Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e31322e38322e302f32342d3234203d3e20313432313131.roa
File: 34352e31322e38322e302f32342d3234203d3e20313432313131.roa (raw, json)
Hash identifier: fUwyLO8Amhfm+uCU8KFyKs0WvwacGFtaTTkWDL8E9Yw=
Subject key identifier: 3B:D6:62:AD:A4:C3:A1:06:00:25:64:97:FD:E7:EB:EA:99:03:42:41
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 35D8C2C67A1BDA631D9E6B2519493A1366F55C5B
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e31322e38322e302f32342d3234203d3e20313432313131.roa
Signing time: Mon 01 Jun 2026 21:47:23 +0000
ROA not before: Mon 01 Jun 2026 21:42:23 +0000
ROA not after: Mon 31 May 2027 21:47:23 +0000
asID: 142111
IP address blocks: 45.12.82.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 05 Jun 2026 03:43:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:d8:c2:c6:7a:1b:da:63:1d:9e:6b:25:19:49:3a:13:66:f5:5c:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Jun 1 21:42:23 2026 GMT
Not After : May 31 21:47:23 2027 GMT
Subject: CN=3BD662ADA4C3A10600256497FDE7EBEA99034241
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:3a:e8:42:15:7e:3f:74:51:36:33:ef:1e:42:
96:59:fd:ae:ab:16:96:8b:c8:a0:8c:2b:91:68:d8:
f6:62:1d:66:c6:d9:fb:0e:0a:85:46:d3:1d:e8:04:
7e:1f:01:30:ff:0d:db:bf:15:24:d5:4a:2b:76:50:
30:38:6c:9e:07:b0:d0:19:a0:78:a7:4b:db:b9:eb:
88:2f:b5:54:0e:e5:62:47:f6:f6:1d:3c:62:25:64:
78:2d:65:7d:18:59:09:3c:7e:72:58:1d:cf:3c:41:
6d:c2:69:b4:07:d5:7d:47:f6:53:3b:68:70:db:c9:
29:d6:73:6d:aa:ba:a1:91:b0:ce:e6:16:11:94:38:
d1:0f:9a:4b:fa:4c:b3:a9:cc:64:6b:7f:90:77:52:
a6:ad:99:36:a8:fe:ea:f0:96:93:d3:e0:e0:3a:49:
b8:65:f0:12:30:ba:5f:25:cc:28:da:e2:4c:00:06:
90:26:33:e0:81:f9:a8:e8:d6:67:b6:0d:f7:07:f0:
0a:0c:87:6e:ff:34:9f:27:86:45:ff:d0:fa:8d:0e:
93:13:6b:b2:d2:9d:a0:71:6c:f5:df:ab:b2:68:71:
77:dc:bd:f3:a9:1a:d9:44:d6:f5:ac:71:80:7a:eb:
d8:ac:d6:ad:b5:83:c1:66:f3:3b:2c:c9:cb:4b:87:
37:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:D6:62:AD:A4:C3:A1:06:00:25:64:97:FD:E7:EB:EA:99:03:42:41
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e31322e38322e302f32342d3234203d3e20313432313131.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.82.0/24
Signature Algorithm: sha256WithRSAEncryption
ba:4f:95:42:ec:2d:ca:30:6c:be:fb:31:3e:d8:1c:e0:5a:0e:
4d:a8:d9:fe:c0:96:86:84:90:c6:0e:93:07:de:1f:33:84:10:
b6:87:2c:ec:00:12:33:38:e8:83:08:66:7e:25:77:7c:51:4f:
43:a5:a0:9b:a0:e3:21:27:7a:97:e9:2d:eb:f7:cc:80:90:29:
a3:bf:dc:32:a2:b7:c9:5f:18:ae:bd:71:0b:e1:40:4a:9a:13:
a1:bf:78:7b:3f:98:47:5a:6e:43:d6:71:31:33:c7:07:a5:53:
6c:b3:86:77:2e:0a:44:d3:d8:ab:21:65:8b:6d:fe:fa:e8:47:
6c:59:66:db:ae:44:48:02:9d:4c:62:90:69:f0:63:a4:fb:f1:
0a:3b:68:53:54:95:40:0f:17:8e:9e:4e:e4:2c:5b:9f:4f:83:
68:55:0f:a5:29:db:d8:a7:d7:15:72:c9:f9:47:91:70:7d:aa:
0f:b2:e8:6f:64:b3:f7:3a:a4:ec:37:76:d0:51:a2:9e:b6:2e:
74:d1:22:a5:74:42:31:39:ac:47:0d:6a:92:79:e9:61:8d:c0:
30:34:af:9d:e4:e6:0f:68:46:d3:34:13:31:53:f7:40:f0:93:
fc:63:8a:64:1d:bf:92:b6:d1:56:f0:4d:7c:f0:40:ff:c2:75:
69:a3:b4:55
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUNdjCxnob2mMdnmslGUk6E2b1XFswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNjA2MDEyMTQyMjNaFw0yNzA1MzEyMTQ3MjNaMDMxMTAvBgNV
BAMTKDNCRDY2MkFEQTRDM0ExMDYwMDI1NjQ5N0ZERTdFQkVBOTkwMzQyNDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYOuhCFX4/dFE2M+8eQpZZ/a6r
FpaLyKCMK5Fo2PZiHWbG2fsOCoVG0x3oBH4fATD/Ddu/FSTVSit2UDA4bJ4HsNAZ
oHinS9u564gvtVQO5WJH9vYdPGIlZHgtZX0YWQk8fnJYHc88QW3CabQH1X1H9lM7
aHDbySnWc22quqGRsM7mFhGUONEPmkv6TLOpzGRrf5B3UqatmTao/urwlpPT4OA6
Sbhl8BIwul8lzCja4kwABpAmM+CB+ajo1me2DfcH8AoMh27/NJ8nhkX/0PqNDpMT
a7LSnaBxbPXfq7JocXfcvfOpGtlE1vWscYB669is1q21g8Fm8zssyctLhzd7AgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUO9ZiraTDoQYAJWSX/efr6pkDQkEwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzEzMjJlMzgzMjJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzQzMjMxMzEzMS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC0M
UjANBgkqhkiG9w0BAQsFAAOCAQEAuk+VQuwtyjBsvvsxPtgc4FoOTajZ/sCWhoSQ
xg6TB94fM4QQtocs7AASMzjogwhmfiV3fFFPQ6Wgm6DjISd6l+kt6/fMgJApo7/c
MqK3yV8Yrr1xC+FASpoTob94ez+YR1puQ9ZxMTPHB6VTbLOGdy4KRNPYqyFli23+
+uhHbFlm265ESAKdTGKQafBjpPvxCjtoU1SVQA8Xjp5O5Cxbn0+DaFUPpSnb2KfX
FXLJ+UeRcH2qD7Lob2Sz9zqk7Dd20FGinrYudNEipXRCMTmsRw1qknnpYY3AMDSv
neTmD2hG0zQTMVP3QPCT/GOKZB2/krbRVvBNfPBA/8J1aaO0VQ==
-----END CERTIFICATE-----
Generated at Thu Jun 4 09:12:11 2026 by rpki-client