Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e39352e3136302e302f32342d3234203d3e20323132323338.roa
File: 34352e39352e3136302e302f32342d3234203d3e20323132323338.roa (raw, json)
Hash identifier: /vrunP58LMmNnLX+aZtOAyxFWRkXk9KSNldykdV/5BI=
Subject key identifier: 5B:BD:95:C8:82:95:00:9D:E2:0F:65:DF:B0:36:8F:1F:1A:4D:D5:53
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 14D05F4B3328F3D1CD1134C51C8CC7FAB3F0BD33
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e39352e3136302e302f32342d3234203d3e20323132323338.roa
Signing time: Fri 29 May 2026 12:24:40 +0000
ROA not before: Fri 29 May 2026 12:19:40 +0000
ROA not after: Fri 28 May 2027 12:24:40 +0000
asID: 212238
IP address blocks: 45.95.160.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 15:52:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:d0:5f:4b:33:28:f3:d1:cd:11:34:c5:1c:8c:c7:fa:b3:f0:bd:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 29 12:19:40 2026 GMT
Not After : May 28 12:24:40 2027 GMT
Subject: CN=5BBD95C88295009DE20F65DFB0368F1F1A4DD553
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:3d:eb:32:40:62:e6:71:ca:fc:a8:92:91:98:
09:6d:6a:83:4f:14:b5:67:8c:30:a5:30:6a:3b:b3:
f1:20:cf:f2:ef:10:9d:29:8e:b7:9e:34:d5:48:45:
27:2c:c6:ee:a7:77:b8:bb:8a:25:64:f5:a9:9a:a0:
82:28:6d:13:2b:91:c9:41:55:4c:ad:3e:5b:95:d9:
9c:6f:90:c1:13:40:12:5b:24:3a:15:f5:79:69:ec:
21:26:b5:63:41:5a:e8:aa:bb:04:fe:92:6d:f5:82:
62:82:25:eb:8e:32:ac:43:b1:87:6c:76:f4:94:52:
74:4b:b4:2b:2f:86:0c:1e:61:76:6e:23:7d:c7:25:
26:10:de:19:4c:f9:a5:1f:c3:a8:db:69:8b:35:85:
6c:c1:48:ea:ad:c5:46:fd:a7:8e:bf:07:ed:99:dc:
51:9b:4d:f2:e8:ae:9d:72:24:9a:ce:ee:5c:d3:fc:
8a:0e:c4:17:68:70:ec:12:4d:8c:0b:67:ee:de:81:
1f:1f:f0:35:39:72:d2:39:37:3b:f0:42:16:c4:19:
4b:4d:61:fd:ca:1e:b5:eb:9b:95:ec:9e:47:4d:b9:
10:7e:51:d1:0b:97:bf:39:d2:37:32:31:41:4d:ba:
66:e1:4a:6e:a8:7e:d5:d7:36:32:c2:99:7b:62:57:
c4:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:BD:95:C8:82:95:00:9D:E2:0F:65:DF:B0:36:8F:1F:1A:4D:D5:53
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e39352e3136302e302f32342d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.160.0/24
Signature Algorithm: sha256WithRSAEncryption
48:df:f2:6d:df:66:d3:12:d6:83:72:8d:56:97:55:b3:94:a7:
65:d3:46:d9:10:9d:ee:1e:c9:76:ff:47:9a:9c:84:80:d8:42:
4e:32:bd:b1:ed:97:c3:40:15:41:b8:7c:1d:25:85:0e:aa:17:
65:9f:3b:31:4d:12:17:72:b1:b8:35:23:a7:25:0d:66:fe:b8:
07:8d:49:de:ff:ed:cc:84:15:d0:50:37:8f:96:a9:26:7e:ff:
28:df:aa:8f:f8:b2:d0:f0:5a:89:3a:04:3a:08:fe:86:bf:6a:
86:c4:4c:64:0d:c3:5c:76:be:df:10:98:87:d4:8d:9a:78:c2:
b4:45:64:cc:e5:01:10:a1:72:4f:bf:4b:fa:f1:b6:1c:71:4c:
8d:66:9c:8e:25:0e:8c:b4:48:3c:04:ee:c3:34:fe:89:1a:70:
34:9b:22:95:51:00:0b:37:67:52:62:c0:87:a3:a7:a1:0f:5b:
e6:46:5f:f6:b3:6d:9c:03:d6:7d:d8:eb:9e:69:6f:40:73:60:
09:22:24:de:b8:86:62:35:69:d5:42:d4:b1:b1:d0:23:a6:c0:
3b:f0:5f:b2:7d:14:d0:a4:74:f3:5e:d0:67:2d:c9:d0:c7:79:
79:a8:54:6d:a5:5d:bf:8f:e5:f1:5e:d6:6a:b9:86:81:02:c9:
72:1a:7f:e9
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUFNBfSzMo89HNETTFHIzH+rPwvTMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjA1MjkxMjE5NDBaFw0yNzA1MjgxMjI0NDBaMDMxMTAvBgNV
BAMTKDVCQkQ5NUM4ODI5NTAwOURFMjBGNjVERkIwMzY4RjFGMUE0REQ1NTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvPesyQGLmccr8qJKRmAltaoNP
FLVnjDClMGo7s/Egz/LvEJ0pjreeNNVIRScsxu6nd7i7iiVk9amaoIIobRMrkclB
VUytPluV2ZxvkMETQBJbJDoV9Xlp7CEmtWNBWuiquwT+km31gmKCJeuOMqxDsYds
dvSUUnRLtCsvhgweYXZuI33HJSYQ3hlM+aUfw6jbaYs1hWzBSOqtxUb9p46/B+2Z
3FGbTfLorp1yJJrO7lzT/IoOxBdocOwSTYwLZ+7egR8f8DU5ctI5NzvwQhbEGUtN
Yf3KHrXrm5XsnkdNuRB+UdELl7850jcyMUFNumbhSm6oftXXNjLCmXtiV8TTAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUW72VyIKVAJ3iD2XfsDaPHxpN1VMwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzQzNTJlMzkzNTJlMzEzNjMw
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTMyMzIzMzM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LV+gMA0GCSqGSIb3DQEBCwUAA4IBAQBI3/Jt32bTEtaDco1Wl1WzlKdl00bZEJ3u
Hsl2/0eanISA2EJOMr2x7ZfDQBVBuHwdJYUOqhdlnzsxTRIXcrG4NSOnJQ1m/rgH
jUne/+3MhBXQUDePlqkmfv8o36qP+LLQ8FqJOgQ6CP6Gv2qGxExkDcNcdr7fEJiH
1I2aeMK0RWTM5QEQoXJPv0v68bYccUyNZpyOJQ6MtEg8BO7DNP6JGnA0myKVUQAL
N2dSYsCHo6ehD1vmRl/2s22cA9Z92OueaW9Ac2AJIiTeuIZiNWnVQtSxsdAjpsA7
8F+yfRTQpHTzXtBnLcnQx3l5qFRtpV2/j+XxXtZquYaBAslyGn/p
-----END CERTIFICATE-----
Generated at Thu Jun 4 06:13:19 2026 by rpki-client