Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e39312e3133382e302f32342d3234203d3e20323032363733.roa
File: 34352e39312e3133382e302f32342d3234203d3e20323032363733.roa (raw, json)
Hash identifier: oQ4Jb+1aiN4pxzPFiuD+0jTNvbErnODlD6UlpQFRdq4=
Subject key identifier: 5F:D5:24:31:E3:73:4B:E9:D8:33:74:19:FD:B9:10:3C:0A:5C:4A:60
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 50809BBD7C48497B918E23090D911CA67D82E076
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e39312e3133382e302f32342d3234203d3e20323032363733.roa
Signing time: Thu 30 Apr 2026 06:06:03 +0000
ROA not before: Thu 30 Apr 2026 06:01:03 +0000
ROA not after: Thu 29 Apr 2027 06:06:03 +0000
asID: 202673
IP address blocks: 45.91.138.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 04 May 2026 02:31:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:80:9b:bd:7c:48:49:7b:91:8e:23:09:0d:91:1c:a6:7d:82:e0:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Apr 30 06:01:03 2026 GMT
Not After : Apr 29 06:06:03 2027 GMT
Subject: CN=5FD52431E3734BE9D8337419FDB9103C0A5C4A60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:26:1d:d6:03:f5:72:c5:63:f9:c8:a1:0b:32:
65:3a:1c:dd:7f:29:8a:34:94:8a:9e:2a:a3:ba:5e:
82:e0:0d:0b:cb:5d:4a:c5:0b:e8:f7:3f:d2:69:92:
5a:24:5c:00:87:09:bb:26:29:11:4d:8f:2a:f1:4e:
06:64:d7:d3:1e:cd:43:59:53:b9:c4:62:4b:73:60:
73:8c:66:f5:f1:41:3f:e4:16:d5:dd:2f:f4:cc:5b:
4d:d6:98:f5:ad:c1:7d:59:56:16:d3:90:da:ba:9f:
4b:d9:8b:5d:73:bd:af:b5:80:08:75:a4:3d:c9:be:
78:5b:83:ab:a3:43:f0:e5:3d:15:af:c6:ba:4d:85:
53:c3:14:a6:0d:53:56:38:43:5a:03:1e:00:72:05:
94:bb:a3:86:20:82:d6:29:c6:9c:56:b2:fb:27:3d:
ee:63:dc:66:41:49:be:03:b7:96:9a:dc:4b:60:b3:
b7:91:e7:5e:3f:61:fb:04:14:cc:7f:be:4e:f1:54:
7c:a4:d1:b9:72:2e:c2:19:71:71:ee:9e:c3:59:81:
69:d5:92:62:5c:41:a7:c0:5e:bb:c0:e8:cb:5f:a0:
d1:29:33:47:40:9f:0d:51:fe:0e:76:3f:9d:43:e7:
83:bc:9a:fd:1a:09:2a:73:0a:62:d0:87:5d:cd:d6:
f3:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:D5:24:31:E3:73:4B:E9:D8:33:74:19:FD:B9:10:3C:0A:5C:4A:60
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e39312e3133382e302f32342d3234203d3e20323032363733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.138.0/24
Signature Algorithm: sha256WithRSAEncryption
42:b9:a6:29:f5:55:cf:0b:a3:ed:32:9b:1c:36:76:40:23:48:
8e:9d:e1:e5:44:95:8f:c1:05:9d:b6:df:16:33:fa:1b:f6:20:
c5:6a:08:8d:36:a0:cb:2e:e8:3e:15:99:cc:a7:b7:28:98:bf:
58:ba:a2:43:14:41:f7:4b:22:a4:64:15:38:32:c4:b2:96:5b:
3f:a0:5f:15:19:f6:fa:b3:e6:63:47:28:80:52:3a:9f:6b:8e:
f2:f0:27:75:a8:a2:d9:ac:dc:2c:01:83:4a:ed:d4:e2:18:1f:
f9:a6:04:eb:c2:2b:42:3d:24:a5:a4:05:98:59:cb:07:ce:c7:
1c:8c:06:89:00:b4:fe:09:ff:45:fc:a0:92:3a:0b:d8:bc:70:
74:82:a9:ec:48:c7:9c:ec:82:c9:9a:b0:b1:77:5a:69:af:e0:
44:fe:2f:0b:5d:80:07:6d:57:d9:02:e0:c4:a4:88:b3:27:64:
b2:4d:23:12:aa:3a:be:7d:29:1f:13:63:d6:ee:64:a5:f0:d3:
96:f7:72:cf:db:7c:fb:b0:74:9d:1d:59:d9:54:07:18:07:95:
ec:85:3f:50:ca:41:a3:7c:e1:f4:73:12:32:4f:99:e8:da:f5:
d3:01:9a:b9:19:94:fb:b1:cb:7d:70:70:87:07:c0:a0:87:fa:
3f:55:1f:42
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUUICbvXxISXuRjiMJDZEcpn2C4HYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNjA0MzAwNjAxMDNaFw0yNzA0MjkwNjA2MDNaMDMxMTAvBgNV
BAMTKDVGRDUyNDMxRTM3MzRCRTlEODMzNzQxOUZEQjkxMDNDMEE1QzRBNjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwJh3WA/VyxWP5yKELMmU6HN1/
KYo0lIqeKqO6XoLgDQvLXUrFC+j3P9JpklokXACHCbsmKRFNjyrxTgZk19MezUNZ
U7nEYktzYHOMZvXxQT/kFtXdL/TMW03WmPWtwX1ZVhbTkNq6n0vZi11zva+1gAh1
pD3Jvnhbg6ujQ/DlPRWvxrpNhVPDFKYNU1Y4Q1oDHgByBZS7o4YggtYpxpxWsvsn
Pe5j3GZBSb4Dt5aa3Etgs7eR514/YfsEFMx/vk7xVHyk0blyLsIZcXHunsNZgWnV
kmJcQafAXrvA6MtfoNEpM0dAnw1R/g52P51D54O8mv0aCSpzCmLQh13N1vM5AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUX9UkMeNzS+nYM3QZ/bkQPApcSmAwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzkzMTJlMzEzMzM4
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDMyMzYzNzMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LVuKMA0GCSqGSIb3DQEBCwUAA4IBAQBCuaYp9VXPC6PtMpscNnZAI0iOneHlRJWP
wQWdtt8WM/ob9iDFagiNNqDLLug+FZnMp7comL9YuqJDFEH3SyKkZBU4MsSylls/
oF8VGfb6s+ZjRyiAUjqfa47y8Cd1qKLZrNwsAYNK7dTiGB/5pgTrwitCPSSlpAWY
WcsHzsccjAaJALT+Cf9F/KCSOgvYvHB0gqnsSMec7ILJmrCxd1ppr+BE/i8LXYAH
bVfZAuDEpIizJ2SyTSMSqjq+fSkfE2PW7mSl8NOW93LP23z7sHSdHVnZVAcYB5Xs
hT9QykGjfOH0cxIyT5no2vXTAZq5GZT7sct9cHCHB8Cgh/o/VR9C
-----END CERTIFICATE-----
Generated at Sun May 3 18:35:51 2026 by rpki-client