Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3135382e35392e302f32342d3234203d3e20313939313836.roa
File: 34352e3135382e35392e302f32342d3234203d3e20313939313836.roa (raw, json)
Hash identifier: VYmGtFUmzyqsopshemjj1Idh5vG7SkuV3Iy70eHvrc4=
Subject key identifier: C7:D3:3B:45:D3:28:A0:C8:56:FA:33:5F:C8:70:35:50:A9:FC:EC:F2
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 696D59931044AB2CA50829F308D080039DB75227
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3135382e35392e302f32342d3234203d3e20313939313836.roa
Signing time: Wed 29 Apr 2026 07:13:36 +0000
ROA not before: Wed 29 Apr 2026 07:08:36 +0000
ROA not after: Wed 28 Apr 2027 07:13:36 +0000
asID: 199186
IP address blocks: 45.158.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 02 May 2026 13:38:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:6d:59:93:10:44:ab:2c:a5:08:29:f3:08:d0:80:03:9d:b7:52:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Apr 29 07:08:36 2026 GMT
Not After : Apr 28 07:13:36 2027 GMT
Subject: CN=C7D33B45D328A0C856FA335FC8703550A9FCECF2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:4c:b2:29:ee:aa:a0:45:78:06:f6:39:b5:7f:
a3:45:35:25:d8:4d:ae:47:e5:3b:ce:e4:5a:87:00:
ed:c1:6a:ff:48:89:02:a4:fa:db:b0:5f:59:53:ae:
a5:ab:59:34:ca:9e:1a:e1:29:a4:d3:34:a5:16:f8:
6f:2a:bd:8a:4c:30:85:f1:a6:70:1b:ba:92:f2:1c:
c7:4e:4b:4c:09:76:83:c1:26:3d:e8:c4:e8:d6:cc:
dc:2e:06:5f:42:a7:e0:33:61:90:9d:f9:b6:06:5e:
ee:b2:b9:fc:f8:47:53:fb:82:d4:07:b7:06:e4:4b:
38:de:0c:b1:f8:7a:ca:ce:4d:ce:75:fe:0a:65:0c:
8f:e5:7c:d6:e2:ad:b7:8e:18:b7:8a:89:40:03:04:
5c:b3:a5:3d:cb:d0:8a:88:a8:c5:3f:36:72:cf:86:
e0:dd:24:62:67:61:ee:98:91:eb:79:21:24:ab:44:
fa:07:0d:2e:0a:1d:08:73:03:d9:2a:ef:f6:f9:e7:
23:f9:df:2d:8d:84:6d:15:d9:68:1f:fa:41:28:5a:
91:cc:fc:0e:57:95:b6:d6:11:b5:2b:85:1b:c2:9f:
22:be:8b:ee:3f:f7:52:a6:e2:1a:72:ee:b4:77:e6:
a3:f3:0e:d8:5f:24:df:fa:ab:e3:8d:69:33:9a:75:
88:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:D3:3B:45:D3:28:A0:C8:56:FA:33:5F:C8:70:35:50:A9:FC:EC:F2
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3135382e35392e302f32342d3234203d3e20313939313836.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.59.0/24
Signature Algorithm: sha256WithRSAEncryption
55:4f:7e:67:e4:74:42:9c:a7:7a:91:de:58:6b:30:35:f4:b6:
9c:c9:21:78:d9:2b:65:90:a9:23:46:e8:6e:38:3f:f3:a8:5e:
43:c1:0f:33:d1:56:c8:e6:c6:e1:84:6e:f6:c5:30:3b:20:19:
1b:70:fa:2a:27:93:de:40:b2:92:64:bc:3a:e7:09:6b:8c:7b:
44:cc:1d:fb:84:aa:54:17:ff:35:4a:4a:c0:08:dc:dd:c1:1b:
8b:25:64:36:8c:68:a8:dd:cc:10:cb:5e:e4:b1:1b:6e:f0:ab:
66:d5:a3:b1:42:97:6e:d4:68:28:3f:2d:82:ab:59:7e:89:7a:
e3:e3:55:08:9c:d8:cb:2d:33:e9:c0:5c:8b:78:1a:d1:d9:29:
3d:3c:96:38:4f:d5:ec:4d:8b:1e:42:97:5a:ed:d6:c0:06:08:
da:d3:14:e9:db:76:dc:12:93:1b:71:28:75:bc:bd:59:da:83:
7f:01:ad:d1:78:3e:1f:6c:fa:be:99:e9:4a:f2:26:10:4b:c9:
49:40:ec:4d:f4:cc:3b:ad:6e:48:be:73:cc:7f:99:54:ca:b7:
25:07:fe:1c:a6:40:55:df:46:f9:88:c7:bb:43:30:b1:7a:72:
c2:a7:f9:b1:7c:cc:81:b1:3d:cf:62:d2:03:a6:eb:83:2f:ee:
72:ed:3b:d7
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUaW1ZkxBEqyylCCnzCNCAA523UicwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNjA0MjkwNzA4MzZaFw0yNzA0MjgwNzEzMzZaMDMxMTAvBgNV
BAMTKEM3RDMzQjQ1RDMyOEEwQzg1NkZBMzM1RkM4NzAzNTUwQTlGQ0VDRjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWTLIp7qqgRXgG9jm1f6NFNSXY
Ta5H5TvO5FqHAO3Bav9IiQKk+tuwX1lTrqWrWTTKnhrhKaTTNKUW+G8qvYpMMIXx
pnAbupLyHMdOS0wJdoPBJj3oxOjWzNwuBl9Cp+AzYZCd+bYGXu6yufz4R1P7gtQH
twbkSzjeDLH4esrOTc51/gplDI/lfNbirbeOGLeKiUADBFyzpT3L0IqIqMU/NnLP
huDdJGJnYe6Yket5ISSrRPoHDS4KHQhzA9kq7/b55yP53y2NhG0V2Wgf+kEoWpHM
/A5XlbbWEbUrhRvCnyK+i+4/91Km4hpy7rR35qPzDthfJN/6q+ONaTOadYjDAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUx9M7RdMooMhW+jNfyHA1UKn87PIwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzEzNTM4MmUzNTM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzOTM5MzEzODM2LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LZ47MA0GCSqGSIb3DQEBCwUAA4IBAQBVT35n5HRCnKd6kd5YazA19LacySF42Stl
kKkjRuhuOD/zqF5DwQ8z0VbI5sbhhG72xTA7IBkbcPoqJ5PeQLKSZLw65wlrjHtE
zB37hKpUF/81SkrACNzdwRuLJWQ2jGio3cwQy17ksRtu8Ktm1aOxQpdu1GgoPy2C
q1l+iXrj41UInNjLLTPpwFyLeBrR2Sk9PJY4T9XsTYseQpda7dbABgja0xTp23bc
EpMbcSh1vL1Z2oN/Aa3ReD4fbPq+melK8iYQS8lJQOxN9Mw7rW5IvnPMf5lUyrcl
B/4cpkBV30b5iMe7QzCxenLCp/mxfMyBsT3PYtIDpuuDL+5y7TvX
-----END CERTIFICATE-----
Generated at Fri May 1 19:14:58 2026 by rpki-client