Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/34352e3134392e3135322e302f32342d3234203d3e203235313630.roa
File: 34352e3134392e3135322e302f32342d3234203d3e203235313630.roa (raw, json)
Hash identifier: LQqWRc5RiRnrFMSHCeqJMpc6vcXWST3+o1UDPgKt7+k=
Subject key identifier: 41:67:B2:69:4C:4E:8A:CC:F9:6B:C5:9F:C5:1A:78:C0:D6:5D:5A:73
Certificate issuer: /CN=e1f3512f51dc42bb9eb12abc0bb529668b2edee4
Certificate serial: 76BD27E2B49F6E0F733BE18F8474D2A62E820666
Authority key identifier: E1:F3:51:2F:51:DC:42:BB:9E:B1:2A:BC:0B:B5:29:66:8B:2E:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4fNRL1HcQruesSq8C7UpZosu3uQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/34352e3134392e3135322e302f32342d3234203d3e203235313630.roa
Signing time: Fri 24 Apr 2026 12:47:05 +0000
ROA not before: Fri 24 Apr 2026 12:42:05 +0000
ROA not after: Fri 23 Apr 2027 12:47:05 +0000
asID: 25160
IP address blocks: 45.149.152.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/E1F3512F51DC42BB9EB12ABC0BB529668B2EDEE4.crl
rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/E1F3512F51DC42BB9EB12ABC0BB529668B2EDEE4.mft
rsync://rpki.ripe.net/repository/DEFAULT/4fNRL1HcQruesSq8C7UpZosu3uQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 00:20:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:bd:27:e2:b4:9f:6e:0f:73:3b:e1:8f:84:74:d2:a6:2e:82:06:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e1f3512f51dc42bb9eb12abc0bb529668b2edee4
Validity
Not Before: Apr 24 12:42:05 2026 GMT
Not After : Apr 23 12:47:05 2027 GMT
Subject: CN=4167B2694C4E8ACCF96BC59FC51A78C0D65D5A73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:62:42:ad:e6:13:f2:24:1b:16:dc:ec:56:19:
ca:24:07:9a:42:4c:a6:0c:e5:a3:04:60:0a:6b:2f:
5b:10:18:3e:3f:35:9e:51:bb:8f:46:cd:26:41:63:
bb:e0:a0:fd:40:a5:9b:03:8d:37:2b:3c:6f:08:b2:
29:8d:be:1b:f9:cb:a8:f9:0c:eb:ab:c5:aa:0c:16:
68:b4:15:00:cf:e3:23:42:a0:05:c3:3d:d5:5a:70:
06:ab:8a:42:3b:b7:e6:56:0a:a7:5a:1a:1b:d9:ce:
51:38:12:d4:00:69:ad:c5:01:38:21:1d:e3:a2:87:
69:bc:fb:8a:0d:a6:e4:2b:dc:69:95:aa:0e:e1:98:
a1:94:b6:0c:8e:9d:13:ac:b2:35:ce:cc:89:df:cd:
57:e3:a1:41:74:7f:c9:07:64:ca:fa:06:24:50:10:
f4:84:5a:cc:28:d5:4f:df:b2:de:e1:b1:97:85:06:
79:10:93:d9:ba:ae:9b:1b:39:b9:48:68:02:69:ae:
56:28:b2:f1:4d:62:b3:4d:fc:ad:d7:6b:d6:57:54:
b1:12:b2:04:4e:2b:29:f5:36:7c:c5:4f:7e:6c:fb:
80:f2:a8:b6:f9:ba:0d:7a:b3:4c:8c:99:de:cb:da:
81:bf:c7:f2:82:c9:79:eb:3c:ad:5c:09:a0:8b:6c:
e2:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:67:B2:69:4C:4E:8A:CC:F9:6B:C5:9F:C5:1A:78:C0:D6:5D:5A:73
X509v3 Authority Key Identifier:
keyid:E1:F3:51:2F:51:DC:42:BB:9E:B1:2A:BC:0B:B5:29:66:8B:2E:DE:E4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/E1F3512F51DC42BB9EB12ABC0BB529668B2EDEE4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4fNRL1HcQruesSq8C7UpZosu3uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/34352e3134392e3135322e302f32342d3234203d3e203235313630.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.152.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:4b:f6:9e:2e:a2:c0:79:49:be:ac:d3:3d:8a:ec:8b:4e:38:
de:cb:b8:0c:31:8c:69:ed:cc:0a:61:5b:99:94:10:71:fd:92:
46:d8:c7:23:b7:ca:0f:de:c8:76:f5:68:fc:26:0b:90:52:48:
71:8b:80:90:38:49:06:7a:a7:d1:f9:b7:08:ef:3e:25:a2:67:
d3:85:bf:07:db:36:a3:b4:45:5c:53:fc:36:24:0d:7e:26:9a:
b5:6a:c1:98:b2:2e:22:96:b6:28:46:76:aa:86:43:95:40:23:
84:f0:18:c4:58:47:0f:fd:6a:32:2c:16:56:6e:22:a6:ca:42:
67:33:b1:cf:c7:4d:12:4c:3f:9f:8f:33:af:8a:8e:01:63:88:
a4:ad:5c:16:1a:06:b9:02:c6:1e:55:2c:fd:7f:65:cb:cc:b8:
15:6a:d7:23:4d:08:b0:79:f3:e3:1f:1c:b5:57:03:3a:b9:93:
08:b8:38:a6:0e:eb:1d:3f:de:1a:67:5f:56:a4:e9:9c:9d:84:
94:39:e2:eb:61:52:8a:0d:40:e1:9b:41:97:24:6f:8f:38:3f:
08:1d:ef:31:7c:5a:b7:36:fd:9f:c5:e1:46:3e:6b:6b:04:21:
99:05:fe:11:6a:93:7a:31:ee:a0:6b:ae:f3:46:68:0f:29:17:
63:9a:e1:d4
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUdr0n4rSfbg9zO+GPhHTSpi6CBmYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTFmMzUxMmY1MWRjNDJiYjllYjEyYWJjMGJiNTI5NjY4
YjJlZGVlNDAeFw0yNjA0MjQxMjQyMDVaFw0yNzA0MjMxMjQ3MDVaMDMxMTAvBgNV
BAMTKDQxNjdCMjY5NEM0RThBQ0NGOTZCQzU5RkM1MUE3OEMwRDY1RDVBNzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSYkKt5hPyJBsW3OxWGcokB5pC
TKYM5aMEYAprL1sQGD4/NZ5Ru49GzSZBY7vgoP1ApZsDjTcrPG8IsimNvhv5y6j5
DOurxaoMFmi0FQDP4yNCoAXDPdVacAarikI7t+ZWCqdaGhvZzlE4EtQAaa3FATgh
HeOih2m8+4oNpuQr3GmVqg7hmKGUtgyOnROssjXOzInfzVfjoUF0f8kHZMr6BiRQ
EPSEWswo1U/fst7hsZeFBnkQk9m6rpsbOblIaAJprlYosvFNYrNN/K3Xa9ZXVLES
sgROKyn1NnzFT35s+4DyqLb5ug16s0yMmd7L2oG/x/KCyXnrPK1cCaCLbOIlAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUQWeyaUxOisz5a8WfxRp4wNZdWnMwHwYDVR0j
BBgwFoAU4fNRL1HcQruesSq8C7UpZosu3uQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTNjZGM2NDgtZDIwMy00NjJhLWJkMGYtZWMxYjYwZDg3
OWE3LzAvRTFGMzUxMkY1MURDNDJCQjlFQjEyQUJDMEJCNTI5NjY4QjJFREVFNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzRmTlJMMUhjUXJ1ZXNTcThDN1VwWm9z
dTN1US5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTNjZGM2NDgt
ZDIwMy00NjJhLWJkMGYtZWMxYjYwZDg3OWE3LzAvMzQzNTJlMzEzNDM5MmUzMTM1
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM1MzEzNjMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LZWYMA0GCSqGSIb3DQEBCwUAA4IBAQBKS/aeLqLAeUm+rNM9iuyLTjjey7gMMYxp
7cwKYVuZlBBx/ZJG2Mcjt8oP3sh29Wj8JguQUkhxi4CQOEkGeqfR+bcI7z4lomfT
hb8H2zajtEVcU/w2JA1+Jpq1asGYsi4ilrYoRnaqhkOVQCOE8BjEWEcP/WoyLBZW
biKmykJnM7HPx00STD+fjzOvio4BY4ikrVwWGga5AsYeVSz9f2XLzLgVatcjTQiw
efPjHxy1VwM6uZMIuDimDusdP94aZ19WpOmcnYSUOeLrYVKKDUDhm0GXJG+POD8I
He8xfFq3Nv2fxeFGPmtrBCGZBf4RapN6Me6ga67zRmgPKRdjmuHU
-----END CERTIFICATE-----
Generated at Mon Apr 27 17:09:14 2026 by rpki-client