Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e31322e38332e302f32342d3234203d3e20313533313639.roa
File: 34352e31322e38332e302f32342d3234203d3e20313533313639.roa (raw, json)
Hash identifier: IBjLN59Y/14BCCyuREsCWNm6B/uquBXuKAeDHWBkZC0=
Subject key identifier: C8:DA:B6:06:57:CE:89:CE:CA:82:F6:B8:41:30:86:E5:E1:2E:76:54
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 067B59C108B476EF521B796DE2DA99B31D30B51D
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e31322e38332e302f32342d3234203d3e20313533313639.roa
Signing time: Mon 25 May 2026 06:51:10 +0000
ROA not before: Mon 25 May 2026 06:46:10 +0000
ROA not after: Mon 24 May 2027 06:51:10 +0000
asID: 153169
IP address blocks: 45.12.83.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 05 Jun 2026 03:43:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:7b:59:c1:08:b4:76:ef:52:1b:79:6d:e2:da:99:b3:1d:30:b5:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: May 25 06:46:10 2026 GMT
Not After : May 24 06:51:10 2027 GMT
Subject: CN=C8DAB60657CE89CECA82F6B8413086E5E12E7654
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:90:4f:94:73:06:bc:22:6c:05:ba:0e:38:1e:
2f:1c:ba:ce:cc:c4:05:ea:8d:c9:36:61:62:b5:0a:
ee:b8:2a:c6:b3:73:2d:eb:5b:33:09:80:99:8e:2d:
c1:61:b3:d9:de:ff:5f:0e:16:f6:e7:2b:5c:a3:dd:
e6:63:3b:d4:0f:94:3b:c0:e4:50:9a:b8:28:f7:33:
22:be:da:16:98:20:66:99:81:23:62:95:82:87:29:
f9:12:62:9c:78:49:d3:a1:90:2a:57:68:99:b2:6f:
a5:bd:c3:2b:28:9d:f4:1a:33:6a:73:83:d1:0f:cc:
9d:68:50:59:9b:d9:83:65:3d:a9:e8:ae:33:f5:01:
a7:80:0f:b7:0f:01:e4:c8:53:54:7a:a6:91:53:bb:
33:19:df:21:32:24:75:e9:77:e4:74:ff:c8:9e:b9:
15:b9:5e:47:74:c7:ac:e8:91:cc:76:a8:6b:87:ad:
35:c9:f0:ac:2a:19:39:dd:67:6d:8b:7e:e7:09:75:
00:31:82:44:4f:18:5a:65:c0:b8:2d:52:f0:0c:0b:
2d:94:65:6b:ea:7b:78:e3:ab:b8:44:f2:97:1e:7e:
f6:af:da:36:21:83:52:39:f0:f7:f4:7e:04:ba:a7:
42:ce:71:0d:24:84:d3:e8:9c:02:e0:82:5e:6e:80:
18:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:DA:B6:06:57:CE:89:CE:CA:82:F6:B8:41:30:86:E5:E1:2E:76:54
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e31322e38332e302f32342d3234203d3e20313533313639.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.83.0/24
Signature Algorithm: sha256WithRSAEncryption
20:eb:a1:f0:da:19:ff:67:86:ee:e9:64:b5:94:5f:ed:6e:29:
f9:f7:f6:ba:07:bc:df:9d:1e:be:3c:b7:04:51:ec:27:e4:63:
ca:62:c3:fb:7a:d4:1f:b0:88:38:d2:e9:9b:f4:8a:ae:c1:9a:
d4:ae:81:92:b4:87:6d:7a:cd:54:52:68:87:53:7b:ac:45:46:
e4:b5:77:90:b1:f9:1f:1b:65:2d:47:b4:05:2a:79:b8:3d:0e:
48:56:f2:bc:4a:ae:9d:71:1a:a3:de:81:d9:a8:fc:44:48:1a:
27:6d:88:7d:d1:f9:b2:58:06:5d:a7:a2:d8:af:80:5a:43:92:
e9:d5:fc:f8:56:59:3d:c9:87:33:8e:58:98:42:95:5d:9c:87:
c9:2d:38:cc:bf:ec:d3:ca:bb:97:20:0b:df:4c:52:5e:3c:74:
01:1f:ef:48:3d:b7:1e:b8:69:ed:65:49:13:c2:a3:01:1b:fc:
67:a0:d4:06:2b:ee:19:e0:83:8e:f7:3b:40:08:34:61:97:ea:
fe:d5:6a:3a:a1:d0:78:7d:cb:bc:01:5c:e5:52:55:41:26:be:
f2:9e:87:92:4c:09:d7:ed:00:92:86:8e:2b:5c:21:d3:6b:9e:
c1:90:49:3c:1a:ee:d0:4b:a2:ad:08:9a:3a:8f:23:77:1e:92:
08:05:b3:7e
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUBntZwQi0du9SG3lt4tqZsx0wtR0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNjA1MjUwNjQ2MTBaFw0yNzA1MjQwNjUxMTBaMDMxMTAvBgNV
BAMTKEM4REFCNjA2NTdDRTg5Q0VDQTgyRjZCODQxMzA4NkU1RTEyRTc2NTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfkE+Ucwa8ImwFug44Hi8cus7M
xAXqjck2YWK1Cu64Ksazcy3rWzMJgJmOLcFhs9ne/18OFvbnK1yj3eZjO9QPlDvA
5FCauCj3MyK+2haYIGaZgSNilYKHKfkSYpx4SdOhkCpXaJmyb6W9wysonfQaM2pz
g9EPzJ1oUFmb2YNlPanorjP1AaeAD7cPAeTIU1R6ppFTuzMZ3yEyJHXpd+R0/8ie
uRW5Xkd0x6zokcx2qGuHrTXJ8KwqGTndZ22LfucJdQAxgkRPGFplwLgtUvAMCy2U
ZWvqe3jjq7hE8pcefvav2jYhg1I58Pf0fgS6p0LOcQ0khNPonALggl5ugBivAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUyNq2BlfOic7Kgva4QTCG5eEudlQwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzEzMjJlMzgzMzJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzUzMzMxMzYzOS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC0M
UzANBgkqhkiG9w0BAQsFAAOCAQEAIOuh8NoZ/2eG7ulktZRf7W4p+ff2uge8350e
vjy3BFHsJ+RjymLD+3rUH7CIONLpm/SKrsGa1K6BkrSHbXrNVFJoh1N7rEVG5LV3
kLH5HxtlLUe0BSp5uD0OSFbyvEqunXEao96B2aj8REgaJ22IfdH5slgGXaei2K+A
WkOS6dX8+FZZPcmHM45YmEKVXZyHyS04zL/s08q7lyAL30xSXjx0AR/vSD23Hrhp
7WVJE8KjARv8Z6DUBivuGeCDjvc7QAg0YZfq/tVqOqHQeH3LvAFc5VJVQSa+8p6H
kkwJ1+0AkoaOK1wh02uewZBJPBru0EuirQiaOo8jdx6SCAWzfg==
-----END CERTIFICATE-----
Generated at Thu Jun 4 09:09:31 2026 by rpki-client