Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3133372e39372e302f32342d3234203d3e20313532363732.roa
File: 34352e3133372e39372e302f32342d3234203d3e20313532363732.roa (raw, json)
Hash identifier: MqfTcSXyVtUljC/tLabg0s+Ov2UQX930XhIUgODaAAc=
Subject key identifier: 37:64:B2:92:BA:3D:A4:2D:19:25:5F:CB:88:E5:D1:7F:53:15:2A:71
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 73DE37AAF5EE3E12045296DF72C5F146C82EFEA4
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3133372e39372e302f32342d3234203d3e20313532363732.roa
Signing time: Mon 01 Jun 2026 06:47:20 +0000
ROA not before: Mon 01 Jun 2026 06:42:20 +0000
ROA not after: Mon 31 May 2027 06:47:20 +0000
asID: 152672
IP address blocks: 45.137.97.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 05 Jun 2026 03:43:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:de:37:aa:f5:ee:3e:12:04:52:96:df:72:c5:f1:46:c8:2e:fe:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Jun 1 06:42:20 2026 GMT
Not After : May 31 06:47:20 2027 GMT
Subject: CN=3764B292BA3DA42D19255FCB88E5D17F53152A71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:fd:4e:2a:bb:72:9f:1d:b5:68:ae:1d:ef:d3:
58:2b:bb:8a:6f:e4:f6:24:f0:05:15:40:7d:e6:7d:
53:e7:53:c2:a0:5b:a9:d2:ee:35:35:8d:b4:84:54:
99:fe:2d:40:31:02:a2:e0:0d:e7:fc:dc:e3:ce:e8:
ca:08:0b:25:45:27:6a:d7:cd:7f:a9:9a:a4:72:33:
09:28:d7:6e:d2:86:eb:73:e4:c8:b5:9c:63:30:5c:
c2:0d:f7:5f:4b:ab:03:cc:cb:01:9b:e9:da:af:46:
d2:44:be:4f:a0:cc:a0:d1:0b:9e:30:da:d1:f8:7e:
29:4f:59:d7:fd:e0:8b:d8:9d:52:f1:6d:2d:c6:c9:
c2:52:b8:94:76:e3:37:6a:9a:e9:4b:4c:4e:9e:49:
44:c7:f7:9f:e1:15:ca:79:47:8a:62:df:f9:c6:09:
aa:c2:7a:24:e4:24:fd:81:20:ad:d4:72:37:d2:97:
b6:f6:74:97:c8:af:6f:f2:97:60:ae:ea:fd:fa:b8:
ba:e1:a8:73:81:b8:84:2e:f7:40:53:b1:0e:8a:b6:
ce:fd:78:c9:dd:78:42:bc:34:b8:7f:bf:e9:3e:1e:
5b:7d:53:69:40:85:f0:ad:4e:50:81:98:2e:8b:dc:
5b:02:a0:f5:e4:67:e4:e5:b9:34:5d:f7:de:b6:dc:
a7:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:64:B2:92:BA:3D:A4:2D:19:25:5F:CB:88:E5:D1:7F:53:15:2A:71
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3133372e39372e302f32342d3234203d3e20313532363732.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.97.0/24
Signature Algorithm: sha256WithRSAEncryption
60:80:31:e8:47:7a:a5:ae:44:75:37:c2:4c:d4:63:15:06:bc:
5a:87:e1:50:80:da:b5:69:b9:8a:43:ef:62:d9:28:1b:c2:84:
9f:53:33:d6:27:44:4d:dd:5d:b8:74:8b:a8:70:d4:6e:6c:37:
53:90:38:db:45:74:b8:e8:fa:5c:f4:0a:d8:8d:5f:d0:98:f3:
3b:97:5e:4d:99:12:79:4f:05:fc:47:4f:14:39:d6:ba:55:a7:
16:83:60:fb:81:95:6f:28:0e:38:e6:38:e0:ee:e3:ff:21:24:
58:97:14:56:32:cb:72:74:7f:d1:81:64:9c:86:70:5d:8a:0d:
92:44:20:07:c2:e5:07:db:87:bb:ff:00:7c:3c:72:70:5c:3e:
22:32:8f:a5:86:c9:00:8d:80:c5:e4:ec:42:c2:fa:71:a5:04:
a6:65:22:b8:56:bb:f7:01:ef:75:cb:8c:d8:c2:ad:d0:a3:bf:
7d:f6:fa:b6:b7:44:71:43:b1:34:73:db:3e:c8:76:d4:2d:ef:
45:b1:b5:91:ae:83:34:7d:31:e1:0d:15:53:b4:4b:f3:db:5a:
de:f1:9b:69:69:4b:0b:3e:25:38:43:1a:5e:0f:12:14:2c:f7:
19:e7:23:fc:20:b7:5a:7f:44:62:36:6e:03:8f:82:0f:fa:ba:
2a:ef:28:ef
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUc943qvXuPhIEUpbfcsXxRsgu/qQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNjA2MDEwNjQyMjBaFw0yNzA1MzEwNjQ3MjBaMDMxMTAvBgNV
BAMTKDM3NjRCMjkyQkEzREE0MkQxOTI1NUZDQjg4RTVEMTdGNTMxNTJBNzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCW/U4qu3KfHbVorh3v01gru4pv
5PYk8AUVQH3mfVPnU8KgW6nS7jU1jbSEVJn+LUAxAqLgDef83OPO6MoICyVFJ2rX
zX+pmqRyMwko127Shutz5Mi1nGMwXMIN919LqwPMywGb6dqvRtJEvk+gzKDRC54w
2tH4filPWdf94IvYnVLxbS3GycJSuJR24zdqmulLTE6eSUTH95/hFcp5R4pi3/nG
CarCeiTkJP2BIK3UcjfSl7b2dJfIr2/yl2Cu6v36uLrhqHOBuIQu90BTsQ6Kts79
eMndeEK8NLh/v+k+Hlt9U2lAhfCtTlCBmC6L3FsCoPXkZ+TluTRd99623KdJAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUN2Sykro9pC0ZJV/LiOXRf1MVKnEwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzEzMzM3MmUzOTM3
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzNTMyMzYzNzMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LYlhMA0GCSqGSIb3DQEBCwUAA4IBAQBggDHoR3qlrkR1N8JM1GMVBrxah+FQgNq1
abmKQ+9i2SgbwoSfUzPWJ0RN3V24dIuocNRubDdTkDjbRXS46Ppc9ArYjV/QmPM7
l15NmRJ5TwX8R08UOda6VacWg2D7gZVvKA445jjg7uP/ISRYlxRWMstydH/RgWSc
hnBdig2SRCAHwuUH24e7/wB8PHJwXD4iMo+lhskAjYDF5OxCwvpxpQSmZSK4Vrv3
Ae91y4zYwq3Qo7999vq2t0RxQ7E0c9s+yHbULe9FsbWRroM0fTHhDRVTtEvz21re
8ZtpaUsLPiU4QxpeDxIULPcZ5yP8ILdaf0RiNm4Dj4IP+roq7yjv
-----END CERTIFICATE-----
Generated at Thu Jun 4 09:10:50 2026 by rpki-client