ7t+QIzqiRmc7DK73woSpgG38b0CK2
kgZSKts49puWg9YZam1ZmfRouoV9DNs3+Pg6bAcENhIiXVoVJzDstStMkBE2KFC/
dYGcV1cj/2/8XkNSdsv0rHLa4AJ9/GdyooBneNFFqXn6N6lJ5RfViDjt2XdOWFOB
hnye4Ko6mievKKZUHv7QFudwY6LUGUNfQyp7E/aW7yp95DfUBlChZG/gqmGXAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUEz7XYjJ33lV3HirP/m8fdHKa0E0wHwYDVR0j
BBgwFoAUgw4GQZ/EaigC9vA7cTaKx7qvZM4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGUwZDZhNGQtYmE2Ny00OTc5LThkMTItMGVkNDc0OGZj
ODZlLzAvODMwRTA2NDE5RkM0NkEyODAyRjZGMDNCNzEzNjhBQzdCQUFGNjRDRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2d3NEdRWl9FYWlnQzl2QTdjVGFLeDdx
dlpNNC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGUwZDZhNGQt
YmE2Ny00OTc5LThkMTItMGVkNDc0OGZjODZlLzAvMzQzNTJlMzEzMzMyMmUzMjMx
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMzM5MzUzMzM3MzQucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAthNkwDQYJKoZIhvcNAQELBQADggEBACBRr/VLuCDm9cx0GAECU/sV8Hywaa7t
Y2QYCvOAuFIVjyY/IKeuwAARis0GTXiXHMmH5q66P5T09qS7Z8UCdZ0t3oS//UTH
JrFlwVM9h6D2IIhFdHTi/GaYyiZAPHFCarHzQgqNMRbH3nBs9latQLGudUeGMv+a
iGuvRJGvIS1+LQzzuEsV34buwP4Ef1M7GMmW3daH6Z0PHV4Z7Qfumq8dfu0Zi5V9
PqcPpZ+6GJi4wJp4J+E9mwwHWl6UyViqIujm0Cu3zDYxes+q0blZrJ8qBTj8eqwO
bpZ1MvWZszXazOItR3aE2kduA30QwBjjBMK3dGqQwcJcU2mxLuAqizM=
-----END CERTIFICATE-----
Generated at Mon Apr 27 03:27:04 2026 by rpki-client