Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/34352e38362e3234332e302f32342d3234203d3e20343031383536.roa
File: 34352e38362e3234332e302f32342d3234203d3e20343031383536.roa (raw, json)
Hash identifier: rdg4bsSZDTs62Ti1e34Ypbdq0p47crLmn7T78tES3Dw=
Subject key identifier: 72:26:BE:03:83:AA:70:62:73:A8:C7:B9:1B:B1:91:F7:FB:52:A7:63
Certificate issuer: /CN=7fea37fdfe29b34173e97f1b637a44ec41acebb8
Certificate serial: 16071D9FAAFF097C0CD4606472E6C2DFE4DADFC2
Authority key identifier: 7F:EA:37:FD:FE:29:B3:41:73:E9:7F:1B:63:7A:44:EC:41:AC:EB:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f-o3_f4ps0Fz6X8bY3pE7EGs67g.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/34352e38362e3234332e302f32342d3234203d3e20343031383536.roa
Signing time: Fri 10 Apr 2026 12:06:18 +0000
ROA not before: Fri 10 Apr 2026 12:01:18 +0000
ROA not after: Fri 09 Apr 2027 12:06:18 +0000
asID: 401856
IP address blocks: 45.86.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/7FEA37FDFE29B34173E97F1B637A44EC41ACEBB8.crl
rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/7FEA37FDFE29B34173E97F1B637A44EC41ACEBB8.mft
rsync://rpki.ripe.net/repository/DEFAULT/f-o3_f4ps0Fz6X8bY3pE7EGs67g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 00:22:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:07:1d:9f:aa:ff:09:7c:0c:d4:60:64:72:e6:c2:df:e4:da:df:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7fea37fdfe29b34173e97f1b637a44ec41acebb8
Validity
Not Before: Apr 10 12:01:18 2026 GMT
Not After : Apr 9 12:06:18 2027 GMT
Subject: CN=7226BE0383AA706273A8C7B91BB191F7FB52A763
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:f3:6a:db:d1:13:83:40:bb:fa:7d:37:23:10:
20:25:22:5d:e6:b3:51:b0:9e:45:60:a3:5b:93:54:
8a:3f:46:34:c8:9e:0b:f7:fe:cf:a9:20:c8:06:b1:
f2:ff:4d:03:0a:9e:fa:df:b6:91:95:c0:ea:4d:b4:
8e:27:4f:bc:be:87:e9:d2:7d:d9:c5:8a:82:9b:cd:
e0:ce:f6:e5:38:51:c7:4c:47:34:a5:c4:62:c7:86:
80:db:e2:9f:8e:36:33:1d:db:bc:f0:1e:08:81:af:
0c:e1:ed:10:ef:01:09:f4:fb:7c:8f:c0:09:06:f7:
d3:58:72:6e:a6:e7:db:72:d1:d6:51:2e:c6:5f:40:
ae:b1:35:f5:0e:e5:92:b4:15:46:86:c4:57:0c:bc:
68:7f:36:48:ba:ed:93:1c:93:9c:b4:bc:d5:4f:07:
d3:28:d0:a3:f4:45:b1:d2:d7:ff:9f:9a:73:6c:f2:
f4:28:9c:18:9c:c8:e4:56:5b:58:f7:fa:98:70:22:
1b:e2:d5:dd:b9:bf:3d:3b:2a:65:5b:8b:6c:0f:cf:
9e:e6:66:90:5f:56:18:9b:d7:5d:44:d6:cf:6c:92:
ae:25:30:83:28:6b:ec:25:47:37:55:29:36:64:56:
ad:db:a7:d4:5b:50:f2:30:39:d7:6c:f7:5b:05:ad:
fe:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:26:BE:03:83:AA:70:62:73:A8:C7:B9:1B:B1:91:F7:FB:52:A7:63
X509v3 Authority Key Identifier:
keyid:7F:EA:37:FD:FE:29:B3:41:73:E9:7F:1B:63:7A:44:EC:41:AC:EB:B8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/7FEA37FDFE29B34173E97F1B637A44EC41ACEBB8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f-o3_f4ps0Fz6X8bY3pE7EGs67g.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/34352e38362e3234332e302f32342d3234203d3e20343031383536.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.243.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:fd:90:54:96:4e:3b:ed:ac:3a:36:23:e0:96:40:69:fc:f7:
43:4f:78:15:63:c9:af:5d:40:48:30:c6:7d:f8:b1:32:ac:15:
29:93:f6:a2:4a:8b:17:17:28:f9:cc:fa:4a:7c:45:e9:a6:a0:
dd:b1:e7:aa:b0:d3:e9:b7:e6:49:5c:46:58:e4:cb:ca:e9:42:
9c:fb:67:94:39:65:0d:98:06:55:b9:9b:70:21:78:4d:fb:e1:
50:74:99:4f:3e:f5:04:c5:e8:0d:b1:85:e4:26:a2:80:70:33:
8c:20:b8:4b:ee:92:0b:36:53:82:e9:f9:8f:dc:a5:08:4c:c7:
cf:32:ac:ee:1e:60:e4:f5:e7:19:c2:c4:eb:a0:af:8c:7b:8e:
7a:46:72:28:ae:28:47:cc:35:ef:ef:24:97:15:08:b0:98:c3:
42:d8:c9:97:04:fd:fd:56:5c:f6:a7:c7:d1:59:d8:e4:49:9b:
a4:0c:c2:fb:e1:46:3b:20:dc:8b:55:c7:85:89:50:a3:5e:fe:
a6:96:6d:35:85:35:06:2a:1e:b6:73:bc:8b:73:a9:71:c0:a6:
34:76:de:0e:d2:00:78:f8:37:ea:e0:ec:67:de:80:79:e1:54:
2e:e4:58:46:bc:17:8b:27:94:bc:f3:de:42:ab:7e:eb:d4:8d:
96:3b:f5:a2
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUFgcdn6r/CXwM1GBkcubC3+Ta38IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2ZlYTM3ZmRmZTI5YjM0MTczZTk3ZjFiNjM3YTQ0ZWM0
MWFjZWJiODAeFw0yNjA0MTAxMjAxMThaFw0yNzA0MDkxMjA2MThaMDMxMTAvBgNV
BAMTKDcyMjZCRTAzODNBQTcwNjI3M0E4QzdCOTFCQjE5MUY3RkI1MkE3NjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCm82rb0RODQLv6fTcjECAlIl3m
s1GwnkVgo1uTVIo/RjTIngv3/s+pIMgGsfL/TQMKnvrftpGVwOpNtI4nT7y+h+nS
fdnFioKbzeDO9uU4UcdMRzSlxGLHhoDb4p+ONjMd27zwHgiBrwzh7RDvAQn0+3yP
wAkG99NYcm6m59ty0dZRLsZfQK6xNfUO5ZK0FUaGxFcMvGh/Nki67ZMck5y0vNVP
B9Mo0KP0RbHS1/+fmnNs8vQonBicyORWW1j3+phwIhvi1d25vz07KmVbi2wPz57m
ZpBfVhib111E1s9skq4lMIMoa+wlRzdVKTZkVq3bp9RbUPIwOdds91sFrf4LAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUcia+A4OqcGJzqMe5G7GR9/tSp2MwHwYDVR0j
BBgwFoAUf+o3/f4ps0Fz6X8bY3pE7EGs67gwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDNkZDQ4ZWItZDEzNi00ZjBlLWFmOGEtNTdhNmJkZDkz
YTlkLzAvN0ZFQTM3RkRGRTI5QjM0MTczRTk3RjFCNjM3QTQ0RUM0MUFDRUJCOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2YtbzNfZjRwczBGejZYOGJZM3BFN0VH
czY3Zy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDNkZDQ4ZWIt
ZDEzNi00ZjBlLWFmOGEtNTdhNmJkZDkzYTlkLzAvMzQzNTJlMzgzNjJlMzIzNDMz
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzQzMDMxMzgzNTM2LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LVbzMA0GCSqGSIb3DQEBCwUAA4IBAQAd/ZBUlk477aw6NiPglkBp/PdDT3gVY8mv
XUBIMMZ9+LEyrBUpk/aiSosXFyj5zPpKfEXppqDdseeqsNPpt+ZJXEZY5MvK6UKc
+2eUOWUNmAZVuZtwIXhN++FQdJlPPvUExegNsYXkJqKAcDOMILhL7pILNlOC6fmP
3KUITMfPMqzuHmDk9ecZwsTroK+Me456RnIorihHzDXv7ySXFQiwmMNC2MmXBP39
Vlz2p8fRWdjkSZukDML74UY7INyLVceFiVCjXv6mlm01hTUGKh62c7yLc6lxwKY0
dt4O0gB4+Dfq4Oxn3oB54VQu5FhGvBeLJ5S8895Cq37r1I2WO/Wi
-----END CERTIFICATE-----
Generated at Sun Apr 19 10:17:42 2026 by rpki-client