Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3133372e39372e302f32342d3234203d3e20313432313131.roa
File: 34352e3133372e39372e302f32342d3234203d3e20313432313131.roa (raw, json)
Hash identifier: Pqs3+jNngcGzpbSCZJqkRO27iGjLf9cSgl4HQdGpQd4=
Subject key identifier: 38:48:C1:86:3B:E5:A5:2D:69:0D:5E:DF:30:76:E7:AD:82:B6:24:84
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 556565A98F38350EA82DA4251FD7750D08D46A90
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3133372e39372e302f32342d3234203d3e20313432313131.roa
Signing time: Mon 01 Jun 2026 21:47:23 +0000
ROA not before: Mon 01 Jun 2026 21:42:23 +0000
ROA not after: Mon 31 May 2027 21:47:23 +0000
asID: 142111
IP address blocks: 45.137.97.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 05 Jun 2026 03:43:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:65:65:a9:8f:38:35:0e:a8:2d:a4:25:1f:d7:75:0d:08:d4:6a:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Jun 1 21:42:23 2026 GMT
Not After : May 31 21:47:23 2027 GMT
Subject: CN=3848C1863BE5A52D690D5EDF3076E7AD82B62484
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:43:b1:02:35:1e:59:a8:e8:1a:2b:b4:1f:65:
cc:f6:40:27:1b:fe:5e:59:18:23:86:52:0b:8b:62:
b4:9f:75:c7:d2:7d:56:2e:b4:9c:ab:45:55:bf:be:
3c:4c:1d:02:1c:5c:87:e8:9d:80:45:56:49:fe:97:
53:37:44:1e:11:dc:f6:c7:6c:a3:26:99:9e:ef:59:
f7:2e:9a:29:97:33:a5:a4:fc:de:9f:95:6c:09:79:
e3:66:69:24:ce:f8:e9:2c:0a:31:24:62:87:61:14:
33:89:fb:d0:e8:f5:3b:87:2a:67:f2:86:25:8c:2a:
39:63:9b:72:2c:5a:d5:26:e3:b0:57:10:54:18:34:
57:ff:9f:07:3e:d2:6c:c4:56:46:19:c9:6a:b1:b2:
ad:c1:66:92:fa:c1:a4:59:b9:0c:78:1f:e6:ea:7a:
95:4f:74:4f:86:ed:f1:6a:68:d5:f3:7f:4f:b3:30:
e5:5b:f9:d8:16:c6:a2:21:3a:88:d6:01:c5:e6:89:
f7:72:40:73:89:db:78:7e:1e:e5:1d:55:86:de:7a:
a0:6c:6d:95:40:f6:d4:f1:5a:91:d0:eb:e6:bd:47:
dd:fe:53:2c:dd:11:79:6f:eb:91:6e:ca:8a:2e:a9:
e6:72:87:08:17:5f:27:9c:54:d3:70:24:56:22:07:
62:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:48:C1:86:3B:E5:A5:2D:69:0D:5E:DF:30:76:E7:AD:82:B6:24:84
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3133372e39372e302f32342d3234203d3e20313432313131.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.97.0/24
Signature Algorithm: sha256WithRSAEncryption
40:54:f6:70:9b:99:9a:92:a9:10:dc:d8:26:69:96:b4:37:d1:
55:cd:32:7c:8e:02:64:8a:b8:a9:a0:31:65:50:30:4d:76:06:
95:f1:57:6e:7d:ac:9e:36:90:c0:09:f6:92:0a:30:fc:75:ac:
ee:5a:5e:61:07:3e:99:d3:4b:c8:7e:0a:e2:3f:9a:3e:e2:01:
fa:e2:57:84:55:4b:71:be:1c:25:41:0b:77:2d:c0:ff:71:31:
ce:d8:94:62:84:5d:2c:26:0f:44:5d:f1:c9:e4:8a:fd:4a:f3:
37:de:7f:91:2c:42:f1:ed:44:af:bc:47:0a:3d:4f:00:cc:2a:
2e:03:3e:66:ee:b0:c4:48:49:87:c6:58:3f:17:5d:b4:f0:b0:
c3:be:ee:f1:34:a8:37:fc:79:fe:fb:8c:35:92:a4:46:d0:fc:
e3:cc:a5:e0:db:fc:22:15:d0:ef:51:e8:9c:58:97:61:de:a3:
8e:18:e2:f4:51:37:e1:40:6a:ae:0a:de:4e:46:03:90:76:5b:
51:79:ad:4e:2f:47:4c:cc:a8:b0:b1:85:cd:ea:0e:a0:dd:bc:
03:ff:46:a5:86:a0:36:6d:52:f5:6a:0f:ab:6c:bb:44:18:f9:
69:ad:b0:11:5d:ae:a5:25:e7:8e:de:19:a4:0e:26:49:1b:6a:
ef:67:8d:39
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUVWVlqY84NQ6oLaQlH9d1DQjUapAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNjA2MDEyMTQyMjNaFw0yNzA1MzEyMTQ3MjNaMDMxMTAvBgNV
BAMTKDM4NDhDMTg2M0JFNUE1MkQ2OTBENUVERjMwNzZFN0FEODJCNjI0ODQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZQ7ECNR5ZqOgaK7QfZcz2QCcb
/l5ZGCOGUguLYrSfdcfSfVYutJyrRVW/vjxMHQIcXIfonYBFVkn+l1M3RB4R3PbH
bKMmmZ7vWfcumimXM6Wk/N6flWwJeeNmaSTO+OksCjEkYodhFDOJ+9Do9TuHKmfy
hiWMKjljm3IsWtUm47BXEFQYNFf/nwc+0mzEVkYZyWqxsq3BZpL6waRZuQx4H+bq
epVPdE+G7fFqaNXzf0+zMOVb+dgWxqIhOojWAcXmifdyQHOJ23h+HuUdVYbeeqBs
bZVA9tTxWpHQ6+a9R93+UyzdEXlv65FuyoouqeZyhwgXXyecVNNwJFYiB2KFAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUOEjBhjvlpS1pDV7fMHbnrYK2JIQwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzEzMzM3MmUzOTM3
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzNDMyMzEzMTMxLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LYlhMA0GCSqGSIb3DQEBCwUAA4IBAQBAVPZwm5makqkQ3NgmaZa0N9FVzTJ8jgJk
iripoDFlUDBNdgaV8VdufayeNpDACfaSCjD8dazuWl5hBz6Z00vIfgriP5o+4gH6
4leEVUtxvhwlQQt3LcD/cTHO2JRihF0sJg9EXfHJ5Ir9SvM33n+RLELx7USvvEcK
PU8AzCouAz5m7rDESEmHxlg/F1208LDDvu7xNKg3/Hn++4w1kqRG0PzjzKXg2/wi
FdDvUeicWJdh3qOOGOL0UTfhQGquCt5ORgOQdltRea1OL0dMzKiwsYXN6g6g3bwD
/0alhqA2bVL1ag+rbLtEGPlprbARXa6lJeeO3hmkDiZJG2rvZ405
-----END CERTIFICATE-----
Generated at Thu Jun 4 09:11:58 2026 by rpki-client