Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34362e3235332e3134312e302f32342d3234203d3e20323031333431.roa
File: 34362e3235332e3134312e302f32342d3234203d3e20323031333431.roa (raw, json)
Hash identifier: nRgD96dJJuQNCc6BWxhbzz8iLhUyahvmAX6VztfzDjo=
Subject key identifier: 2D:51:9C:3B:30:11:33:B5:8A:6D:B2:05:BA:FF:06:3D:60:36:16:D8
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 6835CF2A1C887E55E70DF81EBB9489A729C3A04C
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34362e3235332e3134312e302f32342d3234203d3e20323031333431.roa
Signing time: Thu 23 Oct 2025 16:47:58 +0000
ROA not before: Thu 23 Oct 2025 16:42:58 +0000
ROA not after: Thu 22 Oct 2026 16:47:58 +0000
asID: 201341
IP address blocks: 46.253.141.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 04 Nov 2025 07:59:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:35:cf:2a:1c:88:7e:55:e7:0d:f8:1e:bb:94:89:a7:29:c3:a0:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Oct 23 16:42:58 2025 GMT
Not After : Oct 22 16:47:58 2026 GMT
Subject: CN=2D519C3B301133B58A6DB205BAFF063D603616D8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:95:cd:7d:fd:7c:1e:1b:17:fb:d5:94:f5:79:
ba:d6:89:27:93:60:a5:d9:65:64:18:50:5d:5b:34:
cb:b3:79:de:a4:02:a6:a7:57:ca:db:b8:1c:6a:65:
9a:75:0b:53:c0:77:90:7d:97:f5:b5:a2:db:30:39:
09:63:74:5c:9c:b0:15:13:05:9c:4a:99:6c:a1:3f:
7c:72:43:d7:cc:9a:ec:52:3f:1c:aa:1b:74:1b:f3:
08:30:94:bb:8c:e8:bc:56:a7:39:25:da:eb:70:a5:
12:d7:dd:bd:3f:44:d1:f8:f3:64:e9:64:ad:7d:58:
98:3b:b4:0d:04:7b:95:25:32:91:74:b8:18:cc:1a:
62:e6:2f:dc:5e:fa:b6:9f:85:16:7e:43:51:ec:fb:
3e:d0:bf:3e:17:be:4c:f1:0e:4d:cb:5e:3a:76:06:
3e:b3:1e:a9:65:93:af:bf:23:30:f9:ec:cb:87:e9:
63:3a:4c:6f:73:48:36:48:ce:93:8e:d1:54:44:0f:
a8:ae:ec:e4:ed:df:a0:46:16:53:9c:76:81:ea:bc:
a1:a7:d4:c8:13:66:06:bf:cc:5c:9b:fd:f6:61:ab:
0f:50:29:df:5e:b5:9e:36:91:3d:77:76:a0:5d:0d:
b4:42:40:13:24:76:7d:6a:35:5e:3f:d2:84:29:19:
b9:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:51:9C:3B:30:11:33:B5:8A:6D:B2:05:BA:FF:06:3D:60:36:16:D8
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34362e3235332e3134312e302f32342d3234203d3e20323031333431.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.253.141.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:6c:5b:a2:66:f1:49:10:5c:ac:17:ba:c9:a6:04:9c:f1:8d:
ab:6c:33:6f:df:82:6a:68:fd:11:94:23:e6:11:fd:11:8d:a7:
25:3d:e6:56:32:4e:56:14:8c:69:74:35:a7:94:00:c1:66:db:
61:cd:32:dd:62:88:b4:20:a4:39:42:d5:6b:df:7e:16:08:d8:
3c:3a:60:20:cd:e6:22:21:cb:ae:48:43:78:5f:6b:9e:29:75:
b3:77:cf:54:a9:0d:a4:80:f4:ce:6b:2d:9c:39:15:c0:5a:0d:
12:37:90:62:dc:81:4b:2d:94:5c:8d:bb:3e:08:5b:c9:e0:9e:
b0:fe:d8:de:67:9c:6d:9a:aa:47:1d:5d:f1:a1:40:cc:3e:63:
58:01:f3:a9:ac:bb:ac:6a:e1:26:e3:47:b6:a9:d2:74:2e:3b:
6c:34:73:d6:98:bb:84:c0:50:01:fa:e2:9b:35:d6:24:7d:a9:
cd:b5:1b:2a:83:d5:34:5a:5d:22:d2:20:22:68:3c:e0:da:08:
f1:36:0e:2e:d2:cb:f7:63:c6:11:78:a0:5f:07:8a:a2:e3:1d:
6c:a5:c0:93:f3:53:5e:6c:5c:47:5a:98:5e:1b:d7:a3:85:08:
19:7c:b0:77:38:3f:8f:e8:24:bf:ae:42:f2:4d:7d:4d:29:0f:
c2:a7:7e:a7
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUaDXPKhyIflXnDfgeu5SJpynDoEwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNTEwMjMxNjQyNThaFw0yNjEwMjIxNjQ3NThaMDMxMTAvBgNV
BAMTKDJENTE5QzNCMzAxMTMzQjU4QTZEQjIwNUJBRkYwNjNENjAzNjE2RDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDdlc19/XweGxf71ZT1ebrWiSeT
YKXZZWQYUF1bNMuzed6kAqanV8rbuBxqZZp1C1PAd5B9l/W1otswOQljdFycsBUT
BZxKmWyhP3xyQ9fMmuxSPxyqG3Qb8wgwlLuM6LxWpzkl2utwpRLX3b0/RNH482Tp
ZK19WJg7tA0Ee5UlMpF0uBjMGmLmL9xe+rafhRZ+Q1Hs+z7Qvz4XvkzxDk3LXjp2
Bj6zHqllk6+/IzD57MuH6WM6TG9zSDZIzpOO0VRED6iu7OTt36BGFlOcdoHqvKGn
1MgTZga/zFyb/fZhqw9QKd9etZ42kT13dqBdDbRCQBMkdn1qNV4/0oQpGbl/AgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQULVGcOzARM7WKbbIFuv8GPWA2FtgwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zNDM2MmUzMjM1MzMy
ZTMxMzQzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzMTMzMzQzMS5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAC79jTANBgkqhkiG9w0BAQsFAAOCAQEArGxbombxSRBcrBe6yaYEnPGN
q2wzb9+Camj9EZQj5hH9EY2nJT3mVjJOVhSMaXQ1p5QAwWbbYc0y3WKItCCkOULV
a99+FgjYPDpgIM3mIiHLrkhDeF9rnil1s3fPVKkNpID0zmstnDkVwFoNEjeQYtyB
Sy2UXI27PghbyeCesP7Y3mecbZqqRx1d8aFAzD5jWAHzqay7rGrhJuNHtqnSdC47
bDRz1pi7hMBQAfrimzXWJH2pzbUbKoPVNFpdItIgImg84NoI8TYOLtLL92PGEXig
XweKouMdbKXAk/NTXmxcR1qYXhvXo4UIGXywdzg/j+gkv65C8k19TSkPwqd+pw==
-----END CERTIFICATE-----
Generated at Mon Nov 3 22:09:00 2025 by rpki-client