Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/34352e31312e3139302e302f32342d3234203d3e20323133343736.roa
File: 34352e31312e3139302e302f32342d3234203d3e20323133343736.roa (raw, json)
Hash identifier: YQdKctqh8qT5PNn8tdbRWJumBzTCRqNsysMy07/Tn4k=
Subject key identifier: DA:33:88:2C:2D:86:1B:72:55:32:6A:1D:0B:CF:9D:E1:27:23:18:61
Certificate issuer: /CN=7374bc6d025135bed9539779a03fdd64abeba11f
Certificate serial: 35B561653556DA2F3B284C33D31A1372EF230275
Authority key identifier: 73:74:BC:6D:02:51:35:BE:D9:53:97:79:A0:3F:DD:64:AB:EB:A1:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c3S8bQJRNb7ZU5d5oD_dZKvroR8.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/34352e31312e3139302e302f32342d3234203d3e20323133343736.roa
Signing time: Wed 27 May 2026 07:31:49 +0000
ROA not before: Wed 27 May 2026 07:26:49 +0000
ROA not after: Wed 26 May 2027 07:31:49 +0000
asID: 213476
IP address blocks: 45.11.190.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/7374BC6D025135BED9539779A03FDD64ABEBA11F.crl
rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/7374BC6D025135BED9539779A03FDD64ABEBA11F.mft
rsync://rpki.ripe.net/repository/DEFAULT/c3S8bQJRNb7ZU5d5oD_dZKvroR8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 02 Jun 2026 15:49:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:b5:61:65:35:56:da:2f:3b:28:4c:33:d3:1a:13:72:ef:23:02:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7374bc6d025135bed9539779a03fdd64abeba11f
Validity
Not Before: May 27 07:26:49 2026 GMT
Not After : May 26 07:31:49 2027 GMT
Subject: CN=DA33882C2D861B7255326A1D0BCF9DE127231861
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:d4:63:20:73:18:6b:ff:36:41:76:06:03:56:
64:55:bb:88:9a:7d:6f:01:9a:d8:f8:bb:a8:4a:3f:
62:f9:a4:70:0a:11:f5:e1:47:39:dc:52:3d:d4:5b:
75:a8:23:d3:6f:ae:87:1e:d3:c7:42:17:c9:eb:7b:
aa:57:db:04:f4:6f:f2:fe:93:58:16:da:c8:df:ca:
54:09:61:1d:8c:b5:40:06:b5:2b:29:de:09:a5:44:
b1:ae:18:24:c2:a9:18:64:f8:ca:74:28:8d:68:33:
2b:20:bc:45:57:1e:f5:c2:1e:b5:38:a9:36:3e:c9:
86:88:af:bf:a0:56:ca:2d:28:10:a5:65:11:82:b9:
ac:f6:51:94:84:14:b5:01:f2:d5:3b:98:5c:1c:cd:
56:06:59:00:62:c7:e8:98:cf:ba:f3:f9:83:5d:59:
f2:2e:d5:6e:9d:01:38:47:38:b2:24:9d:e9:4c:4e:
b7:0e:6f:bf:6d:82:de:65:83:66:f9:c9:c5:0e:c8:
7e:3e:eb:2f:ab:a8:0d:0c:98:0b:ad:51:e6:a9:7a:
59:6c:8d:a3:72:f9:d3:6d:b2:6d:04:56:4e:1a:e5:
e2:d4:ee:da:1f:bb:88:96:0c:0c:45:f5:90:51:f3:
94:44:f3:ae:fb:88:0b:f7:72:85:b6:da:68:ea:85:
d5:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:33:88:2C:2D:86:1B:72:55:32:6A:1D:0B:CF:9D:E1:27:23:18:61
X509v3 Authority Key Identifier:
keyid:73:74:BC:6D:02:51:35:BE:D9:53:97:79:A0:3F:DD:64:AB:EB:A1:1F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/7374BC6D025135BED9539779A03FDD64ABEBA11F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3S8bQJRNb7ZU5d5oD_dZKvroR8.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/34352e31312e3139302e302f32342d3234203d3e20323133343736.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.190.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:55:25:33:b0:db:93:28:52:32:d3:65:9e:ad:6f:68:36:9b:
96:9e:2f:01:98:03:34:cc:60:1d:6a:85:4c:ee:ad:e9:21:8a:
b9:38:dd:20:7d:5c:17:f5:32:02:f8:5a:a1:a6:4d:73:68:9b:
9f:26:dc:37:22:8c:0a:39:b4:bc:6c:c9:99:68:b5:b5:a9:10:
82:3d:a0:4e:91:a5:d6:0d:22:fb:30:a6:2c:58:44:14:c1:a3:
2a:01:7d:0a:2d:0c:25:c5:2d:71:17:b7:c7:ca:82:80:51:b2:
64:e6:b9:3e:e4:7b:fc:82:62:c5:57:af:41:13:5d:83:83:04:
92:93:9a:60:2a:57:8a:bf:26:b8:50:e9:79:67:df:7c:da:05:
99:3a:06:09:76:3a:01:53:3a:8c:66:86:4f:14:68:4b:7b:ec:
f1:b5:8c:11:1d:3b:57:1e:06:92:5d:9a:22:ba:a7:59:91:06:
b1:fa:ed:12:65:8a:11:91:d9:92:8f:11:c0:33:0d:71:aa:0e:
77:d8:a1:53:86:18:27:5a:eb:22:8e:14:33:dc:5a:fd:3e:ee:
4d:c9:01:15:07:00:97:de:64:7a:a1:2c:2b:24:15:45:cc:24:
cf:e2:08:c4:8d:cf:2a:b4:c6:90:dc:42:ac:c2:47:d9:6b:0f:
0f:b1:19:1b
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUNbVhZTVW2i87KEwz0xoTcu8jAnUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM3NGJjNmQwMjUxMzViZWQ5NTM5Nzc5YTAzZmRkNjRh
YmViYTExZjAeFw0yNjA1MjcwNzI2NDlaFw0yNzA1MjYwNzMxNDlaMDMxMTAvBgNV
BAMTKERBMzM4ODJDMkQ4NjFCNzI1NTMyNkExRDBCQ0Y5REUxMjcyMzE4NjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCQ1GMgcxhr/zZBdgYDVmRVu4ia
fW8Bmtj4u6hKP2L5pHAKEfXhRzncUj3UW3WoI9Nvroce08dCF8nre6pX2wT0b/L+
k1gW2sjfylQJYR2MtUAGtSsp3gmlRLGuGCTCqRhk+Mp0KI1oMysgvEVXHvXCHrU4
qTY+yYaIr7+gVsotKBClZRGCuaz2UZSEFLUB8tU7mFwczVYGWQBix+iYz7rz+YNd
WfIu1W6dAThHOLIknelMTrcOb79tgt5lg2b5ycUOyH4+6y+rqA0MmAutUeapells
jaNy+dNtsm0EVk4a5eLU7tofu4iWDAxF9ZBR85RE8677iAv3coW22mjqhdWzAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU2jOILC2GG3JVMmodC8+d4ScjGGEwHwYDVR0j
BBgwFoAUc3S8bQJRNb7ZU5d5oD/dZKvroR8wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTQyNTg1ZjctYmMxYi00OTcwLWJkMzQtZGJmZDJiMjE0
N2QyLzAvNzM3NEJDNkQwMjUxMzVCRUQ5NTM5Nzc5QTAzRkRENjRBQkVCQTExRi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MzUzhiUUpSTmI3WlU1ZDVvRF9kWkt2
cm9SOC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTQyNTg1Zjct
YmMxYi00OTcwLWJkMzQtZGJmZDJiMjE0N2QyLzAvMzQzNTJlMzEzMTJlMzEzOTMw
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTMzMzQzNzM2LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LQu+MA0GCSqGSIb3DQEBCwUAA4IBAQCyVSUzsNuTKFIy02WerW9oNpuWni8BmAM0
zGAdaoVM7q3pIYq5ON0gfVwX9TIC+Fqhpk1zaJufJtw3IowKObS8bMmZaLW1qRCC
PaBOkaXWDSL7MKYsWEQUwaMqAX0KLQwlxS1xF7fHyoKAUbJk5rk+5Hv8gmLFV69B
E12DgwSSk5pgKleKvya4UOl5Z9982gWZOgYJdjoBUzqMZoZPFGhLe+zxtYwRHTtX
HgaSXZoiuqdZkQax+u0SZYoRkdmSjxHAMw1xqg532KFThhgnWusijhQz3Fr9Pu5N
yQEVBwCX3mR6oSwrJBVFzCTP4gjEjc8qtMaQ3EKswkfZaw8PsRkb
-----END CERTIFICATE-----
Generated at Mon Jun 1 20:34:47 2026 by rpki-client