Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/34352e3133352e3232352e302f32342d3234203d3e20313938323530.roa
File: 34352e3133352e3232352e302f32342d3234203d3e20313938323530.roa (raw, json)
Hash identifier: RZay5bCeisE6jpl4DXzvb46ake6xPBLWUyEVJBpfRfQ=
Subject key identifier: E4:43:36:DD:EA:C8:D9:F3:C9:0D:AB:98:10:54:1A:0C:8C:4E:0E:9A
Certificate issuer: /CN=7fea37fdfe29b34173e97f1b637a44ec41acebb8
Certificate serial: 2577319AA06893330DA22CCD0787279773269439
Authority key identifier: 7F:EA:37:FD:FE:29:B3:41:73:E9:7F:1B:63:7A:44:EC:41:AC:EB:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f-o3_f4ps0Fz6X8bY3pE7EGs67g.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/34352e3133352e3232352e302f32342d3234203d3e20313938323530.roa
Signing time: Fri 10 Apr 2026 12:19:25 +0000
ROA not before: Fri 10 Apr 2026 12:14:25 +0000
ROA not after: Fri 09 Apr 2027 12:19:25 +0000
asID: 198250
IP address blocks: 45.135.225.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/7FEA37FDFE29B34173E97F1B637A44EC41ACEBB8.crl
rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/7FEA37FDFE29B34173E97F1B637A44EC41ACEBB8.mft
rsync://rpki.ripe.net/repository/DEFAULT/f-o3_f4ps0Fz6X8bY3pE7EGs67g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 00:22:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:77:31:9a:a0:68:93:33:0d:a2:2c:cd:07:87:27:97:73:26:94:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7fea37fdfe29b34173e97f1b637a44ec41acebb8
Validity
Not Before: Apr 10 12:14:25 2026 GMT
Not After : Apr 9 12:19:25 2027 GMT
Subject: CN=E44336DDEAC8D9F3C90DAB9810541A0C8C4E0E9A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:5a:66:80:12:39:20:69:36:6c:4b:77:2d:51:
df:13:f0:49:57:57:5f:a1:c7:d1:51:bf:f2:92:94:
78:3d:d8:af:48:a7:ae:b8:9c:0f:1e:a7:b3:47:95:
0b:a2:2b:73:be:15:6b:fe:e4:30:7b:a1:97:47:a4:
04:bf:78:16:5c:c4:c4:c1:d7:fe:47:98:da:d0:e2:
21:5a:5a:b4:62:d9:bc:fe:51:f8:a0:97:f2:bc:16:
12:8f:47:17:eb:8c:c7:73:14:4c:34:3d:4e:c3:be:
89:c6:25:d0:ac:0b:9f:72:b7:6b:a8:2c:ac:88:15:
18:38:b8:20:3f:26:7a:1e:bc:a4:81:a1:04:68:76:
8f:dd:c8:e3:e0:e3:7b:43:28:2b:30:67:76:ec:72:
20:82:b4:e6:eb:09:8e:bf:2b:b0:f5:ca:ee:4f:1c:
8c:59:31:44:8a:fb:4f:3c:6d:9e:df:7d:dd:d5:ae:
a3:5d:dc:b8:e4:33:70:cb:31:a9:41:29:7c:92:3a:
5b:10:10:27:e9:ec:4e:38:c7:c4:ad:91:6d:66:ee:
bc:d2:fa:2b:f9:6b:ad:5b:88:05:8c:1f:e0:5b:bd:
82:74:66:7b:93:20:54:21:c7:cf:26:9a:35:07:c5:
c2:86:fe:5a:b9:85:80:73:51:5d:3e:86:b2:f7:90:
a0:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:43:36:DD:EA:C8:D9:F3:C9:0D:AB:98:10:54:1A:0C:8C:4E:0E:9A
X509v3 Authority Key Identifier:
keyid:7F:EA:37:FD:FE:29:B3:41:73:E9:7F:1B:63:7A:44:EC:41:AC:EB:B8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/7FEA37FDFE29B34173E97F1B637A44EC41ACEBB8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f-o3_f4ps0Fz6X8bY3pE7EGs67g.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/34352e3133352e3232352e302f32342d3234203d3e20313938323530.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.225.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:bb:d8:72:a7:58:ac:63:aa:08:91:49:43:c0:3e:cb:e1:3f:
38:c2:19:4e:fc:3b:9a:46:0e:05:9a:7b:8d:5f:eb:9f:78:0e:
02:82:b7:22:16:cc:5c:74:d5:9b:09:b0:b1:0d:2f:29:2c:e5:
20:88:90:97:8e:9e:93:82:38:72:ce:04:81:14:23:b8:ce:a7:
c2:c1:e9:7a:b1:fe:00:72:3e:3c:0f:7f:2e:f3:c1:ac:56:2c:
1e:52:29:14:a8:fe:aa:90:eb:b1:6d:f3:2f:6f:7b:08:52:1a:
62:39:65:09:61:ec:e7:79:40:66:2d:2e:02:49:10:1b:3f:90:
22:5d:5b:47:da:9c:24:30:2c:de:e6:fb:92:e7:42:96:82:9a:
15:8a:f4:db:16:cf:e2:04:eb:ea:a7:28:06:09:2c:c7:66:8b:
d2:f3:ed:f9:58:1f:9c:f3:4a:87:2e:47:56:b8:4f:04:10:91:
54:e4:3b:3d:8e:1b:01:d1:9f:c3:d5:36:15:8c:23:87:f0:32:
01:2d:38:ec:82:dd:0e:fc:32:b7:07:35:32:df:2f:41:89:10:
2d:39:7a:e6:4b:26:07:2d:df:6e:0a:88:6c:7e:7e:04:8d:48:
dc:47:d3:74:0b:b3:43:f7:b0:c9:73:7d:bf:aa:09:ed:1a:db:
89:61:2f:99
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUJXcxmqBokzMNoizNB4cnl3MmlDkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2ZlYTM3ZmRmZTI5YjM0MTczZTk3ZjFiNjM3YTQ0ZWM0
MWFjZWJiODAeFw0yNjA0MTAxMjE0MjVaFw0yNzA0MDkxMjE5MjVaMDMxMTAvBgNV
BAMTKEU0NDMzNkRERUFDOEQ5RjNDOTBEQUI5ODEwNTQxQTBDOEM0RTBFOUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsWmaAEjkgaTZsS3ctUd8T8ElX
V1+hx9FRv/KSlHg92K9Ip664nA8ep7NHlQuiK3O+FWv+5DB7oZdHpAS/eBZcxMTB
1/5HmNrQ4iFaWrRi2bz+Ufigl/K8FhKPRxfrjMdzFEw0PU7DvonGJdCsC59yt2uo
LKyIFRg4uCA/JnoevKSBoQRodo/dyOPg43tDKCswZ3bsciCCtObrCY6/K7D1yu5P
HIxZMUSK+088bZ7ffd3VrqNd3LjkM3DLMalBKXySOlsQECfp7E44x8StkW1m7rzS
+iv5a61biAWMH+BbvYJ0ZnuTIFQhx88mmjUHxcKG/lq5hYBzUV0+hrL3kKBVAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU5EM23erI2fPJDauYEFQaDIxODpowHwYDVR0j
BBgwFoAUf+o3/f4ps0Fz6X8bY3pE7EGs67gwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDNkZDQ4ZWItZDEzNi00ZjBlLWFmOGEtNTdhNmJkZDkz
YTlkLzAvN0ZFQTM3RkRGRTI5QjM0MTczRTk3RjFCNjM3QTQ0RUM0MUFDRUJCOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2YtbzNfZjRwczBGejZYOGJZM3BFN0VH
czY3Zy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDNkZDQ4ZWIt
ZDEzNi00ZjBlLWFmOGEtNTdhNmJkZDkzYTlkLzAvMzQzNTJlMzEzMzM1MmUzMjMy
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM5MzgzMjM1MzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAth+EwDQYJKoZIhvcNAQELBQADggEBAG272HKnWKxjqgiRSUPAPsvhPzjCGU78
O5pGDgWae41f6594DgKCtyIWzFx01ZsJsLENLyks5SCIkJeOnpOCOHLOBIEUI7jO
p8LB6Xqx/gByPjwPfy7zwaxWLB5SKRSo/qqQ67Ft8y9vewhSGmI5ZQlh7Od5QGYt
LgJJEBs/kCJdW0fanCQwLN7m+5LnQpaCmhWK9NsWz+IE6+qnKAYJLMdmi9Lz7flY
H5zzSocuR1a4TwQQkVTkOz2OGwHRn8PVNhWMI4fwMgEtOOyC3Q78MrcHNTLfL0GJ
EC05euZLJgct324KiGx+fgSNSNxH03QLs0P3sMlzfb+qCe0a24lhL5k=
-----END CERTIFICATE-----
Generated at Sun Apr 19 10:20:27 2026 by rpki-client