Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3135382e35372e302f32342d3234203d3e20323038343833.roa
File: 34352e3135382e35372e302f32342d3234203d3e20323038343833.roa (raw, json)
Hash identifier: 9uSEX6siAhGdg1kP92Wfm3p/QatgRFx9nYNppc+dR8o=
Subject key identifier: 95:08:55:20:5F:90:D5:34:A8:FD:ED:01:C6:77:AD:4C:A3:65:73:BF
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 61F9A5749BE55A4CBDC811CDDB19C58656FF4DBB
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3135382e35372e302f32342d3234203d3e20323038343833.roa
Signing time: Mon 01 Jun 2026 13:47:20 +0000
ROA not before: Mon 01 Jun 2026 13:42:20 +0000
ROA not after: Mon 31 May 2027 13:47:20 +0000
asID: 208483
IP address blocks: 45.158.57.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:f9:a5:74:9b:e5:5a:4c:bd:c8:11:cd:db:19:c5:86:56:ff:4d:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Jun 1 13:42:20 2026 GMT
Not After : May 31 13:47:20 2027 GMT
Subject: CN=950855205F90D534A8FDED01C677AD4CA36573BF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:8b:0a:9a:f0:e0:b8:cc:34:d9:2d:9f:65:a3:
6c:fb:89:1b:0a:89:1b:fd:bd:3a:37:a6:6e:b0:91:
42:46:5d:75:eb:ed:08:1b:7b:cd:25:5e:fc:b6:26:
90:2d:e1:2b:ac:29:ce:5d:64:d2:58:ca:81:ae:a8:
ad:52:13:92:80:f5:21:cd:fa:57:fb:ae:00:c4:bf:
e1:b8:da:42:64:ab:52:cd:3a:bd:2b:da:06:04:3e:
86:96:0e:8f:ed:33:6e:f1:ce:15:fe:dc:f7:9e:e7:
69:98:2e:bb:ca:7a:c8:d8:17:66:0a:ca:c2:48:3f:
ef:b6:4c:2c:64:03:72:45:0c:ba:d1:d6:47:91:84:
7c:3f:51:89:28:66:46:16:6e:96:c8:65:2f:a7:28:
d2:0d:74:3b:a8:b9:6c:9f:66:bb:c6:3e:50:f0:ae:
52:f0:d7:fe:9e:74:65:7d:45:4d:10:46:db:d7:87:
79:10:6a:6c:26:f2:51:e0:3e:a6:ad:65:66:ce:df:
84:d4:06:af:f2:95:20:45:6d:48:01:7f:5e:a0:c7:
de:3b:ea:e1:79:db:45:d8:bf:cc:6d:e5:3d:8c:b9:
92:cf:7f:e8:50:fe:70:5d:52:d5:9a:97:ba:81:f9:
1e:02:b7:dd:cd:52:fa:32:db:1b:12:9d:cf:7a:db:
2d:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:08:55:20:5F:90:D5:34:A8:FD:ED:01:C6:77:AD:4C:A3:65:73:BF
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3135382e35372e302f32342d3234203d3e20323038343833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.57.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:2f:7f:c6:0d:ce:c4:f1:7e:df:54:9b:25:ad:fd:3a:db:6e:
e7:b4:18:88:64:c1:fe:22:91:ed:08:0a:23:db:db:61:dd:e7:
32:51:66:99:c7:63:c1:4e:05:3a:8d:5c:79:8b:a5:36:3d:c7:
4b:59:47:37:ef:a2:d4:25:22:86:2c:60:eb:2b:78:33:2f:e5:
5d:9a:ad:48:ce:23:f5:37:4f:94:46:b8:60:fb:bb:fc:2c:f3:
20:be:90:2d:aa:44:12:25:c3:03:9a:4f:4a:55:12:96:c0:f4:
b0:e8:ae:db:bf:fc:ca:0e:7b:36:58:98:06:53:24:59:d5:e0:
92:20:a5:4c:22:ff:33:46:6b:1a:0e:7f:0d:3e:75:f1:ad:b6:
dc:97:7a:88:bd:b1:b7:a6:1e:87:aa:a2:54:b2:8b:cd:74:25:
52:f5:b4:5d:9c:a2:32:c1:18:8b:19:33:bf:b6:46:cb:d3:79:
bf:3e:16:bf:fb:75:63:b9:18:4d:0a:a9:e2:81:95:6f:9e:49:
fb:2a:32:da:5c:96:0b:52:1c:d6:df:ea:6b:76:c9:93:39:17:
f4:6b:e0:63:c8:36:9c:35:66:6d:41:35:94:cc:2a:04:6a:01:
cf:ac:cf:d6:4f:6f:10:85:ce:1b:e2:62:6b:a2:1c:98:a8:32:
0e:4b:46:31
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUYfmldJvlWky9yBHN2xnFhlb/TbswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNjA2MDExMzQyMjBaFw0yNzA1MzExMzQ3MjBaMDMxMTAvBgNV
BAMTKDk1MDg1NTIwNUY5MEQ1MzRBOEZERUQwMUM2NzdBRDRDQTM2NTczQkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDmiwqa8OC4zDTZLZ9lo2z7iRsK
iRv9vTo3pm6wkUJGXXXr7Qgbe80lXvy2JpAt4SusKc5dZNJYyoGuqK1SE5KA9SHN
+lf7rgDEv+G42kJkq1LNOr0r2gYEPoaWDo/tM27xzhX+3Pee52mYLrvKesjYF2YK
ysJIP++2TCxkA3JFDLrR1keRhHw/UYkoZkYWbpbIZS+nKNINdDuouWyfZrvGPlDw
rlLw1/6edGV9RU0QRtvXh3kQamwm8lHgPqatZWbO34TUBq/ylSBFbUgBf16gx947
6uF520XYv8xt5T2MuZLPf+hQ/nBdUtWal7qB+R4Ct93NUvoy2xsSnc962y1DAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUlQhVIF+Q1TSo/e0BxnetTKNlc78wHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzEzNTM4MmUzNTM3
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDM4MzQzODMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LZ45MA0GCSqGSIb3DQEBCwUAA4IBAQAsL3/GDc7E8X7fVJslrf06227ntBiIZMH+
IpHtCAoj29th3ecyUWaZx2PBTgU6jVx5i6U2PcdLWUc376LUJSKGLGDrK3gzL+Vd
mq1IziP1N0+URrhg+7v8LPMgvpAtqkQSJcMDmk9KVRKWwPSw6K7bv/zKDns2WJgG
UyRZ1eCSIKVMIv8zRmsaDn8NPnXxrbbcl3qIvbG3ph6HqqJUsovNdCVS9bRdnKIy
wRiLGTO/tkbL03m/Pha/+3VjuRhNCqnigZVvnkn7KjLaXJYLUhzW3+prdsmTORf0
a+BjyDacNWZtQTWUzCoEagHPrM/WT28Qhc4b4mJrohyYqDIOS0Yx
-----END CERTIFICATE-----
Generated at Sat Jun 13 13:24:33 2026 by rpki-client