Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS34989.roa
File: AS34989.roa (raw, json)
Hash identifier: Frn85HijxDk/AcF/uE+onMWESooyIMG5ZjhqdHD4jUs=
Subject key identifier: B9:2A:EE:14:BA:F4:94:E5:CF:C5:75:02:10:33:4A:A9:79:88:A1:02
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 7848FE0FB623356F65E0407A47ABB334A772D68F
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS34989.roa
Signing time: Wed 29 Apr 2026 19:09:00 +0000
ROA not before: Wed 29 Apr 2026 19:04:00 +0000
ROA not after: Wed 28 Apr 2027 19:09:00 +0000
asID: 34989
IP address blocks: 91.124.221.0/24 maxlen: 24
95.135.68.0/24 maxlen: 24
95.135.84.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 30 Apr 2026 21:05:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:48:fe:0f:b6:23:35:6f:65:e0:40:7a:47:ab:b3:34:a7:72:d6:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Apr 29 19:04:00 2026 GMT
Not After : Apr 28 19:09:00 2027 GMT
Subject: CN=B92AEE14BAF494E5CFC5750210334AA97988A102
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:d6:1d:8a:26:2d:bd:98:83:7f:74:01:3b:63:
23:15:36:f4:16:26:b3:14:33:d7:fa:d6:12:44:30:
30:3b:66:4e:cc:6b:89:1d:5c:e5:22:4e:91:ef:30:
c9:4e:b0:ad:fd:fd:9b:92:89:50:32:bd:ad:b1:c1:
7c:a4:95:27:b9:de:fe:a1:8b:41:0e:47:12:cf:c7:
df:6a:f1:14:20:8d:a4:0c:57:ca:db:43:08:6a:8c:
26:8b:75:73:25:3a:1c:59:da:07:9e:b5:26:44:54:
1c:2b:36:bd:89:7b:26:b1:5d:63:12:9f:da:32:d6:
c8:ec:78:a2:ed:0e:94:91:de:25:66:09:8b:3d:23:
c6:c7:60:6d:10:8b:b0:1a:13:35:e4:49:75:5a:74:
1f:15:2a:c5:91:7d:90:86:1c:6a:03:5e:28:24:7d:
de:5e:68:65:7f:ca:45:c7:f1:67:d7:d5:ca:80:52:
1a:17:4e:ec:64:07:8b:f4:71:b9:58:b3:29:38:24:
8e:d8:d8:8e:e9:46:9e:a2:71:8d:60:f9:a8:68:9e:
fb:b3:62:fb:b0:30:ae:93:dd:b7:34:56:03:f9:37:
1c:ba:4f:5e:c6:11:08:b6:5c:c7:75:28:f0:9e:2c:
94:89:b0:d7:da:94:e2:98:75:a1:f7:6b:70:28:48:
f9:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:2A:EE:14:BA:F4:94:E5:CF:C5:75:02:10:33:4A:A9:79:88:A1:02
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS34989.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.124.221.0/24
95.135.68.0/24
95.135.84.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:1c:15:ac:48:66:5a:40:bf:55:f7:dc:c7:54:b4:04:9a:1e:
de:8c:07:be:cb:55:e9:20:92:1c:db:00:99:74:10:41:4d:a9:
f3:11:10:e6:a6:c2:85:54:e1:2b:cb:ae:b0:c8:e4:5b:ce:96:
c7:3d:ef:1b:4a:62:d5:6c:ff:bc:24:e4:01:90:06:12:e5:89:
f0:1d:22:93:54:b6:a7:c6:e1:18:54:8b:52:79:b4:78:4d:f5:
4f:c1:19:08:be:21:78:7d:1e:90:67:53:8f:74:e4:f2:83:ac:
a3:d7:92:e7:ba:06:52:a7:83:6b:cf:00:17:34:8a:56:e2:70:
96:3b:ac:d2:ac:e0:a1:b4:aa:e4:9e:d9:44:e5:47:c4:68:cf:
b5:c0:cc:a4:7e:41:69:88:79:31:97:4e:bc:85:f4:2d:33:8f:
18:44:81:6f:09:56:9a:26:81:03:13:1f:ef:02:28:2e:b4:20:
50:d0:8d:b0:df:4f:0e:da:f7:b5:39:28:b2:f9:13:b5:14:0d:
01:48:f2:7e:f9:47:0a:93:74:3f:46:81:41:9a:e5:97:a8:ff:
35:dc:8c:c6:29:a1:26:fc:69:78:7e:9a:4f:60:6a:9f:c3:16:
4a:89:d7:b5:a8:89:4f:2a:b7:80:db:d1:32:12:95:5e:0d:05:
ce:b7:fb:9a
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIUeEj+D7YjNW9l4EB6R6uzNKdy1o8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNjA0MjkxOTA0MDBaFw0yNzA0MjgxOTA5MDBaMDMxMTAvBgNV
BAMTKEI5MkFFRTE0QkFGNDk0RTVDRkM1NzUwMjEwMzM0QUE5Nzk4OEExMDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/1h2KJi29mIN/dAE7YyMVNvQW
JrMUM9f61hJEMDA7Zk7Ma4kdXOUiTpHvMMlOsK39/ZuSiVAyva2xwXyklSe53v6h
i0EORxLPx99q8RQgjaQMV8rbQwhqjCaLdXMlOhxZ2geetSZEVBwrNr2JeyaxXWMS
n9oy1sjseKLtDpSR3iVmCYs9I8bHYG0Qi7AaEzXkSXVadB8VKsWRfZCGHGoDXigk
fd5eaGV/ykXH8WfX1cqAUhoXTuxkB4v0cblYsyk4JI7Y2I7pRp6icY1g+ahonvuz
YvuwMK6T3bc0VgP5Nxy6T17GEQi2XMd1KPCeLJSJsNfalOKYdaH3a3AoSPmDAgMB
AAGjggIVMIICETAdBgNVHQ4EFgQUuSruFLr0lOXPxXUCEDNKqXmIoQIwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMzQ5ODkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBIDBABbfN0D
BABfh0QDBABfh1QwDQYJKoZIhvcNAQELBQADggEBAC0cFaxIZlpAv1X33MdUtASa
Ht6MB77LVekgkhzbAJl0EEFNqfMREOamwoVU4SvLrrDI5FvOlsc97xtKYtVs/7wk
5AGQBhLlifAdIpNUtqfG4RhUi1J5tHhN9U/BGQi+IXh9HpBnU4905PKDrKPXkue6
BlKng2vPABc0ilbicJY7rNKs4KG0quSe2UTlR8Roz7XAzKR+QWmIeTGXTryF9C0z
jxhEgW8JVpomgQMTH+8CKC60IFDQjbDfTw7a97U5KLL5E7UUDQFI8n75RwqTdD9G
gUGa5Zeo/zXcjMYpoSb8aXh+mk9gap/DFkqJ17WoiU8qt4Db0TISlV4NBc63+5o=
-----END CERTIFICATE-----
Generated at Thu Apr 30 08:22:42 2026 by rpki-client