Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e31302e3135372e302f32342d3234203d3e20323037313337.roa
File: 34352e31302e3135372e302f32342d3234203d3e20323037313337.roa (raw, json)
Hash identifier: 5cbJuDSaysYwnjAgl2uqZihLP0R6BpsfgRYruq7if6E=
Subject key identifier: 27:CB:79:9D:50:33:E5:2C:C2:51:D4:97:14:83:83:5A:83:57:3D:C1
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 9A7E10612CE971B7B509B8FE905F9120A35BEB
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e31302e3135372e302f32342d3234203d3e20323037313337.roa
Signing time: Wed 03 Jun 2026 12:24:50 +0000
ROA not before: Wed 03 Jun 2026 12:19:50 +0000
ROA not after: Wed 02 Jun 2027 12:24:50 +0000
asID: 207137
IP address blocks: 45.10.157.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 20:26:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
9a:7e:10:61:2c:e9:71:b7:b5:09:b8:fe:90:5f:91:20:a3:5b:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Jun 3 12:19:50 2026 GMT
Not After : Jun 2 12:24:50 2027 GMT
Subject: CN=27CB799D5033E52CC251D4971483835A83573DC1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:1d:67:9c:02:fa:ce:6f:00:9b:df:a8:ea:8a:
0c:aa:80:a6:d2:c6:fe:19:a1:1d:c5:8f:3e:38:bc:
2e:c5:02:cd:fe:b3:c9:bf:e7:4d:87:65:22:54:df:
4d:af:f8:1c:ce:3f:03:02:d2:24:c0:cc:06:4b:13:
7d:11:63:57:24:5e:e6:2e:7e:c8:12:16:b5:79:d4:
c4:7e:21:b3:9f:cc:04:7d:77:02:2b:42:0f:dc:de:
2d:28:c8:c1:2d:9e:6f:41:a2:20:29:ef:52:f2:c1:
8e:54:7e:2c:a2:3b:59:fa:06:5f:ab:43:7d:50:ac:
50:27:32:a6:00:19:8b:3f:12:34:b7:e3:91:05:4d:
10:57:2f:2a:2b:20:f9:ac:8e:01:d3:73:ec:2d:bb:
ae:bf:d9:59:b2:7b:0e:77:24:e4:d7:a5:57:bb:56:
5c:ac:2a:f0:75:9e:96:a3:cb:0c:bf:71:29:1a:9f:
77:9b:64:f4:2b:6d:1f:6b:25:42:5b:38:0e:9a:68:
7f:70:57:98:31:f3:e6:64:0d:54:2a:b2:67:7b:92:
57:16:94:40:46:1c:82:cb:e2:e3:35:91:f0:c3:57:
cf:da:39:56:c8:fb:23:4d:93:3e:1e:80:17:73:ce:
fd:96:cc:1b:db:e7:bb:dd:9d:06:8a:ba:ef:47:7b:
24:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:CB:79:9D:50:33:E5:2C:C2:51:D4:97:14:83:83:5A:83:57:3D:C1
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e31302e3135372e302f32342d3234203d3e20323037313337.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.157.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:57:39:a1:ea:05:93:7d:f6:db:35:bc:2a:0c:2a:c5:2f:82:
ce:ef:7d:c4:3b:d4:16:ce:d6:6d:c9:50:1a:2c:84:53:cf:24:
59:30:ed:96:8a:dc:9e:f4:e3:79:d7:d2:90:9a:a4:bd:1a:71:
23:fc:c9:f0:d1:80:09:69:c0:34:96:f8:d0:88:68:08:6e:aa:
e4:02:55:01:df:ed:97:9b:3b:37:00:a4:99:0d:f1:6f:1d:a4:
99:09:44:2b:e8:16:e0:fe:5b:75:67:4f:32:9e:3e:d4:22:2b:
3c:94:57:05:c6:83:75:63:7e:fb:6d:31:82:ce:3a:9b:76:77:
cf:96:ca:a4:31:ca:6a:0b:09:bf:ab:11:f2:ce:de:89:70:26:
9c:2b:db:0c:66:86:cb:a3:a0:79:2b:03:ae:99:fd:b9:13:48:
ad:0d:dd:9a:7b:73:a9:9f:b1:37:9d:41:56:5e:b0:b3:2f:70:
02:7f:9e:20:87:e9:df:90:b9:07:ad:cd:e3:2b:d1:63:d3:6b:
1e:46:d8:de:a6:c9:45:b1:a8:ad:ad:53:34:70:fb:1b:d9:5e:
7e:f3:18:8f:51:82:4a:42:1a:0a:24:39:01:01:5e:4b:ea:1d:
d7:98:a6:16:76:9c:78:02:ff:a8:3f:40:b9:4b:ef:bf:66:b6:
8e:1c:24:17
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUAJp+EGEs6XG3tQm4/pBfkSCjW+swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNjA2MDMxMjE5NTBaFw0yNzA2MDIxMjI0NTBaMDMxMTAvBgNV
BAMTKDI3Q0I3OTlENTAzM0U1MkNDMjUxRDQ5NzE0ODM4MzVBODM1NzNEQzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPHWecAvrObwCb36jqigyqgKbS
xv4ZoR3Fjz44vC7FAs3+s8m/502HZSJU302v+BzOPwMC0iTAzAZLE30RY1ckXuYu
fsgSFrV51MR+IbOfzAR9dwIrQg/c3i0oyMEtnm9BoiAp71LywY5UfiyiO1n6Bl+r
Q31QrFAnMqYAGYs/EjS345EFTRBXLyorIPmsjgHTc+wtu66/2Vmyew53JOTXpVe7
VlysKvB1npajywy/cSkan3ebZPQrbR9rJUJbOA6aaH9wV5gx8+ZkDVQqsmd7klcW
lEBGHILL4uM1kfDDV8/aOVbI+yNNkz4egBdzzv2WzBvb57vdnQaKuu9HeyQjAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUJ8t5nVAz5SzCUdSXFIODWoNXPcEwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zNDM1MmUzMTMwMmUz
MTM1MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzczMTMzMzcucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAtCp0wDQYJKoZIhvcNAQELBQADggEBAI9XOaHqBZN99ts1vCoMKsUvgs7v
fcQ71BbO1m3JUBoshFPPJFkw7ZaK3J7043nX0pCapL0acSP8yfDRgAlpwDSW+NCI
aAhuquQCVQHf7ZebOzcApJkN8W8dpJkJRCvoFuD+W3VnTzKePtQiKzyUVwXGg3Vj
fvttMYLOOpt2d8+WyqQxymoLCb+rEfLO3olwJpwr2wxmhsujoHkrA66Z/bkTSK0N
3Zp7c6mfsTedQVZesLMvcAJ/niCH6d+QuQetzeMr0WPTax5G2N6myUWxqK2tUzRw
+xvZXn7zGI9RgkpCGgokOQEBXkvqHdeYphZ2nHgC/6g/QLlL779mto4cJBc=
-----END CERTIFICATE-----
Generated at Fri Jun 12 05:38:01 2026 by rpki-client