Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/34352e38392e3135302e302f32332d3234203d3e20313338393937.roa
File: 34352e38392e3135302e302f32332d3234203d3e20313338393937.roa (raw, json)
Hash identifier: VoC5Fyu5UVJzOwbDCRhXVvsMVimvW7WX68fwgKvBieU=
Subject key identifier: 98:B2:04:72:BE:E3:6A:FC:E5:7C:C1:8D:03:40:B6:C1:4A:B1:F4:42
Certificate issuer: /CN=830e06419fc46a2802f6f03b71368ac7baaf64ce
Certificate serial: 5D51B514BFC61A235020BDAAC38A2D66829401F1
Authority key identifier: 83:0E:06:41:9F:C4:6A:28:02:F6:F0:3B:71:36:8A:C7:BA:AF:64:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gw4GQZ_EaigC9vA7cTaKx7qvZM4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/34352e38392e3135302e302f32332d3234203d3e20313338393937.roa
Signing time: Tue 19 May 2026 15:47:15 +0000
ROA not before: Tue 19 May 2026 15:42:15 +0000
ROA not after: Tue 18 May 2027 15:47:15 +0000
asID: 138997
IP address blocks: 45.89.150.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/830E06419FC46A2802F6F03B71368AC7BAAF64CE.crl
rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/830E06419FC46A2802F6F03B71368AC7BAAF64CE.mft
rsync://rpki.ripe.net/repository/DEFAULT/gw4GQZ_EaigC9vA7cTaKx7qvZM4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 11 Jun 2026 20:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:51:b5:14:bf:c6:1a:23:50:20:bd:aa:c3:8a:2d:66:82:94:01:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=830e06419fc46a2802f6f03b71368ac7baaf64ce
Validity
Not Before: May 19 15:42:15 2026 GMT
Not After : May 18 15:47:15 2027 GMT
Subject: CN=98B20472BEE36AFCE57CC18D0340B6C14AB1F442
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:17:96:3f:d5:44:7d:ef:21:f6:e7:84:b4:42:
ed:23:2e:0b:7e:f6:63:b9:d7:dc:c2:cf:03:ad:9a:
24:e1:c4:a0:79:05:b5:b8:e4:c9:04:de:d0:c3:3f:
05:f7:c6:3f:2b:97:b8:21:0a:e9:52:80:d5:76:67:
12:d0:0f:76:39:cb:04:09:ff:98:76:80:f3:26:9f:
b9:24:7a:3d:b7:b8:3b:82:7d:29:11:23:a7:73:0a:
ef:0e:70:59:99:86:93:51:6c:6d:55:59:f5:ed:48:
ef:21:09:58:34:b3:e6:00:f5:0d:b2:10:7d:5a:6d:
55:44:76:78:4f:eb:1f:fc:8c:a3:0b:1a:60:25:99:
5f:0f:83:5f:7f:03:fc:51:20:8a:61:a9:69:80:f0:
58:9e:3f:c9:d2:93:87:d0:ca:2d:d5:98:e2:04:b4:
85:c8:17:2f:80:06:61:2f:17:d5:a4:c5:87:b3:2e:
ce:9f:33:bb:a1:da:c1:95:01:ff:bc:77:3b:63:35:
39:5f:58:95:63:7f:ed:e7:d9:79:e9:b4:d6:9d:2a:
16:32:72:71:e6:30:0f:cc:8c:ba:55:ce:32:9f:87:
2c:73:79:7a:1a:0f:e2:8a:e5:ee:3a:14:fa:7a:63:
b0:40:aa:77:56:54:44:f7:1d:46:e8:9c:1a:1f:5d:
21:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:B2:04:72:BE:E3:6A:FC:E5:7C:C1:8D:03:40:B6:C1:4A:B1:F4:42
X509v3 Authority Key Identifier:
keyid:83:0E:06:41:9F:C4:6A:28:02:F6:F0:3B:71:36:8A:C7:BA:AF:64:CE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/830E06419FC46A2802F6F03B71368AC7BAAF64CE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gw4GQZ_EaigC9vA7cTaKx7qvZM4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/34352e38392e3135302e302f32332d3234203d3e20313338393937.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.150.0/23
Signature Algorithm: sha256WithRSAEncryption
4e:cd:aa:32:77:e2:2b:5b:28:01:e7:f9:40:46:9c:2b:bc:ae:
2c:2c:90:5b:aa:d9:ea:fe:10:d4:98:4a:aa:4f:f9:ba:f8:55:
aa:32:bb:10:e6:cd:5c:65:bb:39:fc:f1:97:1c:3d:36:d0:7d:
24:55:66:aa:5b:b4:5d:af:32:18:9e:25:2d:84:11:7b:0e:ae:
76:0a:d4:23:6f:98:66:6b:73:73:f6:7b:77:1b:14:98:e0:8a:
a6:66:f0:27:a3:dd:ff:d8:68:e5:9f:3b:ae:39:9d:50:65:f3:
6a:4a:0e:06:ae:cd:35:6c:f7:90:a5:64:ed:d6:49:a5:99:b9:
83:cd:4d:ab:8f:67:02:3b:bc:01:23:d6:d6:91:ac:3d:1e:53:
b6:41:69:b0:fa:38:b6:d6:82:14:4c:ba:ec:e3:f2:4c:66:5e:
93:a2:6d:05:c8:24:88:92:9d:17:63:49:0c:69:0f:07:15:02:
17:32:22:23:42:73:ef:2d:f0:a1:f2:d0:ac:3b:50:c9:7e:5c:
cd:e6:9e:b6:3d:bc:0c:a9:7a:8e:f3:fb:28:6e:b9:fe:f1:5b:
de:c8:63:62:eb:f5:6e:c9:92:49:a8:c8:39:fa:1c:d2:a6:e3:
e9:1c:37:1a:ea:a8:78:e5:3e:4f:39:8f:1c:f0:83:a4:44:ad:
d7:15:97:ce
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUXVG1FL/GGiNQIL2qw4otZoKUAfEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODMwZTA2NDE5ZmM0NmEyODAyZjZmMDNiNzEzNjhhYzdi
YWFmNjRjZTAeFw0yNjA1MTkxNTQyMTVaFw0yNzA1MTgxNTQ3MTVaMDMxMTAvBgNV
BAMTKDk4QjIwNDcyQkVFMzZBRkNFNTdDQzE4RDAzNDBCNkMxNEFCMUY0NDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHF5Y/1UR97yH254S0Qu0jLgt+
9mO519zCzwOtmiThxKB5BbW45MkE3tDDPwX3xj8rl7ghCulSgNV2ZxLQD3Y5ywQJ
/5h2gPMmn7kkej23uDuCfSkRI6dzCu8OcFmZhpNRbG1VWfXtSO8hCVg0s+YA9Q2y
EH1abVVEdnhP6x/8jKMLGmAlmV8Pg19/A/xRIIphqWmA8FieP8nSk4fQyi3VmOIE
tIXIFy+ABmEvF9WkxYezLs6fM7uh2sGVAf+8dztjNTlfWJVjf+3n2XnptNadKhYy
cnHmMA/MjLpVzjKfhyxzeXoaD+KK5e46FPp6Y7BAqndWVET3HUbonBofXSHPAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUmLIEcr7javzlfMGNA0C2wUqx9EIwHwYDVR0j
BBgwFoAUgw4GQZ/EaigC9vA7cTaKx7qvZM4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGUwZDZhNGQtYmE2Ny00OTc5LThkMTItMGVkNDc0OGZj
ODZlLzAvODMwRTA2NDE5RkM0NkEyODAyRjZGMDNCNzEzNjhBQzdCQUFGNjRDRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2d3NEdRWl9FYWlnQzl2QTdjVGFLeDdx
dlpNNC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGUwZDZhNGQt
YmE2Ny00OTc5LThkMTItMGVkNDc0OGZjODZlLzAvMzQzNTJlMzgzOTJlMzEzNTMw
MmUzMDJmMzIzMzJkMzIzNDIwM2QzZTIwMzEzMzM4MzkzOTM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
LVmWMA0GCSqGSIb3DQEBCwUAA4IBAQBOzaoyd+IrWygB5/lARpwrvK4sLJBbqtnq
/hDUmEqqT/m6+FWqMrsQ5s1cZbs5/PGXHD020H0kVWaqW7RdrzIYniUthBF7Dq52
CtQjb5hma3Nz9nt3GxSY4IqmZvAno93/2GjlnzuuOZ1QZfNqSg4Grs01bPeQpWTt
1kmlmbmDzU2rj2cCO7wBI9bWkaw9HlO2QWmw+ji21oIUTLrs4/JMZl6Tom0FyCSI
kp0XY0kMaQ8HFQIXMiIjQnPvLfCh8tCsO1DJflzN5p62PbwMqXqO8/sobrn+8Vve
yGNi6/VuyZJJqMg5+hzSpuPpHDca6qh45T5POY8c8IOkRK3XFZfO
-----END CERTIFICATE-----
Generated at Thu Jun 11 14:03:43 2026 by rpki-client